CodeHawks Escrow Contract - Competition Details

Cyfrin

Foundry

40,000 USDC

Submission Details

Severity: low

Lack Timelock sensitive operations

No timelocks for critical actions

Buyer may call confirmReceipt() and realize later on they actually wanted to dispute but its too late
Buyer or Seller may call initiateDispute() and realize they made a mistake or actually they have changed their mind but its too late. Additionally Timelock can emit events preparing the parties that something has been triggered e.g buyer or seller or arbiter on noticing Timelock dispute initiated can know that they have to be available within x period to deal with dispute

Timelocks prepare the parties for action that has been taken e.g dispute initiated
Timelocks allow for actions to be reversible

Manual Analysis

It is recommended to have Timelocks that ensure that critical actions are only implemented after some time has passed

Total prize

40,000 USDC

nSLOC

186

215 USDC / LOC

High Medium

37,000 USDC

Low

3,000 USDC

The contest is live. Earn rewards by submitting a finding.

Submissions are being carefully reviewed by our judges.

This is your time to appeal against judgements on your submissions.

Appeals are being carefully reviewed by our judges.

The contest is complete and the rewards are being distributed.

Support

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.