Inheritable Smart Contract Wallet
First Flight #35
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: low
Invalid

Missing Balance Checks in `inheritanceManager::sendETH` May Cause Unintended Reverts

derastephh

Summary

The inheritanceManager::sendETH function do not perform balance checks before attempting to send ETH. This can lead to unintended transaction failures if the contract does not have sufficient funds.

Vulnerability Details

In the sendETH function, there is no check to ensure that the contract has enough ETH before making the transfer:

function sendETH(uint256 _amount, address _to) external nonReentrant onlyOwner {
// missing balance check
// missing balance update
(bool success,) = _to.call{value: _amount}("");
require(success, "Transfer Failed");
_setDeadline();
}

Similarly, in the inheritanceManager::sendERC20 function, while there is a check for balance, there is no update to track the amount deducted from the contract:

function sendERC20(address _tokenAddress, uint256 _amount, address _to) external nonReentrant onlyOwner {
if (IERC20(_tokenAddress).balanceOf(address(this)) < _amount) {
revert InsufficientBalance();
}
// missing balance update
IERC20(_tokenAddress).safeTransfer(_to, _amount);
_setDeadline();
}

Impact

  • Unintended Transaction Reverts: If _amount is greater than the contract’s balance, the transaction will revert, potentially blocking functionality.

  • Unexpected failures can lead to confusion and unnecessary gas costs for the contract owner.

  • Lack of Internal Tracking

Tools

  • Manual code review

Recommendations

  • Add Balance Check and Internal Tracking

Updates

Lead Judging Commences

0xtimefliez Lead Judge 6 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.