https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/defaults/default_avatar_5.png

000000

Security Researcher

Contact Me

High

8

Total

Medium

2

Solo

23

Total

$31.17K

Total Earnings

#261 All Time

11x

Payouts

gold

1x

1st Places

silver

2x

2nd Places

bronze

1x

3rd Places

All

Sherlock

Apr '25

ZKP2P V2

ZKP2P V2

4,064.81 OP • Sherlock • 000000

gold

Findings not publicly available for private contests.

Feb '25

Yieldoor

Yieldoor

177.84 USDC • 5 total findings • Sherlock • 000000

#9

high

Liquidations will be significantly delayed due to incorrect maths

medium

Wrong variable usage upon withdrawing, resulting in unexpected results

medium

Multi-hop swaps are not properly supported, the code will run OOG

medium

Tick spacing of 1 does not work properly

medium

Setting the secondary position will cause unexpected results

SEDA Protocol

SEDA Protocol

953.62 USDC • 4 total findings • Sherlock • 000000

#8

high

Funds to be withdrawn can be stolen due to incorrect variable usage

medium

Posting results can be blocked in `SedaCoreV1` due to using the push pattern

medium

Creating a vesting account can be perpetually disallowed

medium

Wrong amount of gas will be used in a certain case

Jan '25

Aave v3.3

Aave v3.3

4,566.46 USDC • Sherlock • 000000

#12

Allora v0.8.0 Update

Allora v0.8.0 Update

9,291.49 USDC • Sherlock • 000000

silver

Findings not publicly available for private contests.

FlatMoney v2 Update

FlatMoney v2 Update

2,632.23 USDC • Sherlock • 000000

bronze

Findings not publicly available for private contests.

Dec '24

Idle Finance Credit Vaults

Idle Finance Credit Vaults

3,312.04 USDC • Sherlock • 000000

silver

Findings not publicly available for private contests.

Numa

Numa

3,659.15 USDC • 1 total finding • Sherlock • 000000

#7

medium

Debasing/rebasing periods can be decreased by 50% by a malicious actor

Oct '24

predict.fun lending market

predict.fun lending market

490.40 USDC • 2 total findings • Sherlock • 000000

#4

medium

Lenders blacklisted for USDC can disallow borrowers from repaying

medium

`acceptLoanOfferAndFillOrder()` will result in a lower fee for the protocol

Aug '24

ZeroLend One

ZeroLend One

891.79 USDC • 11 total findings • Sherlock • 000000

#15

high

Shares of a user will be wrong after a liquidation

high

Wrong interest rate after a liquidation

high

`getSupplyBalance()` and `getDebtBalance()` return wrong values

high

Interest rate will be wrong after a repay

high

Liquidations will be executed with wrong values

high

Withdrawals might be DoS in certain cases and funds can get stuck

medium

Repayments using the NFT position manager will revert in a lot of cases

medium

Using a hardcoded value for the Chainlink stale price check is dangerous

medium

Not including Chainlink decimals upon calculations will lead to accounting issues

medium

Users can increase their rewards and dilute rewards for other users

medium

Funds will always be stuck in a pool and unexpected reverts will occur upon reallocations

Sentiment V2

Sentiment V2

1,130.30 USDC • 8 total findings • Sherlock • 000000

#11

medium

The `Pool` contract can be DoSed

medium

`Superpool` contract doesn't strictly follow EIP4626

medium

Superpool can not be paused despite the implemented functionality

medium

Not removing a token from the position assets upon an owner removing a token from the known assets will cause huge issues

medium

Liquidations will revert if a position has been blacklisted for USDC

medium

Reallocations will often fail upon using USDT

medium

The Redstone oracle can report stale prices

medium

Partial liquidations are next to impossible to happen despite the code being supposed to allow them