I believe I have found a serious vulnerability in the way that hash locked cross-chain atomic swap smart contracts are being written right now (!). The vulnerability allows the initiating party (holding hash secret) to scam the counterparty and steal funds, in certain pairs of cryptocurrencies (e.g., BTC-ETH) but not in others (e.g., BTC-LTC).
https://gist.github.com/markblundeberg/7a932c98179de2190049f5823907c016Luckily, it has an easy fix.
Please criticize!