CodeHawks Escrow Contract - Competition Details

Cyfrin

Foundry

40,000 USDC

Submission Details

Severity: medium

Valid

No methods to stop and replace arbiter if keys are leaked

If arbiter private keys are leaked, seller or buyer can profit from that. Currently, there is no way to replace arbiter for a new one.

Imagine that arbiters private keys are leaked and anyone can get to them. This poses a problem where seller could get money without providing report.

There should be methods to stop arbiter from resolving dispute and nominating a new one.

When arbiter keys are leaked, seller can get tokens without providing the report.

Manual review

Implement a functionality to stop arbiter from resolving a dispute and to nominate a new one.

Total prize

40,000 USDC

nSLOC

186

215 USDC / LOC

High Medium

37,000 USDC

Low

3,000 USDC

The contest is live. Earn rewards by submitting a finding.

Submissions are being carefully reviewed by our judges.

This is your time to appeal against judgements on your submissions.

Appeals are being carefully reviewed by our judges.

The contest is complete and the rewards are being distributed.

Support

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.