Banner
https://sherlock-files.ams3.digitaloceanspaces.com/twitter_images/60d47ba5-7fc0-4592-acce-a08649777386.jpg

0xadrii

Security Researcher

EVM & security researcher

Contact Me

High

1

Solo

31

Total

Medium

3

Solo

41

Total

$60.55K

Total Earnings

#158 All Time

13x

Payouts

gold

2x

1st Places

silver

1x

2nd Places

bronze

3x

3rd Places

All

Sherlock

Blackthorn

Cantina

Mar '25

40acres Finance veLending

40acres Finance veLending

Collaborative Audit • Sherlock • 0xadrii

Jan '25

Plaza Finance

Plaza Finance

2,982.57 USDC • 14 total findings • Sherlock • 0xadrii

bronze

high

Incorrect sender check in `transferReserveToAuction` will DoS succeeded auctions, leading to loss of funds

high

Fee logic is flawed

high

Excess tokens are not refunded when joining balancer pool using `EXACT_BPT_OUT` `JoinKind`

high

Pro-forma CL computation can be abused to game the system

medium

An attacker can leverage pool selection logic in BondOracleAdapter's getPool to manipulate bond prices and DoS redemptions

medium

Not considering fees when ending an auction could incorrectly set an auction as succeeded

medium

Price feed logic is incorrect and prevents integrating certain reserve assets

medium

Protocol mechanics incorrectly assume 1 USDC will always be worth 1 USD

medium

BondToken indexed shares logic wrongly assumes auctions will always be successful, DoSing future distributions

medium

The system can start in an extremely undercollateralized state due to restrictions in PreDeposit

medium

Precision loss when computing levETH's redeem rate if CL > 1.2

medium

Incorrect precision leads to uneffective market rate checks

medium

Approval overflow causes DoS in `BalancerRouter`'s `exitPlazaAndBalancer`

medium

Malicious bidder can DoS bids by getting blacklisted in USDC

farcasterattestation-monorepo

farcasterattestation-monorepo

7,779.76 OP • 11 total findings • Cantina • 0xadrii

gold

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

Dec '24

DODO

DODO

Collaborative Audit • Sherlock • 0xadrii

Oct '24

Ethereum Foundation

Ethereum Foundation

Collaborative Audit • Blackthorn • 0xadrii

Aug '24

Midas - Instant Minter/Redeemer

Midas - Instant Minter/Redeemer

2,157.14 USDC • 3 total findings • Sherlock • 0xadrii

#4

medium

Missing storage gap in some contracts might lead to storage corruption

medium

Missing token allowance update when requesting redemptions will lead to redemption cap being bypassed

medium

Not considering BUIDL transfer configurations can lead to DoS in BUIDL redemption vault

Jun '24

Telcoin Wallet

Telcoin Wallet

14,700 USDC • Sherlock • 0xadrii

gold

Findings not publicly available for private contests.

Apr '24

Teller Finance

Teller Finance

3,696.90 USDC • 13 total findings • Sherlock • 0xadrii

silver

high

Not transferring collateral when submitting bids allows malicious users to create honeypot-style attacks

high

Claiming loan NFT prevents lenders from closing loan and retrieving collateral

high

Burning shares prior to computing value to withdraw will make earnings remain locked forever in the contract

high

Malicious lenders can set the lender commitment contract as the repayment listener for their regular loans, leading to several issues

high

Using transferFrom won’t work with some tokens

high

Using slot0 to compute position price can be easily manipulated

high

Multiplying the collateral amount by the `STANDARD_EXPANSION_FACTOR` when checking the required collateral is incorrect and allows borrowers to get undercollateralized loans

high

Escrowed repayments belonging to the lender commitment contract can’t be retrieved from the escrow vault

medium

Not considering `liquidityThresholdPercent` will make pool utilization ratio be wrongly computed

medium

Lender commitment group smart contract won't work properly with fee-on-transfer tokens

medium

Performing a direct multiplication in `_getPriceFromSqrtX96` will overflow for some uniswap pools

medium

Using wrong selector will dos FlashRolloverLoan's accept commitment

medium

`rolloverLoanWithFlash` does not allow adding collateral when accepting commitments

Feb '24

Tapioca

Tapioca

10,583.55 USDC • 15 total findings • Sherlock • 0xadrii

#5

high

Wrong parameter in remote transfer makes it possible to steal all USDO balance from users

high

Recursive _lzCompose() call can be leveraged to steal all generated USDO fees

high

Wrong usage of Stargate’s ETH router in balancer enables attackers to steal all bridged native funds

medium

DoS in BBLeverage and SGLLeverage due to using wrong leverage executor interface

medium

Leverage module’s buyCollateral() function will always fail due to wrong parameter when depositing into yieldbox

medium

Depositing wrong asset in YieldBox will DoS sellCollateral()

medium

Missing pausing functionality implementation makes USDO, tOFT and AssetToSGLPLeverageExecutor contracts not pausable

medium

Variable opening fee will always be wrongly computed if collateral is not a stablecoin

medium

Not properly tracking debt accrual leads mintOpenInterestDebt() to lose twTap rewards

medium

Missing return statement will make mtOFT's compose calls of message type MSG_XCHAIN_LEND_XCHAIN_LOCK always fail

medium

Using OR operator instead of AND operator in rebalance() will make call always fail if owner() ≠ rebalancer

medium

USDO’s MSG_TAP_EXERCISE compose messages where exercised options must be withdrawn to another chain will always fail due to wrongly requiring sendParam's to address to be whitelisted in the Cluster

medium

Withdrawing to other chain when exercising options won’t work as expected, leading to DoS

medium

Not considering fees when wrapping mtOFTs leads to DoS in leverage executors

medium

Secondary Big Bang market rates can be manipulated due to not triggering penrose.reAccrueBigBangMarkets(); when leveraging

opal-contracts

opal-contracts

1,830.74 USDC • 7 total findings • Cantina • 0xadrii

#5

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

Jan '24

Arcadia

Arcadia

12,675.45 USDC • 2 total findings • Sherlock • 0xadrii

bronze

high

Reentrancy in flashAction() allows draining liquidity pools

high

Caching Uniswap position liquidity allows borrowing using undercollateralized Uni positions

Telcoin Platform Audit

Telcoin Platform Audit

1,500.42 USDC • 3 total findings • Sherlock • 0xadrii

bronze

high

Wrong parameter when retrieving causes a complete DoS of the protocol

high

The current burning logic is flawed

medium

Functions calling _retrieve() more than once will always revert

Ubiquity

Ubiquity

2,592.50 USDC • 1 total finding • Sherlock • 0xadrii

#4

medium

TWAP oracle might return a stale price

Dec '23

DODO

DODO

Collaborative Audit • Sherlock • 0xadrii

SYMMIO

SYMMIO

Collaborative Audit • Sherlock • 0xadrii

Nov '23

Velodrome-Mellow Blackthorn

Velodrome-Mellow Blackthorn

Collaborative Audit • Blackthorn • 0xadrii

Jan '23

Cooler

Cooler

0.30 USDC • 1 total finding • Sherlock • 0xadrii

#30

high

USE SAFETRANSFER/SAFETRANSFERFROM CONSISTENTLY INSTEAD OF TRANSFER/TRANSFERFROM

Nov '22

Buffer Finance

Buffer Finance

6.52 USDC • 1 total finding • Sherlock • 0xadrii

#12

medium

ERC20 `transferFrom` return values not checked

Bull v Bear

Bull v Bear

39.76 USDC • 1 total finding • Sherlock • 0xadrii

#15

medium

NFTs could remain locked forever if the Bull is a malicious contract