At deployment, all the tokens needed for the airdrop are transfered to the contract. If an address never claims its airdrop, the tokens will stay forever in the contract. As the airdrop list was built using L1 activity, it is likely that at least some of the eligible users won't have any interest in the zkSync blockchain or won't know of the airdrop.
Airdroped token are transfer to the contract during deployment.
If they are not claimed, there is no way to get them back.
Tokens will get stuck in the contract, leading to fund losses for the protocol.
Manual review
Set a claim deadline and implement a function allowing the owner to withdraw any leftover token after the deadline.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.