Submission Details
Severity:
Residual losses due to non-exact divisions in `InheritanceManager:withdrawInheritedFunds` and `InheritanceManager:buyOutEstateNFT`
Summary
The functions withdrawInheritedFunds and buyOutEstateNFT perform exact divisions, and if the division isn't exact, some funds can remain in the smart contract.
Recommendations
Use more sophisticated libraries for calculations or mitigate as follows.
In this case, we send the residual to the first in the list:
function withdrawInheritedFunds(address _asset) external {
if (!isInherited) {
revert NotYetInherited();
}
uint256 divisor = beneficiaries.length;
if (_asset == address(0)) {
uint256 ethAmountAvailable = address(this).balance;
uint256 amountPerBeneficiary = ethAmountAvailable / divisor;
+ uint256 remainder = ethAmountAvailable % divisor;
for (uint256 i = 0; i < divisor; i++) {
address payable beneficiary = payable(beneficiaries[i]);
+ uint256 amountToSend = amountPerBeneficiary + (i == 0 ? remainder : 0);
(bool success, ) = beneficiary.call{
value: amountToSend
}("");
require(success, "something went wrong");
}
} else {
uint256 assetAmountAvailable = IERC20(_asset).balanceOf(
address(this)
);
uint256 amountPerBeneficiary = assetAmountAvailable / divisor;
uint256 remainder = amountPerBeneficiary % divisor;
for (uint256 i = 0; i < divisor; i++) {
uint256 amountToSend = amountPerBeneficiary + (i == 0 ? remainder : 0);
IERC20(_asset).safeTransfer(
beneficiaries[i],
amountToSend
);
}
}
}
Updates
Lead Judging Commences
0xtimefliez 3 months ago
Submission Judgement Published Assigned finding tags:
buyOutNFT has wrong denominator
truncation of integers
Rewards breakdown
nSLOC
211This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.