CodeHawks Escrow Contract - Competition Details

Cyfrin

Foundry

40,000 USDC

Submission Details

Severity: low

Valid

missed check for the arbiter address

the protocol should make sure that the arbiter is not the buyer or the seller as this may lead to loss of funds of the seller or the buyer

if the buyer set himself as the arbiter it will lead to the seller not receiving his money

manual review

add the check :

if (i_arbiter == i_buyer || i_arbiter == i_seller ) {revert();}

Total prize

40,000 USDC

nSLOC

186

215 USDC / LOC

High Medium

37,000 USDC

Low

3,000 USDC

The contest is live. Earn rewards by submitting a finding.

Submissions are being carefully reviewed by our judges.

This is your time to appeal against judgements on your submissions.

Appeals are being carefully reviewed by our judges.

The contest is complete and the rewards are being distributed.

Support

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.