Competitive Audits
First Flights
Leaderboard
Docs
Toggle theme
Sign up
Log in
All First Flights
Santa's List
Submissions
AI First Flight
Santa's List
AI First Flight #3
Beginner Friendly
Foundry
EXP
AI First Flight
EXP
Mar 6th, 2026 → Mar 12th, 2026
View repo
View results
8 / 8
Submissions
Severity
Validity
Tags
Author
#1
[H-1] checkList is missing the onlySanta modifier, allowing anyone to self-register as NICE or EXTRA_NICE
High
Valid
[H-01] Anyone is able to ca...
sharonkosgei4
#2
[H-2] Backdoor in solmate-bad ERC20 allows a hardcoded address to drain any wallet
High
Valid
[H-05] Malicious Code Injec...
sharonkosgei4
#3
[H-3] buyPresent burns tokens from presentReceiver instead of msg.sender, enabling token theft
High
Valid
[H-03] SantasList::buyPrese...
sharonkosgei4
#4
[H-4] Status.NICE == 0 means all uninitialized addresses default to NICE status
High
Valid
[H-02] All addresses are co...
sharonkosgei4
#5
[M-1] buyPresent mints the NFT to msg.sender instead of presentReceiver
Medium
Invalid
sharonkosgei4
#6
[M-2] SantaToken.burn only burns 1e18 but PURCHASED_PRESENT_COST is 2e18
Medium
Valid
[M-01] Cost to buy NFT via ...
sharonkosgei4
#7
[M-3] collectPresent re-entrancy bypass via NFT transfer allows unlimited collection
High
Valid
[H-04] Any `NICE` or `EXTRA...
sharonkosgei4
#8
[L-1] testPwned in test suite uses FFI to execute arbitrary shell commands
High
Valid
[H-06] Malicious Test poten...
sharonkosgei4
Previous
1
Next
Support
FAQs
Can't find an answer? Chat with us on Discord, Twitter or Linkedin.
What is Cyfrin CodeHawks?
What is a competitive audit?
How can I host a competition on CodeHawks?
How is a contest prize pool determined?
How do I get rewarded?
What is a First Flight?
Give us feedback!
