https://sherlock-files.ams3.digitaloceanspaces.com/twitter_images/53317d54-b27f-49a4-b9eb-eb6842909899.jpg

Chonkov

Security Researcher

Smart Contract Security Researcher

Contact Me

High

Total

Medium

Total

$519.00

Total Earnings

#1418 All Time

9x

Payouts

1x

1st Places

1x

3rd Places

2x

Top 10

All

Sherlock

Code4rena

Cantina

Mar '25

badger-ebtc-bsm

14.85 USDC • 1 total finding • Cantina • chonkov

#36

high

Finding not yet public.

Dec '24

SecondSwap

0.03 USDC • 2 total findings • Code4rena • Gosho

#66

high

Users can claim more that their actual allotment

medium

Incorrect referral fee calculations

Lambo.win

0 USDC • 1 total finding • Code4rena • Gosho

#36

high

Minting zero tokens when underlyingToken is not Ether in cashIn()

Nov '24

vVv Launchpad - Investments & Token distribution

94.59 USDC • 1 total finding • Sherlock • Chonkov

high

Front-running of `claim(...)` can lead to stealing rewards from investors

Oct '24

Gamma Brevis Rewarder

131.06 OP • 1 total finding • Sherlock • Chonkov

high

Users can't claim multiple times when a distribution happens over multiple epochs

stakeup-bloomv2

11.29 USDC • 2 total findings • Cantina • chonkov

#92

high

Finding not yet public.

high

Finding not yet public.

Aug '24

Phi

115.5 USDC • 3 total findings • Code4rena • Gosho

#17

medium

`PhiFactory:claim` Potentially Causing Loss of Funds If `mintFee` Changed Beforehand

medium

Contract `PhiNFT1155` can't be paused

medium

Attacker can DOS user from selling shares of a credId

Jul '24

Munchables

0.39 USDC • 1 total finding • Code4rena • Gosho

#48

high

Single plot can be occupied by multiple renters

Jun '24

Thorchain

151.72 USDC • 2 total findings • Code4rena • Gosho

#17

medium

Due to the use of `msg.value` in for loop, anyone can drain all the funds from the `THORChain_Router` contract

medium

[M-02] Incorrect call argument in `THORChain_Router::_transferOutAndCallV5`, leading to grief/steal of `THORChain_Aggregator`'s funds or DoS