https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/defaults/default_avatar_2.png

CodingNameKiki

Security Researcher

Contact Me

High

7

Total

Medium

1

Solo

13

Total

$10.21K

Total Earnings

#545 All Time

37x

Payouts

bronze

1x

3rd Places

regular

7x

Top 10

regular

21x

Top 25

All

Sherlock

Code4rena

Jun '23

GLIF

GLIF

515.22 USDC • Sherlock • CodingNameKiki

#10

Findings not publicly available for private contests.

Apr '23

Caviar Private Pools

Caviar Private Pools

112.97 USDC • 2 total findings • Code4rena • CodingNameKiki

#38

medium

Incorrect protocol fee is taken when changing NFTs

medium

Royalty recipients will not get fair share of royalties

Mar '23

Gitcoin

Gitcoin

221.67 USDC • Sherlock • CodingNameKiki

#21

Asymmetry contest

Asymmetry contest

176.58 USDC • 2 total findings • Code4rena • CodingNameKiki

#36

high

A temporary issue shows in the staking functionality which leads to the users receiving less minted tokens.

medium

Missing derivative limit and deposit availability checks will revert the whole `stake()` function

Feb '23

Ethos Reserve contest

Ethos Reserve contest

455.47 USDC • Code4rena • CodingNameKiki

#24

Volta

Volta

485.29 USDC • Sherlock • CodingNameKiki

#7

Findings not publicly available for private contests.

Union Finance Update

Union Finance Update

487.80 USDC • 1 total finding • Sherlock • CodingNameKiki

bronze

medium

Users can lose their staking rewards.

Jan '23

Popcorn contest

Popcorn contest

69.82 USDC • Code4rena • CodingNameKiki

#70

Numoen contest

Numoen contest

1,296.25 USDC • Code4rena • CodingNameKiki

#9

RabbitHole Quest Protocol contest

RabbitHole Quest Protocol contest

508.78 USDC • 4 total findings • Code4rena • CodingNameKiki

#11

high

Protocol fees can be withdrawn multiple times in `Erc20Quest`

medium

Buyer on secondary NFT market can lose fund if they buy a NFT that is already used to claim the reward

medium

Users may not claim Erc1155 rewards when the Quest has ended

medium

User may loose rewards if the receipt is minted after quest end time

Ondo Finance contest

Ondo Finance contest

395.96 USDC • Code4rena • CodingNameKiki

#11

Reserve contest

Reserve contest

1,306.03 USDC • Code4rena • CodingNameKiki

#16

Astaria contest

Astaria contest

253.34 USDC • Code4rena • CodingNameKiki

#40

Nov '22

Isomorph

Isomorph

589.50 USDC • 3 total findings • Sherlock • CodingNameKiki

#11

high

The variable `totalUSDborrowed` is wrongly calculated in the function openLoan in Vault_Synths. Users who want to increase their loans will receive less isoUSD.

high

Malicious user can burn the approved NFTs to the depositer contract and successfully steal owner's AMM tokens.

medium

`CHANGE_COLLATERAL_DELAY` contains a wrong number.

Oct '22

Juicebox contest

Juicebox contest

25.96 USDC • Code4rena • CodingNameKiki

#19

Union Finance

Union Finance

1,072.39 USDC • 1 total finding • Sherlock • CodingNameKiki

#10

high

Users won't be able to repay their overduе borrows, duo to a simple mistake made in the function `updateFrozenInfo`.

Merit Circle

Merit Circle

257.01 USDC • 1 total finding • Sherlock • CodingNameKiki

#9

high

Two malicious users can drain a big amount of rewards up to 48 weeks, for the little lock time of 10 mins.

Mycelium

Mycelium

109.26 USDC • 1 total finding • Sherlock • CodingNameKiki

#8

medium

Malicious user will prevent anyone from getting shares on their deposited amount of LINK to the vault

Sep '22

QuickSwap and StellaSwap contest

QuickSwap and StellaSwap contest

329.63 USDC • Code4rena • CodingNameKiki

#17

Frax Ether Liquid Staking contest

Frax Ether Liquid Staking contest

58.05 USDC • 1 total finding • Code4rena • CodingNameKiki

#44

medium

frxETHMinter: Non-conforming ERC20 tokens not recoverable

VTVL contest

VTVL contest

27.96 USDC • Code4rena • CodingNameKiki

#70

Art Gobblers contest

Art Gobblers contest

55.2 USDC • Code4rena • CodingNameKiki

#21

Harpie

Harpie

45.24 USDC • 2 total findings • Sherlock • CodingNameKiki

#18

medium

transferfrom can lead to permanently loosing the NFT token.

medium

Usage of deprecated transfer() can result in revert.

Y2k Finance contest

Y2k Finance contest

36.62 USDC • Code4rena • CodingNameKiki

#51

PartyDAO contest

PartyDAO contest

151.26 USDC • Code4rena • CodingNameKiki

#27

FEI and TRIBE Redemption contest

FEI and TRIBE Redemption contest

33.58 USDC • Code4rena • CodingNameKiki

#14

Canto Dex Oracle contest

Canto Dex Oracle contest

39.22 CANTO • Code4rena • CodingNameKiki

#12

Nouns Builder contest

Nouns Builder contest

136.39 USDC • Code4rena • CodingNameKiki

#67

Aug '22

Olympus DAO contest

Olympus DAO contest

86.89 USDC • Code4rena • CodingNameKiki

#78

Nouns DAO contest

Nouns DAO contest

100.39 USDC • Code4rena • CodingNameKiki

#18

FIAT DAO veFDT contest

FIAT DAO veFDT contest

394.44 USDC • 1 total finding • Code4rena • CodingNameKiki

#15

high

Unsafe usage of ERC20 transfer and transferFrom

Fraxlend (Frax Finance) contest

Fraxlend (Frax Finance) contest

67.35 USDC • Code4rena • CodingNameKiki

#43

Foundation Drop contest

Foundation Drop contest

33.77 USDC • 1 total finding • Code4rena • CodingNameKiki

#62

medium

NFT of NFT collection or NFT drop collection can be locked when calling _mint or mintCountTo function to mint it to a contract that does not support ERC721 protocol

Mimo August 2022 contest

Mimo August 2022 contest

108.69 USDC • Code4rena • CodingNameKiki

#32

Rigor Protocol contest

Rigor Protocol contest

62.35 USDC • Code4rena • CodingNameKiki

#64

Jul '22

Axelar Network v2 contest

Axelar Network v2 contest

87.35 USDC • Code4rena • CodingNameKiki

#37

Golom contest

Golom contest

21.32 USDC • Code4rena • CodingNameKiki

#89