diff --git a/src/naming/main.cairo b/src/naming/main.cairo
index cda01ed..c57197e 100644
--- a/src/naming/main.cairo
+++ b/src/naming/main.cairo
@@ -328,14 +328,14 @@ mod Naming {
             }
 
             // otherwise, if it is a root domain, he doesn't own it
-            assert(domain.len() != 1 && domain.len() != 0, 'you don\'t own this domain1');
+            assert(domain.len() != 1 && domain.len() != 0, 'you don\'t own this domain');
 
             // if he doesn't own the starknet id, and doesn't own the domain, he might own the parent domain
             let parent_key = self._assert_is_owner(domain.slice(1, domain.len() - 1), account);
             // we ensure that the key is the same as the parent key
             // this is to allow to revoke all subdomains in o(1) writes, by juste updating the key of the parent
             if (data.parent_key != 0) {
-                assert(parent_key == data.parent_key, 'you don\'t own this domain2');
+                assert(parent_key == data.parent_key, 'you no longer own this domain');
             }
             data.key
         }
diff --git a/src/tests/naming/test_abuses.cairo b/src/tests/naming/test_abuses.cairo
index c4ad0f6..e27cd8e 100644
--- a/src/tests/naming/test_abuses.cairo
+++ b/src/tests/naming/test_abuses.cairo
@@ -116,3 +116,60 @@ fn test_buying_twice_on_same_id() {
             id, altdomain, 365, ContractAddressZeroable::zero(), ContractAddressZeroable::zero(), 0
         );
 }
+
+#[cfg(test)]
+#[test]
+#[available_gas(2000000000)]
+#[should_panic(expected: ('you don\'t own this domain', 'ENTRYPOINT_FAILED'))]
+fn test_non_owner_cannot_transfer_domain() {
+    // setup
+    let (_, _, identity, naming) = deploy();
+
+    let caller_owner = contract_address_const::<0x123>();
+    let caller_not_owner = contract_address_const::<0x456>();
+
+    set_contract_address(caller_owner);
+
+    let id_owner = 1;
+    let id_not_owner = 2;
+    let domain_name = array![33133781693].span(); // th0rgal
+
+    // Mint IDs for both users.
+    identity.mint(id_owner);
+
+    // Assuming you've already acquired the domain for id_owner.
+    // Transfer domain using a non-owner ID should panic.
+    set_contract_address(caller_not_owner);
+    identity.mint(id_not_owner);
+    naming.transfer_domain(domain_name, id_not_owner);
+}
+
+#[cfg(test)]
+#[test]
+#[available_gas(2000000000)]
+#[should_panic(expected: ('you are not admin', 'ENTRYPOINT_FAILED'))]
+fn test_non_admin_cannot_set_admin() {
+    // setup
+    let (_, _, _, naming) = deploy();
+    let non_admin_address = contract_address_const::<0x456>();
+    set_contract_address(non_admin_address);
+
+    // A non-admin tries to set a new admin
+    let new_admin = contract_address_const::<0x789>();
+    naming.set_admin(new_admin);
+}
+
+#[cfg(test)]
+#[test]
+#[available_gas(2000000000)]
+#[should_panic(expected: ('you are not admin', 'ENTRYPOINT_FAILED'))]
+fn test_non_admin_cannot_claim_balance() {
+    // setup
+    let (eth, _, _, naming) = deploy();
+    let non_admin_address = contract_address_const::<0x456>();
+    set_contract_address(non_admin_address);
+
+    // A non-admin tries to claim the balance of the contract
+    naming.claim_balance(eth.contract_address);
+}
+