Submission Details
Severity:
QA/Recommendation
Summary
Escrow contract appears to be incomplete, lacking some functionality.
Additional function added to allow buyer to withdraw tokens when seller declines service.
Vulnerability Details
When escrow is working as intended, buyer is not able retrieve tokens if seller decides to decline service.
Impact
Buyer can potential lose all tokens. Only way around is to call initiateDispute() and have arbiter call resolveDispute() to get partial of price back.
Tools Used
foundry
Recommendations
Following lines of code were added:
Escrow.sol
+ modifier onlySeller() {
+ if (msg.sender != i_seller) {
+ revert Escrow__OnlyBuyer();
+ }
+ _;
+ }
...
//If escrow is working as intended, seller can choose to decline transaction, and buyer will receive all funds back
//However, if malicious escrow deployed by buyer, seller can choose to NOT decline and leave as is.
//Approves buyer to call transferFrom
//This function can only be called once
+function sellerDecline()external onlySeller inState(State.Created){
+ s_state = State.Declined;
+ uint256 balance = i_tokenContract.balanceOf(address(this));
+ i_tokenContract.safeApprove(i_buyer, balance);
+
+ emit TransactionDeclined(block.timestamp);
+ }
IEscrow.sol
+ event TransactionDeclined(uint256 indexed declinedAt);
...
enum State {
Created,
Confirmed,
Disputed,
Resolved,
+ Declined
}
...
+//@natspec
+function sellerDecline() external;
Prize pool breakdown
Total prize
40,000 USDC
nSLOC
186215 USDC / LOC
37,000 USDC
3,000 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.