Missing s_hasClaimedSnowman check lets recipients re-claim airdrop indefinitely after refilling Snow balance
Root + Impact
Description
-
SnowmanAirdrop.claimSnowman()is the single entry point through which an eligible recipient receives Snowman NFTs in exchange for staking their Snow tokens. The contract maintains amapping(address => bool) private s_hasClaimedSnowmanwhose stated purpose (per the variable name and comment) is to track whether an address has already claimed. -
The mapping is written at the end of
claimSnowman()but it is never read anywhere — there is noif (s_hasClaimedSnowman[receiver]) revertguard, and the EIP-712 digest does not include a nonce. As a result, a recipient who tops their Snow balance back up to the amount stored in the Merkle leaf (e.g. via the free weeklySnow.earnSnow()or viaSnow.buySnow()) can replay the exact same Merkle proof and signature and mint a second batch of NFTs from a single airdrop allocation. This can be repeated indefinitely.
Risk
Likelihood:
-
Every legitimate recipient is automatically capable of triggering this — they already hold a valid Merkle proof, sign their own digest, and the Snow contract gives them a free path to refill their balance via the public
earnSnow()(1 Snow / week / address) or paidbuySnow()paths untilFARMING_DURATIONelapses. -
The economic incentive is direct (each replay yields one or more free NFTs of measurable value), so any rational eligible user will exploit it once they notice it.
Impact:
-
The Snowman NFT supply can be inflated arbitrarily: an allocation of
NSnow →NNFTs becomesN * kNFTs, wherekis the number of times the recipient is willing to refarm and re-claim. -
The protocol's stated invariant "Stakers of the Snow token receive Snowman NFTs equal to their Snow balance in return" is broken — recipients receive NFTs equal to a multiple of their actual allocation.
-
The
s_hasClaimedSnowmanmapping is a footgun: future auditors and integrators will reasonably assume it is enforcing single-claim semantics when it is not, leading to incorrect downstream reasoning.
Proof of Concept
Run with forge test --match-contract PoC_DoubleClaim -vv. Result:
Recommended Mitigation
Add the corresponding error declaration:
Lead Judging Commences
[L-01] Missing Claim Status Check Allows Multiple Claims in SnowmanAirdrop.sol::claimSnowman
# Root + Impact   **Root:** The [`claimSnowman`](https://github.com/CodeHawks-Contests/2025-06-snowman-merkle-airdrop/blob/b63f391444e69240f176a14a577c78cb85e4cf71/src/SnowmanAirdrop.sol#L44) function updates `s_hasClaimedSnowman[receiver] = true` but never checks if the user has already claimed before processing the claim, allowing users to claim multiple times if they acquire more Snow tokens. **Impact:** Users can bypass the intended one-time airdrop limit by claiming, acquiring more Snow tokens, and claiming again, breaking the airdrop distribution model and allowing unlimited NFT minting for eligible users. ## Description * **Normal Behavior:** Airdrop mechanisms should enforce one claim per eligible user to ensure fair distribution and prevent abuse of the reward system. * **Specific Issue:** The function sets the claim status to true after processing but never validates if `s_hasClaimedSnowman[receiver]` is already true at the beginning, allowing users to claim multiple times as long as they have Snow tokens and valid proofs. ## Risk **Likelihood**: Medium * Users need to acquire additional Snow tokens between claims, which requires time and effort * Users must maintain their merkle proof validity across multiple claims * Attack requires understanding of the missing validation check **Impact**: High * **Airdrop Abuse**: Users can claim far more NFTs than intended by the distribution mechanism * **Unfair Distribution**: Some users receive multiple rewards while others may receive none * **Economic Manipulation**: Breaks the intended scarcity and distribution model of the NFT collection ## Proof of Concept Add the following test to TestSnowMan.t.sol ```Solidity function testMultipleClaimsAllowed() public { // Alice claims her first NFT vm.prank(alice); snow.approve(address(airdrop), 1); bytes32 aliceDigest = airdrop.getMessageHash(alice); (uint8 v, bytes32 r, bytes32 s) = vm.sign(alKey, aliceDigest); vm.prank(alice); airdrop.claimSnowman(alice, AL_PROOF, v, r, s); assert(nft.balanceOf(alice) == 1); assert(airdrop.getClaimStatus(alice) == true); // Alice acquires more Snow tokens (wait for timer and earn again) vm.warp(block.timestamp + 1 weeks); vm.prank(alice); snow.earnSnow(); // Alice can claim AGAIN with new Snow tokens! vm.prank(alice); snow.approve(address(airdrop), 1); bytes32 aliceDigest2 = airdrop.getMessageHash(alice); (uint8 v2, bytes32 r2, bytes32 s2) = vm.sign(alKey, aliceDigest2); vm.prank(alice); airdrop.claimSnowman(alice, AL_PROOF, v2, r2, s2); // Second claim succeeds! assert(nft.balanceOf(alice) == 2); // Alice now has 2 NFTs } ``` ## Recommended Mitigation **Add a claim status check at the beginning of the function** to prevent users from claiming multiple times. ```diff // Add new error + error SA__AlreadyClaimed(); function claimSnowman(address receiver, bytes32[] calldata merkleProof, uint8 v, bytes32 r, bytes32 s) external nonReentrant { + if (s_hasClaimedSnowman[receiver]) { + revert SA__AlreadyClaimed(); + } + if (receiver == address(0)) { revert SA__ZeroAddress(); } // Rest of function logic... s_hasClaimedSnowman[receiver] = true; } ```
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Judging
Submissions are being reviewed by our AI judge. Results will be available in a few minutes.
View all submissionsRewards Distribution
The contest is complete and the rewards are being distributed.