Inheritable Smart Contract Wallet
First Flight #35
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: high
Invalid

Division by zero in functions 'withdrawInheritedFunds' and 'buyOutEstateNFT' (Inheritancemanager.sol)

simranjitsinghss

Summary:

Hi,

I found out a potential vulnerability in the contract 'Inheritancemanager.sol' which can leads to the division-by-zero error via functions 'withdrawInheritedFunds' and 'buyOutEstateNFT'.

Vulnerability Details:

The key details of this potential vulnerability can be given as follows:

In the contract 'Inheritancemanager.sol', functions 'withdrawInheritedFunds' and 'buyOutEstateNFT' use beneficiaries.length as divisor without checking if it's 0 or not. Meaning if all beneficiaries are removed, it can cause division-by-zero error.

Impact:

Locking of funds with no beneficiaries, makes contract unusable.

Tools Used:

Manual Code Analysis

Recommendations:

Implement check system in the functions 'withdrawInheritedFunds' and 'buyOutEstateNFT' in the contract for beneficiaries available to collect funds from the contract by ensuring beneficiaries.length>0 before performing divison.

function withdrawInheritedFunds(address _asset) external {
if (!isInherited) {
revert NotYetInherited();
}
uint256 divisor = beneficiaries.length;
require(divisor > 0, "No beneficiaries");
// ... rest of the function
}
Updates

Lead Judging Commences

0xtimefliez Lead Judge 6 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.