0uts1der

Security Researcher

Contact Me

High

Total

Medium

Total

$236.00

Total Earnings

#1619 All Time

4x

Payouts

1x

Top 10

1x

Top 25

3x

Top 50

All

Sherlock

Code4rena

Jul '24

TraitForge

0.05 USDC • 6 total findings • Code4rena • Autosaida

#85

high

`mintToken()`, `mintWithBudget()`, and `forge()` in the `TraitForgeNft` Contract Will Fail Due to a Wrong Modifier Used in `EntropyGenerator.initializeAlphaIndices()`

high

The maximum number of generations is infinite

high

Wrong minting logic based on total token count across generations

medium

Forger Entities can forge more times than intended

medium

Pause and unpause functions are inaccessible

medium

`Golden God` Tokens can be minted twice per generation

Exactly Protocol Update - Staking Contract

52.40 USDC • 1 total finding • Sherlock • 0uts1der

medium

Precision Loss in `notifyRewardAmount` Function Causes Unclaimable RewardToken

MagicSea - the native DEX on the IotaEVM

45.60 USDC • 4 total findings • Sherlock • 0uts1der

#38

high

`vote` Function Broken Due to Incorrect Ownership Check in BribeRewarder Contract

high

BribeRewarder Contract Lacks Withdrawal Mechanism Leading to Potential Permanent Loss of Funds

medium

Access Control Vulnerability in MlumStaking Allows Malicious Users to Extend Lock Duration of Others' Positions

medium

Incorrect Lock Duration Calculation for Fee-on-Transfer Tokens in `addToPosition` Function

Apr '24

NOYA

138.11 USDC + NOYA stars • 3 total findings • Code4rena • Autosaida

#44

high

`Registry.sol#updateHoldingPosition` remove position logic is incorrect: should use `ownerConnector` instead of `calculatorConnector` when calculating holdingPositionId.

high

`NoyaValueOracle.getValue` returns an incorrect price when a multi-token route is used

medium

The modifier `onlyExistingRoute` works incorrectly