There's a bug in the onlyBeneficiaryWithIsInherited
modifier that can cause an out-of-bounds error when checking if the caller is a beneficiary. The issue comes from an incorrect loop condition, which allows the index to go beyond the length of the beneficiaries
array. If this happens, the contract will revert, making functions that use this modifier completely unusable.
Line 53
Notice the +1
in the condition. That means the loop will try to access beneficiaries[i]
even when i
is out of bounds, causing an immediate revert. As a result:
Beneficiaries won't be able to call certain functions (like buyOutEstateNFT()
or appointTrustee()
).
Inheritance functions may be completely broken, leaving funds stuck.
No beneficiary use functions protected by this modifier.
Inheritance assets may become inaccessible forever.
The contract could be unusable after deployment unless fixed.
Foundry
Manual code review
To fix the issue modify the onlyBeneficiaryWithIsInherited
modifier to ensure safe array access:
This way, if msg.sender
isn’t in the beneficiaries
list, it fails gracefully with a proper error message instead of crashing the whole function.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.