Inheritable Smart Contract Wallet
First Flight #35
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: high
Invalid

Trustee System Lacks Critical Access Controls and Value Management

teoslaf

Summary

The Trustee system in the inheritance contract has significant vulnerabilities in its access control and value management mechanisms, allowing potential manipulation of NFT values and payment tokens.

Vulnerability Details

The Trustee contract implements critical NFT value management:

// In Trustee.sol
abstract contract Trustee {
address trustee;
address assetToPay;
mapping(uint256 NftIndex => uint256 value) nftValue;
function setNftValue(uint256 _index, uint256 _value) public onlyTrustee {
nftValue[_index] = _value;
}
function setAssetToPay(address _asset) external onlyTrustee {
assetToPay = _asset;
}
}
// In InheritanceManager.sol
function appointTrustee(address _trustee) external onlyBeneficiaryWithIsInherited {
trustee = _trustee;
}

Critical issues:

  1. Trustee Appointment

    • Any beneficiary can appoint trustee after inheritance

    • No consensus mechanism for appointment

    • No timelock or delay on appointment

    • No validation of trustee address

  2. Value Management

    • Trustee can arbitrarily change NFT values

    • No validation on value changes

    • No update frequency limits

    • No value change bounds

  3. Payment Token Control

    • Trustee can change payment token at will

    • No validation on token address

    • Changes affect all NFTs

    • No transition period for token changes

Impact

HIGH - The vulnerability enables:

  1. Value Manipulation

    • Malicious trustee can manipulate NFT values

    • Coordinated attacks between beneficiary and trustee

    • Forced unfair buyouts through value changes

    • Price manipulation before buyouts

  2. Token Manipulation

    • Switch to worthless or malicious tokens

    • Force buyouts with manipulated tokens

    • Break existing buyout agreements

    • DOS through invalid token settings

  3. System Control

    • Rogue trustee appointment

    • Manipulation of inheritance process

    • Interference with fair asset distribution

    • Permanent damage to NFT valuations

Tools Used

  • Manual code review

  • Access control analysis

  • State management analysis

Recommendations

  1. Improve Trustee Management:

contract InheritanceManager {
struct TrusteeInfo {
address addr;
uint256 appointmentTime;
uint256 activationTime;
uint256 lastValueUpdate;
bool active;
}
TrusteeInfo public trusteeInfo;
uint256 public constant TRUSTEE_DELAY = 3 days;
uint256 public constant MIN_UPDATE_INTERVAL = 1 days;
function appointTrustee(address _newTrustee) external {
require(isBeneficiaryConsensus(), "No consensus");
require(_newTrustee != address(0), "Invalid address");
trusteeInfo = TrusteeInfo({
addr: _newTrustee,
appointmentTime: block.timestamp,
activationTime: block.timestamp + TRUSTEE_DELAY,
lastValueUpdate: 0,
active: false
});
emit TrusteeAppointed(_newTrustee);
}
}

  1. Add Value Change Controls:

    • Implement min/max bounds for values

    • Add update frequency limits

    • Require value change justification

    • Add value change notifications

  2. Improve Token Management:

    • Whitelist allowed payment tokens

    • Add token change timelock

    • Implement token validation

    • Add emergency token recovery

Updates

Lead Judging Commences

0xtimefliez Lead Judge 9 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!