Inheritable Smart Contract Wallet
First Flight #35
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Valid

`createEstateNFT` function: The function fails to reset the deadline timer, violating a core contract invariant

alekseyts

Summary

A high vulnerability has been identified in the InheritanceManager contract's createEstateNFT function. The function fails to reset the deadline timer, violating a core contract invariant that requires every owner transaction to reset the 90-day timer.

Vulnerability Details

The vulnerability exists in the deadline management system:

  1. Missing Deadline Reset:

  • The createEstateNFT function does not call _setDeadline()

  • This violates the core contract assumption that all owner transactions must reset the timer

  • NFT creation operations do not update the dead man's switch timer

  1. Core Assumption Violation:
    From the test and documentation:

//SPDX-License-Identifier: MIT
pragma solidity 0.8.26;
import {Test, console} from "forge-std/Test.sol";
import {InheritanceManager} from "../src/InheritanceManager.sol";
import {ERC20Mock} from "@openzeppelin/contracts/mocks/token/ERC20Mock.sol";
contract InheritanceManagerAuditTest is Test {
InheritanceManager im;
ERC20Mock usdc;
ERC20Mock weth;
address owner = makeAddr("owner");
address user1 = makeAddr("user1");
function setUp() public {
vm.prank(owner);
im = new InheritanceManager();
usdc = new ERC20Mock();
weth = new ERC20Mock();
}
// test createEstateNFT : do not reset deadline
// fix: call last '_setDeadline();'
function test_createEstateNFT_dontResetDeadline() public {
/**
based on: ## Core Assumptions and Invariants
1. EVERY transaction the owner does with this contract must reset the 90 days timer
*/
vm.startPrank(owner);
im.createEstateNFT("house1", 100, address(0));
im.createEstateNFT("house2", 100, address(0));
vm.stopPrank();
assert(true);
}
}

The test demonstrates this by:

  1. Owner creates two estate NFTs:

    • "house1" with value 100

    • "house2" with value 100

  2. Neither NFT creation operation resets the deadline timer

  3. Core contract invariant is broken for NFT minting operations

Impact

High severity. The vulnerability allows:

  • Violation of core contract security assumptions

  • Breaking of the dead man's switch mechanism

  • Potential premature inheritance triggers

  • Risk of inheritance activation while owner is actively managing estate NFTs

Tools Used

  • Manual code review

  • Foundry test framework

  • Contract invariant analysis

  • NFT creation testing

Recommendations

  1. Add deadline reset to createEstateNFT:

function createEstateNFT(
string memory _name,
uint256 _value,
address _tokenAddress
) external onlyOwner {
// Existing NFT creation logic
// ...
// Reset deadline after NFT creation
_setDeadline();
}

  1. Implement systematic safeguards:

  • Create a modifier for owner functions that automatically resets deadline:

modifier resetsDeadline() {
_;
_setDeadline();
}
function createEstateNFT(
string memory _name,
uint256 _value,
address _tokenAddress
) external onlyOwner resetsDeadline {
// NFT creation logic
}

  1. Add additional security measures:

  • Add events for NFT creation and deadline updates

  • Implement deadline verification checks

  • Create emergency pause mechanism for NFT operations

Updates

Lead Judging Commences

0xtimefliez Lead Judge 10 months ago
Submission Judgement Published
Validated
Assigned finding tags:

functions do not reset the deadline

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!