https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/defaults/default_avatar_5.png

DMoore

Security Researcher

Contact Me

High

9

Total

Medium

1

Total

$1.44K

Total Earnings

#1119 All Time

8x

Payouts

bronze

2x

3rd Places

regular

4x

Top 10

regular

4x

Top 25

All

Sherlock

Code4rena

Jul '24

MagicSea - the native DEX on the IotaEVM

MagicSea - the native DEX on the IotaEVM

2.06 USDC • 1 total finding • Sherlock • DMoore

#60

medium

Malicious users can block BribeRewarder's normal bribe operation

May '24

LoopFi

LoopFi

386.08 USDC • 1 total finding • Code4rena • DMoore

bronze

high

Availability of deposit invariant can be bypassed

Apr '24

DYAD

DYAD

0.02 USDC • 1 total finding • Code4rena • DMoore

#114

high

Attacker can make 0 value deposit() calls to deny user from redeeming or withdrawing collateral

Mar '24

RadicalxChange

RadicalxChange

1.18 USDC • 1 total finding • Sherlock • DMoore

bronze

high

Lack of checking highest bidder in _cancelAllBids lead to collateral-free highest bid

Amphor

Amphor

679.98 USDC • 1 total finding • Sherlock • DMoore

#7

high

lastRedeemRequestId is wrongly updated when createRedeemRequest

Feb '24

AI Arena

AI Arena

0.1 USDC • 2 total findings • Code4rena • DMoore

#183

high

A locked fighter can be transferred; leads to game server unable to commit transactions, and unstoppable fighters

high

Non-transferable `GameItems` can be transferred with `GameItems::safeBatchTransferFrom(...)`

Jan '24

Telcoin Platform Audit

Telcoin Platform Audit

368.50 USDC • 1 total finding • Sherlock • DMoore

#7

high

Incorrect staking index handling inside topUp function of StakingRewardsManager contract

Curves

Curves

1.38 USDC • 2 total findings • Code4rena • DMoore

#124

high

Whitelised accounts can be forcefully DoSed from buying curveTokens during the presale

high

Unauthorized Access to setCurves Function