DMoore

Security Researcher

Contact Me

High

Total

Medium

Total

$1.44K

Total Earnings

#1094 All Time

8x

Payouts

2x

3rd Places

4x

Top 10

4x

Top 25

All

Sherlock

Code4rena

Jul '24

MagicSea - the native DEX on the IotaEVM

2.06 USDC • 1 total finding • Sherlock • DMoore

#60

medium

Malicious users can block BribeRewarder's normal bribe operation

May '24

LoopFi

386.08 USDC • 1 total finding • Code4rena • DMoore

high

Availability of deposit invariant can be bypassed

Apr '24

DYAD

0.02 USDC • 1 total finding • Code4rena • DMoore

#114

high

Attacker can make 0 value deposit() calls to deny user from redeeming or withdrawing collateral

Mar '24

RadicalxChange

1.18 USDC • 1 total finding • Sherlock • DMoore

high

Lack of checking highest bidder in _cancelAllBids lead to collateral-free highest bid

Amphor

679.98 USDC • 1 total finding • Sherlock • DMoore

high

lastRedeemRequestId is wrongly updated when createRedeemRequest

Feb '24

AI Arena

0.1 USDC • 2 total findings • Code4rena • DMoore

#183

high

A locked fighter can be transferred; leads to game server unable to commit transactions, and unstoppable fighters

high

Non-transferable `GameItems` can be transferred with `GameItems::safeBatchTransferFrom(...)`

Jan '24

Telcoin Platform Audit

368.50 USDC • 1 total finding • Sherlock • DMoore

high

Incorrect staking index handling inside topUp function of StakingRewardsManager contract

Curves

1.38 USDC • 2 total findings • Code4rena • DMoore

#124

high

Whitelised accounts can be forcefully DoSed from buying curveTokens during the presale

high

Unauthorized Access to setCurves Function