We do not verify that _expiryTimestamps array is the same length as the other arrays.
In the addDistributions function of the Airdrop contract, we check that the length of the tokens array is equal to the lengths of the merkleRoots and _totalAmounts arrays. However, we do not check if _expiryTimestamps array is of the same length as the other parameters.
The contract owner could add an _expiryTimestamps array that is not of equal length to the other parameters, potentially resulting in distributions with an 'expiryTimestamp' of zero.
Manual review
Ensure that the _expiryTimestamps array length matches the length of the _tokens array.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.