Snowman Merkle Airdrop

AI First Flight #10
Beginner FriendlyFoundrySolidityNFT
EXP
View results
Submission Details
Severity: low
Valid

### [M-1] `SnowmanAirdrop` never enforces `s_hasClaimedSnowman`, so the airdrop can be claimed repeatedly

Description

The airdrop is meant to be claimed once per recipient: claimSnowman sets s_hasClaimedSnowman[receiver] = true after a successful claim.

But that flag is written and never read — no code path checks it. Since eligibility is re-derived from the recipient's current Snow balance and the Merkle leaf is fixed, a recipient who re-acquires their leaf amount of Snow (e.g. via the free weekly earnSnow) can claim the same Merkle entry again, minting more NFTs than they were airdropped.

function claimSnowman(address receiver, bytes32[] calldata merkleProof, uint8 v, bytes32 r, bytes32 s)
external nonReentrant
{
@> // no `if (s_hasClaimedSnowman[receiver]) revert;` guard anywhere
// ... signature + Merkle proof checks ...
i_snow.safeTransferFrom(receiver, address(this), amount);
@> s_hasClaimedSnowman[receiver] = true; // written, never read
i_snowman.mintSnowman(receiver, amount);
}

Risk

Likelihood: Medium

  • Requires the recipient to re-acquire their exact leaf amount of Snow (trivial when the leaf amount is small, since earnSnow mints free Snow), then re-claim with the same fixed proof and a fresh identical signature.

Impact: Medium

  • A recipient mints extra Snowman NFTs beyond their single airdrop allocation — one additional full claim per re-acquired leaf amount — inflating supply and breaking the one-set-per-recipient invariant.

Proof of Concept

Uses the contest's own deploy harness (Helper) and alice's real Merkle proof (identical to TestSnowmanAirdrop.t.sol). Alice claims legitimately (1 NFT, her Snow moves to the airdrop), re-earns 1 Snow, then claims the same entry again for a 2nd NFT — while getClaimStatus(alice) == true.

Run forge test --mt test_M1_double_claim_missing_guard -vvv:

// alice's real proof from the fixture; leaf = keccak(bytes.concat(keccak(abi.encode(alice, 1))))
bytes32[] AL_PROOF = [
bytes32(0xf99782cec890699d4947528f9884acaca174602bb028a66d0870534acf241c52),
bytes32(0xbc5a8a0aad4a65155abf53bb707aa6d66b11b220ecb672f7832c05613dba82af),
bytes32(0x971653456742d62534a5d7594745c292dda6a75c69c43a6a6249523f26e0cac1)
];
function setUp() public {
deployer = new Helper();
(airdrop, snow, nft, weth) = deployer.run();
(alice, alKey) = makeAddrAndKey("alice");
}
function test_M1_double_claim_missing_guard() public {
// legit first claim
vm.prank(alice); snow.approve(address(airdrop), 1);
(uint8 v, bytes32 r, bytes32 s) = vm.sign(alKey, airdrop.getMessageHash(alice));
vm.prank(satoshi); airdrop.claimSnowman(alice, AL_PROOF, v, r, s);
assertEq(nft.balanceOf(alice), 1);
assertEq(snow.balanceOf(alice), 0);
assertTrue(airdrop.getClaimStatus(alice)); // flag TRUE but never enforced
// re-acquire leaf amount via the free weekly earn
vm.warp(block.timestamp + 1 weeks);
vm.prank(alice); snow.earnSnow();
assertEq(snow.balanceOf(alice), 1);
// claim the SAME entry AGAIN
vm.prank(alice); snow.approve(address(airdrop), 1);
(v, r, s) = vm.sign(alKey, airdrop.getMessageHash(alice));
vm.prank(satoshi); airdrop.claimSnowman(alice, AL_PROOF, v, r, s);
assertEq(nft.balanceOf(alice), 2); // EXPLOIT: double-claimed
}

Result: PASS — alice ends with 2 NFTs from a single one-time airdrop entry.

