Security Researcher
Blockchain Security Researcher
High
Total
Medium
Total Earnings
#1257 All Time
Payouts
Top 25
Top 50
All
Code4rena
Apr '24
7.35 USDC • 1 total finding • Code4rena • CaeraDenoir
#101
medium
Attacker can frontrun to prevent vaults from being removed from the dNFT owner's position
Mar '24
418.69 USDC • 3 total findings • Code4rena • CaeraDenoir
#30
high
V3Utils.execute() does not have caller validation, leading to stolen NFT positions from users
Owner of a position can prevent liquidation due to the 'onERC721Received' callback
Repayments and liquidations can be forced to revert by an attacker that repays miniscule amount of shares
Feb '24
267.84 USDC • 2 total findings • Code4rena • CaeraDenoir
#12
Withdrawal from NFTs can be temporarily blocked
Distribution can be bricked, and double claims by a few holders are possible when owner calls `LiquidInfrastructureERC20::setDistributableERC20s`
Jan '24
0.78 USDC • 1 total finding • Code4rena • CaeraDenoir
#117
User can evade `liquidation` by depositing the minimum of tokens and gain time to not be liquidated
Dec '23
256.04 USDC • 2 total findings • Code4rena • CaeraDenoir
#47
PnL system can be broken by large users intentionally or unintentionally.
Malicious borrower can decrease Guild holders reward
Oct '23
98.5 USDC • 3 total findings • Code4rena • CaeraDenoir
#59
Attacker can drain all ETH from AuctionDemo when block.timestamp == auctionEndTime
Adversary can block `claimAuction()` due to push-strategy to transfer assets to multiple bidders
Vulnerability in burnToMint function allowing double use of NFT
137.73 USDC • 2 total findings • Code4rena • CaeraDenoir
#43
Borrower has no way to update `maxTotalSupply` of `market` or close market.
`setAnnualInterestBips()` can be abused to keep a market's reserve ratio at 90%
