CodeHawks Escrow Contract - Competition Details

Cyfrin

Foundry

40,000 USDC

View results

Previous Next

Submission Details

Severity: high

Escrow.sol Contract Is Vulnerable to Permit() Function in DAI Contract

BLACK PANDA REACH

Summary

If DAI is deposited into the contract, the buyer can use the permit() function on the DAI contract to withdraw the DAI without the approval of the Escrow contract. This could be exploited by malicious actors to steal funds from the Escrow contract.

Vulnerability Details

Some tokens (DAI, RAI, GLM, STAKE, CHAI, HAKKA, USDFL, HNY) have a permit() implementation that does not follow EIP2612. Tokens that do not support permit may not revert, which could lead to the execution of later lines of code in unexpected scenarios.

Impact

The permit() issue in the Escrow.sol contract could allow buyer to steal funds from the contract. Additionally, the issue could damage the reputation of the Escrow contract and make it less likely that sellers and buyers will use it in the future.

Tools Used

Manual Review

Recommendations

The Escrow.sol contract should not accept DAI deposits. If the contract must accept DAI deposits, then the contract should be updated to have a permit() function. Additionally, the contract could be updated to only accept tokens that do not have a permit() function.

Prize pool breakdown

Total prize

40,000 USDC

nSLOC

186

215 USDC / LOC

High Medium

37,000 USDC

Low

3,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.