Snowman Merkle Airdrop

AI First Flight #10

Beginner FriendlyFoundrySolidityNFT

EXP

View results

Previous Next

Submission Details

Severity: low

Valid

Global Timer Causes Protocol-Wide Denial of Service

bravejoy780

Root + Impact

Description

Each user should have an independent weekly cooldown for earnSnow(). Instead, s_earnTimer is a single global variable. When anyone calls earnSnow() or buySnow(), the timer resets for all users, allowing only one free token per week protocol-wide.

// Root cause in the codebase with @> marks to highlight the relevant section

contract Snow is ERC20, Ownable {

// ...

@> uint256 private s_earnTimer; // This single variable controls timing for ALL users

// ...

function earnSnow() external canFarmSnow {

@> if (s_earnTimer != 0 && block.timestamp < (s_earnTimer + 1 weeks)) {

revert S__Timer();

}

_mint(msg.sender, 1);

@> s_earnTimer = block.timestamp; // One user's action blocks everyone else

}

function buySnow(uint256 amount) external payable canFarmSnow {

if (msg.value == (s_buyFee * amount)) {

_mint(msg.sender, amount);

} else {

i_weth.safeTransferFrom(msg.sender, address(this), (s_buyFee * amount));

_mint(msg.sender, amount);

}

@> s_earnTimer = block.timestamp; // Purchasing tokens also resets the global timer

emit SnowBought(msg.sender, amount);

}

Risk

Likelihood: Happens during normal usage; attacker can intentionally block everyone by calling weekly

Impact: 99.9% reduction in free distribution; users forced to buy or be excluded

Proof of Concept

The test demonstrates three users attempting to earn tokens. Alice succeeds first, but Bob and Carol are blocked despite never having earned before. This proves the timer is global rather than per-user

// SPDX-License-Identifier: MIT

pragma solidity ^0.8.24;

import {Test, console} from "forge-std/Test.sol";

import {Snow} from "../src/Snow.sol";

import {ERC20Mock} from "@openzeppelin/contracts/mocks/token/ERC20Mock.sol";

contract GlobalTimerBugTest is Test {

Snow public snow;

ERC20Mock public weth;

address public alice = makeAddr("alice");

address public bob = makeAddr("bob");

address public carol = makeAddr("carol");

address public collector = makeAddr("collector");

function setUp() public {

weth = new ERC20Mock();

snow = new Snow(address(weth), 1, collector);

}

function testOnlyOneUserCanEarnPerWeek() public {

// Alice goes first and successfully earns her token

vm.prank(alice);

snow.earnSnow();

assertEq(snow.balanceOf(alice), 1);

// Bob tries right after but gets blocked even though

// he has never earned before

vm.prank(bob);

vm.expectRevert(Snow.S__Timer.selector);

snow.earnSnow();

// Carol faces the same problem

vm.prank(carol);

vm.expectRevert(Snow.S__Timer.selector);

snow.earnSnow();

// Both Bob and Carol have zero tokens despite being

// legitimate users who should be able to earn

assertEq(snow.balanceOf(bob), 0);

assertEq(snow.balanceOf(carol), 0);

}

function testBuyingBlocksEarning() public {

vm.deal(alice, 10 ether);

// Alice purchases some tokens

vm.prank(alice);

snow.buySnow{value: 1 ether}(1);

// Bob wants to earn his free token but cannot

// because Alice's purchase reset the global timer

vm.prank(bob);

vm.expectRevert(Snow.S__Timer.selector);

snow.earnSnow();

}

function testAttackerMonopolizesFreeTokens() public {

address attacker = makeAddr("attacker");

// Attacker claims every week for 12 weeks

for (uint256 week = 0; week < 12; week++) {

vm.warp(block.timestamp + 1 weeks);

vm.prank(attacker);

snow.earnSnow();

}

// Attacker collected all 12 free tokens

assertEq(snow.balanceOf(attacker), 12);

// Regular users got nothing

assertEq(snow.balanceOf(alice), 0);

assertEq(snow.balanceOf(bob), 0);

}

Recommended Mitigation

The fix requires changing the timer from a single variable to a mapping that tracks each user independently. Additionally, the timer update in buySnow() should be removed entirely since purchasing tokens has no logical connection to the earning cooldown.

contract Snow is ERC20, Ownable {

using SafeERC20 for IERC20;

// State variables

address private s_collector;

- uint256 private s_earnTimer;

+ mapping(address => uint256) private s_earnTimer;

uint256 public s_buyFee;

uint256 private immutable i_farmingOver;

// Rest of the contract...

function earnSnow() external canFarmSnow {

- if (s_earnTimer != 0 && block.timestamp < (s_earnTimer + 1 weeks)) {

+ if (s_earnTimer[msg.sender] != 0 && block.timestamp < (s_earnTimer[msg.sender] + 1 weeks)) {

revert S__Timer();

