Banner
https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/1fd7a34d-fea0-4a03-9714-13ecfd317654.jpg

0xDemon

Security Researcher

Security Researchers || Warden on @code4rena || Hawk on @CodeHawks

Contact Me

High

10

Total

Medium

24

Total

$8.48K

Total Earnings

#601 All Time

31x

Payouts

gold

1x

1st Places

silver

1x

2nd Places

bronze

2x

3rd Places

All

Sherlock

Code4rena

Apr '25

BitVault

BitVault

3,026.19 USDC • 2 total findings • Code4rena • 0xDemon

silver

medium

Non-whitelisted owner can also hold/own a troveNFT

medium

The current implementation is incompatible with `WBTC` as collateral token

Mar '25

Nudge.xyz

Nudge.xyz

4,080.35 USDC • 1 total finding • Code4rena • 0xDemon

gold

medium

All reallocate cross-chain token and rewards will be lost for the users using the account abstraction wallet

PinLink: RWA-Tokenized DePIN Marketplace

PinLink: RWA-Tokenized DePIN Marketplace

7.71 USDC • Sherlock • 0xDemon

#54

Crestal Network

Crestal Network

0.01 USDC • 1 total finding • Sherlock • 0xDemon

#12

high

Attacker can weaponize payWithERC20() to drain all balance from victim

Symmio, Staking and Vesting

Symmio, Staking and Vesting

39.69 USDC • 1 total finding • Sherlock • 0xDemon

#15

medium

`Vesting.sol` use `initializer` modifier instead of `onlyInitializing`

Feb '25

Rova

Rova

0.04 USDC • 1 total finding • Sherlock • 0xDemon

bronze

medium

Incorrect calculation on `userTokens` when user call `updateParticipation()`

Jan '25

Liquid Ron

Liquid Ron

0.02 USDC • 1 total finding • Code4rena • 0xDemon

#11

high

The calculation of `totalAssets()` could be wrong if `operatorFeeAmount` > 0, this can cause potential loss for the new depositors

Plaza Finance

Plaza Finance

5.74 USDC • 3 total findings • Sherlock • 0xDemon

#81

high

Protocol fee amount calculation is inconsistent

medium

The remaining deposit BLP will be stuck in `BalancerRouter.sol` when the user makes a deposit to `PreDeposit.sol`

medium

Blocklisted bidder cannot be removed from auction even his bid == lowestBidIndex and his can make auction always fail

Aave v3.3

Aave v3.3

43.81 USDC • Sherlock • 0xDemon

#95

Dec '24

Tally ARB Staker

Tally ARB Staker

29.62 USDC • Sherlock • 0xDemon

#33

SecondSwap

SecondSwap

4.28 USDC • 2 total findings • Code4rena • 0xDemon

#54

high

Users can claim more that their actual allotment

medium

Creator of one vesting plan can affect vesting plans created by other users.

Lambo.win

Lambo.win

34.72 USDC • 1 total finding • Code4rena • 0xDemon

#28

medium

`sellQuote` and `buyQuote` are missing deadline check in `LamboVEthRouter`

Nov '24

Ethos Network Financial Contracts

Ethos Network Financial Contracts

2.47 USDC • 1 total finding • Sherlock • 0xDemon

#32

medium

Lack of slippage on `sellVotes()`

Telcoin Update #2

Telcoin Update #2

25.92 USDC • Sherlock • 0xDemon

#31

Oct '24

Gamma Brevis Rewarder

Gamma Brevis Rewarder

131.06 OP • 1 total finding • Sherlock • 0xDemon

bronze

high

User can only make a claim once and can't claim on remaining available epochs, although there are still rewards to claim

Sep '24

Boost Core Incentive Protocol

Boost Core Incentive Protocol

32.19 USDC • 2 total findings • Sherlock • 0xDemon

#21

high

`drawRaffle()` cannot be call, this results in boost participants not getting their incentives

medium

Fee on Transfer and Rebasing Token can't be used for budget asset

Aug '24

Chakra

Chakra

0.07 USDT • 1 total finding • Code4rena • 0xDemon

#65

high

There is no refund mechanism in `ChakraSettlement.processCrossChainCallback` or `ChakraSettlementHandler.receive_cross_chain_callback` function

Rumpel Point Tokenization Protocol

Rumpel Point Tokenization Protocol

24.60 USDC • Sherlock • 0xDemon

#22

ZeroLend One

ZeroLend One

12.11 USDC • 1 total finding • Sherlock • 0xDemon

#43

medium

`ZEROLEND` protocol can consume stale price data or cant operate on some EVM chains

Sentiment V2

Sentiment V2

114.84 USDC • 2 total findings • Sherlock • 0xDemon

#31

medium

`ChainlinkEthOracle` and `ChainlinkUsdOracle` did not check `minAnswer` and `maxAnswer`, this may cause wrong price

medium

The `superPool` contract cannot be `paused` and `unpaused` completely when needed (i.e. `superPool` is hacked) because none of the functions in it use the `whenNotPaused` and `whenPaused` modifiers

Jul '24

TraitForge

TraitForge

439.82 USDC • 2 total findings • Code4rena • 0xDemon

#11

medium

Funds can be locked indefinitely in NukeFund.sol

medium

Pause and unpause functions are inaccessible

Apr '24

Renzo

Renzo

1.48 USDC • 1 total finding • Code4rena • 0xDemon

#54

medium

Lack of slippage and deadline during withdraw and deposit

NOYA

NOYA

36.65 USDC + NOYA stars • 3 total findings • Code4rena • 0xDemon

#67

high

`executeWithdraw` may be blocked if any of the users are blacklisted from the `baseToken`

medium

AccountingManager has no correct implementations of the core ERC-4626 functions `deposit`, `mint`, `withdraw` and `redeem`

medium

Lack of Slippage Controls in retrieveTokensForWithdraw Function

DYAD

DYAD

0.02 USDC • 1 total finding • Code4rena • 0xDemon

#114

high

Attacker can make 0 value deposit() calls to deny user from redeeming or withdrawing collateral

Mar '24

Ondo Finance

Ondo Finance

64.15 USDC • 1 total finding • Code4rena • 0xDemon

#16

medium

The `BURNER` cannot burn tokens from accounts not KYC verified due to the check in `_beforeTokenTransfer`.

Revert Lend

Revert Lend

28.79 USDC • 1 total finding • Code4rena • 0xDemon

#62

medium

V3Vault is not ERC-4626 compliant

Feb '24

Spectra

Spectra

73.31 USDC • 1 total finding • Code4rena • 0xDemon

#18

medium

PrincipalToken is not ERC-5095 compliant

Jan '24

Curves

Curves

1.08 USDC • 1 total finding • Code4rena • 0xDemon

#129

high

Attack to make ````CurveSubject```` to be a ````HoneyPot````

Dec '23

Ethereum Credit Guild

Ethereum Credit Guild

196.26 USDC • 1 total finding • Code4rena • 0xDemon

#56

medium

There is no way to liquidate a position if it breaches maxDebtPerCollateralToken value creating bad debt.

Oct '23

Open Dollar

Open Dollar

11 USDC • 1 total finding • Code4rena • 0xDemon

#54

medium

`ODSafeManager#allowSAFE()` cannot be executed either by the proxy contract or any other address.

Sep '23

Maia DAO - Ulysses

Maia DAO - Ulysses

11.47 USDC • Code4rena • 0xDemon

#60