https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/defaults/default_avatar_8.png

AshishLac

Security Researcher

Web3 auditor | Lead specialist with 8+ yrs in Web2, Integrations & Marketing Automation | CS grad

Contact Me

High

4

Total

Medium

5

Total

$670.00

Total Earnings

#1353 All Time

6x

Payouts

regular

1x

Top 10

regular

1x

Top 25

regular

5x

Top 50

All

Sherlock

Code4rena

Cantina

CodeHawks

Apr '25

Burve

Burve

9.46 USDC • 1 total finding • Sherlock • AshishLac

#29

high

Users can imbalance the pool by removing a single pool token without paying tax due to incorrect calculation in removeValueSingle()

Mar '25

badger-ebtc-bsm

badger-ebtc-bsm

14.85 USDC • 1 total finding • Cantina • AshishLach

#31

high

Finding not yet public.

Feb '25

Liquidity Management

Liquidity Management

29.97 usdc • 1 total finding • CodeHawks • ashishlach

#50

medium

Functions that rely on chainlink prices cannot be queried on avalanche due to sequencer uptime check.

Dec '24

SecondSwap

SecondSwap

4.02 USDC • 3 total findings • Code4rena • AshishLach

#57

medium

Incorrect listing type validation bypasses enforcement of minimum purchase amount

medium

maxSellPercent can be buypassed by selling previously bought vestings at a later time

medium

Listing potential can not be purchased with discounted price

Oku's New Order Types Contract Contest

Oku's New Order Types Contract Contest

5.53 OP • 2 total findings • Sherlock • AshishLac

#32

high

cancelOrder() function can be used in Reentrancy attack

medium

safeApprove function is deprecated and is not recommended to be used as it could leads to revert in some cases

Nov '24

Project

Project

606.17 USDC • 1 total finding • CodeHawks • ashishlach

#7

high

MembershipERC1155 proxy cannot be upgraded