Beginner FriendlySolidity
100 EXP
View results
Submission Details
Severity: medium
Invalid

Malicious Beneficiary can cause DOS in withdrawInheritedFunds

Vulnerability Details

if beneficiary is a smart contract, it can use revert method inside its receive function, when called by the withdrawInheritedFunds function to send ETH like this-

receive() external payable {
if (shouldRevert) {
revert();
}
}

Impact

Beneficiries won't be able to access their part of ETH

Tools Used

Manual Review

Recommendations

Instead of this push based method, we need to implement a pull based model where beneficiary will call this contract to get their share.

Updates

Lead Judging Commences

0xtimefliez Lead Judge 5 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.