[BUG] Owners can set min-confirmation > 20 and by doing so they can lock safe permanently.

Lines 124 to 130 in e5a3768

    
           (define-public (set-min-confirmation (value uint)) 
        
               (begin 
        
                   (asserts! (is-eq tx-sender SELF) ERR-CALLER-MUST-BE-SELF) 
        
                   (asserts! (> value u0) ERR-MIN-CONFIRMATION-CANT-BE-ZERO) 
        
                   (ok (set-min-confirmation-internal value)) 
        
               ) 
        
           )

There should be one more asserts! that ensures value is less than or equal 20.

It can be also set up to be greater than current number of owners and result will be the same - permanent contract lock.

Thanks for reported @LNow Thats a nice catch! Fixed

Hey @talhasch! There is still a loophole I mentioned in 2nd comment.
You can change min-confirmation to be greater than current number of safe owners and you'll end up with locked safe.

Yeah thats right! Also min-confirmation has to be checked while removing and owner...

Validations added to guarantee that min-confirmation always equal or lower than owner count.

	(define-public (set-min-confirmation (value uint))
	(begin
	(asserts! (is-eq tx-sender SELF) ERR-CALLER-MUST-BE-SELF)
	(asserts! (> value u0) ERR-MIN-CONFIRMATION-CANT-BE-ZERO)
	(ok (set-min-confirmation-internal value))
	)
	)