https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/defaults/default_avatar_0.png

0xarno

Security Researcher

3e78e1bd34

Contact Me

High

10

Total

Medium

1

Solo

16

Total

$13.96K

Total Earnings

#437 All Time

10x

Payouts

regular

4x

Top 10

regular

4x

Top 25

regular

6x

Top 50

All

Sherlock

Code4rena

Cantina

Immunefi

Jan '25

daao-contracts

daao-contracts

58.72 USDC • 1 total finding • Cantina • 0xarno

#61

high

Finding not yet public.

Aug '24

Winnables Raffles

Winnables Raffles

4.13 USDC • 2 total findings • Sherlock • 0xarno

#33

high

Raffle Cancellation by Unauthorized Users

medium

Missing Role Revocation Functionality in `Roles` Contract

Sentiment V2

Sentiment V2

1,229.62 USDC • 2 total findings • Sherlock • 0xarno

#8

medium

**Attacker Can Cause DoS in SuperPool Deployment**

medium

Attacker Can Manipulate Interest Distribution by Exploiting Asset Transfers and Fee Accrual Mechanism

Jul '24

Audit Comp | Folks Finance

Audit Comp | Folks Finance

2,828 USDC • 3 total findings • Immunefi • arno

#10

high

Finding not yet public.

medium

Finding not yet public.

low

Finding not yet public.

Jun '24

Size

Size

13.76 USDC • 2 total findings • Code4rena • 0xarno

#53

high

Users won't liquidate positions because the logic used to calculate the liquidator's profit is incorrect

medium

Users can not to buy/sell minimum credit allowed due to exactAmountIn condition

Jan '24

incentive-contracts

incentive-contracts

5,574.91 USDC • 7 total findings • Cantina • 0xarno

#4

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

Nov '23

core-and-erc1155a

core-and-erc1155a

4,207.56 USDC • 1 total finding • Cantina • 0xarno

#9

high

Finding not yet public.

Canto Application Specific Dollars and Bonding Curves for 1155s

Canto Application Specific Dollars and Bonding Curves for 1155s

1.37 USDC • 1 total finding • Code4rena • 0xarno

#31

medium

No slippage protection for Market functions

Oct '23

NextGen

NextGen

5.96 USDC • 3 total findings • Code4rena • 0xarno

#97

high

Attacker can drain all ETH from AuctionDemo when block.timestamp == auctionEndTime

medium

Bidder Funds Can Become Unrecoverable Due to 1 second Overlap in `participateToAuction()` and `claimAuction()`

medium

Auction winner can prevent payments via `safeTransferFrom` callback

Sep '23

Allo V2

Allo V2

33.61 USDC • 5 total findings • Sherlock • 0xarno

#54

high

Allocators in `QVSimpleStrategy.sol` can allocate multiple times

medium

Incorrect state update of variable `allocator.voiceCreditsCastToRecipient[_recipientId]`

medium

`useRegistryAnchor` is set as `true` in `RFPSimpleStrategy.sol` will brick the `_registerRecipient` function

medium

Incorrect Check in `_distribute` Function in `RFPSimpleStrategy.sol` Leads to Reversion of Valid Distributions

medium

funding of `QVSimpleStrategy.sol` is impossibe since it doesn't have `receive()` function for eth