Exit Condition Prevents Fund Distribution in buyOutEstateNFT
Summary
The buyOutEstateNFT function exits early if msg.sender is found in the beneficiaries array, preventing fund distribution and NFT burning. This results in a logical failure where neither the intended payments are executed nor the NFT is properly transferred or burned.
Vulnerability Details
In the for loop, the condition:
immediately exits the function if the sender is in the beneficiaries list. As a result:
• The funds are never transferred to other beneficiaries.
• The NFT is never burned.
• The buyout process is left incomplete, leading to a broken state.
Impact
• Funds Lockup: Other beneficiaries do not receive their share of the buyout amount.
• Failed NFT Transfer: The NFT remains in existence despite a buyout attempt, leading to inconsistencies in the contract state.
Tools Used
Manual review
Recommendations
• Remove the return; statement to ensure that the function continues executing.
• Instead, modify the loop to skip transferring funds to msg.sender:
Lead Judging Commences
buyOutNFT has return instead of continue
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.