Competitive Audits
First Flights
Leaderboard
Docs
Toggle theme
Sign up
Log in
All First Flights
Santa's List
Submissions
AI First Flight
Santa's List
AI First Flight #3
Beginner Friendly
Foundry
EXP
AI First Flight
EXP
Jan 5th, 2026 → Jan 10th, 2026
View repo
View results
10 / 10
Submissions
Severity
Validity
Tags
Author
#1
Missing Access Control on checkList() allows anyone to manipulate status
High
Valid
[H-01] Anyone is able to ca...
georgibuilds
#2
buyPresent() Burns Tokens From Receiver Instead of Sender, Enabling Token Theft
High
Valid
[H-03] SantasList::buyPrese...
georgibuilds
#3
Enum Default Value Allows Unchecked Users to Collect NFTs Without Santa's Approval
High
Valid
[H-02] All addresses are co...
georgibuilds
#4
Malicious Solmate Library Contains Backdoor Allowing Unauthorized Token Transfers
High
Valid
[H-05] Malicious Code Injec...
georgibuilds
#5
Test Suite Contains FFI Command That Executes System Commands on Auditor Machines
High
Valid
[H-06] Malicious Test poten...
georgibuilds
#6
foundry.toml Enables FFI Globally, Allowing All Tests to Execute System Commands
High
Invalid
georgibuilds
#7
SantaToken Burns Incorrect Amount - 1e18 Instead of PURCHASED_PRESENT_COST (2e18)
Medium
Valid
[M-01] Cost to buy NFT via ...
georgibuilds
#8
buyPresent() Allows Unlimited NFT Purchases, Bypassing "1 NFT Per User" Rule
Medium
Invalid
georgibuilds
#9
Solidity Version 0.8.22 Uses PUSH0 Opcode Not Supported on Arbitrum
Low
Valid
[L-02] Incompatibility of S...
georgibuilds
#10
buyPresent() Allows Purchasing Presents Before Christmas, Bypassing Time Restriction
Low
Invalid
georgibuilds
Previous
1
Next
Support
FAQs
Can't find an answer? Chat with us on Discord, Twitter or Linkedin.
What is Cyfrin CodeHawks?
What is a competitive audit?
How can I host a competition on CodeHawks?
How is a contest prize pool determined?
How do I get rewarded?
What is a First Flight?
Give us feedback!
