https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/874952b3-1d12-4e75-ac48-4bfe3eab62f4.jpg

BADROBINX

Security Researcher

Contact Me

High

Total

Medium

Total

$2.54K

Total Earnings

#1050 All Time

8x

Payouts

2x

Top 10

4x

Top 25

6x

Top 50

All

Sherlock

Immunefi

Sep '25

Super DCA Liquidity Network

268.00 OP • 4 total findings • Sherlock • BADROBINX

high

An Attacker deploying a Pool with different `tickSpacing` can steal Rewards by another pool.

high

When someones calls `stake` the `otherToken` rewardIndex resets, causing a loss of Rewards.

high

`collectFees` will revert for Pools with token0/1 as native ETH.

medium

The `SuperDCACashback` assumes the USDx has 6 decimals.

Aug '25

USG - Tangent

663.66 USDC • 7 total findings • Sherlock • BADROBINX

#13

high

`migrateFrom` and `migrateTo` can be called by anyone.

medium

If `totalSupplyVsTan` goes to 0, it might result in a loss as `userRewardPerTokenPaid` is not updated.

medium

There is no way for the `admin` to sweep `rewards` lost due to precision

medium

No Slippage in `liquidation` causing loss of funds.

medium

The `siezeCollateral` compares collateral value in USD with USG.

medium

`oracle.getPtToSyRate` may return bigger values for some markets

medium

The collateral value for PT may be overstated as `getPtToSyRate` returns 1:1

Jul '25

Malda

10.64 USDC • 2 total findings • Sherlock • BADROBINX

#44

medium

The `wrapAndSupplyOnExtensionMarket` does not account for the `GasFee` required by the host contract

medium

`sendMsg` uses the old `transferInfo` if the deadline has reached to calculate the `_maxTransferSize`, causing DoS

Mar '25

Audit Comp | Yeet

1,150 USDC • 2 total findings • Immunefi • robin_bl4z3

medium

Finding not yet public.

low

Finding not yet public.

Jan '25

Plaza Finance

40.44 USDC • 3 total findings • Sherlock • BADROBINX

#56

high

The `transferReserveToAuction` Function uses the wrong `currentPeriod`, Leading to DoS

high

New `BondAuction` Holders are Inappropriately Eligible for Full Period Distributions

medium

The `endAuction` Function Does Not Exclude Fees When Calculating the Pool's Value, Leaving the beneficiary with less fees

Aave v3.3

91.89 USDC • Sherlock • BADROBINX

#83

Dec '24

Tally ARB Staker

60.67 USDC • Sherlock • BADROBINX

#25

Sep '24

Flayer

258.62 USDC • 6 total findings • Sherlock • BADROBINX

#39

high

The `redeem` function does not check if the requested NFT is not a `canWithdrawAsset` NFT of someone else

high

The `collectionShutdown` Contract Allows Normal Voting After Execution, Preventing Users from Receiving Compensation for Burned Tokens and NFTs sold

high

The `collectionShutdown` contract fails to return tokens to users who voted when `cancel` is called due to an increase in token supply causing the tokens to be stuck inside the contract

high

The `relist` function does not check whether the listing is a liquidation listing causing users to pay taxes and refunds being paid to the listing owner who did not pay taxes

high

The `reserve` Function Fails to Delete `_isLiquidation` Mapping, Causing Refund not being paid for that Token Future Listings

medium

The `initializeCollection` is using a wrong Refund Logic causing the function to send zero Refunds