Submission Details
Impact:
Likelihood:
MultiSigWallet: No Emergency Escape — Funds Can Be Permanently Locked
[MEDIUM] MultiSigWallet: No Emergency Escape — Funds Can Be Permanently Locked
File: sources/2025-02-datingdapp/src/MultiSig.sol
Lines: All
Summary
Each matched pair gets a freshly deployed MultiSigWallet. If either owner is unresponsive, lost their key, or is a non-cooperative contract, the ETH inside is permanently locked with no timeout or escape hatch.
Vulnerability Details
function executeTransaction(uint256 _txId) external onlyOwners {
require(txn.approvedByOwner1 && txn.approvedByOwner2, "Not enough approvals");
// BOTH must approve — one uncooperative party = permanent lock
}
// No timeout, no guardian, no self-destruct, no emergency withdrawal
Impact
-
One matched user can hold the other's funds hostage.
-
If a matched address is an unresponsive smart contract, both users lose their ETH.
-
Denial of service on the reward mechanism.
Tools Used
Manual review
Recommendations
Add a time-based emergency withdrawal:
uint256 public immutable deployedAt;
uint256 constant TIMEOUT = 30 days;
constructor(address _owner1, address _owner2) {
deployedAt = block.timestamp;
...
}
function emergencyWithdraw() external onlyOwners {
require(block.timestamp > deployedAt + TIMEOUT, "Timeout not reached");
uint256 share = address(this).balance / 2;
(bool s1,) = payable(owner1).call{value: share}("");
(bool s2,) = payable(owner2).call{value: address(this).balance}("");
require(s1 && s2, "Emergency withdraw failed");
}
Rewards breakdown
This contest has a flat reward structure with the following payouts:
Live
The contest is live. Earn rewards by submitting a finding.
Judging
Submissions are being reviewed by our AI judge. Results will be available in a few minutes.
View all submissionsRewards Distribution
The contest is complete and the rewards are being distributed.