CodeHawks Escrow Contract - Competition Details

Cyfrin

Foundry

40,000 USDC

Submission Details

Severity: gas

[I] Wrong incentive design favors the buyer

Wrong incentive design favors the buyer

The buyer is responsible for setting a correct arbiterFee, however not setting that correctly punishes the seller.

Assume this scenario:

Arbiter fee for CodeHawks is 1000 USDC
buyer sets an escrow with arbiterFee = 1 USDC
seller completes the audit and shares it
buyer does not release the funds
since the arbiterFee is not set correctly, CodeHawks is not incentivized to resolve the dispute.
seller, although did not do anything wrong, may lose the funds
resolving the conflict may cause the arbiter to actually lose funds on GAS

Incentive Design

Manual Review

There can be a mechanism for the arbiter to accept the contract. Before the arbiter accepts, parties should not start working on the audit.
Or, there should be warnings in the UI that shows escrows with wrong arbiterFee

Total prize

40,000 USDC

nSLOC

186

215 USDC / LOC

High Medium

37,000 USDC

Low

3,000 USDC

The contest is live. Earn rewards by submitting a finding.

Submissions are being carefully reviewed by our judges.

This is your time to appeal against judgements on your submissions.

Appeals are being carefully reviewed by our judges.

The contest is complete and the rewards are being distributed.

Support

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.