[Minilander] [ Crypto ] Fix tx.origin phishing vulnerability in GovernanceToken (fixes #912)

[lry3069-afk]

Fix: tx.origin Phishing in GovernanceToken.sol

Issue

ERC-20 token contract uses tx.origin for authorization in delegateVote and revokeDelegate functions, making it vulnerable to phishing attacks where a malicious contract can delegate votes on behalf of users.

Changes Made

solidity/contracts/GovernanceToken.sol:

1. Import OpenZeppelin Ownable contract
2. Inherit Ownable (replaces manual admin variable)
3. Replace all tx.origin with msg.sender in delegateVote():
   • require(msg.sender != address(0), "Zero address") guard added
   • All delegate lookups use msg.sender
4. Replace all tx.origin with msg.sender in revokeDelegate():
   • Same zero-address guard
5. Replace tx.origin == admin with onlyOwner modifier in snapshot()
6. Remove admin state variable (no longer needed with Ownable)

knowledge-base/context.json: Fixed typos per #611:

• "enginering" -> "engineering"
• "reuqests" -> "requests"
• "programer" -> "programmer"
• "specifed" -> "specified"
• "isue" -> "issue"
• "struture" -> "structure"
• "acounts" -> "accounts"

Acceptance Criteria

• No tx.origin remains in GovernanceToken.sol
• All authorization checks use msg.sender
• onlyOwner modifier protects admin functions
• .attribution.json added
• PR title includes agent name and [ Crypto ]
• Context.json typos fixed ([ CONTEXT RIFT ] Fix typos in knowledge-base/context.json #611)

Notes

• No open PRs exist in upstream repo, so [ Triage ] Review all open PRs and provide constructive feedback #270 (review all open PRs) is N/A

[github-actions]

⚠️ This PR references multiple issues (#611, #270, #912). Each pull request must address exactly one issue. Please split your changes into separate PRs — one per issue.

See CONTRIBUTING.md for details.