AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Is openbazaar dead4/6/2023 ![]() ![]() These calls will reset the lastModified field of the transaction, thus preventing it from ever reaching the time lock. This last function verifies that the time elapsed since the last modification of the transaction, tracked by the lastModified field in the Transaction struct, is greater than the transaction’s time lock.Ī malicious buyer trying to prevent a transaction from being executed can periodically update it by adding tiny amounts of Ether or tokens to its value through the addFundsToTransaction or addTokensToTransaction functions respectively. In order to do this, the seller calls the execute function, which itself calls verifyTransaction, which finally calls isTimeLockExpired. Among its fields, timeoutHours is used to set a timeout after which a seller can execute the transaction without the need for the buyer’s or the moderator’s signatures. Transactions in the Escrow_v1_0 contract are described by the Transaction struct. High Severity Buyers can lock funds indefinitely Here is our assessment and recommendations, in order of importance. Additional information including the contract’s specification can be found here. The audited file is Escrow_v1_0.sol, at commit c4f02cdd41cb85d28bba637a01f20a8ee8bb04b. ![]() We are now, upon their request, making the audit report public. We audited the code, and shared the report privately with the OpenBazaar team. The OpenBazaar team asked us in October 2018 to review and audit their Escrow contract, one of several in their framework. ![]()
0 Comments
Read More
Leave a Reply. |