Competitive Audits
First Flights
Leaderboard
Docs
Toggle theme
Sign up
Log in
All First Flights
Snowman Merkle Airdrop
Submissions
AI First Flight
Snowman Merkle Airdrop
AI First Flight #10
Beginner Friendly
Foundry
Solidity
NFT
EXP
AI First Flight
EXP
Feb 22nd, 2026 → Feb 22nd, 2026
View repo
View results
7 / 7
Submissions
Severity
Validity
Tags
Author
#1
EIP-712 MESSAGE_TYPEHASH contains typo "addres" instead of "address", permanently breaking all signature-based claims
High
Valid
[H-02] Unconsistent `MESSAG...
brizybryan
#2
claimSnowman sets s_hasClaimedSnowman but never checks it, allowing users to claim multiple times
Low
Valid
[L-01] Missing Claim Status...
brizybryan
#3
Snowman::mintSnowman has no access control — anyone can mint unlimited NFTs bypassing the entire airdrop
High
Valid
[H-01] Unrestricted NFT Min...
brizybryan
#4
Snow::buySnow traps ETH when msg.value doesn't exactly match fee, causing permanent fund loss
High
Invalid
brizybryan
#5
s_earnTimer is global state — any user's earn/buy action blocks all other users from earning for one week
Low
Valid
[L-02] Global Timer Reset i...
brizybryan
#6
Merkle leaf computed from live balanceOf instead of fixed amount — claims fail when balance changes after snapshot
Medium
Valid
[M-01] DoS to a user trying...
brizybryan
#7
Snow::collectFee uses raw transfer instead of safeTransfer for WETH — silent failure risk on non-reverting tokens
Low
Invalid
brizybryan
Previous
1
Next
Support
FAQs
Can't find an answer? Chat with us on Discord, Twitter or Linkedin.
What is Cyfrin CodeHawks?
What is a competitive audit?
How can I host a competition on CodeHawks?
How is a contest prize pool determined?
How do I get rewarded?
What is a First Flight?
Give us feedback!
