Inheritable Smart Contract Wallet

Summary

Several owner functions in the InheritanceManager contract do not reset the inactivity deadline, potentially allowing beneficiaries to claim inheritance prematurely while the owner is still actively interacting with the contract. This breaks the intended time-locked inheritance mechanism, which relies on a 90-day inactivity period to trigger the inheritance process.

Vulnerability Details

The InheritanceManager contract implements a time-locked inheritance mechanism where a deadline is set to block.timestamp + 90 days. This deadline determines when beneficiaries can claim the inheritance, and it is intended to be reset with every owner interaction to reflect ongoing activity. However, certain owner-only functions fail to call the _setDeadline() function, which is responsible for extending this timer. The affected functions are:

• createEstateNFT(): Creates an estate NFT but does not reset the deadline.

• removeBeneficiary(): Removes a beneficiary from the list but does not reset the deadline.

• contractInteractions(): Allows the owner to interact with external contracts but does not reset the deadline.

In contrast, functions like sendERC20(), sendETH(), and addBeneficiary() correctly call _setDeadline() to extend the timer. The absence of this call in the listed functions means that owner activities such as creating NFTs, managing beneficiaries, or interacting with external contracts do not extend the 90-day inactivity period. As a result, the deadline may expire even if the owner is actively using the contract, incorrectly signaling inactivity.

Impact

The failure to reset the deadline in these owner functions introduces significant risks:

• Premature Inheritance Claims: Beneficiaries can invoke the inherit() function after 90 days and claim the inheritance, even if the owner is actively managing the contract through the affected functions. This undermines the contract's purpose of ensuring inheritance only occurs after true inactivity.

• Loss of Owner Control: The owner could unexpectedly lose control of the contract and its assets, as beneficiaries take over prematurely.

• Operational Disruption: Ongoing activities, such as external contract interactions or NFT management, could be interrupted if the inheritance process is triggered.

Proof of Concept (PoC)

The following scenario demonstrates the vulnerability:

1. The owner deploys the InheritanceManager contract and configures beneficiaries.

2. Over the next 90 days, the owner actively calls createEstateNFT() to create NFTs and contractInteractions() to manage external contracts. However, since these functions do not call _setDeadline(), the inactivity timer continues to count down from the initial deployment.

3. After 90 days, a beneficiary calls inherit(). Because the deadline has expired, the inheritance process succeeds, transferring control or assets to the beneficiaries despite the owner's ongoing activity.

4. If there is a single beneficiary, they become the new owner; if multiple, the isInherited flag is set to true, allowing withdrawals.

Tools Used

• Manual review

Recommendations

To prevent premature inheritance claims and ensure the deadline accurately reflects owner activity, add the _setDeadline() call to all owner functions that indicate active management of the contract. Specifically, update the following functions:

• createEstateNFT()

• removeBeneficiary()

• contractInteractions()

By incorporating _setDeadline() into these functions, any owner interaction will reset the 90-day inactivity timer, ensuring that inheritance can only be claimed after a genuine period of inactivity, as intended by the contract's design.