⚠️ Very few people know that Monad's Airdrop claim website once had a session hijacking vulnerability. This error doesn't lie with the smart contract, but with the web/app layer, specifically how the site manages sessions and assigns the wallet address for receiving rewards. According to