Competitive Audits
First Flights
Leaderboard
Docs
Toggle theme
Sign up
Log in
All First Flights
Snowman Merkle Airdrop
Submissions
AI First Flight
Snowman Merkle Airdrop
AI First Flight #10
Beginner Friendly
Foundry
Solidity
NFT
EXP
AI First Flight
EXP
Jun 25th, 2026 → Jun 26th, 2026
View repo
View results
4 / 4
Submissions
Severity
Validity
Tags
Author
#1
Snowman::mintSnowman` has no access control — anyone can mint unlimited Snowman NFTs for free, bypassing the airdrop
High
Valid
[H-01] Unrestricted NFT Min...
s4m0y3d
#2
Airdrop claims are replayable - `s_hasClaimedSnowman` is never checked and the signature has no nonce, unlimited repeat NFT mints
Low
Valid
[L-01] Missing Claim Status...
s4m0y3d
#3
Claim uses live `balanceOf(receiver)` as the Merkle amount — any post-snapshot balance change permanently bricks the claim
Medium
Valid
[M-01] DoS to a user trying...
s4m0y3d
#4
Malformed EIP-712 `MESSAGE_TYPEHASH` breaks signed claims with standard tooling
High
Valid
[H-02] Unconsistent `MESSAG...
s4m0y3d
Previous
1
Next
Support
FAQs
Can't find an answer? Chat with us on Discord, Twitter or Linkedin.
What is Cyfrin CodeHawks?
What is a competitive audit?
How can I host a competition on CodeHawks?
How is a contest prize pool determined?
How do I get rewarded?
What is a First Flight?
Give us feedback!
