Competitive Audits
First Flights
Leaderboard
Docs
Toggle theme
Sign up
Log in
All First Flights
Snowman Merkle Airdrop
Submissions
AI First Flight
Snowman Merkle Airdrop
AI First Flight #10
Beginner Friendly
Foundry
Solidity
NFT
EXP
AI First Flight
EXP
Mar 9th, 2026 → Mar 16th, 2026
View repo
View results
6 / 6
Submissions
Severity
Validity
Tags
Author
#1
Snowman.mintSnowman() lacks access control, allowing anyone to mint unlimited NFTs without staking Snow tokens
High
Valid
[H-01] Unrestricted NFT Min...
ccccboldt
#2
SnowmanAirdrop.claimSnowman() never reads s_hasClaimedSnowman, allowing users to claim unlimited Snowman NFTs
Low
Valid
[L-01] Missing Claim Status...
ccccboldt
#3
Snow.earnSnow() uses a single global timer instead of per-user timers, allowing any buyer to block all users from earning free Snow tokens
Low
Valid
[L-02] Global Timer Reset i...
ccccboldt
#4
Snow.buySnow() traps ETH permanently when msg.value is non-zero but incorrect, causing user fund loss
Medium
Invalid
ccccboldt
#5
MESSAGE_TYPEHASH contains typo "addres" instead of "address", breaking EIP-712 compatibility with standard signing tools
High
Valid
[H-02] Unconsistent `MESSAG...
ccccboldt
#6
SnowmanAirdrop uses live balanceOf() for Merkle leaf computation, causing claim failure when Snow balance changes after tree generation
Medium
Valid
[M-01] DoS to a user trying...
ccccboldt
Previous
1
Next
Support
FAQs
Can't find an answer? Chat with us on Discord, Twitter or Linkedin.
What is Cyfrin CodeHawks?
What is a competitive audit?
How can I host a competition on CodeHawks?
How is a contest prize pool determined?
How do I get rewarded?
What is a First Flight?
Give us feedback!
