Arbiter Fee Calculation Error Leading to Transaction Revert or Less Fee
Summary
In the scenario the Seller did not meet his end of the deal and the Buyer calls for a dispute, the honest arbiter then calls the function resolveDispute() giving all the reason and 100% of the contract's balance to the Buyer passing i_tokenContract.balanceOf(address(escrow)) as the parameter but doing exactly this the transaction will fail because the function is not discounting for the arbiter's fee so it will revert with
Escrow__TotalFeeExceedsBalance(tokenBalance, totalFee). Even if some things are fixed it will still revert here:
Since there will be no tokens to send at the second condition assuming the arbiter used this as param: i_tokenContract.balanceOf(address(escrow)).
Vulnerability Details
The resolveDispute() is not discounting the arbiters fee from the buyerAward. There is a type of discounting but the arbiter has to do the math of his fee himself, so by implementing the solution of delegating the math to the function will solve this issue.
Impact
It will revert with Escrow__TotalFeeExceedsBalance because the function does not discount the fee from the total value. The current logic the arbiter has to figure it out his own fees and get less.
Tools Used
Manual / Foundry
Recommendations
Discount the fair fee of the arbiter inside the function so the arbiter can place all the Buyers rewards and dont worry about getting less than the total i_arbiterFee
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.