Because the tokenContract
parameter is from user.And it will call by tokenContract.safeTransferFrom(msg.sender, computedAddress, price);
, this may have a risk of reentry. I suggest adding check to newEscrow()
https://github.com/Cyfrin/2023-07-escrow/blob/main/src/EscrowFactory.sol#L39
Add check reentry
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.