The deployment script funds TreasureHunt with ETH so rewards can be paid out to valid ZK proof claimants.
The script blindly trusts an environment variable for funding and performs no sanity checks relative to REWARD * MAX_TREASURES, allowing underfunded or misfunded deployments that permanently break reward distribution.
Likelihood:
Occurs whenever deployment is done with a misconfigured .env file or reused deployment scripts across networks
Occurs during rushed contest / hackathon / production deployments
Impact:
Rewards become unclaimable for later users
ETH becomes permanently stuck with no withdrawal mechanism
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.
The contest is complete and the rewards are being distributed.