Permanent locking of funds in Escrows
Summary
Even if the option for disabling the arbitration mechanism was a design choice, without that mechanism enabled, the funds locked in an Escrow contract are at risk of permanently locking away (please refer to the Impact section for further explanation).
Vulnerability Details
The Escrow contract was designed to have the arbitration mechanism optional. That means a buyer can create an Escrow contract by passing an arbiter address as address(0) to opt out of the arbitration option. In other words, neither a buyer nor a seller can raise a dispute by executing the initiateDispute() since the transaction will be reverted in line 103.
https://github.com/Cyfrin/2023-07-escrow/blob/65a60eb0773803fa0be4ba72defaec7d8567bccc/src/Escrow.sol#L103
Impact
Even if the option for disabling the arbitration mechanism was a design choice, without that mechanism enabled, the funds locked in an Escrow contract are at risk of permanently locking away.
Consider the following scenarios.
If a rogue seller refuses to deliver a service, the buyer's funds will be locked in the contract forever. The buyer will have no way to retrieve their funds.
If a rogue buyer receives a service but refuses to execute the
confirmReceipt(), the locked funds will never be transferred to a seller. The seller will have no way of disputing, moreover.
Tools Used
Manual Review
Recommendations
I recommend explicitly applying the arbitration mechanism for every Escrow contract.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.