Submission Details
Severity:
Claimed verification
Summary
Vulnerability Details
The contract dont have if adrress already claimed the airdrop.
Impact
Duplicated claims
Tools Used
Recommendations
commite related -> https://github.com/papalardo/2024-04-airdropper/commit/bf587be8fdc458304e09f2e4f5e7523a76b42112
add already claimed error
error MerkleAirdrop__AlreadyClaimed();
add map to save address that has claimed airdrop.
mapping(address => bool) public hasClaimed;
add verification and saving address that claimed
function claim(address account, uint256 amount, bytes32[] calldata merkleProof) external payable {
if (msg.value != FEE) {
revert MerkleAirdrop__InvalidFeeAmount();
}
if (hasClaimed[to]) {
revert MerkleAirdrop__AlreadyClaimed();
}
bytes32 leaf = keccak256(bytes.concat(keccak256(abi.encode(account, amount))));
if (!MerkleProof.verify(merkleProof, i_merkleRoot, leaf)) {
revert MerkleAirdrop__InvalidProof();
}
hasClaimed[to] = true;
emit Claimed(account, amount);
i_airdropToken.safeTransfer(account, amount);
}
Sorry, Im noob around bug bounty documentation.
Updates
Lead Judging Commences
inallhonesty
over 1 year ago
inallhonesty over 1 year ago
Submission Judgement Published Assigned finding tags:
multi-claim-airdrop
Rewards breakdown
nSLOC
62This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.