https://sherlock-files.ams3.digitaloceanspaces.com/twitter_images/ac24df65-573f-4a70-a29b-7a477ff83473.jpg

Audinarey

Security Researcher

Smart Contract Security Researcher

Contact Me

High

37

Total

Medium

33

Total

$10.67K

Total Earnings

#535 All Time

31x

Payouts

regular

4x

Top 10

regular

12x

Top 25

regular

22x

Top 50

All

Sherlock

Code4rena

Cantina

Mar '25

Symmio, Staking and Vesting

Symmio, Staking and Vesting

68.35 USDC • 2 total findings • Sherlock • Audinarey

#10

high

Loss of rewards due to griefing attack

medium

Malicious user can spam rewards distribution causing users to miss out on rewards

Feb '25

Usual Labs

Usual Labs

135.06 USDC • Sherlock • Audinarey

#27

Jan '25

Allora v0.8.0 Update

Allora v0.8.0 Update

398.44 USDC • Sherlock • Audinarey

#12

Findings not publicly available for private contests.

Dec '24

Oku's New Order Types Contract Contest

Oku's New Order Types Contract Contest

0.26 OP • 1 total finding • Sherlock • Audinarey

#63

medium

Missing critical checks in `OracleLess` contract can be used to brick the `fillOrder()` function and cause funds to be stuck in the contract

Autonomint Colored Dollar V1

Autonomint Colored Dollar V1

1,040.92 OP • 17 total findings • Sherlock • Audinarey

#6

high

`usdaCollectedFromCdsWithdraw` is not updated during withdrawal for users who did not opt in for liquidation

high

Users can steal USDT using `redeemUSDT()` from the CDS

high

Liquidation can be blocked if `liqAmountToGetFromOtherChain == 0`

high

All the interest earned from liquidation is stuck in the treasury forever

high

missing `omniChainData.noOfLiquidations` update in `liquidationType2()` can lead to loss of CDS depositor who opt in for liquidation

high

option renewal can be done in less than 15 or after 30 days

high

`lastEventTime` is not updated during liquidation and withdrawal thus overinflating the `lastCumulativeRate`

medium

wrong amount of `sUSD` is used to open a short position in synthetix

medium

`submitOffchainDelayedOrder()` is called wrong with wrong paramters

medium

CDS withdrawals can be blocked for depositors who opted for liquidation

medium

10% of CDS depositors profit are stuck in the treasury during withdrawal without a way to retrieve them

medium

The interest from external protocol during liquidation is stuck without a way to withdraw

medium

Yield form LRTs are forever stuck in the protocol and cannot be withdrawn

medium

`downsideProtected` can block withdrawals anytime funds are requested from other chains to cover downside

medium

excess funds will not always be refunded to borrower when they are withdrawing

medium

`liquidationType2()` will always due wrong assumption that Asset:sAsset are minted 1:1

medium

The protocol does not consider Sythetix exchange fees during liquidation

Nov '24

MANTRA DEX

MANTRA DEX

305.03 USDC • 1 total finding • Code4rena • Audinarey

#17

high

Attackers can force the rewards to be stuck in the contract with malicious `x/tokenfactory` denoms

hyperlend

hyperlend

43.12 USDC • 1 total finding • Cantina • Audinarey

#16

high

Finding not yet public.

Debita Finance V3

Debita Finance V3

89.89 USDC • 4 total findings • Sherlock • Audinarey

#28

high

`wantedToken` is stuck in the `BuyOrder` contract without a way to withdraw

medium

`extendLoan(...)` will revert sometimes leading to a DOS

medium

Interest paid for non perpetual loan during loan extension is lost when the borrower repays debt

medium

Matching some lend orders can be blocked

Oct '24

stakeup-bloomv2

stakeup-bloomv2

1.38 USDC • 1 total finding • Cantina • Audinarey

#107

high

Finding not yet public.

mev-commit

mev-commit

1,388.37 USDC • 5 total findings • Cantina • Audinarey

#12

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

medium

Finding not yet public.

Sep '24

Royco Protocol

Royco Protocol

59.35 USDC • 2 total findings • Cantina • Audinarey

#54

high

Finding not yet public.

medium

Finding not yet public.

symbioticfi-core

symbioticfi-core

348.46 USDC • 1 total finding • Cantina • Audinarey

#12

medium

Finding not yet public.

