AirDropper
AI First Flight #5
Beginner FriendlyDeFiFoundry
EXP
View results
Previous Next
Submission Details
Impact: low
Likelihood: low
Invalid

Low claim fee (`1 gwei`) makes large-scale replay and pool drainage economically trivial

cybernerd

Description

  • Each claim requires msg.value == FEE where FEE = 1e9 wei (1 gwei). This is enforced correctly.

  • Because claims are replayable (see first finding), the cost to drain N USDC scales with the number of transactions, not the value secured. An attacker spends negligible ETH per extra payout.

uint256 private constant FEE = 1e9;
// ...
if (msg.value != FEE) {
revert MerkleAirdrop__InvalidFeeAmount();
}

Risk

Likelihood:

  • The replay vulnerability exists on the deployed contract (no hasClaimed mapping).

  • The mempool is public on zkSync Era L2.

Impact:

  • Attackers extract the full USDC pool for sub-cent ETH cost at typical gas prices.

  • Honest users cannot claim after drainage; protocol reputation and user funds are lost.

Proof of Concept

Same as Missing claim tracking PoC: two claims cost 2 * 1 gwei and move 50e6 mock USDC. Scaling to full pool: ~4 gwei ETH to extract 100e6 USDC in the contest configuration.

Recommended Mitigation

- uint256 private constant FEE = 1e9;
+ uint256 private constant FEE = 0.001 ether; // or dynamic fee tied to claim cost

Primary fix remains one-time claim tracking; fee increases only raise the bar for spam, not replay.

Updates

Lead Judging Commences

ai-first-flight-judge Lead Judge about 2 hours ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!