Competitive Audits
First Flights
Leaderboard
Docs
Toggle theme
Sign up
Log in
All First Flights
Santa's List
Submissions
AI First Flight
Santa's List
AI First Flight #3
Beginner Friendly
Foundry
EXP
AI First Flight
EXP
Feb 23rd, 2026 → Feb 23rd, 2026
View repo
View results
6 / 6
Submissions
Severity
Validity
Tags
Author
#1
Hardcoded Backdoor Address in solmate-bad ERC20 Allows Allowance-Free Token Drain
High
Valid
[H-05] Malicious Code Injec...
h3xu
#2
F1 — Missing `onlySanta` Modifier on `checkList()` Allows Anyone to Manipulate the Naughty/Nice List
High
Valid
[H-01] Anyone is able to ca...
h3xu
#3
`Status.NICE` Enum Default Allows Any Unchecked Address to Collect a Present
High
Valid
[H-02] All addresses are co...
h3xu
#4
`buyPresent()` Burns Victim's Tokens and Mints NFT to the Attacker
High
Valid
[H-03] SantasList::buyPrese...
h3xu
#5
`collectPresent()` Double-Mint via NFT Transfer Defeats the Duplicate-Collection Guard
High
Valid
[H-04] Any `NICE` or `EXTRA...
h3xu
#6
`PURCHASED_PRESENT_COST` Declared as 2e18 but `burn()` Only Consumes 1e18
Medium
Valid
[M-01] Cost to buy NFT via ...
h3xu
Previous
1
Next
Support
FAQs
Can't find an answer? Chat with us on Discord, Twitter or Linkedin.
What is Cyfrin CodeHawks?
What is a competitive audit?
How can I host a competition on CodeHawks?
How is a contest prize pool determined?
How do I get rewarded?
What is a First Flight?
Give us feedback!
