Add Verification for correct transfer of Satoshi in Ordinal Marketplace #170
Labels
bug
Something isn't working
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Problem:
In the
Ord_Marketplace.sol->proofOrdinalSellOrder()method, there is a lack of verification for the correct transfer of the satoshi to the buyer's address. While the contract checks that the transaction is spending the specified UTXO and has an output to the buyer's address, it does not verify which specific satoshi is being transferred. This loophole allows potential cheating in the demo version.Solution:
Implement additional verification steps within the
proofOrdinalSellOrder()method to ensure the correct transfer of the specific satoshi to the buyer's address. This includes validating the exact satoshi being transferred and verifying it against the provided UTXO and offset information. By enhancing this method with precise verification checks, the contract can prevent potential cheating and ensure the secure transfer of satoshis in the marketplace.Originally posted by @sander2 in #114 (comment)
The text was updated successfully, but these errors were encountered: