Skip to main content

Unprotected Critical Function

This vulnerability category covers the following issues:

Suicide

Why is this important?

Due to missing or insufficient access controls, malicious parties can self-destruct the contract.

Securing Critical Functions

Option A: Remove the Unprotected Self Destruct Function

  1. Go through the issues that GuardRails identified in the PR/MR

  2. Identify the code that looks like this:

    contract SimpleSuicide {
    function sudicideAnyone() {
    selfdestruct(msg.sender);
    }
    }
  3. Remove the unprotected selfdestruct call

  4. Test it

  5. Ship it 🚢 and relax 🌴

More information:

Multiple Sends

Why is this important?

External calls can fail accidentally or deliberately. To minimize the damage caused by such failures, it is better to isolate each external call into its own transaction that can be initiated by the recipient of the call. This is especially relevant for payments, where it is better to let users withdraw funds rather than push funds to them automatically.

More information: