First Flight #14: AirDropper

First Flight #14

Beginner FriendlyDeFiFoundry

100 EXP

View results

Previous Next

Submission Details

Severity: high

Valid

In `MerkleAirdrop::claim()` no record kept of whether the user has already claimed their airdrop, which allows the user to claim multiple times until emptying the contract.

thaddeus19

[H-1] In `MerkleAirdrop::claim()` no record kept of whether the user has already claimed their airdrop, which allows the user to claim multiple times until emptying the contract.

Description: A user could preempt others by either paying more gas or through MEV and interacting with the contract N number of times until emptying it, before other users can make the claim.

Impact: Can steal money from other users.

Proof of Concept:

User claim first time your airdrop
The user can call the MerkleAirdrop::claim() function again
Repeat step 2 N times

Code

This test was added in MerkleAirdrop.t.test

function testUseNTimesTheProof() public {

vm.deal(collectorOne, (airdrop.getFee()*4));

vm.startPrank(collectorOne);

airdrop.claim{ value: airdrop.getFee() }(collectorOne, amountToCollect, proof);

assertEq(token.balanceOf(collectorOne), amountToSend);

}

Recommended Mitigation: To prevent this scenario, you should keep track of the proofs already consumed. You could do this with a mapping address => bool that stores the state of the user address and is validated in the claim() function.

+ error User_Already_Claimed_Airdrop();

+ mapping(address => bool) private claimState;

function claim(address account, uint256 amount, bytes32[] calldata merkleProof) external payable {

if (msg.value != FEE) {

revert MerkleAirdrop__InvalidFeeAmount();

}

+ if(proofState[account]){

+ revert User_Already_Claimed_Airdrop();

+ }

Updates

Lead Judging Commences

inallhonesty Lead Judge over 1 year ago

Submission Judgement Published

Validated

Assigned finding tags:

multi-claim-airdrop

Rewards breakdown

nSLOC

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.