Unprotected selfdestruct detector#
Reports selfdestruct calls that are not protected by an
onlyOwner modifier or similar logic.
More precisely, access controls based on
msg.sender are checked in the detector.
Addresses set in a constructor or in functions protected by
onlyOwner (or similar) are considered trusted.
- The selfdestruct call is protected by a
requirestatement and so is not reported.
- The selfdestruct call is not protected by any access control condition using
ownerand so is reported.
The detector does not accept any additional parameters.