https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/25e1de41-82ee-445a-b138-b8cefffce6a9.jpg

Greese

Security Researcher

Contact Me

High

16

Total

Medium

9

Total

$4.13K

Total Earnings

#824 All Time

15x

Payouts

regular

3x

Top 10

regular

7x

Top 25

regular

10x

Top 50

All

Sherlock

Cantina

CodeHawks

May '25

primev-validator-registry

primev-validator-registry

0.18 USDC • 1 total finding • Cantina • Greese

#6

high

Finding not yet public.

mystic-monorepo

mystic-monorepo

48.36 USDC • 3 total findings • Cantina • Greese

#48

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

Apr '25

ZKP2P V2

ZKP2P V2

2,170.80 OP • Sherlock • Greese

#4

Findings not publicly available for private contests.

Feb '25

Core Contracts

Core Contracts

179.94 usdc • 8 total findings • CodeHawks • greese

#109

high

Multiple Delegation by Double Spending Boosts and Lack of Delegation Tracking in BoostController Contract

high

Delegation Boost Not Usable by Delegatees

high

Treasury Balance Tracking Bypass in FeeCollector

high

Gauge reward system can be gamed with repeatedly stake/withdraw

medium

Gauge reward period can be extended indefinitely

medium

Incorrect DebtToken totalSupply Scaling Breaks Interest Rate Calculations

medium

There is no logic checking for RAACNFT price staleness before minting it

medium

Concurrent Oracle Fulfillments Overwrite House IDs, which leads to Incorrect Pricing

Jan '25

Part 2

Part 2

557.45 usdc • 3 total findings • CodeHawks • greese

#23

high

The Deleverage Will apply twice on market USDtoken minting

high

Unclaimed Rewards Loss Due to Missing Validation in `VaultRouterBranch.stake()`

low

Users could potentially use their own referral code

Ignite

Ignite

340.20 usdc • CodeHawks • greese

#12

Dec '24

QuantAMM

QuantAMM

5.97 op • 1 total finding • CodeHawks • greese

#76

medium

Transferring deposit NFT doesn't check if the receiver exceeds the 100 deposit limit

Nov '24

Debita Finance V3

Debita Finance V3

76.84 USDC • 2 total findings • Sherlock • Greese

#34

high

Receipt NFTs will be permanently locked inside `buyOrder` when a user fills a buy order

medium

Old owner of receipt NFTs will still be a manager in the corresponding vault contract allowing them to perform perform unwanted actions with veNFTs

Oct '24

Dria

Dria

11.92 USDC • 3 total findings • CodeHawks • greese

#56

high

Subtraction in `variance()` will revert due to underflow

medium

Platform fees withdrawal will sweep oracle agents earned fees

medium

Request responses and validations can be mocked leading to extraction of fees and/or forcing other generators to lose their fees by making them outliers

AXION

AXION

323.43 USDC • 1 total finding • Sherlock • Greese

#8

high

`V2AMO` is not compatible with Aerodrome and Velodrome routers due to different pool address creation logic

Sep '24

Staking

Staking

349.41 USDC • CodeHawks • greese

#30

Boost Core Incentive Protocol

Boost Core Incentive Protocol

23.07 USDC • 1 total finding • Sherlock • Greese

#22

high

Unable to call some functions in the incentive contracts with onlyOwner modifier because of incorrect initialization leading to stuck funds

Flayer

Flayer

38.99 USDC • 1 total finding • Sherlock • Greese

#63

high

Attacker can steal a user's repaid protected listing if the buyer opts to withdraw their asset at another time

Aug '24

Fjord Token Staking

Fjord Token Staking

0.19 USDC • 1 total finding • CodeHawks • greese

#20

medium

[H-01] Auction tokens will be lost forever when auction ends without bids

Tadle

Tadle

0.00 USDC • 1 total finding • CodeHawks • greese

#177

high

TokenManager - Unlimited withdraw