Inheritable Smart Contract Wallet

Summary

The appointTrustee function is protected by the onlyBeneficiaryWithIsInherited modifier, which is intended to restrict this function to beneficiaries only after inheritance has been triggered. However, the owner can manipulate this by adding themselves as a beneficiary.

Vulnerability Details

1. The appointTrustee function uses the onlyBeneficiaryWithIsInherited modifier, intended to restrict access to beneficiaries

2. The owner can add themselves as a beneficiary using addBeneficiery(owner)

3. The owner can trigger inheritance when the deadline passes

4. The owner can then appoint any trustee they want, despite not being an intended beneficiary in the inheritance process

Impact

1. Violation of Access Control: The appointTrustee function is clearly intended to be used by beneficiaries after inheritance, but the owner can bypass this restriction.

2. Trust Violation: The entire purpose of the contract is to ensure that assets are properly handled according to the owner's instructions after certain conditions are met. This vulnerability undermines that trust model.

3. Manipulation Risk: A malicious trustee could potentially manipulate asset valuations or other important contract parameters.

4. Logical Inconsistency: The contract design implies a separation between the owner (who sets up inheritance) and beneficiaries (who execute inheritance), but this vulnerability blurs that line.

Tools Used

Recommendations

1. Add Role Separation: Implement a check that prevents an address from being both the owner and a beneficiary:

   Note this logic might need other places changes but it is much needed to clear this out.

   function addBeneficiery(address _beneficiary) external onlyOwner {

   require(_beneficiary != owner, "Owner cannot be a beneficiary");

   beneficiaries.push(_beneficiary);

   _setDeadline();

   }