Submission Details
Impact:
Likelihood:
Missing access control
Missing access control + leakage of sensitive minting in private drops
Description
Missing access control: anyone can call it which is usually fine for public counters but could leak sensitive minting progress in Private drops,add onlyonwer modifier if needed.
Missing access control
@>function getTokenCounter() external view returns (uint256) {
return s_TokenCounter;
Risk
Likelihood:
Often but possible occurrence
Impact:
-
It could leak sensitive minting progress in private drops.
-
It affects the functionality of the protocol negatively.
Proof of Concept
Recommended Mitigation
Declare snowman.sol :: s_TokenCounter as public instead,Solidity auto-generates this exact getter
Rewards breakdown
This contest has a flat reward structure with the following payouts:
Live
The contest is live. Earn rewards by submitting a finding.
Judging
Submissions are being reviewed by our AI judge. Results will be available in a few minutes.
View all submissionsRewards Distribution
The contest is complete and the rewards are being distributed.