Competitive Audits
First Flights
Leaderboard
Docs
Toggle theme
Sign up
Log in
All First Flights
Santa's List
Submissions
AI First Flight
Santa's List
AI First Flight #3
Beginner Friendly
Foundry
EXP
AI First Flight
EXP
Dec 27th, 2025 → Dec 27th, 2025
View repo
View results
6 / 6
Submissions
Severity
Validity
Tags
Author
#1
anyone is able to call `checkList` function in SantasList contract,
High
Valid
[H-01] Anyone is able to ca...
hark017
#2
all addresses considered nice by default
High
Valid
[H-02] All addresses are co...
hark017
#3
The `buyPresent` function sends the present to the `caller` of the function but burns token from `presentReceiver`
High
Valid
[H-03] SantasList::buyPrese...
hark017
#4
`collectPresent` function is callable by any address, but the call will succeed only if the user is registered as `NICE` or `EXTRA_NICE` in SantasList contract
High
Valid
[H-04] Any `NICE` or `EXTRA...
hark017
#5
A malicious code is detected in a modified version of the Solmate ERC20 contract inside the `transferFrom` function
High
Valid
[H-05] Malicious Code Injec...
hark017
#6
reate a file called `youve-been-pwned` but there is no underlying reason for this test to be here except a malicious behavior.
High
Valid
[H-06] Malicious Test poten...
hark017
Previous
1
Next
Support
FAQs
Can't find an answer? Chat with us on Discord, Twitter or Linkedin.
What is Cyfrin CodeHawks?
What is a competitive audit?
How can I host a competition on CodeHawks?
How is a contest prize pool determined?
How do I get rewarded?
What is a First Flight?
Give us feedback!
