https://sherlock-files.ams3.digitaloceanspaces.com/twitter_images/47ac9bdd-944b-450c-b080-6deab5df0fc9.jpg

Bnke0x0

Security Researcher

Web3 Security Auditor | @code4rena & @sherlockdefi Previously Web2 Bug Bounties @Hacker0x01

Contact Me

High

2

Total

Medium

20

Total

$16.34K

Total Earnings

#446 All Time

61x

Payouts

regular

6x

Top 10

regular

23x

Top 25

regular

48x

Top 50

All

Sherlock

Code4rena

Mar '23

Gitcoin

Gitcoin

72.32 USDC • Sherlock • Bnke0x0

#43

Feb '23

Ethos Reserve contest

Ethos Reserve contest

103.33 USDC • Code4rena • Bnke0x0

#32

Jan '23

Popcorn contest

Popcorn contest

35.48 USDC • Code4rena • Bnke0x0

#84

RabbitHole Quest Protocol contest

RabbitHole Quest Protocol contest

11.33 USDC • Code4rena • Bnke0x0

#77

Optimism

Optimism

6,673.01 USDC • 1 total finding • Sherlock • Bnke0x0

#12

medium

Pausing CrossDomainMessenger contract, which takes effect immediately, by its owner can unexpectedly block CrossDomainMessenger creator from calling relayMessage() function

Ondo Finance contest

Ondo Finance contest

68.6 USDC • Code4rena • Bnke0x0

#18

Reserve contest

Reserve contest

194.03 USDC • Code4rena • Bnke0x0

#25

Astaria contest

Astaria contest

36.79 USDC • Code4rena • Bnke0x0

#55

Biconomy - Smart Contract Wallet contest

Biconomy - Smart Contract Wallet contest

75.26 USDC • Code4rena • Bnke0x0

#50

Dec '22

Papr contest

Papr contest

43.54 USDC • Code4rena • Bnke0x0

#26

GoGoPool contest

GoGoPool contest

20.44 USDC • 1 total finding • Code4rena • Bnke0x0

#76

medium

wrong reward distribution between early and late depositors because of the late syncRewards() call in the cycle, syncReward() logic should be executed in each withdraw or deposits (without reverting)

Forgeries contest

Forgeries contest

71.66 USDC • Code4rena • Bnke0x0

#19

Caviar contest

Caviar contest

64.99 USDC • Code4rena • Bnke0x0

#37

prePO contest

prePO contest

28.12 USDC • 1 total finding • Code4rena • Bnke0x0

#31

medium

The recipient receives free collateral token if an ERC20 token that deducts a fee on transfer used as baseToken

Escher contest

Escher contest

66.79 USDC • 1 total finding • Code4rena • Bnke0x0

#43

medium

Use of `payable.transfer()` Might Render ETH Impossible to Withdraw

Nov '22

ParaSpace contest

ParaSpace contest

103.92 USDC • Code4rena • Bnke0x0

#51

Redacted Cartel contest

Redacted Cartel contest

53.49 USDC • Code4rena • Bnke0x0

#46

Telcoin

Telcoin

30.30 USDC • 1 total finding • Sherlock • Bnke0x0

#6

medium

FeeBuy.rescueERC20 backdoes not work on non-standard compliant tokens like USDT

Buffer Finance

Buffer Finance

71.36 USDC • 2 total findings • Sherlock • Bnke0x0

#9

medium

Support of different ERC20 tokens

medium

ERC20 missing return value check

LSD Network - Stakehouse contest

LSD Network - Stakehouse contest

52.03 USDC • Code4rena • Bnke0x0

#52

Blur Exchange contest

Blur Exchange contest

22.22 USDC • Code4rena • Bnke0x0

#30

DODO

DODO

62.49 USDC • 1 total finding • Sherlock • Bnke0x0

#6

medium

Usage of deprecated transfer to send ETH

FrankenDAO

FrankenDAO

67.07 USDC • 1 total finding • Sherlock • Bnke0x0

#15

medium

Use safeTransferFrom instead of transferFrom for ERC721 transfers

LooksRare Aggregator contest

LooksRare Aggregator contest

36.34 USDC • Code4rena • Bnke0x0

#24

Bond Protocol

Bond Protocol

802.13 USDC • 1 total finding • Sherlock • Bnke0x0

#6

medium

Solmate safetransfer and safetransferfrom does not check the code size of the token address, which may lead to funding loss

SIZE contest

SIZE contest

489.28 USDC • 1 total finding • Code4rena • Bnke0x0

#9

medium

Solmate's ERC20 does not check for token contract's existence, which opens up possibility for a honeypot attack

Debt DAO contest

Debt DAO contest

140.32 USDC • 2 total findings • Code4rena • Bnke0x0

#38

medium

Variable balance ERC20 support

medium

address.call{value:x}() should be used instead of payable.transfer()

