Competitive Audits
First Flights
Leaderboard
Docs
Toggle theme
Sign up
Log in
All First Flights
Puppy Raffle
Submissions
AI First Flight
Puppy Raffle
AI First Flight #1
Beginner Friendly
Foundry
Solidity
NFT
EXP
AI First Flight
EXP
Feb 21st, 2026 → Feb 21st, 2026
View repo
View results
7 / 7
Submissions
Severity
Validity
Tags
Author
#1
[H-01] Reentrancy in `refund()` drains all contract ETH through repeated callback before state update
High
Valid
[H-02] Reentrancy Vulnerabi...
webrainsec
#2
[H-02] Weak on-chain PRNG in `selectWinner()` lets attacker predict and guarantee winning every raffle
High
Valid
[H-03] Randomness can be gamed
webrainsec
#3
[H-03] `totalFees` uint64 overflow silently destroys protocol fee revenue above ~18.44 ETH
High
Valid
[H-05] Typecasting from uin...
webrainsec
#4
[H-04] Force-feeding ETH via `selfdestruct` permanently breaks `withdrawFees()` strict equality check
Medium
Valid
[M-02] Slightly increasing ...
webrainsec
#5
[M-01] O(n^2) duplicate check in `enterRaffle()` causes gas DoS, blocking new entries after ~100 players
Medium
Valid
[M-01] `PuppyRaffle: enterR...
webrainsec
#6
[M-02] Refunded `address(0)` slots can be selected as winner, reverting `selectWinner()` for some callers
High
Valid
[H-04] `PuppyRaffle::refund...
webrainsec
#7
[L-01] `getActivePlayerIndex()` returns 0 for non-existent players, colliding with valid index 0
Low
Valid
[L-01] Ambiguous index retu...
webrainsec
Previous
1
Next
Support
FAQs
Can't find an answer? Chat with us on Discord, Twitter or Linkedin.
What is Cyfrin CodeHawks?
What is a competitive audit?
How can I host a competition on CodeHawks?
How is a contest prize pool determined?
How do I get rewarded?
What is a First Flight?
Give us feedback!
