Competitive Audits
First Flights
Leaderboard
Docs
Toggle theme
Sign up
Log in
All First Flights
Snowman Merkle Airdrop
Submissions
AI First Flight
Snowman Merkle Airdrop
AI First Flight #10
Beginner Friendly
Foundry
Solidity
NFT
EXP
AI First Flight
EXP
Mar 31st, 2026 → Mar 31st, 2026
View repo
View results
6 / 6
Submissions
Severity
Validity
Tags
Author
#1
Missing access control on `Snowman::mintSnowman` allows anyone to mint unlimited NFTs, bypassing the entire airdrop mechanism
High
Valid
[H-01] Unrestricted NFT Min...
404persona
#2
Typo in EIP-712 `MESSAGE_TYPEHASH` ("addres" instead of "address") breaks signature compatibility with all standard wallets
High
Valid
[H-02] Unconsistent `MESSAG...
404persona
#3
`s_hasClaimedSnowman` is set but never checked, allowing users to claim Snowman NFTs multiple times
Low
Valid
[L-01] Missing Claim Status...
404persona
#4
Global `s_earnTimer` in `Snow` allows a single user to permanently DoS `earnSnow()` for all users
Low
Valid
[L-02] Global Timer Reset i...
404persona
#5
# `Snow::buySnow` does not refund ETH when `msg.value` mismatches the fee, causing double payment and permanent ETH loss
Medium
Invalid
404persona
#6
`Snow::collectFee` uses unchecked `transfer()` instead of `safeTransfer()` for WETH, risking silent fee loss
Low
Invalid
404persona
Previous
1
Next
Support
FAQs
Can't find an answer? Chat with us on Discord, Twitter or Linkedin.
What is Cyfrin CodeHawks?
What is a competitive audit?
How can I host a competition on CodeHawks?
How is a contest prize pool determined?
How do I get rewarded?
What is a First Flight?
Give us feedback!
