Escrow - Excessive arbiter Fee
Summary
contract currently checks that the arbiter's fee does not exceed the price of the transaction but does not consider if the fee is excessively high relative to the price. To address this, a maximum arbiter fee can be implemented as a percentage of the price.
Vulnerability Details
lack of a maximum limit on the arbiter fee relative to the transaction price. This means that an arbiter could potentially charge an unfairly high fee, causing inconvenience and potential financial loss for the parties involved.
Impact
Unfair financial burden: Excessive arbiter fees could place an unfair financial burden on the buyer or seller, affecting the overall fairness of the transaction.
Potential abuse: Without a maximum fee limit, an arbiter could exploit the situation by charging unreasonably high fees, potentially causing financial harm to the parties involved.
Loss of trust: Excessive fees can erode trust between the parties and the escrow system, leading to a negative reputation for the platform or service.
Tools Used
Manual Analysis
Recommendations
Implement a maximum arbiter fee as a percentage of the transaction price. This will prevent excessively high fees and promote fairness in the escrow process.
During contract deployment, perform a check to ensure that the arbiter fee does not exceed the maximum allowed percentage. If it does, revert the transaction with an appropriate error message.
Consider involving the parties in determining the arbiter fee or setting a fee range that is agreeable to all parties. This can help foster transparency and trust in the escrow process.
Regularly review and update the contract code to address any potential vulnerabilities and ensure the security and fairness of the escrow system.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.