Security Researcher
High
Total
Medium
Total Earnings
#2011 All Time
Payouts
3rd Places
Top 10
Top 25
All
Sherlock
Code4rena
Sep '25
29.43 OP • 2 total findings • Sherlock • Josh4324
#38
high
Reward Index Reset Vulnerability in stake / unstake
Users can claim cashback for Old Trades predating the CashbackClaim startTIme in SuperDCACashback
Aug '25
44.80 USDC • 1 total finding • Sherlock • Josh4324
#11
medium
Missing claimed Update in Claim Function in InflationaryVest.vy
Feb '25
48.11 USDC • 1 total finding • Sherlock • Josh4324
#16
Uninitialized feeRecipient in Leverager.sol
0.04 USDC • 1 total finding • Sherlock • Josh4324
Incorrect Handling of Token Amount Updates in updateParticipation
Jan '25
0.02 USDC • 2 total findings • Code4rena • Josh4324
The calculation of `totalAssets()` could be wrong if `operatorFeeAmount` > 0, this can cause potential loss for the new depositors
Incorrect Logic in onlyOperator Modifier Leading to Denial-of-Service for Authorized Operators Across Critical Functions
Apr '24
3.82 USDC • 1 total finding • Code4rena • Josh4324
#109
Unable to withdraw Kerosene from `vaultmanagerv2::withdraw` as it expects a `vault.oracle()` method which is missing in Kerosene vaults
Feb '24
0.1 USDC • 2 total findings • Code4rena • Josh4324
#183
A locked fighter can be transferred; leads to game server unable to commit transactions, and unstoppable fighters
Non-transferable `GameItems` can be transferred with `GameItems::safeBatchTransferFrom(...)`