Flayer

Flayer

308.45 USDC • 6 total findings • Sherlock • Audinarey

#36

high

`CollectionShutdown::execute(...)` can be permanently bricked thus blocking liquidation for a collection

high

Funds will be stuck in the `CollectionShutdown` contract if shutdown execution is cancelled

high

`params.quorumVotes` can overflow

medium

Anyone can DOS `CollectionShutdown::preventShutdown()`

medium

Users can manipulate interest rate using their protected listings

medium

user can create listing with dust amount to block collection shutdown

Aug '24

Chakra

Chakra

128 USDT • 5 total findings • Code4rena • Audinarey

#25

high

Malicious actors can manipulate the `cross_chain_callback` callback

high

There is no refund mechanism in `ChakraSettlement.processCrossChainCallback` or `ChakraSettlementHandler.receive_cross_chain_callback` function

high

In Starknet already processed messages can be re-submitted and by anyone

high

Invalid token address used in `ChakraSettlementHandler::cross_chain_erc20_settlement(...)` leading to invalid transaction creation and event emission

medium

inconsistency in sender address when creating cross chain messages on Starknet can lead to loss of funds

Jul '24

Velocimeter

Velocimeter

3,173.73 USDC • 7 total findings • Sherlock • Audinarey

#4

high

`create_lock(...)` can be DOS'd preventing users from creating lock in the `VotingEscrow`

high

rewards are lost when merging and withdrawing tokens

high

Claimable emissions are locked when a gauge is killed

high

`checkpoint_total_supply()` can prematurely update the `veSupply[t]` and `time_cursor` leading to wrong reward calculations

medium

`update_period(..)` leads to wrong calculation in weekly emissions breaking accounting for the protocol

medium

Votes of expired token in gauges lead to dilution of FLOW emissions for gauges with active votes

medium

The First liquidity provider of a stable pair can DOS the pool

Jun '24

Vultisig

Vultisig

160.72 USDC • 1 total finding • Code4rena • Audinarey

#23

high

Most users won't be able to claim their share of Uniswap fees

May '24

Munchables

Munchables

28.82 USDC • 3 total findings • Code4rena • Audinarey

#11

high

Malicious User can call `lockOnBehalf` repeatedly extend a users `unlockTime`, removing their ability to withdraw previously locked tokens

high

Invalid validation allows users to unlock early

medium

Players can gain more NFTs benefiting from that past remainder in subsequent locks

Arbitrum BoLD

Arbitrum BoLD

0 USDC • Code4rena • Audinarey

#10

Apr '24

Renzo

Renzo

0.41 USDC • 1 total finding • Code4rena • Audinarey

#56

high

Withdrawals logic allows MEV exploits of TVL changes and zero-slippage zero-fee swaps

NOYA

NOYA

38.49 USDC + NOYA stars • 1 total finding • Code4rena • Audinarey

#65

medium

Noya is not compatible with tokens whose balance changes outside of transfers causing funds to get stuck in the contract

Zivoe

Zivoe

369.41 USDC • 3 total findings • Sherlock • Audinarey

#30

high

vesters `ZVE` tokens will be locked in the `ZiveoVestingRewards.sol` without a means of withdrawal if a vester's schedule is revoked

high

Rewards will be stuck in the `ZivoeRewardsVesting` contract without a way to withdraw them

medium

Malicious user can prevent excess yield from being forwarded to the `YDL`

Feb '24

Rio Network

Rio Network

47.93 USDC • 1 total finding • Sherlock • Audinarey

#28

medium

overstated TVL value breaks share accounting when asset are queued for withdrawal form `EigenLayer`

Jan '24

Salty.IO

Salty.IO

385.27 USDC • 2 total findings • Code4rena • Audinarey

#37

high

User can evade `liquidation` by depositing the minimum of tokens and gain time to not be liquidated

medium

Minimium Collateral Check Can Be Bypassed

reNFT

reNFT

3.99 USDC • Code4rena • Audinarey

#66

Nov '23

Panoptic

Panoptic

11.32 USDC • Code4rena • Audinarey

#28

Oct '23

NextGen

NextGen

25.24 USDC • 1 total finding • Code4rena • Audinarey

#81

medium

Auction payout goes to AuctionDemo contract owner, not the token owner

Sep '23

Maia DAO - Ulysses

Maia DAO - Ulysses

25.68 USDC • Code4rena • Audinarey

#55

Aug '23

Chainlink Staking v0.2

Chainlink Staking v0.2

510.39 USDC • Code4rena • Audinarey

#39

May '23

Maia DAO Ecosystem

Maia DAO Ecosystem

1,355.47 USDC • 3 total findings • Code4rena • Audinarey

#31

high

Removing a BribeFlywheel from a Gauge does not remove the reward asset from the rewards depo, making it impossible to add a new Flywheel with the same reward token

medium

`unstakeAndWithdraw` inside `BoostAggregator` could lose pendingRewards in certain case

medium

_decrementWeightUntilFree() Possible infinite loop

Chainlink Cross-Chain Services: CCIP and ARM Network

Chainlink Cross-Chain Services: CCIP and ARM Network

201.79 USDC • Code4rena • Audinarey

#40

Ajna Protocol

Ajna Protocol

15.58 USDC • 1 total finding • Code4rena • Audinarey

#52

high

Claiming accumulated rewards while the contract is underfunded can lead to a loss of rewards