Submission Details
Severity:
Unauthorized Ownership Claim with Single Beneficiar
Summary
The inherit() function allows any address to claim ownership when there's only one beneficiary
Vulnerability Details
The function allows any caller to become the owner of the contract after the inactivity deadline if there is only one beneficiery.
functiThe function allows any caller to become the owner of the contract after the inactivity deadlineon inherit() external {
if (block.timestamp < getDeadline()) {
revert InactivityPeriodNotLongEnough();
}
if (beneficiaries.length == 1) {
owner = msg.sender; // No verification that msg.sender is the beneficiary
_setDeadline();
} else if (beneficiaries.length > 1) {
isInherited = true;
} else {
revert InvalidBeneficiaries();
}
}
Impact
Unauthorized addresses can gain complete control of the inheritance contract
Tools Used
Manual review
Recommendations
Add beneficiary verification to prevent unauthorized ownership claims
Updates
Lead Judging Commences
0xtimefliez 3 months ago
Submission Judgement Published Assigned finding tags:
Inherit depends on msg.sender so anyone can claim the contract
0xtimefliez 3 months ago
Submission Judgement Published Assigned finding tags:
Inherit depends on msg.sender so anyone can claim the contract
Rewards breakdown
nSLOC
211This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.