Inheritable Smart Contract Wallet
First Flight #35
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Invalid

Lack of Duplicate Check in addBeneficiery Leads to Unequal Fund Distribution

eightysix

Summary

The addBeneficiery function in InheritanceManager.sol does not check for duplicate entries before adding a beneficiary. This allows the same address to be added multiple times, leading to an unfair distribution of inherited funds.

Vulnerability Details

The InheritanceManager.sol::withdrawInheritedFunds function distributes funds equally among all beneficiaries by dividing the total balance by the number of entries in the beneficiaries array. If a single address appears multiple times, it will receive multiple shares, allowing one beneficiary to claim a disproportionate amount of funds.

Impact

Unfair fund distribution: A beneficiary listed multiple times receives a larger share than intended. receives.

Tools Used

Foundry Test

Recommendations

To prevent duplicate entries, use a mapping to track added beneficiaries

mapping(address => bool) public isBeneficiary;
function addBeneficiery(address _beneficiary) external onlyOwner {
require(!isBeneficiary[_beneficiary], "Beneficiary already added");
beneficiaries.push(_beneficiary);
isBeneficiary[_beneficiary] = true;
_setDeadline();
}
Updates

Lead Judging Commences

0xtimefliez Lead Judge 6 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.