Inheritable Smart Contract Wallet

Summary

The buyOutEstateNFT function of the InheritanceManager contract where the code performs division operations using beneficiaries.length without verifying that there are actually beneficiaries in the array. This can lead to division by zero errors, causing transactions to uint256 panic(0x01)"revert" and potentially rendering NFTs impossible to buy out if there are no beneficiaries.

Vulnerability Details

The buyOutEstateNFT function uses the length of the beneficiaries array as a divisor in multiple calculations without first checking if the array is empty. This creates a vulnerability where the function will revert with a division by zero error if there are no beneficiaries registered.

The vulnerable code:

If beneficiaries.length is 0:

1. divisor becomes 0

2. finalAmount calculation attempts to divide by zero

3. The transaction reverts due to the division by zero error

Impact

This vulnerability has several serious implications:

1. Denial of Service: If all beneficiaries are removed from the system, it becomes impossible to buy out any NFT, effectively creating a permanent lock.

2. Transaction Failure: Any attempt to call the buyOutEstateNFT function with an empty beneficiaries array will result in transaction failure and wasted gas.

3. Asset Recovery Issue: If NFTs become inaccessible due to this vulnerability, there may be no way to recover their value.

4. Protocol Reliability: The protocol cannot guarantee its core functionality will remain operational under all conditions.

Tools Used

manual review

Recommendations

// Require at least one beneficiary

require(beneficiaries.length > 0, "No beneficiaries available");