ETH Deposit Mechanism Missing in InheritanceManager Contract
Summary
The InheritanceManager contract is intended to facilitate the management and distribution of inherited assets, including ETH, ERC20 tokens, and NFTs. However, a critical flaw exists: the contract lacks any mechanism for the owner to deposit ETH. This limitation prevents the contract from holding or distributing ETH as part of the inheritance process, undermining its core functionality and intended purpose.
Vulnerability Details
The InheritanceManager contract does not include any payable functions, a receive() function, or a fallback() function. As a result, the owner cannot send ETH to the contract, either through a direct transfer or a specific function call. This absence of ETH deposit mechanisms ensures that the contract cannot accumulate ETH for subsequent distribution to beneficiaries.
Impact
The inability to deposit ETH has significant consequences:
-
Functional Limitation: The contract cannot hold ETH, rendering features such as withdrawInheritedFunds ineffective for ETH distribution.
-
Mismatch with Purpose: The contract's stated goal of managing various asset types, including ETH, is unachievable, reducing its overall utility and effectiveness.
-
User Experience: Owners expecting to use the contract to manage all asset types, including ETH, will find it incomplete and unfit for their needs.
Tools Used
Manual Review
Recommendations
To remediate this flaw, the following changes are recommended:
Add a Payable Function
Implement adepositETH()function marked aspayable, restricted to the owner, to explicitly allow ETH deposits.
Implement a Receive Function
Add a receive() function to handle direct ETH transfers to the contract address.
Lead Judging Commences
Missing receive() or fallback() function
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.