https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/defaults/default_avatar_2.png

Bauer

Security Researcher

Contact Me

High

60

Total

Medium

1

Solo

65

Total

$36.74K

Total Earnings

#227 All Time

68x

Payouts

gold

1x

1st Places

silver

1x

2nd Places

bronze

2x

3rd Places

All

Sherlock

Code4rena

Cantina

CodeHawks

Oct '24

stakeup-bloomv2

stakeup-bloomv2

403.92 USDC • 5 total findings • Cantina • Bauer

#28

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

Sep '24

Royco Protocol

Royco Protocol

415.87 USDC • 5 total findings • Cantina • Bauer

#19

high

Finding not yet public.

high

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

Aug '24

Velar Artha PerpDEX

Velar Artha PerpDEX

116.00 USDC • 1 total finding • Sherlock • Bauer

#7

medium

Use `msg.sender` instead of `tx.origin`

zetachain-protocol

zetachain-protocol

115.03 USDC • 2 total findings • Cantina • Bauer

#58

medium

Finding not yet public.

medium

Finding not yet public.

Sentiment V2

Sentiment V2

5.68 USDC • 1 total finding • Sherlock • Bauer

#45

medium

Did not approve to zero first

Tadle

Tadle

9.51 USDC • 3 total findings • CodeHawks • Bauer

#95

high

Formulaic Error Rounds Down Causing Total Loss Of Funds For Bid Takers During Abort

low

Rounding Discrepancies in Deposit Amount Calculations

low

PreMarkets - Unable to withdraw platform rewards

Jul '24

MakerDAO Endgame

MakerDAO Endgame

310.99 USDC • Sherlock • Bauer

#82

Velocimeter

Velocimeter

432.26 USDC • 2 total findings • Sherlock • Bauer

#23

high

Slippage protection is invalid

medium

Users may be unable to execute the `swap()`

May '24

Napier Finance - LST/LRT Integrations

Napier Finance - LST/LRT Integrations

251.32 USDC • 2 total findings • Sherlock • Bauer

#10

medium

PufETHAdapter is unable to stake

medium

Missing checks for staking limit

Apr '24

Teller Finance

Teller Finance

338.91 USDC • 4 total findings • Sherlock • Bauer

#16

high

Front-running repayments to steal rewards from the protocol

high

If repayment fails, the lender may lose funds

high

Stealing principal tokens from the protocol

high

Burning shares first, then calculating the token to withdraw, results in users receiving more tokens

Alchemix - Optimism Bridging and Reward Routing

Alchemix - Optimism Bridging and Reward Routing

2,125 USDC • 1 total finding • Sherlock • Bauer

gold

high

The calculated value for slippage protection in the protocol is inaccurate

Zivoe

Zivoe

2.24 USDC • 1 total finding • Sherlock • Bauer

#55

high

Malicious users can deposit 0 assets to prolong the reward end time

Mar '24

Smart-contracts

Smart-contracts

1.7 USDC • 1 total finding • Cantina • Bauer

#42

medium

Finding not yet public.

Axis Finance

Axis Finance

5.04 USDC • 1 total finding • Sherlock • Bauer

#28

high

The auction data of the first participant can be arbitrarily modified

Feb '24

curvance

curvance

1,962.66 USDC • 2 total findings • Cantina • Bauer

#25

medium

Finding not yet public.

medium

Finding not yet public.

Perpetual

Perpetual

6,091.48 USDC • 2 total findings • Sherlock • Bauer

#5

high

Arbitrage can be conducted using the different prices returned by the Oracle

medium

The deposit() and withdraw() functions lack slippage protection

Rio Network

Rio Network

111.60 USDC • 3 total findings • Sherlock • Bauer

#25

high

When the epoch is rebalanced multiple times, users will experience a loss of funds when claiming

