The address of zkSync USDC token is wrong, leading to the deployment of the airdrop contract with an invalid token to distribute to the users. Thus, transfer will fail and no user will be able to get their airdrop.
The address provided for the variable s_zkSyncUSDC
is not a valid token.
Evidence: https://explorer.zksync.io/address/0x1D17CbCf0D6d143135be902365d2e5E2a16538d4
The airdrop contract won't be able to distribute any token as it will try to send an invalid token. The protocol looses all its purpose.
Also, the owner will found the contract with USDC and there will be no way to get them out of the contract, resulting in fund losses for the protocol.
Manual review
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.