Dead storage variable s_claimers declared and documented but never written or read in SnowmanAirdrop
Description
SnowmanAirdrop.sol:42 declares address[] private s_claimers with the inline comment // array to store addresses of claimers, but no code path in the contract reads or writes to this array. The storage slot is reserved at deployment and never used.
Combined with s_hasClaimedSnowman being set but never read (separate finding), the contract has two distinct claim-tracking facilities and neither is functionally used to prevent double-claims. A future developer reading the contract may incorrectly assume s_claimers is the source-of-truth for who has claimed, leading to a downstream bug.
Risk
Code-quality and maintenance risk only. No direct fund loss. However, the unused storage slot slightly increases deployment cost, and the misleading variable name creates confusion for anyone reviewing or extending the contract.
Proof of Concept
The variable is declared at line 42 but searching the entire contract reveals zero reads and zero writes to s_claimers outside the declaration itself.
Recommended Mitigation
Either remove the declaration entirely, or populate it inside claimSnowman if off-chain enumeration is needed:
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Judging
Submissions are being reviewed by our AI judge. Results will be available in a few minutes.
View all submissionsRewards Distribution
The contest is complete and the rewards are being distributed.