medium

The calculation of `availableShares` is incorrect

medium

When excess assets are rebalanced, the protocol may fail to execute

opal-contracts

opal-contracts

4,646.46 USDC • 9 total findings • Cantina • Bauer

bronze

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

Jan '24

Olympus On-Chain Governance

Olympus On-Chain Governance

139.35 USDC • 1 total finding • Sherlock • Bauer

#7

medium

Users are unable to cast votes

Covalent

Covalent

67.18 USDC • 1 total finding • Sherlock • Bauer

#13

medium

Front-run attack on `rewardValidators()`

Flat Money

Flat Money

122.01 USDC • 2 total findings • Sherlock • Bauer

#16

high

If the NFT owner changes and there are still positions that have not been executed, it will result in financial losses for the user

medium

Users can pay a small fee with a token to mint a large amount of points

Avail

Avail

248.59 USDC • Sherlock • Bauer

#7

Telcoin Platform Audit

Telcoin Platform Audit

2.64 USDC • 1 total finding • Sherlock • Bauer

#9

high

Minting to users using `totalSupply()` as the NFT ID is incorrect

Truflation

Truflation

67.11 USDC • 1 total finding • Sherlock • Bauer

#10

medium

When migrating the owner users will lose their rewards

SYMM IO

SYMM IO

139.79 USDC • Sherlock • Bauer

#12

Dec '23

The Standard

The Standard

29.14 USDC • 4 total findings • CodeHawks • Bauer

#47

high

Looping over unbounded `pendingStakes` array can lead to permanent DoS and frozen funds

medium

Fees are hardcoded to 3000 in ExactInputSingleParams

low

Users with Negligible TST Holdings Might Not Receive Their Share of EUROs Fees

low

doesn't follow the EIP standard

Footium Update

Footium Update

56.26 USDC • Sherlock • Bauer

#19

Olympus RBS 2.0

Olympus RBS 2.0

1,502.09 USDC • 2 total findings • Sherlock • Bauer

#11

high

The calculation of `getStablePoolTokenPrice()` is incorrect

medium

`getWeightedPoolTokenPrice()` wrongly assumes that all of the weighted pools uses totalSupply

Nov '23

Nouns Builder

Nouns Builder

1,056.63 USDC • 1 total finding • Sherlock • Bauer

#6

high

Precision Loss in Reward Calculation Causes Protocol Malfunction and User Funds Lockup

Convergence

Convergence

65.70 USDC • 1 total finding • Sherlock • Bauer

#14

medium

The slippage protection in `_poolCvgSDT.exchange()` is ineffective and does not provide the intended safeguard

Kelp DAO | rsETH

Kelp DAO | rsETH

147.67 USDC • 2 total findings • Code4rena • Bauer

#24

high

The price of rsEHT could be manipulated by the first staker

medium

Lack of slippage control on LRTDepositPool.depositAsset

Oct '23

Steadefi

Steadefi

7.20 USDC • 1 total finding • CodeHawks • Bauer

#51

low

Unhandled DoS when access to Chainlik oracle is blocked

Real Wagmi #2

Real Wagmi #2

904.82 USDC • 3 total findings • Sherlock • Bauer

#5

high

If the token id has been burned, the borrower will not be able to repay the loan

medium

The borrower may be unable to repay a loan

medium

Incorrect implementation of checking whether borrowing collateral exceeds the maximum allowed collateral limit

Sep '23

DittoETH

DittoETH

43.01 USDC • 2 total findings • CodeHawks • Bauer

#46

medium

Possible DOS on deposit(), withdraw() and unstake() for BridgeReth, leading to user loss of funds

low

ETH cannot always be unstaked using Rocket Pool

Aug '23

Sparkn

Sparkn

0.00 USDC • 1 total finding • CodeHawks • Bauer

#93

low

If a winner is blacklisted on any of the tokens they can't receive their funds

Jul '23

Beedle - Oracle free perpetual lending

Beedle - Oracle free perpetual lending

137.92 USDC • 4 total findings • CodeHawks • Bauer

#31

high

Sandwich attack to steal all ERC-20 tokens in the Fees contract

high

Borrower can use Refinance to cancel auctions so they can extend their loan indefinitely

medium

The `borrow` and `refinance` functions can be front-run by the pool lender to set high interest rates

medium

Frontrun can get the full reward, no staking time required

Foundry DeFi Stablecoin CodeHawks Audit Contest

Foundry DeFi Stablecoin CodeHawks Audit Contest

269.90 USDC • 3 total findings • CodeHawks • Bauer

#9

medium

staleCheckLatestRoundData() does not check the status of the Arbitrum sequencer in Chainlink feeds.

