Inheritable Smart Contract Wallet

Summary

The inherit() function allows any caller to trigger inheritance once the deadline is reached. Due to a lack of access control, a malicious individual could call this function to assume ownership or enable inheritance, even if they are not an authorized beneficiary.

Vulnerability Details

The function checks the inactivity deadline with:

However, once the deadline has passed, it distinguishes between two cases:

• Single Beneficiary: If there is exactly one beneficiary, the caller becomes the new owner, regardless of whether they are the legitimate beneficiary.

• Multiple Beneficiaries: If there are multiple beneficiaries, it simply sets isInherited to true without verifying the caller’s legitimacy.

This lack of validation permits any external caller to trigger inheritance and potentially compromise the intended security model.

Impact

• Unauthorized Ownership Transfer: In the single beneficiary scenario, an attacker can call the function to become the new owner.

• Arbitrary Inheritance Trigger: In cases with multiple beneficiaries, an attacker can set the inheritance flag (isInherited) without authorization, potentially leading to fund misallocation.

• Overall Loss of Contract Integrity: Without proper access control, the intended inheritance mechanism can be subverted, undermining user trust and the security of the contract.

Tools Used

• Manual Code Review

Recommendations

1. Implement Access Control: Restrict the inherit() function so that only authorized beneficiaries can call it. Consider adding a modifier or explicit check to verify that msg.sender is a valid beneficiary.

   require(isValidBeneficiary(msg.sender), "Caller is not an authorized beneficiary");

   ​

2. Differentiate Inheritance Paths: Separate the logic for reclaiming ownership from unauthorized inheritance claims. This could involve creating distinct functions with proper access controls.

3. Enhance Testing: Include unit tests to simulate unauthorized calls to inherit() and ensure that such calls are properly rejected.

4. Review Inheritance Logic: Reassess the overall design of the inheritance mechanism to ensure that it adheres to the intended security and usability requirements.