The $PROMPT airdrop bug is due to the TokenTable contract having no input validation.

Anyone can snipe the Merkle proofs from the mempool and resubmit them with their own address.

Looks like the contract was never audited—just vibe coded with ChatGPT.

hey @AIWayfinder i think a MEV frontrunner is stealing and swapping s all $PROMPT @KaitoAI  claims for ETH

https://t.co/lksew6fznK https://t.co/wDryhYjDZr

ultra

The $PROMPT airdrop bug is due to the TokenTable contract having no input validation.

Anyone can snipe the Merkle proofs from the mempool and resubmit them with their own address.

Looks like the contract was never audited—just vibe coded with ChatGPT.

https://x.com/0x_ultra/status/1910323014853611905?s=46

Co-Founder at sablier.com, and open-source developer. I have a broad range of interests, including longevity, epistemology, physics, and psychology.

Poor code security leads to airdrop vulnerability