taikoxyz · adaki2004 · Sep 18, 2023 · Sep 18, 2023 · Sep 18, 2023 · Sep 18, 2023
diff --git a/packages/protocol/contracts/team/airdrop/ERC20Airdrop.sol b/packages/protocol/contracts/team/airdrop/ERC20Airdrop.sol
@@ -29,7 +29,9 @@ contract ERC20Airdrop is MerkleClaimable {
         external
         initializer
     {
-        MerkleClaimable._init(_claimStarts, _claimEnds, _merkleRoot);
+        MerkleClaimable._init();
+        _setConfig(_claimStarts, _claimEnds, _merkleRoot);
+
         token = _token;
         vault = _vault;
     }

diff --git a/packages/protocol/contracts/team/airdrop/ERC721Airdrop.sol b/packages/protocol/contracts/team/airdrop/ERC721Airdrop.sol
@@ -28,7 +28,9 @@ contract ERC721Airdrop is MerkleClaimable {
         external
         initializer
     {
-        MerkleClaimable._init(_claimStarts, _claimEnds, _merkleRoot);
+        MerkleClaimable._init();
+        _setConfig(_claimStarts, _claimEnds, _merkleRoot);
+
         token = _token;
         vault = _vault;
     }

diff --git a/packages/protocol/contracts/team/airdrop/MerkleClaimable.sol b/packages/protocol/contracts/team/airdrop/MerkleClaimable.sol
@@ -8,12 +8,18 @@ pragma solidity ^0.8.20;
 
 import { OwnableUpgradeable } from
     "lib/openzeppelin-contracts-upgradeable/contracts/access/OwnableUpgradeable.sol";
+import { ReentrancyGuardUpgradeable } from
+    "lib/openzeppelin-contracts-upgradeable/contracts/security/ReentrancyGuardUpgradeable.sol";
+
 import { MerkleProofUpgradeable } from
     "lib/openzeppelin-contracts-upgradeable/contracts/utils/cryptography/MerkleProofUpgradeable.sol";
 
 /// @title MerkleClaimable
 /// Contract for managing Taiko token airdrop for eligible users
-abstract contract MerkleClaimable is OwnableUpgradeable {
+abstract contract MerkleClaimable is
+    ReentrancyGuardUpgradeable,
+    OwnableUpgradeable
+{
     mapping(bytes32 => bool) public isClaimed;
     bytes32 public merkleRoot;
     uint128 public claimStart;
@@ -24,7 +30,6 @@ abstract contract MerkleClaimable is OwnableUpgradeable {
     error CLAIM_NOT_ONGOING();
     error CLAIMED_ALREADY();
     error INVALID_PROOF();
-    error INVALID_MERKLE_ROOT();
 
     modifier ongoingClaim() {
         if (
@@ -39,6 +44,7 @@ abstract contract MerkleClaimable is OwnableUpgradeable {
         bytes32[] calldata proof
     )
         external
+        nonReentrant
         ongoingClaim
     {
         bytes32 hash = keccak256(abi.encode("CLAIM_TAIKO_AIRDROP", data));
@@ -69,19 +75,9 @@ abstract contract MerkleClaimable is OwnableUpgradeable {
         _setConfig(_claimStart, _claimEnd, _merkleRoot);
     }
 
-    function _init(
-        uint128 _claimStart,
-        uint128 _claimEnd,
-        bytes32 _merkleRoot
-    )
-        internal
-    {
-        OwnableUpgradeable.__Ownable_init();
-
-        if (_merkleRoot == 0x0) {
-            revert INVALID_MERKLE_ROOT();
-        }
-        _setConfig(_claimStart, _claimEnd, _merkleRoot);
+    function _init() internal {
+        OwnableUpgradeable.__Ownable_init_unchained();
+        ReentrancyGuardUpgradeable.__ReentrancyGuard_init_unchained();
     }
 
     function _setConfig(