https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/fd4eaccd-0b59-49de-822c-44b6858102fb.jpg

Flare

Security Researcher

Contact Me

High

7

Total

Medium

9

Total

$2.43K

Total Earnings

#953 All Time

13x

Payouts

bronze

1x

3rd Places

regular

4x

Top 10

regular

8x

Top 25

All

Sherlock

Code4rena

CodeHawks

Immunefi

Mar '25

Symmio, Staking and Vesting

Symmio, Staking and Vesting

0.00 USDC • 1 total finding • Sherlock • Flare

#18

medium

An attacker can notify 1 wei of reward token for increasing the `periodFinish` time again and again.

Feb '25

Rova

Rova

0.04 USDC • 1 total finding • Sherlock • Flare

bronze

medium

Wrongly checking the limits with currency amount instead of request amount.

Jan '25

Liquid Ron

Liquid Ron

0 USDC • 1 total finding • Code4rena • Flare

#12

medium

Incorrect Logic in onlyOperator Modifier Leading to Denial-of-Service for Authorized Operators Across Critical Functions

Part 2

Part 2

19.35 usdc • 1 total finding • CodeHawks • flare

#61

medium

Fee Recipient Shares Cannot Be Decreased When Total Fee recipients’s share is at Max Limit

Dec '24

SecondSwap

SecondSwap

0 USDC • 1 total finding • Code4rena • Flare

#67

high

Users can claim more that their actual allotment

Teller Lender Groups Update Audit

Teller Lender Groups Update Audit

134.33 USDC • 1 total finding • Sherlock • Flare

#6

medium

Unsafe usage of approve method for some ERC20s

Aug '24

Chakra

Chakra

0 USDT • Code4rena • Flare

#68

Sentiment V2

Sentiment V2

221.24 USDC • 3 total findings • Sherlock • Flare

#23

medium

Missing `whenNotPaused` modifier

medium

`SuperPool.sol` is not ERC-4626 compliant.

medium

Users are unable to borrow up to their LTV set into the system.

Jul '24

Basin

Basin

731.92 USDC • 2 total findings • Code4rena • Flare

#4

high

Incorrectly assigned `decimal1` parameter upon decoding

high

`WellUpgradeable` can be upgraded by anyone

Munchables

Munchables

14.98 USDC • 2 total findings • Code4rena • Flare

#45

high

Single plot can be occupied by multiple renters

high

[H-01] Miscalculation in `_farmPlots` function could lead to a user unable to unstake all NFTs

May '24

Munchables

Munchables

0.01 USDC • 1 total finding • Code4rena • Dudex_2004

#16

high

Malicious User can call `lockOnBehalf` repeatedly extend a users `unlockTime`, removing their ability to withdraw previously locked tokens

Apr '24

DYAD

DYAD

37.28 USDC • 2 total findings • Code4rena • Dudex_2004

#76

high

User can get their Kerosene stuck because of an invalid check on withdraw

medium

Value of kerosene can be manipulated to force liquidate users

Mar '24

Audit Comp | Immunefi Arbitration

Audit Comp | Immunefi Arbitration

1,269 USDC • 1 total finding • Immunefi • Dudex_2004

#4

low

Finding not yet public.