Inheritable Smart Contract Wallet
First Flight #35
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Invalid

Potential DoS in onlyBeneficiaryWithIsInherited Modifier

sdonkov

Summary

The onlyBeneficiaryWithIsInherited modifier in the InheritanceManager contract uses a while loop to iterate over the beneficiaries array. If the array grows too large, this could lead to a denial-of-service (DoS) attack due to excessive gas consumption. It could also cause an out-of-bounds error if no match is found.

Vulnerability Details

  • Code:

    modifier onlyBeneficiaryWithIsInherited() {
    uint256 i = 0;
    while (i < beneficiaries.length + 1) {
    if (msg.sender == beneficiaries[i] && isInherited) {
    break;
    }
    i++;
    }
    _;
    }

Issue: A large beneficiaries array could make the contract unusable due to high gas costs

Impact

A DoS attack could make the contract unusable.

Tools Used

Manual review

Recommendations

Use a mapping instead of array:

mapping(address => bool) public isBeneficiary;
modifier onlyBeneficiaryWithIsInherited() {
require(isBeneficiary[msg.sender], "Not a beneficiary");
require(isInherited, "Inheritance not activated");
_;
}

Change while (i < beneficiaries.length + 1) to while (i < beneficiaries.length) to prevent out-of-bounds errors.

Updates

Lead Judging Commences

0xtimefliez Lead Judge 9 months ago
Submission Judgement Published
Invalidated
Reason: Lack of quality

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!