Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Bug Bounty: 10 ETH] Multiple Arbitrable Transaction #214

clesaege opened this issue Feb 6, 2019 · 0 comments


None yet
1 participant
Copy link

commented Feb 6, 2019

Multiple Arbitrable Transactions Bounties

This is a bug bounty on the Multiple Arbitrable Transaction contract is posted on solidified.
You can report bugs on solidified or by sending a mail to Bugs are rewarded up to 10 ETH according to the classification indicated on solidified.

Multiple Arbitrable Transactions

  • Sender (labelled as buyer in the contract) makes an arbitrable transaction to a receiver (labelled as seller in the contract). It can be automatically executed after _timeoutPayment.
  • The sender can have the contract pay (in part of totally) the amount using pay.
  • The receiver can have the contract reimburse (in part or totally) the sender by using reimburse.
  • Both parties can pay arbitration fees, giving some time to the other to pay the fees too to create a dispute. If one party fails to pay the fees, this party forfeits the amount.
  • Note that in case the arbitrator changes the fees after one party paid it, the burden of fee payment can make multiple back and forth. In practice, fees should not change that often and it should be an edge case. Extra fees due to over-payment or fee change are reimbursed.
  • The arbitrator which is ERC792 can rule dispute in favor of either party. The winning party gets the amount in the contract and is reimbursed the fees.
  • If the arbitrator "rules 0", the amount in the contract (initial value and remaining fees) is split within the parties (weis being trapped due to rounding are OK).


Smart Contract guidelines

We use these guidelines to write smart contracts. In particular, we do not try to prevent stupid behaviors at the contract level but leave this task to the UI. Letting the possibility for a user to harm itself is not a vulnerability (but should of course be dealt at the UI level).

Violation of guidelines are not vulnerabilities but can be reported as "suggestion for tips".

Bounty rules

  • If you have any questions, don't hesitate to ask on the channel or by sending a mail to .
  • All this code is provided under MIT license and can be reused by other projects. If you don't hesitate to inform us and we may list your deployed contracts in the @deployed of the RAB pragma.
  • Good luck hunting and have fun!

@clesaege clesaege added the Bounty 💰 label Feb 6, 2019

@clesaege clesaege self-assigned this Feb 6, 2019

@clesaege clesaege changed the title [Bug Bounty: 10 ETH] Multiple Arbitrable Transactions [Bug Bounty: 10 ETH] Multiple Arbitrable Transaction Feb 6, 2019

@n1c01a5 n1c01a5 pinned this issue Feb 18, 2019

@clesaege clesaege closed this Mar 14, 2019

@n1c01a5 n1c01a5 unpinned this issue Mar 22, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.