Snowman Merkle Airdrop
AI First Flight #10
Beginner FriendlyFoundrySolidityNFT
EXP
View results
Previous Next
Submission Details
Severity: low
Valid

`claimSnowman` records claim status but does not enforce it

cryptobloc

claimSnowman records claim status but does not enforce it

Severity

Medium

Description

SnowmanAirdrop.claimSnowman() stores whether a receiver has claimed:

s_hasClaimedSnowman[receiver] = true;

However, the function never checks this mapping before allowing a claim. This means the recorded claim status has no effect.

The claim proof and EIP-712 signed message are based on (receiver, amount). If a user claims once, then later obtains the same amount of Snow again, the same Merkle proof and signature can be reused for another claim.

Affected code:

  • src/SnowmanAirdrop.sol:69

  • src/SnowmanAirdrop.sol:94

Risk

Users can claim more Snowman NFTs than intended. The airdrop appears to be designed as a one-time claim per eligible receiver, but the missing claim-status check allows repeated claims whenever the receiver regains the same Snow balance.

Impact:

  • repeat claims by eligible users,

  • NFT distribution exceeds intended allocation,

  • staked Snow no longer reliably bounds total claimable NFTs.

Proof of Concept

The PoC uses Alice, who is part of the provided Merkle tree. Alice signs the airdrop message and a relayer claims on her behalf. After the first claim, getClaimStatus(alice) returns true, proving the contract recorded Alice as claimed. Alice then buys exactly 1 Snow again, approves the airdrop again, and the relayer reuses the same Merkle proof and same signature to claim a second Snowman NFT.

Add this test to test/AuditFuzz.t.sol:

function test_ClaimStatusDoesNotPreventSecondAirdropClaim() public {
Helper helper = new Helper();
(SnowmanAirdrop airdrop, Snow snow, Snowman nft,) = helper.run();
bytes32[] memory proof = new bytes32[](3);
proof[0] = 0xf99782cec890699d4947528f9884acaca174602bb028a66d0870534acf241c52;
proof[1] = 0xbc5a8a0aad4a65155abf53bb707aa6d66b11b220ecb672f7832c05613dba82af;
proof[2] = 0x971653456742d62534a5d7594745c292dda6a75c69c43a6a6249523f26e0cac1;
(address alice, uint256 aliceKey) = makeAddrAndKey("alice");
address relayer = makeAddr("relayer");
uint256 fee = snow.s_buyFee();
vm.prank(alice);
snow.approve(address(airdrop), 1);
bytes32 digest = airdrop.getMessageHash(alice);
(uint8 v, bytes32 r, bytes32 s) = vm.sign(aliceKey, digest);
vm.prank(relayer);
airdrop.claimSnowman(alice, proof, v, r, s);
assertTrue(airdrop.getClaimStatus(alice));
assertEq(nft.balanceOf(alice), 1);
vm.deal(alice, fee);
vm.prank(alice);
snow.buySnow{value: fee}(1);
vm.prank(alice);
snow.approve(address(airdrop), 1);
vm.prank(relayer);
airdrop.claimSnowman(alice, proof, v, r, s);
assertEq(nft.balanceOf(alice), 2);
}

Run:

forge test --match-test test_ClaimStatusDoesNotPreventSecondAirdropClaim -vvv

Result:

[PASS] test_ClaimStatusDoesNotPreventSecondAirdropClaim()

The final assertion proves Alice received two Snowman NFTs even though her claim status was already true after the first claim.

Mitigation

Check claim status before processing the claim and set it before external calls.

