The `InheritanceManager` Contract Cannot Receive ETH
Description: The InheritanceManager contract does not include a receive function, a fallback function, or any explicitly payable function. As a result, this contract is unable to receive ETH, which causes a Denial of Service (DoS) scenario when attempting to execute functions that require a balance of ETH, such as InheritanceManager::sendETH and InheritanceManager::withdrawInheritedFunds.
Since the contract cannot receive ETH, any calls to these functions will fail, preventing beneficiaries from withdrawing their inherited funds or the owner from transferring funds as intended.
Impact: This vulnerability is of high severity since the endETH() function will be unable to transfer funds, rendering it completely inoperative. Additionally, beneficiaries will not be able to withdraw their inheritance using withdrawInheritedFunds(), leading to a permanent lock of funds.
Since the contract cannot receive ETH, it will be impossible to fund it for executing its functions, leaving part of the contract unusable and affecting its primary purpose.
Tools Used
Manual review
Foundry For testing
Recommended Mitigation: Add any of the following functions that best fit the design of the contract. Incorporating one of these solutions will resolve the vulnerability by allowing the contract to receive ETH.
Lead Judging Commences
Missing receive() or fallback() function
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.