[GrantShares] GBA-02 `onlyOwner` Enforcement Hinders Role Separation

[OT-kraftchain]

During the execution of the deploy method, a check of the onlyOwner is performed, and this verifications result unnecessary since the method can only be executed during the contract's deployment, so the owner will never be established, thus there is no need for an identity verification.

This verification not only incurs additional gas costs but also forces the Owner to being the deployer, preventing it from being a cold wallet, which is not a recommended practice.

Recommendations
• Remove the call to the onlyOwner() method during the deploy process, allowing the owner to be set to be different from the address performing the deployment.

Source Code References

grantshares-contracts/src/main/java/com/axlabs/neo/grantshares/GrantSharesBridgeAdapter.java

Lines 277 to 288 in 728d55b

	public static void deploy(Object data, boolean update) {
	if (!update) {
	Storage.put(context, VERSION_KEY, 1);
	// Initialize the contract.
	DeployData deployData = (DeployData) data;
	Hash160 initialOwner = deployData.initialOwner;
	if (initialOwner == null || !Hash160.isValid(initialOwner) || initialOwner.isZero()) {
	abort("invalid initial owner");
	}
	Storage.put(context, OWNER_KEY, initialOwner);
	onlyOwner();