Recommended Mitigation

Read the flag at the top of claimSnowman:

function claimSnowman(address receiver, bytes32[] calldata merkleProof, uint8 v, bytes32 r, bytes32 s)
external nonReentrant
{
+ if (s_hasClaimedSnowman[receiver]) revert SA__AlreadyClaimed();
if (receiver == address(0)) revert SA__ZeroAddress();
// ...
}

(Add error SA__AlreadyClaimed(); to the errors.)


Updates

Lead Judging Commences

ai-first-flight-judge Lead Judge about 2 hours ago
Submission Judgement Published
Validated
Assigned finding tags:

[L-01] Missing Claim Status Check Allows Multiple Claims in SnowmanAirdrop.sol::claimSnowman

# Root + Impact   **Root:** The [`claimSnowman`](https://github.com/CodeHawks-Contests/2025-06-snowman-merkle-airdrop/blob/b63f391444e69240f176a14a577c78cb85e4cf71/src/SnowmanAirdrop.sol#L44) function updates `s_hasClaimedSnowman[receiver] = true` but never checks if the user has already claimed before processing the claim, allowing users to claim multiple times if they acquire more Snow tokens. **Impact:** Users can bypass the intended one-time airdrop limit by claiming, acquiring more Snow tokens, and claiming again, breaking the airdrop distribution model and allowing unlimited NFT minting for eligible users. ## Description * **Normal Behavior:** Airdrop mechanisms should enforce one claim per eligible user to ensure fair distribution and prevent abuse of the reward system. * **Specific Issue:** The function sets the claim status to true after processing but never validates if `s_hasClaimedSnowman[receiver]` is already true at the beginning, allowing users to claim multiple times as long as they have Snow tokens and valid proofs. ## Risk **Likelihood**: Medium * Users need to acquire additional Snow tokens between claims, which requires time and effort * Users must maintain their merkle proof validity across multiple claims * Attack requires understanding of the missing validation check **Impact**: High * **Airdrop Abuse**: Users can claim far more NFTs than intended by the distribution mechanism * **Unfair Distribution**: Some users receive multiple rewards while others may receive none * **Economic Manipulation**: Breaks the intended scarcity and distribution model of the NFT collection ## Proof of Concept Add the following test to TestSnowMan.t.sol  ```Solidity function testMultipleClaimsAllowed() public { // Alice claims her first NFT vm.prank(alice); snow.approve(address(airdrop), 1); bytes32 aliceDigest = airdrop.getMessageHash(alice); (uint8 v, bytes32 r, bytes32 s) = vm.sign(alKey, aliceDigest); vm.prank(alice); airdrop.claimSnowman(alice, AL_PROOF, v, r, s); assert(nft.balanceOf(alice) == 1); assert(airdrop.getClaimStatus(alice) == true); // Alice acquires more Snow tokens (wait for timer and earn again) vm.warp(block.timestamp + 1 weeks); vm.prank(alice); snow.earnSnow(); // Alice can claim AGAIN with new Snow tokens! vm.prank(alice); snow.approve(address(airdrop), 1); bytes32 aliceDigest2 = airdrop.getMessageHash(alice); (uint8 v2, bytes32 r2, bytes32 s2) = vm.sign(alKey, aliceDigest2); vm.prank(alice); airdrop.claimSnowman(alice, AL_PROOF, v2, r2, s2); // Second claim succeeds! assert(nft.balanceOf(alice) == 2); // Alice now has 2 NFTs } ``` ## Recommended Mitigation **Add a claim status check at the beginning of the function** to prevent users from claiming multiple times. ```diff // Add new error + error SA__AlreadyClaimed(); function claimSnowman(address receiver, bytes32[] calldata merkleProof, uint8 v, bytes32 r, bytes32 s) external nonReentrant { + if (s_hasClaimedSnowman[receiver]) { + revert SA__AlreadyClaimed(); + } + if (receiver == address(0)) { revert SA__ZeroAddress(); } // Rest of function logic... s_hasClaimedSnowman[receiver] = true; } ```

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!