Snowman Merkle Airdrop

AI First Flight #10

Beginner FriendlyFoundrySolidityNFT

EXP

View results

Previous Next

Submission Details

Severity: low

Valid

[H-01] Missing state check for s_hasClaimedSnowman allows users to claim multiple airdrops via Signature Replay

velo

Root + Impact

Description

The airdrop protocol is intended to allow eligible participants to claim their reward exactly once. After a successful claim, the user's address is marked in the s_hasClaimedSnowman mapping to prevent further claims.
he claimSnowman function updates the s_hasClaimedSnowman mapping to true at the end of the execution but fails to verify this state at the beginning of the function. This omission allows a user to reuse a valid Merkle proof and signature multiple times to mint multiple NFTs.

function claimSnowman(address receiver, bytes32[] calldata merkleProof, uint8 v, bytes32 r, bytes32 s)

external

nonReentrant

{

@> // The contract fails to verify if s_hasClaimedSnowman[receiver] is already true

uint256 amount = i_snow.balanceOf(receiver);

bytes32 leaf = keccak256(bytes.concat(keccak256(abi.encode(receiver, amount))));

if (!MerkleProof.verify(merkleProof, i_merkleRoot, leaf)) {

revert SA__InvalidProof();

}

bytes32 digest = getMessageHash(receiver);

if (!_isValidSignature(receiver, digest, v, r, s)) {

revert SA__InvalidSignature();

}

@> s_hasClaimedSnowman[receiver] = true;

i_snow.safeTransferFrom(receiver, address(this), amount);

i_snowman.mintSnowman(receiver, 1);

emit SnowmanClaimedSuccessfully(receiver, 1);

}

Risk

Likelihood:

The protocol lacks a validation check on the s_hasClaimedSnowman mapping at the function's entry point. // Occurs every time the function is called.

Cryptographic signatures and Merkle proofs remain valid for reuse because the underlying state (the user's token balance) can be restored to match the initial signed parameters.

Impact:

An attacker drains the NFT supply by repeatedly calling the claim function with the same signature.
The scarcity and economic value of the NFT collection are severely compromised through unauthorized inflation.

Proof of Concept

function testPoC_DoubleClaiming_Exploit() public {

// 1. Setup Alice's initial claim state

vm.prank(alice);

snow.approve(address(airdrop), 1 ether);

bytes32 digest = airdrop.getMessageHash(alice);

(uint8 v, bytes32 r, bytes32 s) = vm.sign(aliceKey, digest);

// 2. Alice performs her first legitimate claim

airdrop.claimSnowman(alice, AL_PROOF, v, r, s);

assertEq(nft.balanceOf(alice), 1);

// 3. Alice re-acquires tokens to match the signed amount

// simulating a transfer from another wallet

deal(address(snow), alice, 1);

vm.prank(alice);

snow.approve(address(airdrop), 1 ether);

// 4. Alice REPLAYS the same signature and proof successfully

airdrop.claimSnowman(alice, AL_PROOF, v, r, s);

// 5. Alice now has 2 NFTs using only 1 valid entry in the Merkle Tree

assertEq(nft.balanceOf(alice), 2);

}

Recommended Mitigation

function claimSnowman(address receiver, bytes32[] calldata merkleProof, uint8 v, bytes32 r, bytes32 s)

external

nonReentrant

{

+ if (s_hasClaimedSnowman[receiver]) {

+ revert SnowmanAirdrop__AlreadyClaimed();

+ }

uint256 amount = i_snow.balanceOf(receiver);

Updates

Lead Judging Commences

ai-first-flight-judge Lead Judge about 19 hours ago

Submission Judgement Published

Validated

Assigned finding tags:

[L-01] Missing Claim Status Check Allows Multiple Claims in SnowmanAirdrop.sol::claimSnowman

# Root + Impact   **Root:** The [`claimSnowman`](https://github.com/CodeHawks-Contests/2025-06-snowman-merkle-airdrop/blob/b63f391444e69240f176a14a577c78cb85e4cf71/src/SnowmanAirdrop.sol#L44) function updates `s_hasClaimedSnowman[receiver] = true` but never checks if the user has already claimed before processing the claim, allowing users to claim multiple times if they acquire more Snow tokens. **Impact:** Users can bypass the intended one-time airdrop limit by claiming, acquiring more Snow tokens, and claiming again, breaking the airdrop distribution model and allowing unlimited NFT minting for eligible users. ## Description * **Normal Behavior:** Airdrop mechanisms should enforce one claim per eligible user to ensure fair distribution and prevent abuse of the reward system. * **Specific Issue:** The function sets the claim status to true after processing but never validates if `s_hasClaimedSnowman[receiver]` is already true at the beginning, allowing users to claim multiple times as long as they have Snow tokens and valid proofs. ## Risk **Likelihood**: Medium * Users need to acquire additional Snow tokens between claims, which requires time and effort * Users must maintain their merkle proof validity across multiple claims * Attack requires understanding of the missing validation check **Impact**: High * **Airdrop Abuse**: Users can claim far more NFTs than intended by the distribution mechanism * **Unfair Distribution**: Some users receive multiple rewards while others may receive none * **Economic Manipulation**: Breaks the intended scarcity and distribution model of the NFT collection ## Proof of Concept Add the following test to TestSnowMan.t.sol ```Solidity function testMultipleClaimsAllowed() public { // Alice claims her first NFT vm.prank(alice); snow.approve(address(airdrop), 1); bytes32 aliceDigest = airdrop.getMessageHash(alice); (uint8 v, bytes32 r, bytes32 s) = vm.sign(alKey, aliceDigest); vm.prank(alice); airdrop.claimSnowman(alice, AL_PROOF, v, r, s); assert(nft.balanceOf(alice) == 1); assert(airdrop.getClaimStatus(alice) == true); // Alice acquires more Snow tokens (wait for timer and earn again) vm.warp(block.timestamp + 1 weeks); vm.prank(alice); snow.earnSnow(); // Alice can claim AGAIN with new Snow tokens! vm.prank(alice); snow.approve(address(airdrop), 1); bytes32 aliceDigest2 = airdrop.getMessageHash(alice); (uint8 v2, bytes32 r2, bytes32 s2) = vm.sign(alKey, aliceDigest2); vm.prank(alice); airdrop.claimSnowman(alice, AL_PROOF, v2, r2, s2); // Second claim succeeds! assert(nft.balanceOf(alice) == 2); // Alice now has 2 NFTs } ``` ## Recommended Mitigation **Add a claim status check at the beginning of the function** to prevent users from claiming multiple times. ```diff // Add new error + error SA__AlreadyClaimed(); function claimSnowman(address receiver, bytes32[] calldata merkleProof, uint8 v, bytes32 r, bytes32 s) external nonReentrant { + if (s_hasClaimedSnowman[receiver]) { + revert SA__AlreadyClaimed(); + } + if (receiver == address(0)) { revert SA__ZeroAddress(); } // Rest of function logic... s_hasClaimedSnowman[receiver] = true; } ```

Rewards breakdown

This contest has a flat reward structure with the following payouts:

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being reviewed by our AI judge. Results will be available in a few minutes.

View all submissions

Rewards Distribution

The contest is complete and the rewards are being distributed.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!