Description: In InheritanceManager:WithdrawInheritedFunds
, it will loop through the beneficiaries array and transfer the asset to all beneficiaries.
If one of the beneficiaries is a contract that reverts on receiving ETH, the whole withdraw process will be reverted, all beneficiaries will not receive the ETH.
Impact: This issue results in potential risks for all beneficiaries not receiving the intended asset.
Proof of Concept: Add an attacker contract with revert on receive function and the following test case to simulate the scenario.
Recommended Mitigation:
Suggest redesigning the withdrawal process to allow each beneficiary to withdraw their assets individually.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.