a malicious actor could effectively receive a free audit using this method
Summary
The user can create their own token, let's say it has a stable value of 1 to 1 with the dollar, and then conduct an audit for the price of 100,000 tokens = 100,000 dollars. Since the token is created by the user, they can have a function to extract all the liquidity, and once the audit is completed, clean the liquidity from that token, effectively getting a free audit for Project X. It is advisable to use only certain reliable tokens like ETH or BTC to avoid two issues at once.
Using a custom token to pay for an audit and then extracting liquidity is definitely a feasible attack vector.
Here are some ways the EscrowFactory contract could mitigate this risk:
Maintaining a whitelist of permitted tokens (e.g., widely used stablecoins) for payments.
Requiring "proof of liquidity" before accepting a token. For example, verifying that the token can be exchanged for ETH on Uniswap.
Locking the audit funds for an extended period to prevent immediate massive liquidity withdrawals.
Implementing penalties for attempting to extract liquidity too quickly after an audit.
Allowing payments only in highly liquid tokens like ETH directly.
Indeed, it is an interesting attack vector. Without proper safeguards, a malicious actor could effectively receive a free audit using this method.
Vulnerability Details
Impact
Tools Used
Recommendations
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.