medium

Lack of fallbacks for price feed oracle

medium

Liquidators can be front-run to their loss

Jun '23

Unstoppable

Unstoppable

65.29 USDC • 1 total finding • Sherlock • Bauer

#22

high

The debt interest always evaluating to zero

Hubble Exchange

Hubble Exchange

0.14 USDC • 1 total finding • Sherlock • Bauer

#30

medium

Chainlink latestRoundData can return stale or incorrect data

May '23

USSD - Autonomous Secure Dollar

USSD - Autonomous Secure Dollar

63.88 USDC • 8 total findings • Sherlock • Bauer

#32

high

USSDRebalancer getOwnValuation() calculation may overflow

high

Pool price is extemely easy to manipulate

high

`mintRebalancer()` and `burnRebalancer()` functions lack access control, allowing anyone to call them

high

USSD.UniV3SwapInput executes swaps without slippage protection

high

Incorrect `DAIEthOracle` address, which results in the malfunctioning of the function.

high

Result of the calculation is zero when collateral token has precision of 8 decimals

medium

Chainlink's latestRoundData return stale or incorrect result

medium

Inaccurate collateral factor calculation due to missing collateral asset

Index

Index

148.63 USDC • 2 total findings • Sherlock • Bauer

#18

medium

The protocol doesn't check If Arbitrum sequencer is down in Chainlink feeds

medium

Chainlink's reported answer can be being carried over and stale

DODO Margin Trading

DODO Margin Trading

95.87 USDC • 1 total finding • Sherlock • Bauer

#6

high

Drain the funds from MarginTrading protocol

Footium

Footium

1.15 USDC • 2 total findings • Sherlock • Bauer

#30

medium

Use safeMint instead of mint for ERC721

medium

Use safeTransfer() instead of transfer() for ERC20 transfers

Apr '23

Blueberry Update

Blueberry Update

1,707.57 USDC • 7 total findings • Sherlock • Bauer

#4

high

The protocol does not return all of the rewards to user

high

The quotes from Curve may be subject to manipulation

high

AuraSpell executes swaps without slippage protection

high

Lack of deadline for uniswap AMM

medium

getPrice() doesn't check If Arbitrum sequencer is down in Chainlink feeds

medium

The protocol will not be able to add liquidity on the curve with another token with a balance.

medium

Users can fail to closePositionFarm and lose their funds

JOJO Exchange

JOJO Exchange

551.26 USDC • 2 total findings • Sherlock • Bauer

#21

high

Stealing funds from users

medium

`FlashLoanLiquidate.JOJOFlashLoan` swap asset without any slippage protection

Teller

Teller

529.88 USDC • 3 total findings • Sherlock • Bauer

#18

high

A bad actor can steal funds from users

medium

Insufficient support for fee-on-transfer tokens

medium

Owner can set higher protocol fees to get funds from lender

Frankencoin

Frankencoin

22.6 USDC • Code4rena • Bauer

#66

Caviar Private Pools

Caviar Private Pools

112.1 USDC • 1 total finding • Code4rena • Bauer

#39

medium

The `royaltyRecipient` could not be prepare to receive ether, making the `sell` to fail

