Inheritable Smart Contract Wallet
First Flight #35
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: high
Valid

Inefficient Loop and Incorrect Transfer Logic in `buyOutEstateNFT`

0xshaedyw

Summary

The loop in the buyOutEstateNFT function is inefficient and contains incorrect transfer logic. The return statement inside the loop prevents the remaining beneficiaries from receiving their funds.

Vulnerability Details

The loop:

for (uint256 i = 0; i < beneficiaries.length; i++) {
if (msg.sender == beneficiaries[i]) {
return; // Exits the function prematurely
} else {
IERC20(assetToPay).safeTransfer(beneficiaries[i], finalAmount / divisor);
}
}

  • If msg.sender is a beneficiary, the function exits immediately (return), preventing the remaining beneficiaries from receiving their funds.

  • This is inefficient and incorrect, as all beneficiaries (except the buyer) should receive their share.

Impact

  • Incomplete Fund Distribution: Only some beneficiaries receive their funds, while others are excluded.

  • Inefficient Logic: The loop exits prematurely, wasting gas and leaving the function incomplete.

Tools Used

Manual code review

Recommendations

Remove the return statement and ensure all beneficiaries (except the buyer) receive their funds:

for (uint256 i = 0; i < beneficiaries.length; i++) {
if (msg.sender != beneficiaries[i]) {
IERC20(assetToPay).safeTransfer(beneficiaries[i], finalAmount / divisor);
}
}
Updates

Lead Judging Commences

0xtimefliez Lead Judge 6 months ago
Submission Judgement Published
Validated
Assigned finding tags:

buyOutNFT has return instead of continue

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.