Soroban & EVM HTLC Contracts Lack Emergency Pause, Exposing User Funds to Post-Deployment Vulnerabilities

A critical security gap has been identified in the design of both Soroban and EVM-based Hashed Timelock Contracts (HTLCs). The current implementation lacks any emergency pause mechanism, leaving user funds at immediate risk if a vulnerability is discovered after deployment. Without this capability, there is no way to halt new `lock()` transactions, creating a dangerous window where attackers could exploit a flaw while users scramble to manually claim refunds.

The issue, flagged with HIGH severity, centers on the absence of an admin-controlled kill switch. For the Soroban contract, the proposed fix involves adding a new `Paused` key to the `DataKey` enum and creating `pause()` and `unpause()` functions restricted to a stored admin address. A guard would then be added to the `lock()` function to panic if the contract is paused. Crucially, the `withdraw()` and `refund()` functions must remain operational to ensure users can always recover their assets. For the EVM version, the solution is to integrate the OpenZeppelin `Pausable` library to achieve the same controlled halt on new locks.

This architectural oversight represents a significant operational risk for any service or platform deploying these HTLCs. The inability to respond swiftly to a live exploit could lead to preventable fund losses. The fix is not a feature enhancement but a foundational security requirement, emphasizing that smart contract design must prioritize incident response capabilities from the outset. The pressure is now on development teams to implement this pause mechanism before deployment to mitigate a clear and present danger to user capital.