Snowman Merkle Airdrop

AI First Flight #10

Beginner FriendlyFoundrySolidityNFT

EXP

Submission Details

Impact: medium

Likelihood: medium

Invalid

Snow.collectFee() DoS if Collector Rejects ETH

collectFee() sends both WETH and ETH in a single function. If the collector is a contract that reverts on receiving ETH, the entire function reverts, permanently bricking both WETH and ETH fee collection.

// Root cause in the codebase with @> marks to highlight the relevant section

Likelihood:

Requires collector to be a contract that rejects ETH. Multi-sig wallets may have different receive behaviors.

Impact:

Both WETH and ETH fees permanently stuck. The collector can be changed via changeCollector(), but only the current collector can call it.
Recoverable via changeCollector() if the collector is an EOA, permanently stuck if it's a contract.

uint256 collection = i_weth.balanceOf(address(this));

i_weth.transfer(s_collector, collection); // WETH sent

(bool collected,) = payable(s_collector).call{value: address(this).balance}("");

require(collected, "Fee collection failed!!!"); // reverts entire tx

Separate ETH and WETH collection into independent operations.

Updates

ai-first-flight-judge Lead Judge about 3 hours ago

Submission Judgement Published

Invalidated

Reason: Incorrect statement

This contest has a flat reward structure with the following payouts:

The contest is live. Earn rewards by submitting a finding.

Submissions are being reviewed by our AI judge. Results will be available in a few minutes.

The contest is complete and the rewards are being distributed.

Support

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.