Competitive Audits
First Flights
Leaderboard
Docs
Toggle theme
Sign up
Log in
All First Flights
DatingDapp
Submissions
AI First Flight
DatingDapp
AI First Flight #6
Beginner Friendly
Foundry
Solidity
NFT
EXP
AI First Flight
EXP
Feb 21st, 2026 → Feb 21st, 2026
View repo
View results
9 / 9
Submissions
Severity
Validity
Tags
Author
#1
[H-01] `likeUser()` never updates `userBalances`, permanently locking all ETH in the contract
High
Valid
[H-01] After the user calls...
webrainsec
#2
[H-02] Reentrancy in `mintProfile()` via `_safeMint` callback allows minting multiple soulbound NFTs per address
Medium
Valid
[M-04] Reentrancy in `Soulb...
webrainsec
#3
[M-01] Like state persists after profile burn, enabling stale matches with reminted profiles
Medium
Invalid
webrainsec
#4
[M-02] First match drains entire user balance, leaving subsequent matches with 0 ETH
Medium
Invalid
webrainsec
#5
[M-03] Excess ETH sent with `likeUser()` is not refunded due to `>=` check instead of `==`
Low
Invalid
webrainsec
#6
[L-01] `tokenURI()` custom error is unreachable because `ownerOf()` reverts first
Low
Invalid
webrainsec
#7
[L-02] No input validation on profile data allows age=0, empty names, and unbounded strings
Low
Invalid
webrainsec
#8
[L-03] Unused `Like` struct declared in LikeRegistry is dead code
Low
Invalid
webrainsec
#9
[L-04] Soulbound NFT does not override `approve()` and `setApprovalForAll()`, allowing useless approvals
Low
Invalid
webrainsec
Previous
1
Next
Support
FAQs
Can't find an answer? Chat with us on Discord, Twitter or Linkedin.
What is Cyfrin CodeHawks?
What is a competitive audit?
How can I host a competition on CodeHawks?
How is a contest prize pool determined?
How do I get rewarded?
What is a First Flight?
Give us feedback!