Rubicon v2

Rubicon v2

92.05 USDC • 1 total finding • Code4rena • Bauer

#59

medium

Both buyAllAmountWithLeverage and sellAllAmountWithLeverage always revert

Mar '23

Gitcoin

Gitcoin

174.24 USDC • Sherlock • Bauer

#25

Asymmetry contest

Asymmetry contest

298.07 USDC • 5 total findings • Code4rena • Bauer

#21

high

Staking, unstaking and rebalanceToWeight can be sandwiched (Mainly rETH deposit )

high

`WstEth` derivative assumes a ~1=1 peg of stETH to ETH

high

Price of sfrxEth derivative is calculated incorrectly

medium

Division before multiplication truncate minOut and incurs heavy precision loss and result in insufficient slippage protection

medium

DoS due to external call failure

Sense Update #1

Sense Update #1

3,201.66 USDC • 3 total findings • Sherlock • Bauer

bronze

medium

Users can not purchase PTs and YTs with ETH

medium

User will lose the target token

medium

Use call() instead of transfer() on an address payable

Polynomial Protocol contest

Polynomial Protocol contest

571.87 USDC • Code4rena • Bauer

#18

Bond Protocol Update

Bond Protocol Update

3,879.31 USDC • 1 total finding • Sherlock • Bauer

silver

medium

Incorrect capacity calculation in BondBaseOSDA contract.

Y2K

Y2K

242.41 USDC • 2 total findings • Sherlock • Bauer

#43

high

Users can update and delete others' queues at will

high

A bad actor can revert in the callback function, causing the protocol to fail to mint deposit.

Taurus

Taurus

183.09 USDC • 1 total finding • Sherlock • Bauer

#10

high

Different percision may prevent users from depositing.

Feb '23

Surge

Surge

156.92 USDC • 1 total finding • Sherlock • Bauer

#14

high

Does not consider that the difference in precision between loan token and collateral token may cause the user will be not able to borrow tokens.

Hats

Hats

199.11 USDC • 2 total findings • Sherlock • Bauer

#15

medium

The target threshold may be lower than the minimum threshold

medium

The signerCount value is incorrect

Derby

Derby

308.94 USDC • 3 total findings • Sherlock • Bauer

#20

high

Sandwich attack to exchange rate

medium

Missing deadline checks allow pending transactions to be mailciously executed

medium

If the protocol is in the blacklist, the user can still stake tokens and get reward

OlympusDAO

OlympusDAO

218.46 USDC • 2 total findings • Sherlock • Bauer

#26

high

Users can get double rewards

medium

Users are not able to claim rewards if interanl reward token or external reward token is removed from list

Ethos Reserve contest

Ethos Reserve contest

61.26 USDC • Code4rena • Bauer

#33

Fair Funding by Alchemix & Unstoppable

Fair Funding by Alchemix & Unstoppable

991.24 USDC • 1 total finding • Sherlock • Bauer

#4

high

Liquidation may fail due to insufficient share

Carapace

Carapace

114.59 USDC • 3 total findings • Sherlock • Bauer

#28

high

Missing checks for amount 0 when buy or renew protection resulting in a large amount of garbage data generated in the protocol

high

User's balance can be reused to submit a withdrawal request that breaks the logic of deposit and withdrawal

medium

The lockCapital() can make the whole contract malfunction

Blueberry

Blueberry

103.09 USDC • 1 total finding • Sherlock • Bauer

#30

high

When user withdraw assets from ICHI Vault ,if the actual amount to remove in the value is less than lpTakeAmt ,then the user will lose the liquidity

Jan '23

Popcorn contest

Popcorn contest

44.65 USDC • 1 total finding • Code4rena • Bauer

#77

medium

Fee on transfer token not supported

RabbitHole Quest Protocol contest

RabbitHole Quest Protocol contest

0.75 USDC • 1 total finding • Code4rena • Bauer

#85

high

Protocol fees can be withdrawn multiple times in `Erc20Quest`

Ondo Finance contest

Ondo Finance contest

173.86 USDC • 1 total finding • Code4rena • Bauer

#16

medium

KYCRegistry is susceptible to signature replay attack.

Reserve contest

Reserve contest

72.44 USDC • Code4rena • Bauer

#27