40,000 USDC
View results
Submission Details
Severity: low

`newEscrow()` does not check reentry

Summary

Because the tokenContract parameter is from user.And it will call by tokenContract.safeTransferFrom(msg.sender, computedAddress, price);, this may have a risk of reentry. I suggest adding check to newEscrow()

https://github.com/Cyfrin/2023-07-escrow/blob/main/src/EscrowFactory.sol#L39

Recommendations

Add check reentry

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.