Competitive Audits
First Flights
Leaderboard
Docs
Toggle theme
Sign up
Log in
All First Flights
Snowman Merkle Airdrop
Submissions
AI First Flight
Snowman Merkle Airdrop
AI First Flight #10
Beginner Friendly
Foundry
Solidity
NFT
EXP
AI First Flight
EXP
Mar 8th, 2026 → Mar 8th, 2026
View repo
View results
8 / 8
Submissions
Severity
Validity
Tags
Author
#1
### [C-1] `Snowman::mintSnowman` has no access control, allowing anyone to mint unlimited NFTs
High
Valid
[H-01] Unrestricted NFT Min...
symmate
#2
### [H-1] `MESSAGE_TYPEHASH` has a typo ("addres" instead of "address"), breaking EIP-712 signature verification for all users
High
Valid
[H-02] Unconsistent `MESSAG...
symmate
#3
### [H-2] `SnowmanAirdrop::claimSnowman` never checks `s_hasClaimedSnowman`, allowing a user to claim multiple times
Low
Valid
[L-01] Missing Claim Status...
symmate
#4
### [M-1] `Snow::s_earnTimer` is a global variable, allowing any user to reset the earn cooldown for everyone
Low
Valid
[L-02] Global Timer Reset i...
symmate
#5
### [M-2] `Snow::buySnow` uses strict ETH equality, causing ETH to be lost to the collector when wrong amount is sent
Medium
Invalid
symmate
#6
### [M-3] `SnowmanAirdrop::claimSnowman` has no start-time restriction, allowing premature claims during the farming period
Medium
Invalid
symmate
#7
### [L-1] `Snow::earnSnow` uses a rolling cooldown instead of an epoch-based weekly window
Low
Invalid
symmate
#8
### [L-2] `Snowman::tokenURI` ownership check can never trigger
Low
Invalid
symmate
Previous
1
Next
Support
FAQs
Can't find an answer? Chat with us on Discord, Twitter or Linkedin.
What is Cyfrin CodeHawks?
What is a competitive audit?
How can I host a competition on CodeHawks?
How is a contest prize pool determined?
How do I get rewarded?
What is a First Flight?
Give us feedback!