}

_mint(msg.sender, 1);

- s_earnTimer = block.timestamp;

+ s_earnTimer[msg.sender] = block.timestamp;

+ emit SnowEarned(msg.sender, 1);

}

function buySnow(uint256 amount) external payable canFarmSnow {

if (msg.value == (s_buyFee * amount)) {

_mint(msg.sender, amount);

} else {

i_weth.safeTransferFrom(msg.sender, address(this), (s_buyFee * amount));

_mint(msg.sender, amount);

}

- s_earnTimer = block.timestamp;

emit SnowBought(msg.sender, amount);

}

Updates

Lead Judging Commences

ai-first-flight-judge Lead Judge 13 days ago

Submission Judgement Published

Validated

Assigned finding tags:

[L-02] Global Timer Reset in Snow::buySnow Denies Free Claims for All Users

## Description: The `Snow::buySnow` function contains a critical flaw where it resets a global timer `(s_earnTimer)` to the current block timestamp on every invocation. This timer controls eligibility for free token claims via `Snow::earnSnow()`, which requires 1 week to pass since the last timer reset. As a result: Any token purchase `(via buySnow)` blocks all free claims for all users for 7 days Malicious actors can permanently suppress free claims with micro-transactions Contradicts protocol documentation promising **"free weekly claims per user"** ## Impact: * **Complete Denial-of-Service:** Free claim mechanism becomes unusable * **Broken Protocol Incentives:** Undermines core user acquisition strategy * **Economic Damage:** Eliminates promised free distribution channel * **Reputation Harm:** Users perceive protocol as dishonest ```solidity function buySnow(uint256 amount) external payable canFarmSnow { if (msg.value == (s_buyFee * amount)) { _mint(msg.sender, amount); } else { i_weth.safeTransferFrom(msg.sender, address(this), (s_buyFee * amount)); _mint(msg.sender, amount); } @> s_earnTimer = block.timestamp; emit SnowBought(msg.sender, amount); } ``` ## Risk **Likelihood**: • Triggered by normal protocol usage (any purchase) • Requires only one transaction every 7 days to maintain blockage • Incentivized attack (low-cost disruption) **Impact**: • Permanent suppression of core protocol feature • Loss of user trust and adoption • Violates documented tokenomics ## Proof of Concept **Attack Scenario:** Permanent Free Claim Suppression * Attacker calls **buySnow(1)** with minimum payment * **s\_earnTimer** sets to current timestamp (T0) * All **earnSnow()** calls revert for **next 7 days** * On day 6, attacker repeats **buySnow(1)** * New timer reset (T1 = T0+6 days) * Free claims blocked until **T1+7 days (total 13 days)** * Repeat step **4 every 6 days → permanent blockage** **Test Case:** ```solidity // Day 0: Deploy contract snow = new Snow(...); // s_earnTimer = 0 // UserA claims successfully snow.earnSnow(); // Success (first claim always allowed) // Day 1: UserB buys 1 token snow.buySnow(1); // Resets global timer to day 1 // Day 2: UserA attempts claim snow.earnSnow(); // Reverts! Requires day 1+7 = day 8 // Day 7: UserC buys 1 token (day 7 < day 1+7) snow.buySnow(1); // Resets timer to day 7 // Day 8: UserA retries snow.earnSnow(); // Still reverts! Now requires day 7+7 = day 14 ``` ## Recommended Mitigation **Step 1:** Remove Global Timer Reset from `buySnow` ```diff function buySnow(uint256 amount) external payable canFarmSnow { // ... existing payment logic ... - s_earnTimer = block.timestamp; emit SnowBought(msg.sender, amount); } ``` **Step 2:** Implement Per-User Timer in `earnSnow` ```solidity // Add new state variable mapping(address => uint256) private s_lastClaimTime; function earnSnow() external canFarmSnow { // Check per-user timer instead of global if (s_lastClaimTime[msg.sender] != 0 && block.timestamp < s_lastClaimTime[msg.sender] + 1 weeks ) { revert S__Timer(); } _mint(msg.sender, 1); s_lastClaimTime[msg.sender] = block.timestamp; // Update user-specific timer emit SnowEarned(msg.sender, 1); // Add missing event } ``` **Step 3:** Initialize First Claim (Constructor) ```solidity constructor(...) { // Initialize with current timestamp to prevent immediate claims s_lastClaimTime[address(0)] = block.timestamp; } ```

Rewards breakdown

This contest has a flat reward structure with the following payouts:

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being reviewed by our AI judge. Results will be available in a few minutes.

View all submissions

Rewards Distribution

The contest is complete and the rewards are being distributed.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!