Competitive Audits
First Flights
Leaderboard
Docs
Toggle theme
Sign up
Log in
All First Flights
DatingDapp
Submissions
AI First Flight
DatingDapp
AI First Flight #6
Beginner Friendly
Foundry
Solidity
NFT
EXP
AI First Flight
EXP
Jan 9th, 2026 → Jan 10th, 2026
View repo
View results
8 / 8
Submissions
Severity
Validity
Tags
Author
#1
`SoulboundProfileNFT::mintProfile` function does not follow the CEI (Checks, Effects, Interactions) pattern and has a reentrancy vulnerability
Medium
Valid
[M-04] Reentrancy in `Soulb...
lukamm
#2
Centralized owner can arbitrarily block users, causing permanent loss of user funds
Medium
Valid
[M-03] App owner can have u...
lukamm
#3
Blocked users can immediately mint a new profile, making the block mechanism ineffective
Medium
Valid
[M-01] `SoulboundProfileNFT...
lukamm
#4
No refund mechanism for over payments in `LikeRegistry::likeUser` can lead to loss of funds
Medium
Invalid
lukamm
#5
The `LikeRegistry::userBalances` mapping is not updated inside the `LikeRegistry::likeUser` function, breaking the rewards functionality of the protocol
High
Valid
[H-01] After the user calls...
lukamm
#6
`MultiSigWallet::executeTransaction` does not check contract balance before executing, leading to wasted gas and poor UX
Low
Invalid
lukamm
#7
`MultiSigWallet` has no mechanism to revoke approvals, preventing owners from changing their mind
Medium
Invalid
lukamm
#8
`LikeRegistry::matchRewards` does not emit or store the deployed MultiSig wallet address, making it impossible for users to find their funds
Medium
Invalid
lukamm
Previous
1
Next
Support
FAQs
Can't find an answer? Chat with us on Discord, Twitter or Linkedin.
What is Cyfrin CodeHawks?
What is a competitive audit?
How can I host a competition on CodeHawks?
How is a contest prize pool determined?
How do I get rewarded?
What is a First Flight?
Give us feedback!
