Rich Chili Grasshopper - Expired Listings Permanently Lock Withdrawals

[sherlock-admin3]

Rich Chili Grasshopper

Medium

Expired Listings Permanently Lock Withdrawals

Summary

Sellers cannot withdraw assets tied to expired listings unless manually delisted.

Root Cause

https://github.com/sherlock-audit/2025-03-pinlink-rwa-tokenized-depin-marketplace/blob/main/marketplace-contracts/src/marketplaces/pinlinkShop.sol#L352

https://github.com/sherlock-audit/2025-03-pinlink-rwa-tokenized-depin-marketplace/blob/main/marketplace-contracts/src/marketplaces/pinlinkShop.sol#L547-L555

_nonListedBalance does not exclude expired listings.

Internal Pre-conditions

Listing exists with deadline < block.timestamp.

External Pre-conditions

Seller attempts to withdraw.

Attack Path

-Seller lists tokens with a 1-day deadline.

• Deadline passes; listing becomes invalid.
• Seller calls withdrawAsset() → reverts due to NotEnoughUnlistedTokens. or less amount is withdrable if withdrawal is not complete withdrawal

Impact

Assets locked until manual intervention (temporary DOS)

PoC

No response

Mitigation

In _nonListedBalance, subtract expired listings from listedBalance.