Competitive Audits
First Flights
Leaderboard
Docs
Toggle theme
Sign up
Log in
All First Flights
Santa's List
Submissions
AI First Flight
Santa's List
AI First Flight #3
Beginner Friendly
Foundry
EXP
AI First Flight
EXP
Apr 20th, 2026 → Apr 23rd, 2026
View repo
View results
8 / 8
Submissions
Severity
Validity
Tags
Author
#1
Reentrancy via `_safeMint` Callback Allows NFT Inflation and Victim Token Drain
High
Invalid
web3mio
#2
buyPresent` Burns Tokens from `presentReceiver` Instead of `msg.sender`, Enabling Unauthorized Token Confiscation
High
Valid
[H-03] SantasList::buyPrese...
web3mio
#3
buyPresent` Burns Tokens from `presentReceiver` Instead of `msg.sender`, Enabling Unauthorized Token Confiscation
High
Valid
[H-03] SantasList::buyPrese...
web3mio
#4
`collectPresent` Uses `balanceOf` to Guard Against Double-Claiming, Allowing Bypass via NFT Transfer
High
Valid
[H-04] Any `NICE` or `EXTRA...
web3mio
#5
`collectPresent` Uses `balanceOf` to Guard Against Double-Claiming, Allowing Bypass via NFT Transfer
High
Valid
[H-04] Any `NICE` or `EXTRA...
web3mio
#6
checkList` Lacks Access Control and `checkTwice` Cannot Override a Prior Status, Permanently Locking User Eligibility
High
Valid
[H-01] Anyone is able to ca...
web3mio
#7
checkList` Missing `onlySanta` Access Control Allows Anyone to Write the Naughty/Nice List
High
Valid
[H-01] Anyone is able to ca...
web3mio
#8
`PURCHASED_PRESENT_COST` Constant Is Never Used — `mint` and `burn` Hardcode Half the Documented Price
Low
Invalid
web3mio
Previous
1
Next
Support
FAQs
Can't find an answer? Chat with us on Discord, Twitter or Linkedin.
What is Cyfrin CodeHawks?
What is a competitive audit?
How can I host a competition on CodeHawks?
How is a contest prize pool determined?
How do I get rewarded?
What is a First Flight?
Give us feedback!
