Snowman Merkle Airdrop

AI First Flight #10

Beginner FriendlyFoundrySolidityNFT

EXP

View results

Submission Details

Severity: low

Valid

Replay Attack in claimSnowman allows users to claim multiple NFTs with a single Merkle Proof

web3giant

Root + Impact

Description

The SnowmanAirdrop::claimSnowman function lacks a state check to verify if a user has already claimed their airdrop
Although the function updates s_hasClaimedSnowman[receiver] = true at the end of execution, it never reads this value at the start.

// >>> EXTERNAL FUNCTIONS

@> function claimSnowman(address receiver, bytes32[] calldata merkleProof, uint8 v, bytes32 r, bytes32 s)

external

nonReentrant

{

Risk

Likelihood:

Occurs when a user calls the claimSnowman function a second time using the same valid Merkle proof and signature.

Occurs because the function executes the transfer and minting logic without first verifying the s_hasClaimedSnowman state of the receiver.
Occurs whenever a user restores their Snow token balance to the snapshot amount after a successful initial claim.

Impact:

The entire NFT supply can be drained by a single malicious user, bypassing the intended distribution logic.

Legitimate users are unable to claim their airdrop due to supply exhaustion (Denial of Service).
The protocol suffers economic damage as the attacker can sell the illegitimately obtained NFTs on the secondary market.

Proof of Concept

Test according to the file if the varible that represents the user Alice can claim the same NFT twice

function testClownCanClaimTwice() public {

// 1. SETUP: We use Alice (who has a valid proof)

uint256 claimAmount = 1;

// Generate valid signature for Alice

bytes32 digest = airdrop.getMessageHash(alice);

(uint8 v, bytes32 r, bytes32 s) = vm.sign(alKey, digest);

// Alice needs to approve the Airdrop to take her 1 SNOW

vm.prank(alice);

snow.approve(address(airdrop), claimAmount);

// 2. FIRST CLAIM (Legitimate)

vm.prank(satoshi); // Relayer submits it

airdrop.claimSnowman(alice, AL_PROOF, v, r, s);

// 3. THE RELOAD (The "Clown" Logic)

// Alice buys/gets another Snow token.

deal(address(snow), alice, claimAmount);

// Alice approves again

vm.prank(alice);

snow.approve(address(airdrop), claimAmount);

// 4. SECOND CLAIM (The Exploit)

// We use the EXACT SAME proof and signature.

vm.prank(satoshi);

airdrop.claimSnowman(alice, AL_PROOF, v, r, s);

// 5. SUCCESS CHECK

// Alice now has 2 NFTs. This proves the bug.

assertEq(nft.balanceOf(alice), 2);

}

Recommended Mitigation

Consider adding an If statement to check if the NFT has been claimed before

+ function claimSnowman(...) external {

// Check if the user has already claimed

if (s_hasClaimedSnowman[receiver]) {

revert SA__AlreadyClaimed();

}

// ... rest of the function

}

Updates

Lead Judging Commences

ai-first-flight-judge Lead Judge 13 days ago

Submission Judgement Published

Validated

Assigned finding tags:

[L-01] Missing Claim Status Check Allows Multiple Claims in SnowmanAirdrop.sol::claimSnowman

# Root + Impact   **Root:** The [`claimSnowman`](https://github.com/CodeHawks-Contests/2025-06-snowman-merkle-airdrop/blob/b63f391444e69240f176a14a577c78cb85e4cf71/src/SnowmanAirdrop.sol#L44) function updates `s_hasClaimedSnowman[receiver] = true` but never checks if the user has already claimed before processing the claim, allowing users to claim multiple times if they acquire more Snow tokens. **Impact:** Users can bypass the intended one-time airdrop limit by claiming, acquiring more Snow tokens, and claiming again, breaking the airdrop distribution model and allowing unlimited NFT minting for eligible users. ## Description * **Normal Behavior:** Airdrop mechanisms should enforce one claim per eligible user to ensure fair distribution and prevent abuse of the reward system. * **Specific Issue:** The function sets the claim status to true after processing but never validates if `s_hasClaimedSnowman[receiver]` is already true at the beginning, allowing users to claim multiple times as long as they have Snow tokens and valid proofs. ## Risk **Likelihood**: Medium * Users need to acquire additional Snow tokens between claims, which requires time and effort * Users must maintain their merkle proof validity across multiple claims * Attack requires understanding of the missing validation check **Impact**: High * **Airdrop Abuse**: Users can claim far more NFTs than intended by the distribution mechanism * **Unfair Distribution**: Some users receive multiple rewards while others may receive none * **Economic Manipulation**: Breaks the intended scarcity and distribution model of the NFT collection ## Proof of Concept Add the following test to TestSnowMan.t.sol ```Solidity function testMultipleClaimsAllowed() public { // Alice claims her first NFT vm.prank(alice); snow.approve(address(airdrop), 1); bytes32 aliceDigest = airdrop.getMessageHash(alice); (uint8 v, bytes32 r, bytes32 s) = vm.sign(alKey, aliceDigest); vm.prank(alice); airdrop.claimSnowman(alice, AL_PROOF, v, r, s); assert(nft.balanceOf(alice) == 1); assert(airdrop.getClaimStatus(alice) == true); // Alice acquires more Snow tokens (wait for timer and earn again) vm.warp(block.timestamp + 1 weeks); vm.prank(alice); snow.earnSnow(); // Alice can claim AGAIN with new Snow tokens! vm.prank(alice); snow.approve(address(airdrop), 1); bytes32 aliceDigest2 = airdrop.getMessageHash(alice); (uint8 v2, bytes32 r2, bytes32 s2) = vm.sign(alKey, aliceDigest2); vm.prank(alice); airdrop.claimSnowman(alice, AL_PROOF, v2, r2, s2); // Second claim succeeds! assert(nft.balanceOf(alice) == 2); // Alice now has 2 NFTs } ``` ## Recommended Mitigation **Add a claim status check at the beginning of the function** to prevent users from claiming multiple times. ```diff // Add new error + error SA__AlreadyClaimed(); function claimSnowman(address receiver, bytes32[] calldata merkleProof, uint8 v, bytes32 r, bytes32 s) external nonReentrant { + if (s_hasClaimedSnowman[receiver]) { + revert SA__AlreadyClaimed(); + } + if (receiver == address(0)) { revert SA__ZeroAddress(); } // Rest of function logic... s_hasClaimedSnowman[receiver] = true; } ```

Rewards breakdown

This contest has a flat reward structure with the following payouts:

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being reviewed by our AI judge. Results will be available in a few minutes.

View all submissions

Rewards Distribution

The contest is complete and the rewards are being distributed.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!