How to Recover the Ownership of Your thirdweb Pre-built Contract

How to Recover the Ownership of Your thirdweb Pre-built Contract

Learn how to recover the ownership of your thirdweb pre-built smart contract if your admin wallet address has been compromised.

ยท

2 min read

This is useful if the admin of your contract is compromised. For example, if you add a balance to your admin wallet address and it unexpectedly gets transferred to a random address, changing it becomes challenging without gas to assign a new one.

In this guide, you'll learn how to change your admin wallet to a new one without needing to spend gas from your compromised wallet address, using the thirdweb gasless method. Without further ado let's get started! ๐Ÿ˜Ž

Setup

  1. Do npx thirdweb create app --node --javascript --evm

  2. Rename the .env.example to .env

  3. Copy and paste this to your .env

WALLET_PRIVATE_KEY=
THIRDWEB_SECRET_KEY=
RELAYER_URL=
  1. After that, fill out the information needed.

  2. Get the private key of the compromised wallet and paste it as a value to WALLET_PRIVATE_KEY=

  3. Get the secret key from this thirdweb.com/create-api-key

  4. Get the relayer_url from this tutorial blog.thirdweb.com/guides/setup-gasless-tran..

  5. Copy and paste the code below to your local index.js

import { config } from "dotenv";
import { ThirdwebSDK } from "@thirdweb-dev/sdk";

config();

const newAdmin = "0x...";
const contractAddress = "0x...";

const main = async () => {
  if (!process.env.WALLET_PRIVATE_KEY) {
    throw new Error("No private key found!");
  }

  try {
    const sdk = ThirdwebSDK.fromPrivateKey(process.env.WALLET_PRIVATE_KEY, 'polygon', {
      gasless: {
        openzeppelin: {
          relayerUrl: process.env.RELAYER_URL, // Learn more: https://blog.thirdweb.com/guides/setup-gasless-transactions/
        },
      },
      secretKey: process.env.THIRDWEB_SECRET_KEY,
    });

    const contract = await sdk.getContract(contractAddress);
    // run this first so you can set it as owner.
    const tx = await contract.roles.grant("admin", newAdmin);
    // Uncomment this, and comment the code above ^ after you set the newAdmin as admin.
    // const tx = await contract.owner.set(newAdmin);

    console.log(tx);

  } catch(error) {
    console.error("Something went wrong: ", error);
  }
};

main();
  1. Fill in the information for the variables.
const newAdmin = "0x...";
const contractAddress = "0x...";
  1. Run the code by doing node index.js

Usage

  1. After the setup, run the script straight. node index.js

  2. Comment on this part by adding // in front of it.

const tx = await contract.roles.grant("admin", newAdmin);
  1. Then, uncomment this part. By removing the // in front of it.
const tx = await contract.owner.set(newAdmin);
  1. Run again the script. node index.js

That's it! โœจ See you on my next blog... ๐Ÿ’–

ย