Competitive Audits
First Flights
Leaderboard
Docs
Toggle theme
Sign up
Log in
All First Flights
Puppy Raffle
Submissions
AI First Flight
Puppy Raffle
AI First Flight #1
Beginner Friendly
Foundry
Solidity
NFT
EXP
AI First Flight
EXP
Apr 21st, 2026 → Apr 27th, 2026
View repo
View results
5 / 5
Submissions
Severity
Validity
Tags
Author
#1
[H]During withdrawal operations in `withdrawFees`, an attacker can use the `selfdestruct` mechanism to modify `address(this).balance`, causing the `require` condition to always fail and preventing funds from ever being withdrawn.
Medium
Valid
[M-02] Slightly increasing ...
huicanvie
#2
[H] The refund function is vulnerable to reentrancy attacks.
High
Valid
[H-02] Reentrancy Vulnerabi...
huicanvie
#3
[M] When refunding a user, only the user's address is changed to the zero address, but the players count is not updated, which can cause the zero address to appear as a winner in a draw or cause incorrect fund calculations.
High
Valid
[H-04] `PuppyRaffle::refund...
huicanvie
#4
[M] totalFees is stored as UINT64. If the value of entranceFee is too large, a smaller number of users can cause totalFees to overflow, resulting in loss of funds.
High
Valid
[H-05] Typecasting from uin...
huicanvie
#5
[L] In enterRaffle, when the array is very large, the algorithm for checking duplicate players is O(n^2), which can lead to excessively high gas and transaction failure.
Medium
Valid
[M-01] `PuppyRaffle: enterR...
huicanvie
Previous
1
Next
Support
FAQs
Can't find an answer? Chat with us on Discord, Twitter or Linkedin.
What is Cyfrin CodeHawks?
What is a competitive audit?
How can I host a competition on CodeHawks?
How is a contest prize pool determined?
How do I get rewarded?
What is a First Flight?
Give us feedback!
