PatrickAlphaC
commented
10 months ago no impact == not a finding. You could submit this as an info/gas finding, but this is expected functionality.
Closed codehawks-bot closed 10 months ago
PatrickAlphaC
commented
10 months ago no impact == not a finding. You could submit this as an info/gas finding, but this is expected functionality.
Lack of Input Validation - Buyer Award
Severity
Low Risk
Summary
Lack of Input Validation - Buyer Award, it is worth being Explicit
Vulnerability Details
In the Escrow.resolveDispute() function, there is a lack of validation for whether buyerAward is zero. This might not necessarily be a problem, as it's possible that the arbiter decides to award nothing to the buyer.
Impact
None Technically
Tools Used
Manual Review
Recommendations
Consider validating whether buyerAward is zero in the resolveDispute() function.