Security is core to AfriLance. Contracts include non-reentrancy guards to prevent attack vectors, role-based access controls (e.g., only client can approve, freelancer submit), funds are held in the contract until release, with no admin access; pure decentralization. On-chain verification ensures transparency, and decentralized oracle disputes settlement to reduce malicious claims. The platform undergoes regular audits, and Base/BNB Chain's robust network adds layer-1 security. Users are protected from scams through verified profiles and escrow-only payments.
| Category | Feature Name | Description | Type |
|---|---|---|---|
| Functions | deposit | Allows depositing the agreed stablecoin amount into the escrow | Non-payable |
| Functions | payFee | Pays the required BNB fee to start the job (payable) | Payable |
| Functions | start | Marks the job as started, setting the deadline | Non-payable |
| Functions | submit | Freelancer submits proof of work (proofHash as string) | Non-payable |
| Functions | requestRevision | Client requests revision (messageHash as string) | Non-payable |
| Functions | approve | Client approves the work, releasing funds to freelancer | Non-payable |
| Functions | dispute | Raises a dispute for oracle resolution | Non-payable |
| Functions | resolve | Oracle resolves dispute, specifying winner | Non-payable |
| View Functions | client | Returns the client's address | View |
| View Functions | freelancer | Returns the freelancer's address | View |
| View Functions | oracle | Returns the oracle's address | View |
| View Functions | settlementToken | Returns the stablecoin token address (USDT/USDC) | View |
| View Functions | state | Returns the current escrow state (uint8) | View |
| Events | Deposited | Emitted when funds are deposited (depositor indexed, amount) | Event |
| Events | Started | Emitted when job starts (deadline) | Event |
| Events | Submitted | Emitted on work submission (proofHash) | Event |
| Events | Revised | Emitted on revision request (messageHash) | Event |
| Events | Approved | Emitted on approval (freelancer indexed, deposit, bonus) | Event |
| Events | Disputed | Emitted on dispute (by indexed) | Event |
| Events | Resolved | Emitted on resolution (winner indexed, amount) | Event |
| Category | Feature | Description | Implementation |
|---|---|---|---|
| Access Control | Role-Based Restrictions | Only client can approve, request revision, or dispute in certain states; only freelancer can submit; only oracle can resolve disputes. | require(msg.sender == client/freelancer/oracle) |
| Reentrancy Protection | Non-Reentrant Modifier | Prevents reentrancy attacks during fund releases or state changes. | nonReentrant modifier from OpenZeppelin ReentrancyGuard |
| State Management | State Transition Checks | Functions only executable in specific states (e.g., deposit only in Funding, submit only in Started). | require(state == specificState) |
| Funds Safety | Safe Token Transfer | Uses safeTransfer/safeTransferFrom for ERC20 tokens to handle non-standard tokens. | OpenZeppelin SafeERC20 |
| Timelocks/Deadlines | Deadline Enforcement | Job must start within deadline; potential auto-refund or dispute if expired. | Timestamp checks in state transitions |
| Input Validation | Address and Amount Checks | Zero address checks, positive amount requirements during creation. | require(address != address(0) && amount > 0) |
| Event Emission | Transparent Events | All critical actions emit events for off-chain monitoring. | emit Event(...) for every state change |
| Upgradeability/Immutability | Immutable Contract | No owner or upgrade functions — pure logic, no backdoors. | No Ownable or UUPS patterns |
| Gas Optimization/Safety | Checked Math | Uses SafeMath or Solidity 0.8+ checked arithmetic to prevent overflows. | Solidity >=0.8.0 built-in checks |
These features enable secure, role-based escrow management with on-chain transparency and bot-triggered notifications for each event. The contract is designed with safeguards like role restrictions and state transitions to prevent unauthorized actions.