Missing checks at Escrow
contract creation.
There are checks in the constructor
of Escrow.sol
to unsure certain inputs and avoid users input errors but some checks are missing:
buyer
can input his own address as arbitrer
buyer
can input arbiterFee
= 0
buyer
can input his address as seller
buyer
can input his own address as arbitrer
: if the buyer
is malicious and seller
did not pay attention to the event
emit EscrowCreated(address(escrow), msg.sender, seller, arbiter);
at Escrow
contract creation, the buyer
could manipulate the dispute system and never pay the seller
for the work done.
buyer
can input arbiterFee
= 0: with arbiterFee set to 0, the arbiter
would have no incentive to spend time and resources on the dispute to resolve it and it would break the dispute system since only the arbiter is able to call resolveDispute()
once initiateDispute()
has been called.
buyer
can input his address as seller
: if the user mistakenly inputs his address as the seller
address at Escrow
contract creation, it would still create the contract, but would be bad for the user experience as the user would lose the transaction gas for a now useless Escrow
contract.
Manual review
Add the 3 checks in the Escrow.sol
constructor
and the related errors
in IEscrow.sol
:
Escrow.constructor
:
if (buyer == arbiter) revert Escrow__BuyerArbiterSameAddress();
if (arbiterFee == 0) revert Escrow__ArbiterFeeZero();
if (buyer == seller) revert Escrow__BuyerSellerSameAddress();
IEscrow.sol
:
error Escrow__BuyerArbiterSameAddress();
error Escrow__ArbiterFeeZero();
error Escrow__BuyerSellerSameAddress();
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.