https://sherlock-files.ams3.digitaloceanspaces.com/twitter_images/d32dcd5e-d5b4-4653-aced-7ccecfaede19.jpg

0xRajkumar

Security Researcher

Smart Contract Security Researcher

Contact Me

High

14

Total

Medium

15

Total

$24.99K

Total Earnings

#309 All Time

9x

Payouts

silver

1x

2nd Places

bronze

2x

3rd Places

regular

5x

Top 10

All

Sherlock

Code4rena

Cantina

Jan '25

Liquid Ron

Liquid Ron

0.03 USDC • 2 total findings • Code4rena • 0xRajkumar

#10

high

The calculation of `totalAssets()` could be wrong if `operatorFeeAmount` > 0, this can cause potential loss for the new depositors

medium

Incorrect Logic in onlyOperator Modifier Leading to Denial-of-Service for Authorized Operators Across Critical Functions

farcasterattestation-monorepo

farcasterattestation-monorepo

5,569.51 OP • 8 total findings • Cantina • 0xRajkumar

silver

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

Nov '24

MANTRA DEX

MANTRA DEX

943.26 USDC • 6 total findings • Code4rena • 0xRajkumar

#11

high

Logical error in `validate_fees_are_paid` can cause a DoS or allow users to bypass fees if `denom_creation_fee` includes multiple coins including `pool_creation_fee` and the user attempts to pay all fees using only `pool_creation_fee`

high

Multi-token stableswap pools allow 0 liquidity for tokens, creating bricked pools

medium

Spread calculation does not account for swap fees

medium

User is unable to claim their reward for the expanded epochs if farm is expanded

medium

Single sided liquidity can't be used to lock LP tokens in the farm manager

medium

`withdraw_liquidity` lacks slippage protection

Sep '24

MorphL2

MorphL2

11,499.74 USDC • 4 total findings • Sherlock • 0xRajkumar

#4

high

Incorrect implementation of the onDropMessage function in the L1ReverseCustomGateway contract

medium

RevertBatch function can lead to two simultaneous challenges, causing various issues

medium

If withdrawalLockBlocks is less than finalizationPeriodSeconds, it can cause incorrect slashing

medium

sequencer cannot be penalized when it is at index 244 in the `stakerSet` of the `L1Staking` contract, which will result in incorrect slashing

May '24

Gamma - Locked Staking Contract

Gamma - Locked Staking Contract

133.81 USDC • 1 total finding • Sherlock • 0xRajkumar

bronze

medium

Lack of a deadline in the `exitLateById` function can cause an unexpected increase in unlock time and a loss of potential future rewards.

Mar '24

Smart-contracts

Smart-contracts

6,766.55 USDC • 5 total findings • Cantina • 0xRajkumar

bronze

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

Mar '23

Asymmetry contest

Asymmetry contest

21.16 USDC • 2 total findings • Code4rena • 0xRajkumar

#103

high

An attacker can manipulate the preDepositvePrice to steal from other users.

high

`WstEth` derivative assumes a ~1=1 peg of stETH to ETH

Jan '23

Popcorn contest

Popcorn contest

3.57 USDC • 1 total finding • Code4rena • 0xRajkumar

#90

high

First vault depositor can steal other's assets

Nov '22

Debt DAO contest

Debt DAO contest

49.23 USDC • Code4rena • 0xRajkumar

#52