0x11singh99

Security Researcher

Contact Me

High

Total

Medium

Total

$8.84K

Total Earnings

#698 All Time

39x

Payouts

1x

3rd Places

7x

Top 10

19x

Top 25

All

Sherlock

Code4rena

CodeHawks

Sep '25

Super DCA Liquidity Network

30.10 OP • 1 total finding • Sherlock • 0x11singh99

#35

medium

`SuperDCACashback.sol` does not work as intended on BNB chain for USDC due to 18 decimals in USDC on BNB chain.

Jan '25

Liquid Ron

0 USDC • 1 total finding • Code4rena • 0x11singh99

#12

medium

Incorrect Logic in onlyOperator Modifier Leading to Denial-of-Service for Authorized Operators Across Critical Functions

Oct '24

Dria

0.32 USDC • 1 total finding • CodeHawks • 0x11singh99

#72

high

Subtraction in `variance()` will revert due to underflow

Jul '24

Basin

135.48 USDC • 1 total finding • Code4rena • 0x11singh99

high

`WellUpgradeable` can be upgraded by anyone

Mar '24

Abracadabra Mimswap

474.94 USDC • 1 total finding • Code4rena • 0x11singh99

#12

medium

Missing Return Statement in `_getReserves` Function in `MagicLpAggregator` Contract

zkSync Era

975.51 USDC • 1 total finding • Code4rena • 0x11singh99

medium

Freezed Chain will never be unfreeze since `StateTransitionManager::unfreezeChain` is calling `freezeDiamond` instead of `unfreezeDiamond`.

PoolTogether

147.39 USDC • 1 total finding • Code4rena • 0x11singh99

#20

medium

`drawManager` CAN BE SET TO A MALICIOUS ADDRESS

Feb '24

Wise Lending

1,018.09 USDC • 1 total finding • Code4rena • 0x11singh99

#18

medium

Unchecked return value bug on `TransferHelper::_safeTransferFrom()`

AI Arena

490.2 USDC • 2 total findings • Code4rena • 0x11singh99

high

Non-transferable `GameItems` can be transferred with `GameItems::safeBatchTransferFrom(...)`

medium

Burner role can not be revoked

Jan '24

MorpheusAI

976.57 USDC • 3 total findings • CodeHawks • 0x11singh99

medium

Due to no access control on `DistributionV2::_authorizeUpgrade()` anyone can change the implementation contract and can destroy the main Proxy contract.

low

Any User can mint any amount of WStETH in the WStETHMock.sol and StETHMock.sol

low

8 lows for mocks

Decent

192.08 USDC • 1 total finding • Code4rena • 0x11singh99

#26

high

Anyone can update the address of the Router in the DcntEth contract to any address they would like to set.

Salty.IO

218.12 USDC • 1 total finding • Code4rena • 0x11singh99

#50

medium

Remove Liquidity has missing reserve1 DUST check, which can make reserve1 to be less than DUST

Curves

51.22 USDC • 2 total findings • Code4rena • 0x11singh99

#61

high

Unauthorized Access to setCurves Function

medium

Protocol and referral fee would be permanently stuck in the Curves contract when selling a token

Aug '23

Sparkn

5.30 USDC • 2 total findings • CodeHawks • 0x11singh99

#75

medium

Malicious/Compromised organiser can reclaw all funds, stealing work from supporters

low

Centralization Risk for trusted organizers

Jul '23

Beedle - Oracle free perpetual lending

173.47 USDC • 7 total findings • CodeHawks • 0x11singh99

#24

high

During refinance() new Pool balance debt is subtracted twice

high

[H-04] Lender#buyLoan - Malicious user could take over a loan for free without having a pool because of wrong access control

high

Stealing any loan opening for auction through others' lending pool

high

Attacker can steal a loan's collateral and break the protocol

high

A pool lender can fully drain another user's pool by abusing `buyLoan`

gas

Multiple accesses of a mapping/array should use a local variable cache.

gas

CEI pattern not followed in multiple functions in Staking.sol

CodeHawks Escrow Contract - Competition Details

3.35 USDC • 2 total findings • CodeHawks • 0x11singh99

#91

gas

Use assembly to check for `address(0)`

gas

Use nested `if` statements instead of logical AND (`&&`)

PoolTogether

59.51 USDC • 1 total finding • Code4rena • 0x11singh99

#56

medium

`drawManager` CAN BE SET TO A MALICIOUS ADDRESS

Basin

13.96 USDC • 1 total finding • Code4rena • 0x11singh99

#27

high

`WellUpgradeable` can be upgraded by anyone