Snowman Merkle Airdrop
AI First Flight #10
Beginner FriendlyFoundrySolidityNFT
EXP
View results
Previous Next
Submission Details
Severity: low
Valid

Replayable Claims in SnowmanAirdrop.claimSnowman()

pratamaajip01

Summary
The contract stores claim status (s_hasClaimedSnowman) but never enforces it, enabling repeat claims by the same receiver if they restore the required Snow balance.

Vulnerability Details
claimSnowman() sets:

  • s_hasClaimedSnowman[receiver] = true;

But it never checks this mapping before processing claims.

Relevant code:

  • Mapping declaration: src/SnowmanAirdrop.sol:47

  • Status write: src/SnowmanAirdrop.sol:94

  • Missing status check in claimSnowman: src/SnowmanAirdrop.sol:69-99

Claim amount is derived from current balance:

  • amount = i_snow.balanceOf(receiver);

Therefore, a user can:

  1. Claim once (tokens transferred to airdrop contract).

  2. Re-acquire the same Snow amount.

  3. Re-sign and claim again with the same Merkle proof for that amount.

PoC
Validated dynamically with Foundry test:

  • test/AuditFindings.t.sol::test_ReplayableAirdropClaim

function test_ReplayableAirdropClaim() public {
// first valid claim
vm.prank(alice);
snow.approve(address(airdrop), 1);
bytes32 digest1 = airdrop.getMessageHash(alice);
(uint8 v1, bytes32 r1, bytes32 s1) = vm.sign(aliceKey, digest1);
vm.prank(relayer);
airdrop.claimSnowman(alice, proof, v1, r1, s1);
// re-acquire same amount and claim again
uint256 fee = snow.s_buyFee();
vm.deal(alice, fee);
vm.prank(alice);
snow.buySnow{value: fee}(1);
vm.prank(alice);
snow.approve(address(airdrop), 1);
bytes32 digest2 = airdrop.getMessageHash(alice);
(uint8 v2, bytes32 r2, bytes32 s2) = vm.sign(aliceKey, digest2);
vm.prank(relayer);
airdrop.claimSnowman(alice, proof, v2, r2, s2);
assertEq(nft.balanceOf(alice), 2);
}

Impact

  • Users can mint more NFTs than intended by a one-time allocation model.

  • Airdrop supply/accounting guarantees are broken.

  • Economic dilution of legitimate claimers.

Tools Used

  • Foundry (forge test --match-contract AuditFindings)

  • Manual code review

  • State-transition analysis

Recommendations
Enforce one-time claim before signature/proof validation.

Suggested patch:

contract SnowmanAirdrop is EIP712, ReentrancyGuard {
+ error SA__AlreadyClaimed();
function claimSnowman(address receiver, bytes32[] calldata merkleProof, uint8 v, bytes32 r, bytes32 s)
external
nonReentrant
{
+ if (s_hasClaimedSnowman[receiver]) {
+ revert SA__AlreadyClaimed();
+ }
+
if (receiver == address(0)) {
revert SA__ZeroAddress();
}
...
s_hasClaimedSnowman[receiver] = true;
...
}
}
Updates

Lead Judging Commences

ai-first-flight-judge Lead Judge 7 days ago
Submission Judgement Published
Validated
Assigned finding tags:

[L-01] Missing Claim Status Check Allows Multiple Claims in SnowmanAirdrop.sol::claimSnowman

# Root + Impact   **Root:** The [`claimSnowman`](https://github.com/CodeHawks-Contests/2025-06-snowman-merkle-airdrop/blob/b63f391444e69240f176a14a577c78cb85e4cf71/src/SnowmanAirdrop.sol#L44) function updates `s_hasClaimedSnowman[receiver] = true` but never checks if the user has already claimed before processing the claim, allowing users to claim multiple times if they acquire more Snow tokens. **Impact:** Users can bypass the intended one-time airdrop limit by claiming, acquiring more Snow tokens, and claiming again, breaking the airdrop distribution model and allowing unlimited NFT minting for eligible users. ## Description * **Normal Behavior:** Airdrop mechanisms should enforce one claim per eligible user to ensure fair distribution and prevent abuse of the reward system. * **Specific Issue:** The function sets the claim status to true after processing but never validates if `s_hasClaimedSnowman[receiver]` is already true at the beginning, allowing users to claim multiple times as long as they have Snow tokens and valid proofs. ## Risk **Likelihood**: Medium * Users need to acquire additional Snow tokens between claims, which requires time and effort * Users must maintain their merkle proof validity across multiple claims * Attack requires understanding of the missing validation check **Impact**: High * **Airdrop Abuse**: Users can claim far more NFTs than intended by the distribution mechanism * **Unfair Distribution**: Some users receive multiple rewards while others may receive none * **Economic Manipulation**: Breaks the intended scarcity and distribution model of the NFT collection ## Proof of Concept Add the following test to TestSnowMan.t.sol  ```Solidity function testMultipleClaimsAllowed() public { // Alice claims her first NFT vm.prank(alice); snow.approve(address(airdrop), 1); bytes32 aliceDigest = airdrop.getMessageHash(alice); (uint8 v, bytes32 r, bytes32 s) = vm.sign(alKey, aliceDigest); vm.prank(alice); airdrop.claimSnowman(alice, AL_PROOF, v, r, s); assert(nft.balanceOf(alice) == 1); assert(airdrop.getClaimStatus(alice) == true); // Alice acquires more Snow tokens (wait for timer and earn again) vm.warp(block.timestamp + 1 weeks); vm.prank(alice); snow.earnSnow(); // Alice can claim AGAIN with new Snow tokens! vm.prank(alice); snow.approve(address(airdrop), 1); bytes32 aliceDigest2 = airdrop.getMessageHash(alice); (uint8 v2, bytes32 r2, bytes32 s2) = vm.sign(alKey, aliceDigest2); vm.prank(alice); airdrop.claimSnowman(alice, AL_PROOF, v2, r2, s2); // Second claim succeeds! assert(nft.balanceOf(alice) == 2); // Alice now has 2 NFTs } ``` ## Recommended Mitigation **Add a claim status check at the beginning of the function** to prevent users from claiming multiple times. ```diff // Add new error + error SA__AlreadyClaimed(); function claimSnowman(address receiver, bytes32[] calldata merkleProof, uint8 v, bytes32 r, bytes32 s) external nonReentrant { + if (s_hasClaimedSnowman[receiver]) { + revert SA__AlreadyClaimed(); + } + if (receiver == address(0)) { revert SA__ZeroAddress(); } // Rest of function logic... s_hasClaimedSnowman[receiver] = true; } ```

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!