Snowman Merkle Airdrop
First Flight #42
Beginner FriendlyFoundrySolidityNFT
100 EXP
View results
Previous Next
Submission Details
Impact: high
Likelihood: medium
Invalid

No flexible staking amount

hyperion

Root + Impact

Description

  • Users should be able to choose how many tokens they want to stake

  • The current claimSnowman implementation uses the entire balance of their snow tokens. Moreover, if their balance doesn't match exactly how many they should claim in the merkle proof, the tx will revert.

function claimSnowman(address receiver, bytes32[] calldata merkleProof, uint8 v, bytes32 r, bytes32 s) {
...
uint256 amount = i_snow.balanceOf(receiver); //this amount should be a parameter of the funciton instead
bytes32 leaf = keccak256(bytes.concat(keccak256(abi.encode(receiver, amount))));
if (!MerkleProof.verify(merkleProof, i_merkleRoot, leaf)) {
revert SA__InvalidProof();
}
}

Risk

Likelihood:

  • For users in the protocol, it is likely that they don't have exactly the specific amount of tokens as in their merkle proof

Impact:

  • DoS if amount is even slightly off

Proof of Concept

  1. Alice buys 100 snow tokens but airdrop merkle tree only assigns her 50 snow tokens

  2. Alice is unable to stake her tokens as she has excess tokens, causing in a revert in every claimSnowman tx

Recommended Mitigation

Add a parameter in the claimSnowman function allowing users to specifiy amount of tokens they will stake.

Updates

Lead Judging Commences

yeahchibyke Lead Judge 5 months ago
Submission Judgement Published
Invalidated
Reason: Design choice

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.