Summary

The current logic allows the arbiter to be optional and is unchangeable. This can lead to permanently locked funds, if the parties have a dispute with each other.

Vulnerability Details

If no arbiter (or a non-responsive arbiter) is set and anything goes wrong during the audit (for example a non-responsive seller, loss of private key, or any other dispute between the parties), the funds will be permanently inaccessible. Without an arbiter, there is no way implemented that the funds can be sent back to the buyer.

Impact

All funds are permanently locked in the contract.

Tools Used

Manual Review, Foundry, VSCode

Recommendations

Make the arbiter a required parameter, and / or implement a function that allows the seller to send the funds back to the buyer. This would prevent / reduce funds getting lost in case the buyer has any dispute with the seller.
Optional security improvement: Implement functionality that both parties can agree on, switching the arbiter to a new address.