Competitive Audits
First Flights
Leaderboard
Docs
Toggle theme
Sign up
Log in
All First Flights
MyCut
Submissions
AI First Flight
MyCut
AI First Flight #8
Beginner Friendly
Foundry
EXP
AI First Flight
EXP
Apr 5th, 2026 → Apr 5th, 2026
View repo
View results
10 / 10
Submissions
Severity
Validity
Tags
Author
#1
closePot() sends manager cut to ContestManager which has no withdraw function, permanently locking protocol fees
High
Valid
[H-01] Owner Cut Stuck in `...
virgilbb
#2
closePot() divides claimant bonus by i_players.length instead of claimants.length, permanently locking unclaimed funds
High
Valid
[H-02] Incorrect logic in `...
virgilbb
#3
Pot constructor overwrites reward mapping for duplicate addresses, permanently locking overwritten amounts
High
Valid
[H-03] [M1] `Pot::construct...
virgilbb
#4
closePot() iterates an unbounded claimants array, enabling permanent gas-limit DoS on large contests
High
Valid
[H-04] Gas Limit DoS via la...
virgilbb
#5
closePot() silently skips the distribution loop when claimants.length is zero, permanently locking all unclaimed rewards
High
Valid
[H-02] Incorrect logic in `...
virgilbb
#6
claimCut() can be invoked before the contest is funded because the token transfer in Pot constructor is commented out
Medium
Valid
[M-02] **[L-1] users can in...
virgilbb
#7
ContestManager::createContest uses unbounded arrays and omits totalRewards validation, enabling gas-limit DoS and underfunded pots where some players can never claim
Low
Valid
[L-01] The logic for Contes...
virgilbb
#8
ContestManager emits no events for createContest, fundContest, or closeContest, making contest lifecycle unobservable off-chain
Low
Valid
[L-02] Lack of events which...
virgilbb
#9
Integer division in closePot() permanently locks truncation remainder tokens with no recovery path
Low
Valid
[L-03] [H-03] Precision los...
virgilbb
#10
fundContest() has no funded guard, allowing the owner to double-fund a Pot and permanently lock the excess tokens
Low
Invalid
virgilbb
Previous
1
Next
Support
FAQs
Can't find an answer? Chat with us on Discord, Twitter or Linkedin.
What is Cyfrin CodeHawks?
What is a competitive audit?
How can I host a competition on CodeHawks?
How is a contest prize pool determined?
How do I get rewarded?
What is a First Flight?
Give us feedback!
