diff --git a/firestore.rules b/firestore.rules
index 2a0f84c8..ecc48ccf 100644
--- a/firestore.rules
+++ b/firestore.rules
@@ -45,7 +45,8 @@ service cloud.firestore {
     match /contracts/{contractId} {
       allow read;
       allow update: if request.resource.data.diff(resource.data).affectedKeys()
-        .hasOnly(['description', 'closeTime', 'tags', 'lowercaseTags', 'autoResolutionTime']);
+        .hasOnly(['description', 'closeTime', 'tags', 'lowercaseTags', 'autoResolutionTime'])
+        && resource.data.id == request.auth.uid;
       allow update: if isAdmin();
     }