Example fix:

error SA__AlreadyClaimed();
function claimSnowman(
address receiver,
bytes32[] calldata merkleProof,
uint8 v,
bytes32 r,
bytes32 s
) external nonReentrant {
if (receiver == address(0)) revert SA__ZeroAddress();
if (s_hasClaimedSnowman[receiver]) revert SA__AlreadyClaimed();
uint256 amount = i_snow.balanceOf(receiver);
if (amount == 0) revert SA__ZeroAmount();
if (!_isValidSignature(receiver, getMessageHash(receiver), v, r, s)) {
revert SA__InvalidSignature();
}
bytes32 leaf = keccak256(bytes.concat(keccak256(abi.encode(receiver, amount))));
if (!MerkleProof.verify(merkleProof, i_merkleRoot, leaf)) {
revert SA__InvalidProof();
}
s_hasClaimedSnowman[receiver] = true;
i_snow.safeTransferFrom(receiver, address(this), amount);
i_snowman.mintSnowman(receiver, amount);
}
Updates

Lead Judging Commences

ai-first-flight-judge Lead Judge about 4 hours ago
Submission Judgement Published
Validated
Assigned finding tags:

[L-01] Missing Claim Status Check Allows Multiple Claims in SnowmanAirdrop.sol::claimSnowman

# Root + Impact   **Root:** The [`claimSnowman`](https://github.com/CodeHawks-Contests/2025-06-snowman-merkle-airdrop/blob/b63f391444e69240f176a14a577c78cb85e4cf71/src/SnowmanAirdrop.sol#L44) function updates `s_hasClaimedSnowman[receiver] = true` but never checks if the user has already claimed before processing the claim, allowing users to claim multiple times if they acquire more Snow tokens. **Impact:** Users can bypass the intended one-time airdrop limit by claiming, acquiring more Snow tokens, and claiming again, breaking the airdrop distribution model and allowing unlimited NFT minting for eligible users. ## Description * **Normal Behavior:** Airdrop mechanisms should enforce one claim per eligible user to ensure fair distribution and prevent abuse of the reward system. * **Specific Issue:** The function sets the claim status to true after processing but never validates if `s_hasClaimedSnowman[receiver]` is already true at the beginning, allowing users to claim multiple times as long as they have Snow tokens and valid proofs. ## Risk **Likelihood**: Medium * Users need to acquire additional Snow tokens between claims, which requires time and effort * Users must maintain their merkle proof validity across multiple claims * Attack requires understanding of the missing validation check **Impact**: High * **Airdrop Abuse**: Users can claim far more NFTs than intended by the distribution mechanism * **Unfair Distribution**: Some users receive multiple rewards while others may receive none * **Economic Manipulation**: Breaks the intended scarcity and distribution model of the NFT collection ## Proof of Concept Add the following test to TestSnowMan.t.sol  ```Solidity function testMultipleClaimsAllowed() public { // Alice claims her first NFT vm.prank(alice); snow.approve(address(airdrop), 1); bytes32 aliceDigest = airdrop.getMessageHash(alice); (uint8 v, bytes32 r, bytes32 s) = vm.sign(alKey, aliceDigest); vm.prank(alice); airdrop.claimSnowman(alice, AL_PROOF, v, r, s); assert(nft.balanceOf(alice) == 1); assert(airdrop.getClaimStatus(alice) == true); // Alice acquires more Snow tokens (wait for timer and earn again) vm.warp(block.timestamp + 1 weeks); vm.prank(alice); snow.earnSnow(); // Alice can claim AGAIN with new Snow tokens! vm.prank(alice); snow.approve(address(airdrop), 1); bytes32 aliceDigest2 = airdrop.getMessageHash(alice); (uint8 v2, bytes32 r2, bytes32 s2) = vm.sign(alKey, aliceDigest2); vm.prank(alice); airdrop.claimSnowman(alice, AL_PROOF, v2, r2, s2); // Second claim succeeds! assert(nft.balanceOf(alice) == 2); // Alice now has 2 NFTs } ``` ## Recommended Mitigation **Add a claim status check at the beginning of the function** to prevent users from claiming multiple times. ```diff // Add new error + error SA__AlreadyClaimed(); function claimSnowman(address receiver, bytes32[] calldata merkleProof, uint8 v, bytes32 r, bytes32 s) external nonReentrant { + if (s_hasClaimedSnowman[receiver]) { + revert SA__AlreadyClaimed(); + } + if (receiver == address(0)) { revert SA__ZeroAddress(); } // Rest of function logic... s_hasClaimedSnowman[receiver] = true; } ```

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!