https://sherlock-files.ams3.digitaloceanspaces.com/twitter_images/d70b0109-6ffe-4479-a7d5-3d99bdae4396.jpg

DedOhwale

Security Researcher

Dark scholar of web3. Delving into the abyss, ensuring smart contract security, and optimizing gas in the face of the void. 🌑 ☠️ 🔗

Contact Me

High

Total

Medium

Total

$1.31K

Total Earnings

#1222 All Time

7x

Payouts

3x

Top 25

5x

Top 50

All

Code4rena

Apr '24

DYAD

7.32 USDC • 2 total findings • Code4rena • DedOhWale

#102

high

Attacker can make 0 value deposit() calls to deny user from redeeming or withdrawing collateral

high

Kerosene collateral is not being moved on liquidation, exposing liquidators to loss

Jan '24

Salty.IO

453.2 USDC • 2 total findings • Code4rena • DedOhWale

#29

high

First depositor can break staking-rewards accounting

high

First Liquidity provider can claim all initial pool rewards

Sep '23

Ondo Finance

196.22 USDC • Code4rena • DedOhWale

#20

Aug '23

PoolTogether V5: Part Deux

99.19 USDC • Code4rena • DedOhWale

#23

Jun '23

Lybra Finance

196.5 USDC • 4 total findings • Code4rena • DedOhWale

#44

high

Incorrectly implemented modifiers in LybraConfigurator.sol allow any address to call functions that are supposed to be restricted

high

There is a vulnerability in the executeFlashloan function of the PeUSDMainnet contract. Hackers can use this vulnerability to burn other people's eUSD token balance without permission

medium

Understatement of `poolTotalPeUSDCirculation` amounts due to incorrect accounting after function `_repay` is called

medium

`stakerewardV2pool.withdraw()` should check the user's boost lock status.

Apr '23

Frankencoin

306.44 USDC • 1 total finding • Code4rena • DedOhWale

#25

medium

Manipulation of total share amount might cause future depositors to lose their assets

Rubicon v2

52.83 USDC • 1 total finding • Code4rena • DedOhWale

#76

high

RubiconMarket batchOffer and batchRequote make offers as self; complete loss of funds for some types of tokens, for example WETH