Critical-risk tools in Base Escrow
3 of the 8 tools in Base Escrow are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
create_escrowFinancialCreate a new P2P escrow deal on Base. For ETH deals, the ETH is locked in the contract. For ERC-20 deals, tokens are transferred from your wallet (approval handled automatically...
-
refund_escrowFinancialRefund escrowed funds back to the buyer. Only the buyer can call this. Use when the seller fails to deliver. Requires DEPLOYER_PRIVATE_KEY env var.
-
release_escrowFinancialRelease escrowed funds to the seller. Only the buyer can call this. Marks the deal as complete. Requires DEPLOYER_PRIVATE_KEY env var.
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.