Competitive Audits
First Flights
Leaderboard
Docs
Toggle theme
Sign up
Log in
All First Flights
Puppy Raffle
Submissions
AI First Flight
Puppy Raffle
AI First Flight #1
Beginner Friendly
Foundry
Solidity
NFT
EXP
AI First Flight
EXP
Feb 23rd, 2026 → Feb 23rd, 2026
View repo
View results
8 / 8
Submissions
Severity
Validity
Tags
Author
#1
`refund()` Sends ETH Before Clearing Player Slot — Reentrancy Drains All Contract Funds
High
Valid
[H-02] Reentrancy Vulnerabi...
h3xu
#2
`selectWinner()` Uses Predictable Block Variables as Randomness Source — Deterministic Winner and Rarity Manipulation
High
Valid
[H-03] Randomness can be gamed
h3xu
#3
`enterRaffle()` Duplicate Check Has O(n²) Gas Complexity — DoS via Array Growth Locks New Entrants
Medium
Valid
[M-01] `PuppyRaffle: enterR...
h3xu
#4
`totalFees` Declared as `uint64` Causes Silent Truncation of Accumulated Fees — Protocol Revenue Lost
High
Valid
[H-05] Typecasting from uin...
h3xu
#5
Force-Sending ETH via `selfdestruct` Breaks `withdrawFees()` Balance Invariant — Accumulated Fees Locked Forever
Medium
Valid
[M-02] Slightly increasing ...
h3xu
#6
`selectWinner()` and `withdrawFees()` Lack Access Control — Anyone Can Trigger Premature Round Termination
High
Invalid
h3xu
#7
`selectWinner()` Does Not Skip Refunded (address(0)) Slots — Prize Pool Sent to Null Address, Funds Burned
High
Valid
[H-01] Potential Loss of Fu...
h3xu
#8
`changeFeeAddress()` Missing Zero-Address Validation — Owner Can Permanently Redirect Fees to Null Address
High
Valid
[H-01] Potential Loss of Fu...
h3xu
Previous
1
Next
Support
FAQs
Can't find an answer? Chat with us on Discord, Twitter or Linkedin.
What is Cyfrin CodeHawks?
What is a competitive audit?
How can I host a competition on CodeHawks?
How is a contest prize pool determined?
How do I get rewarded?
What is a First Flight?
Give us feedback!
