Inheritable Smart Contract Wallet

First Flight #35

Beginner FriendlySolidity

100 EXP

View results

Previous Next

Submission Details

Severity: high

Invalid

Reentrancy Vulnerability in withdrawInheritedFunds Function

0xadwa

Summary

The withdrawInheritedFunds function is vulnerable to reentrancy attacks because it performs state-dependent logic after transferring funds. A malicious beneficiary can exploit this by re-entering the function during an Ether or ERC-20 token transfer, causing an unexpected flow of execution and potentially draining the contract.

Vulnerability Details

• The function loops over beneficiaries and sends them either Ether (call{value: amountPerBeneficiary}("")) or ERC-20 tokens (safeTransfer).

• If a beneficiary is a malicious contract, its fallback function can re-enter withdrawInheritedFunds before the loop completes.

function withdrawInheritedFunds(address _asset) external {

if (!isInherited) {

revert NotYetInherited();

}

uint256 divisor = beneficiaries.length;

if (_asset == address(0)) {

uint256 ethAmountAvailable = address(this).balance;

uint256 amountPerBeneficiary = ethAmountAvailable / divisor;

for (uint256 i = 0; i < divisor; i++) {

address payable beneficiary = payable(beneficiaries[i]);

(bool success,) = beneficiary.call{value: amountPerBeneficiary}("");

require(success, "something went wrong");

}

} else {

uint256 assetAmountAvailable = IERC20(_asset).balanceOf(address(this));

uint256 amountPerBeneficiary = assetAmountAvailable / divisor;

for (uint256 i = 0; i < divisor; i++) {

IERC20(_asset).safeTransfer(beneficiaries[i], amountPerBeneficiary);

}

Impact

Loss of all funds in the contract, as a single malicious beneficiary can recursively withdraw multiple times before others get their share.
Unfair distribution, where a single attacker gets more than their fair share of the inheritance.

Tools Used

Manual review

Recommendations

Use Reentrancy Guards

Add OpenZeppelin’s nonReentrant modifier to prevent recursive calls:

function withdrawInheritedFunds(address _asset) external nonReentrant {

Updates

Lead Judging Commences

0xtimefliez Lead Judge 9 months ago

Submission Judgement Published

Invalidated

Reason: Incorrect statement

Rewards breakdown

nSLOC

211

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!