Project
One World
NFTDeFi
15,000 USDC
View results
Previous Next
Submission Details
Severity: high
Invalid

Locked Ether in Smart Contract Due to Missing Withdraw Functionality

firmanregar

Summary

The MembershipFactory and NativeMetaTransaction contracts allow Ether to be received but lack mechanisms to withdraw it. This vulnerability leads to locked Ether within the contract, potentially resulting in trapped funds that cannot be accessed or recovered. This issue can severely impact the utility of the contract and reduce the effectiveness of any funds management within the smart contract ecosystem.

Vulnerability Details

The MembershipFactory and NativeMetaTransaction contracts do not have any defined methods to transfer Ether out of their respective contract addresses. While these contracts may accumulate Ether through user interactions or fallback functions, there is currently no way to withdraw this Ether, effectively trapping it in the contract.

Affected Line of Code

Impact

Permanent loss of Ether within the contract, creating irrecoverable locked funds and diminishing contract usability. Given that these contracts lack a function to withdraw Ether, any Ether sent directly or via fallback functions will remain unrecoverable. This vulnerability has a high likelihood of being encountered, especially if users mistakenly send Ether to these contracts, either through misunderstanding or malicious redirection.

Without a withdrawal mechanism, any Ether sent to these contracts, either intentionally or unintentionally, will remain locked indefinitely. This presents several critical issues:

  1. Locked Funds: All Ether received by the contract is trapped, causing a loss for users and potentially accumulating unusable funds within the contract.

  2. Reduced Contract Functionality: In cases where Ether is intended to be used in some operational capacity, such as rewards or funding, this inability to access Ether can limit the contract’s core functionalities.

  3. Usability Risk: This issue can diminish trust in the contract, as any misrouted Ether cannot be recovered, leading to poor user experience and potential financial losses.

Proof of Concept

If a user mistakenly sends Ether to either MembershipFactory or NativeMetaTransaction contracts, the Ether becomes irreversibly locked. Here’s a basic demonstration:

  1. A user mistakenly sends Ether directly to the MembershipFactory contract:

    // Assume `factory` is the deployed MembershipFactory contract
    factory.sendTransaction({ value: 1 ether });

  2. Since the contract lacks a withdrawal mechanism, this Ether is permanently locked.

Tools Used

Manual Review

Recommendations

  • Add a Withdrawal Function: Implement a withdrawEther function to allow authorized roles (e.g., DEFAULT_ADMIN_ROLE) to transfer Ether from the contract. For example:

function withdrawEther(address payable _to) external onlyRole(DEFAULT_ADMIN_ROLE) {
require(_to != address(0), "Invalid address");
_to.transfer(address(this).balance);
}

  • Ensure Ether Receivability: Implement a receive() function to allow Ether to be received if needed.

receive() external payable {}

Implementing these changes will provide a controlled mechanism for Ether management, ensuring funds are not accidentally locked.

Updates

Lead Judging Commences

0xbrivan2 Lead Judge 9 months ago
Submission Judgement Published
Invalidated
Reason: Design choice

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.