https://sherlock-files.ams3.digitaloceanspaces.com/twitter_images/47ac9bdd-944b-450c-b080-6deab5df0fc9.jpg

Bnke0x0

Security Researcher

Web3 Security Auditor | @code4rena & @sherlockdefi Previously Web2 Bug Bounties @Hacker0x01

Contact Me

High

2

Total

Medium

19

Total

$16.34K

Total Earnings

#494 All Time

61x

Payouts

bronze

1x

3rd Places

regular

6x

Top 10

regular

24x

Top 25

All

Sherlock

Code4rena

Mar '23

Gitcoin

Gitcoin

72.32 USDC • Sherlock • Bnke0x0

#43

Feb '23

Ethos Reserve contest

Ethos Reserve contest

103.33 USDC • Code4rena • Bnke0x0

#32

Jan '23

Popcorn contest

Popcorn contest

35.48 USDC • Code4rena • Bnke0x0

#84

RabbitHole Quest Protocol contest

RabbitHole Quest Protocol contest

11.33 USDC • Code4rena • Bnke0x0

#77

Optimism

Optimism

6,673.01 USDC • 1 total finding • Sherlock • Bnke0x0

#12

medium

Pausing CrossDomainMessenger contract, which takes effect immediately, by its owner can unexpectedly block CrossDomainMessenger creator from calling relayMessage() function

Ondo Finance contest

Ondo Finance contest

68.6 USDC • Code4rena • Bnke0x0

#18

Reserve contest

Reserve contest

194.03 USDC • Code4rena • Bnke0x0

#25

Astaria contest

Astaria contest

36.79 USDC • Code4rena • Bnke0x0

#55

Biconomy - Smart Contract Wallet contest

Biconomy - Smart Contract Wallet contest

75.26 USDC • Code4rena • Bnke0x0

#50

Dec '22

Papr contest

Papr contest

43.54 USDC • Code4rena • Bnke0x0

#26

GoGoPool contest

GoGoPool contest

20.44 USDC • Code4rena • Bnke0x0

#76

Forgeries contest

Forgeries contest

71.66 USDC • Code4rena • Bnke0x0

#19

Caviar contest

Caviar contest

64.99 USDC • Code4rena • Bnke0x0

#37

prePO contest

prePO contest

28.12 USDC • 1 total finding • Code4rena • Bnke0x0

#31

medium

The recipient receives free collateral token if an ERC20 token that deducts a fee on transfer used as baseToken

Escher contest

Escher contest

66.79 USDC • 1 total finding • Code4rena • Bnke0x0

#42

medium

Use of `payable.transfer()` Might Render ETH Impossible to Withdraw

Nov '22

ParaSpace contest

ParaSpace contest

103.92 USDC • Code4rena • Bnke0x0

#50

Redacted Cartel contest

Redacted Cartel contest

53.49 USDC • Code4rena • Bnke0x0

#46

Telcoin

Telcoin

30.30 USDC • 1 total finding • Sherlock • Bnke0x0

#6

medium

FeeBuy.rescueERC20 backdoes not work on non-standard compliant tokens like USDT

Buffer Finance

Buffer Finance

71.36 USDC • 2 total findings • Sherlock • Bnke0x0

#9

medium

Support of different ERC20 tokens

medium

ERC20 missing return value check

LSD Network - Stakehouse contest

LSD Network - Stakehouse contest

52.03 USDC • Code4rena • Bnke0x0

#51

Blur Exchange contest

Blur Exchange contest

22.22 USDC • Code4rena • Bnke0x0

#30

DODO

DODO

62.49 USDC • 1 total finding • Sherlock • Bnke0x0

#6

medium

Usage of deprecated transfer to send ETH

FrankenDAO

FrankenDAO

67.07 USDC • 1 total finding • Sherlock • Bnke0x0

#15

medium

Use safeTransferFrom instead of transferFrom for ERC721 transfers

LooksRare Aggregator contest

LooksRare Aggregator contest

36.34 USDC • Code4rena • Bnke0x0

#24

Bond Protocol

Bond Protocol

802.13 USDC • 1 total finding • Sherlock • Bnke0x0

#6

medium

Solmate safetransfer and safetransferfrom does not check the code size of the token address, which may lead to funding loss

SIZE contest

SIZE contest

489.28 USDC • 1 total finding • Code4rena • Bnke0x0

#9

medium

Solmate's ERC20 does not check for token contract's existence, which opens up possibility for a honeypot attack

Debt DAO contest

Debt DAO contest

140.32 USDC • 2 total findings • Code4rena • Bnke0x0

#37

medium

Variable balance ERC20 support

medium

address.call{value:x}() should be used instead of payable.transfer()

