AirDropper
AI First Flight #5
Beginner FriendlyDeFiFoundry
EXP
View results
Previous Next
Submission Details
Severity: high
Valid

Missing claim tracking allows unlimited airdrop claims leading to full token drain

web3saiful

Description

  • Normal Behavior

    The claim() function is intended to allow each eligible user to claim their allocated tokens only once after providing a valid Merkle proof and paying the required fee.

  • Issue

    The contract does not track whether a user has already claimed, allowing the same address to reuse a valid proof and claim tokens repeatedly.

// Root cause in the codebase with @> marks to highlight the relevant section

Risk

Likelihood:

  • Reason 1 All users with a valid Merkle proof can repeatedly call claim()

  • Reason 2 No restrictions or state tracking prevent repeated usage

Impact:

  • Any eligible user can claim tokens multiple times

  • Entire airdrop pool can be drained by a single user

Proof of Concept

function test_DoubleClaimExploit() public {
address user = address(0x123);
vm.deal(user, 1 ether);
bytes32[] memory proof = getValidProof(user);
vm.startPrank(user);
// First claim
airdrop.claim{value: 1e9}(user, 25, proof);
uint256 balanceAfterFirst = token.balanceOf(user);
// Second claim using same proof
airdrop.claim{value: 1e9}(user, 25, proof);
uint256 balanceAfterSecond = token.balanceOf(user);
// ❌ User received tokens twice
assert(balanceAfterSecond == balanceAfterFirst + 25);
vm.stopPrank();
}

  • The attacker uses a valid Merkle proof for (user, amount)

  • The contract verifies the proof successfully each time

  • Since there is no state tracking, the same proof can be reused

  • Each call transfers tokens again to the same address

This allows:

25 → 50 → 75 → 100 → ... → drain all tokens

Recommended Mitigation

  • A mapping(address => bool) is introduced to track claim status

  • Before processing a claim, the contract checks if the user has already claimed

  • If yes → transaction reverts, preventing reuse of the same proof

  • The state is updated before token transfer to ensure safety and consistency

This guarantees:

  • Each address can claim only once

  • The airdrop distribution remains fair and secure

+ mapping(address => bool) private claimed;
function claim(address account, uint256 amount, bytes32[] calldata merkleProof) external payable {
if (msg.value != FEE) {
revert MerkleAirdrop__InvalidFeeAmount();
}
+ if (claimed[account]) {
+ revert MerkleAirdrop__InvalidProof();
+ }
bytes32 leaf = keccak256(abi.encodePacked(account, amount));
if (!MerkleProof.verify(merkleProof, i_merkleRoot, leaf)) {
revert MerkleAirdrop__InvalidProof();
}
+ claimed[account] = true;
i_airdropToken.safeTransfer(account, amount);
}
Updates

Lead Judging Commences

ai-first-flight-judge Lead Judge about 3 hours ago
Submission Judgement Published
Validated
Assigned finding tags:

[H-02] Eligible users can claim their airdrop amounts over and over again, draining the contract

## Description A user eligible for the airdrop can verify themselves as being part of the merkle tree and claim their airdrop amount. However, there is no mechanism enabled to track the users who have already claimed their airdrop, and the merkle tree is still composed of the same user. This allows users to drain the `MerkleAirdrop` contract by calling the `MerkleAirdrop::claim()` function over and over again. ## Impact **Severity: High**<br/>**Likelihood: High** A malicious user can call the `MerkleAirdrop::claim()` function over and over again until the contract is drained of all its funds. This also means that other users won't be able to claim their airdrop amounts. ## Proof of Code Add the following test to `./test/MerkleAirdrop.t.sol`, ```javascript function testClaimAirdropOverAndOverAgain() public { vm.deal(collectorOne, airdrop.getFee() * 4); for (uint8 i = 0; i < 4; i++) { vm.prank(collectorOne); airdrop.claim{ value: airdrop.getFee() }(collectorOne, amountToCollect, proof); } assertEq(token.balanceOf(collectorOne), 100e6); } ``` The test passes, and the malicious user has drained the contract of all its funds. ## Recommended Mitigation Use a mapping to store the addresses that have claimed their airdrop amounts. Check and update this mapping each time a user tries to claim their airdrop amount. ```diff contract MerkleAirdrop is Ownable { using SafeERC20 for IERC20; error MerkleAirdrop__InvalidFeeAmount(); error MerkleAirdrop__InvalidProof(); error MerkleAirdrop__TransferFailed(); + error MerkleAirdrop__AlreadyClaimed(); uint256 private constant FEE = 1e9; IERC20 private immutable i_airdropToken; bytes32 private immutable i_merkleRoot; + mapping(address user => bool claimed) private s_hasClaimed; ... function claim(address account, uint256 amount, bytes32[] calldata merkleProof) external payable { + if (s_hasClaimed[account]) revert MerkleAirdrop__AlreadyClaimed(); if (msg.value != FEE) { revert MerkleAirdrop__InvalidFeeAmount(); } bytes32 leaf = keccak256(bytes.concat(keccak256(abi.encode(account, amount)))); if (!MerkleProof.verify(merkleProof, i_merkleRoot, leaf)) { revert MerkleAirdrop__InvalidProof(); } + s_hasClaimed[account] = true; emit Claimed(account, amount); i_airdropToken.safeTransfer(account, amount); } ``` Now, let's unit test the changes, ```javascript function testCannotClaimAirdropMoreThanOnceAnymore() public { vm.deal(collectorOne, airdrop.getFee() * 2); vm.prank(collectorOne); airdrop.claim{ value: airdrop.getFee() }(collectorOne, amountToCollect, proof); vm.prank(collectorOne); airdrop.claim{ value: airdrop.getFee() }(collectorOne, amountToCollect, proof); } ``` The test correctly fails, with the following logs, ```shell Failing tests: Encountered 1 failing test in test/MerkleAirdropTest.t.sol:MerkleAirdropTest [FAIL. Reason: MerkleAirdrop__AlreadyClaimed()] testCannotClaimAirdropMoreThanOnceAnymore() (gas: 96751) ```

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!