Santa's List

AI First Flight #3

Beginner FriendlyFoundry

EXP

View results

Previous Next

Submission Details

Impact: medium

Likelihood: high

Invalid

Checklist Status Mismatch Blocks Eligible Users

lallanaad

Root + Impact

The logic enforces strict equality between the two checklist states, meaning any mismatch is treated as invalid. As a result, addresses that are marked NICE in one check and EXTRA_NICE in the other cannot collect presents, even though both classifications are valid. This creates a denial of service for eligible users, undermines fairness, and introduces transparency issues since the rules promise inclusion but the implementation excludes users when checklist results conflict.

Description

The contract requires both s_theListCheckedOnce and s_theListCheckedTwice to agree before allowing minting. When one marks an address as NICE and the other marks it as EXTRA_NICE, the function reverts. This design assumes consistency between the two checks without handling disagreement, so legitimate users with differing results are blocked entirely.

function checkList(address person, Status status) external {

s_theListCheckedOnce[person] = status;

emit CheckedOnce(person, status);

}

function checkTwice(address person, Status status) external onlySanta {

if (s_theListCheckedOnce[person] != status) {

revert SantasList__SecondCheckDoesntMatchFirst();

}

s_theListCheckedTwice[person] = status;

emit CheckedTwice(person, status);

}

Risk

Likelihood:

Mismatched states are realistic since checklist updates may be asynchronous or subject to human error. Any address caught between NICE and EXTRA_NICE classifications will be blocked

Impact:

Makes the first check effectively final

Breaks the expected flexibility of the “checked twice” process

Legitimate users are denied access to presents despite being marked eligible in at least one checklist. This reduces trust in the system.

Proof of Concept

Mark an address as NICE in s_theListCheckedOnce.
Mark the same address as EXTRA_NICE in s_theListCheckedTwice.
Call collectPresent() from that address.
Transaction reverts due to mismatch, blocking minting.

function testChecklistMismatchReverts() public {

// First checklist marks user as NICE

santasList.checkList(user, SantasList.Status.NICE);

// Second checklist marks user as EXTRA_NICE

santasList.checkTwice(user, SantasList.Status.EXTRA_NICE);

// Expect revert when user tries to collect

vm.prank(user);

vm.expectRevert();

santasList.collectPresent();

}

Recommended Mitigation

Adjust the logic so mismatched states are handled instead of reverting. example: Default to the stricter classification (treat NICE/EXTRA_NICE mismatch as NICE only).

Updates

Lead Judging Commences

ai-first-flight-judge Lead Judge about 5 hours ago

Submission Judgement Published

Invalidated

Reason: Incorrect statement

Rewards breakdown

This contest has a flat reward structure with the following payouts:

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being reviewed by our AI judge. Results will be available in a few minutes.

View all submissions

Rewards Distribution

The contest is complete and the rewards are being distributed.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!