Inheritable Smart Contract Wallet

First Flight #35

Beginner FriendlySolidity

100 EXP

View results

Previous Next

Submission Details

Severity: medium

Valid

Timer Not Reset for All Owner Transactions, Leading to Unintended Inheritance

0xalipede

Summary

The contract InheritanceManager.sol fails to reset the 90-day inactivity timer in certain owner actions, specifically in contractInteractions(), createEstateNFT() and removeBeneficiary(). This violates the protocol's core invariant that every owner transaction must reset the timer and allows not only beneficiaries but even attackers to inherit the contract.

Vulnerability Details

Affected code:

The contract assumes that every interaction by the owner resets the inactivity timer to 90 days. However, three functions - contractInteractions(), createEstateNFT() and removeBeneficiary() in InheritanceManager.sol do not call _setDeadline(). As a result, these interactions do not extend the inheritance deadline, potentially leading to unintended inheritance activation despite ongoing owner activity. Furthermore, an active owner could interact with the contract but still lose ownership due to inheritance being triggered.

Impact

Even if the owner is actively using the contract, missing _setDeadline() calls could cause the contract to assume inactivity and allow beneficiaries to inherit funds.
If the contract has only one beneficiary (the owner's backup wallet) then it is even worse because the owner can lose ownership of the contract due to this block in the inherit() function:
if (beneficiaries.length == 1) {
owner = msg.sender;
_setDeadline();
}

Breaking a core invariant - the system is designed to ensure that any owner interaction resets the timer. This issue breaks that assumption, introducing unintended behavior.

Tools Used

Manual review

Recommendations

To keep the protocol's invariant => "EVERY transaction the owner does with this contract must reset the 90 days timer" and maintain the protocol’s expected behavior, add _setDeadline(); at the end of the affected functions:

function contractInteractions(address _target, bytes calldata _payload, uint256 _value, bool _storeTarget)

external

nonReentrant

onlyOwner

{

...

_setDeadline();

}

function createEstateNFT(string memory _description, uint256 _value, address _asset) external onlyOwner {

...

_setDeadline();

}

function removeBeneficiary(address _beneficiary) external onlyOwner {

...

_setDeadline();

}

By implementing this fix, the contract will correctly reset the 90-day timer for all owner interactions, preserving the intended functionality and preventing unintended inheritance.

Updates

Lead Judging Commences

0xtimefliez Lead Judge 4 months ago

Submission Judgement Published

Validated

Assigned finding tags:

functions do not reset the deadline

Rewards breakdown

nSLOC

211

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.