Oct '22

Paladin - Warden Pledges contest

Paladin - Warden Pledges contest

41.07 USDC • 1 total finding • Code4rena • Bnke0x0

#28

medium

Owner can transfer all ERC20 reward token out using function recoverERC20

Inverse Finance contest

Inverse Finance contest

55.74 USDC • Code4rena • Bnke0x0

#41

Illuminate

Illuminate

329.89 USDC • 2 total findings • Sherlock • Bnke0x0

#19

high

Lender.mint() May Take The Illuminate PT As Input Which Will Transfer And Mint More Illuminate PT Cause an Infinite Supply

medium

Deposits don't work with fee-on transfer tokens

Astaria

Astaria

74.26 USDC • 1 total finding • Sherlock • Bnke0x0

#24

medium

ERC4626 does not work with fee-on-transfer tokens

Holograph contest

Holograph contest

277.94 USDC • 1 total finding • Code4rena • Bnke0x0

#23

medium

`_payoutToken[s]()` is not compatible with tokens with missing return value

3xcalibur contest

3xcalibur contest

63.01 USDC • Code4rena • Bnke0x0

#28

Juicebox contest

Juicebox contest

25.96 USDC • Code4rena • Bnke0x0

#19

The Graph L2 bridge contest

The Graph L2 bridge contest

71.07 USDC • Code4rena • Bnke0x0

#14

Sep '22

QuickSwap and StellaSwap contest

QuickSwap and StellaSwap contest

97.36 USDC • Code4rena • Bnke0x0

#26

Frax Ether Liquid Staking contest

Frax Ether Liquid Staking contest

83.85 USDC • 1 total finding • Code4rena • Bnke0x0

#32

medium

frxETHMinter.depositEther may run out of gas, leading to lost ETH

VTVL contest

VTVL contest

31.11 USDC • Code4rena • Bnke0x0

#56

Harpie

Harpie

16.97 USDC • 1 total finding • Sherlock • Bnke0x0

#21

medium

Use safeTransferFrom instead of transferFrom for ERC721 transfers

Y2k Finance contest

Y2k Finance contest

52.8 USDC • Code4rena • Bnke0x0

#50

PartyDAO contest

PartyDAO contest

35.87 USDC • Code4rena • Bnke0x0

#61

FEI and TRIBE Redemption contest

FEI and TRIBE Redemption contest

33.58 USDC • Code4rena • Bnke0x0

#14

Canto Dex Oracle contest

Canto Dex Oracle contest

39.22 CANTO • Code4rena • Bnke0x0

#12

Nouns Builder contest

Nouns Builder contest

106.19 USDC • Code4rena • Bnke0x0

#86

Aug '22

Olympus DAO contest

Olympus DAO contest

87.86 USDC • Code4rena • Bnke0x0

#62

Nouns DAO contest

Nouns DAO contest

58.07 USDC • Code4rena • Bnke0x0

#25

FIAT DAO veFDT contest

FIAT DAO veFDT contest

54.49 USDC • Code4rena • Bnke0x0

#41

Fraxlend (Frax Finance) contest

Fraxlend (Frax Finance) contest

81.49 USDC • Code4rena • Bnke0x0

#32

Foundation Drop contest

Foundation Drop contest

80.29 USDC • 1 total finding • Code4rena • Bnke0x0

#30

medium

NFT of NFT collection or NFT drop collection can be locked when calling _mint or mintCountTo function to mint it to a contract that does not support ERC721 protocol

Mimo August 2022 contest

Mimo August 2022 contest

3,550.66 USDC • 1 total finding • Code4rena • Bnke0x0

#4

high

MIMOEmptyVault.sol executeOperation() does not transfer the Vault leftover assets to the owner, it is locked in the MIMOEmptyVault

Rigor Protocol contest

Rigor Protocol contest

62.34 USDC • Code4rena • Bnke0x0

#65

Jul '22

Axelar Network v2 contest

Axelar Network v2 contest

195.99 USDC • Code4rena • Bnke0x0

#13

Golom contest

Golom contest

262.39 USDC • Code4rena • Bnke0x0

#44

Swivel v3 contest

Swivel v3 contest

103.42 USDC • Code4rena • Bnke0x0

#28

ENS contest

ENS contest

222.29 USDC • Code4rena • Bnke0x0

#28

Fractional v2 contest

Fractional v2 contest

100.96 USDC • Code4rena • Bnke0x0

#72

Juicebox V2 contest

Juicebox V2 contest

128.1 USDC • Code4rena • Bnke0x0

#46

Jun '22

Putty contest

Putty contest

81.57 USDC • Code4rena • Bnke0x0

#51

Canto v2 contest

Canto v2 contest

113.38 USDC • Code4rena • Bnke0x0

#16

Yieldy contest

Yieldy contest

81.31 USDC • Code4rena • Bnke0x0

#48

Illuminate contest

Illuminate contest

142.9 USDC • Code4rena • Bnke0x0

#46