Oct '22

Paladin - Warden Pledges contest

Paladin - Warden Pledges contest

41.07 USDC • 1 total finding • Code4rena • Bnke0x0

#27

medium

Owner can transfer all ERC20 reward token out using function recoverERC20

Inverse Finance contest

Inverse Finance contest

55.74 USDC • Code4rena • Bnke0x0

#40

Illuminate

Illuminate

329.89 USDC • 2 total findings • Sherlock • Bnke0x0

#19

high

Lender.mint() May Take The Illuminate PT As Input Which Will Transfer And Mint More Illuminate PT Cause an Infinite Supply

medium

Deposits don't work with fee-on transfer tokens

Astaria

Astaria

74.26 USDC • 1 total finding • Sherlock • Bnke0x0

#24

medium

ERC4626 does not work with fee-on-transfer tokens

Holograph contest

Holograph contest

277.94 USDC • 1 total finding • Code4rena • Bnke0x0

#22

medium

`_payoutToken[s]()` is not compatible with tokens with missing return value

3xcalibur contest

3xcalibur contest

63.01 USDC • Code4rena • Bnke0x0

#28

Juicebox contest

Juicebox contest

25.96 USDC • Code4rena • Bnke0x0

#18

The Graph L2 bridge contest

The Graph L2 bridge contest

71.07 USDC • Code4rena • Bnke0x0

#14

Sep '22

QuickSwap and StellaSwap contest

QuickSwap and StellaSwap contest

97.36 USDC • Code4rena • Bnke0x0

#25

Frax Ether Liquid Staking contest

Frax Ether Liquid Staking contest

83.85 USDC • 1 total finding • Code4rena • Bnke0x0

#31

medium

frxETHMinter.depositEther may run out of gas, leading to lost ETH

VTVL contest

VTVL contest

31.11 USDC • Code4rena • Bnke0x0

#55

Harpie

Harpie

16.97 USDC • 1 total finding • Sherlock • Bnke0x0

#21

medium

Use safeTransferFrom instead of transferFrom for ERC721 transfers

Y2k Finance contest

Y2k Finance contest

52.8 USDC • Code4rena • Bnke0x0

#49

PartyDAO contest

PartyDAO contest

35.87 USDC • Code4rena • Bnke0x0

#60

FEI and TRIBE Redemption contest

FEI and TRIBE Redemption contest

33.58 USDC • Code4rena • Bnke0x0

#14

Canto Dex Oracle contest

Canto Dex Oracle contest

39.22 CANTO • Code4rena • Bnke0x0

#12

Nouns Builder contest

Nouns Builder contest

106.19 USDC • Code4rena • Bnke0x0

#85

Aug '22

Olympus DAO contest

Olympus DAO contest

87.86 USDC • Code4rena • Bnke0x0

#61

Nouns DAO contest

Nouns DAO contest

58.07 USDC • Code4rena • Bnke0x0

#24

FIAT DAO veFDT contest

FIAT DAO veFDT contest

54.49 USDC • Code4rena • Bnke0x0

#41

Fraxlend (Frax Finance) contest

Fraxlend (Frax Finance) contest

81.49 USDC • Code4rena • Bnke0x0

#31

Foundation Drop contest

Foundation Drop contest

80.29 USDC • 1 total finding • Code4rena • Bnke0x0

#29

medium

NFT of NFT collection or NFT drop collection can be locked when calling _mint or mintCountTo function to mint it to a contract that does not support ERC721 protocol

Mimo August 2022 contest

Mimo August 2022 contest

3,550.66 USDC • 1 total finding • Code4rena • Bnke0x0

bronze

high

MIMOEmptyVault.sol executeOperation() does not transfer the Vault leftover assets to the owner, it is locked in the MIMOEmptyVault

Rigor Protocol contest

Rigor Protocol contest

62.34 USDC • Code4rena • Bnke0x0

#64

Jul '22

Axelar Network v2 contest

Axelar Network v2 contest

195.99 USDC • Code4rena • Bnke0x0

#12

Golom contest

Golom contest

262.39 USDC • Code4rena • Bnke0x0

#43

Swivel v3 contest

Swivel v3 contest

103.42 USDC • Code4rena • Bnke0x0

#28

ENS contest

ENS contest

222.29 USDC • Code4rena • Bnke0x0

#27

Fractional v2 contest

Fractional v2 contest

100.96 USDC • Code4rena • Bnke0x0

#71

Juicebox V2 contest

Juicebox V2 contest

128.1 USDC • Code4rena • Bnke0x0

#45

Jun '22

Putty contest

Putty contest

81.57 USDC • Code4rena • Bnke0x0

#50

Canto v2 contest

Canto v2 contest

113.38 USDC • Code4rena • Bnke0x0

#15

Yieldy contest

Yieldy contest

81.31 USDC • Code4rena • Bnke0x0

#47

Illuminate contest

Illuminate contest

142.9 USDC • Code4rena • Bnke0x0

#45