https://sherlock-files.ams3.digitaloceanspaces.com/twitter_images/f57095da-4486-46a4-8f0e-ed493bdeac45.jpg

DecorativePineapple

Security Researcher

Independent Security Researcher • Junior Security Researcher🌱@SpearbitDAO • @yAcademyDAO block4 • DMs open for web3 security consulting & research •🍍

Contact Me

High

3

Total

Medium

1

Solo

3

Total

$3.01K

Total Earnings

#890 All Time

3x

Payouts

regular

2x

Top 10

regular

3x

Top 25

regular

3x

Top 50

All

Sherlock

Code4rena

Jan '23

UXD Protocol

UXD Protocol

2,173.90 USDC • 3 total findings • Sherlock • DecorativePineapple

#6

high

The periodSize of the oracle is very low allowing the TWAP price to be easily manipulated

high

An attacker can frontrun the call to the `rebalanceLite` function and steal the amount to be rebalanced by sandwiching the long position that is opened

medium

The `FullMath` library is unable to handle intermediate overflows due to overflow that's desired but never reached

Dec '22

NounsDAO

NounsDAO

349.49 USDC • 1 total finding • Sherlock • DecorativePineapple

#5

medium

Two address tokens can be withdrawn by the payer even when the stream has began

Aug '22

FIAT DAO veFDT contest

FIAT DAO veFDT contest

486.06 USDC • 2 total findings • Code4rena • DecorativePineapple

#13

high

Unsafe usage of ERC20 transfer and transferFrom

medium

Unsafe casting from int128 can cause wrong accounting of locked amounts