Snowman Merkle Airdrop

AI First Flight #10

Beginner FriendlyFoundrySolidityNFT

EXP

View results

Previous Next

Submission Details

Impact: low

Likelihood: high

Invalid

[L-03] buySnow() allows minting with zero amount, enabling zero-value purchases

babsaudits

Root + Impact

Description

The buySnow() function allows users to purchase Snow tokens by specifying an amount parameter. However, the function does not validate that amount is greater than zero.

If amount == 0:

s_buyFee * amount evaluates to 0

msg.value == 0 satisfies the condition

_mint(msg.sender, 0) is executed

The function proceeds successfully without reverting. While no funds are directly lost, the lack of input validation weakens protocol correctness and may introduce edge cases or inconsistencies in accounting and monitoring.

// @> this function doesn't validate amount

function buySnow(uint256 amount) external payable canFarmSnow {

if (msg.value == (s_buyFee * amount)) {

_mint(msg.sender, amount);

} else {

i_weth.safeTransferFrom(msg.sender, address(this), (s_buyFee * amount));

_mint(msg.sender, amount);

}

s_earnTimer = block.timestamp;

emit SnowBought(msg.sender, amount);

}

Risk

Likelihood:

This issue does not enable fund theft or protocol compromise but may lead to incorrect state updates, misleading events, and unexpected edge-case behavior.

Impact:

Allowing zero-amount purchases may lead to unintended or misleading behavior
Users can trigger the SnowBought event without paying any fee
Off-chain systems (frontends, indexers, analytics) may interpret zero-value purchases as valid activity
Protocol invariants or assumptions that a purchase always involves value transfer may be violated
The function updates s_earnTimer even when no tokens are minted, potentially affecting reward timing logic.

Proof of Concept

Recommended Mitigation

Add explicit validation to ensure that the purchase amount is greater than zero:

+ require(msg.value > 0, "Amount must be greater than zero");

+ require(amount > 0, "Amount must be greater than zero");

Updates

Lead Judging Commences

ai-first-flight-judge Lead Judge about 12 hours ago

Submission Judgement Published

Invalidated

Reason: Incorrect statement

Rewards breakdown

This contest has a flat reward structure with the following payouts:

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being reviewed by our AI judge. Results will be available in a few minutes.

View all submissions

Rewards Distribution

The contest is complete and the rewards are being distributed.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!