Summary
release_escrow and release_partial both use accumulating assignment:
escrow.released_amount += locked; // accumulates
But refund_escrow uses direct assignment:
escrow.refunded_amount = refund; // ❌ overwrites, not accumulates
While the current code flow makes double-calling refund_escrow impossible (state becomes Refunded and locked_amount = 0), this inconsistency breaks the invariant that amount = released_amount + refunded_amount + locked_amount if future code ever allows incremental refunding (e.g., partial refund after partial release).
Location
contracts/escrow-vault/src/lib.rs, refund_escrow
escrow.refunded_amount = refund; // ❌ should be +=
Fix
escrow.refunded_amount += refund;
Summary
release_escrowandrelease_partialboth use accumulating assignment:But
refund_escrowuses direct assignment:While the current code flow makes double-calling
refund_escrowimpossible (state becomesRefundedandlocked_amount = 0), this inconsistency breaks the invariant thatamount = released_amount + refunded_amount + locked_amountif future code ever allows incremental refunding (e.g., partial refund after partial release).Location
contracts/escrow-vault/src/lib.rs,refund_escrowFix