Josiah

Security Researcher

Contact Me

High

Total

Medium

Total

$8.91K

Total Earnings

#698 All Time

37x

Payouts

5x

Top 10

16x

Top 25

30x

Top 50

All

Code4rena

Jun '23

Stader Labs

0 USDC • 1 total finding • Code4rena • Josiah

#37

medium

no bidder has incentive to bid the Auction except doing last-minute MEV due to fixed endBlock

May '23

Maia DAO Ecosystem

240.03 USDC • 1 total finding • Code4rena • Josiah

#50

medium

Unstaking `vMAIA` tokens on the first Tuesday of the month can be offset

Venus Protocol Isolated Pools

51.68 USDC • 1 total finding • Code4rena • Josiah

#43

medium

Exchange Rate can be manipulated

Apr '23

EigenLayer Contest

2,109.36 USDC • 1 total finding • Code4rena • Josiah

medium

A staker with verified over-commitment can potentially bypass slashing completely

ENS Contest

59.79 USDC • Code4rena • Josiah

#20

Frankencoin

36.76 USDC • 1 total finding • Code4rena • Josiah

#61

medium

POSITION LIMIT COULD BE FULLY REDUCED TO ZERO BY CLONES

Caviar Private Pools

80.67 USDC • 2 total findings • Code4rena • Josiah

#48

medium

Incorrect protocol fee is taken when changing NFTs

medium

Flash loan fee is incorrect in Private Pool contract

Rubicon v2

0.44 USDC • 1 total finding • Code4rena • Josiah

#120

medium

Calling `Position._marketBuy` and `Position._marketSell` functions that calculate `_fee` by dividing by `10000` can cause incorrect calculations

Mar '23

Asymmetry contest

42.06 USDC • Code4rena • Josiah

#83

Polynomial Protocol contest

1,201.95 USDC • Code4rena • Josiah

#11

Neo Tokyo contest

154.74 USDC • 1 total finding • Code4rena • Josiah

#18

high

Underflow of `lpPosition.points` during withdrawLP causes huge reward minting

Feb '23

Ethos Reserve contest

61.26 USDC • Code4rena • Josiah

#33

Jan '23

Popcorn contest

23.45 USDC • 2 total findings • Code4rena • Josiah

#85

high

First vault depositor can steal other's assets

medium

Fee on transfer token not supported

RabbitHole Quest Protocol contest

26.84 USDC • Code4rena • Josiah

#64

Timeswap contest

65.35 USDC • Code4rena • Josiah

#20

OpenSea Seaport 1.2 contest

140.67 USDC • Code4rena • Josiah

Ondo Finance contest

304.58 USDC • Code4rena • Josiah

#14

Astaria contest

69.09 USDC • Code4rena • Josiah

#51

Biconomy - Smart Contract Wallet contest

36.5 USDC • Code4rena • Josiah

#55

Dec '22

GoGoPool contest

484.34 USDC • Code4rena • Josiah

#37

Escher contest

991.64 USDC • 1 total finding • Code4rena • Josiah

medium

`buy()` in `LPDA.sol` Can be Manipulated by Buyers

Maverick contest

59.84 USDC • Code4rena • Josiah

#13

Nov '22

ParaSpace contest

292.01 USDC • Code4rena • Josiah

#36

Canto contest

59.89 CANTO • Code4rena • Josiah

#11

Redacted Cartel contest

53.49 USDC • Code4rena • Josiah

#46

LSD Network - Stakehouse contest

58.28 USDC • 1 total finding • Code4rena • Josiah

#50

medium

Calling `updateNodeRunnerWhitelistStatus` function always reverts

Blur Exchange contest

548.16 USDC • 1 total finding • Code4rena • Josiah

#14

medium

Hacked owner or malicious owner can immediately steal all assets on the platform

LooksRare Aggregator contest

330.18 USDC • Code4rena • Josiah

#10

SIZE contest

720.22 USDC • 1 total finding • Code4rena • Josiah

medium

Incompatibility with fee-on-transfer/inflationary/deflationary/rebasing tokens, on both base tokens and quote tokens, with varying impacts

Debt DAO contest

61.35 USDC • Code4rena • Josiah

#50

Chainlink Staking contest

192.86 USDC • Code4rena • Josiah

#15

Oct '22

Paladin - Warden Pledges contest

180.64 USDC • Code4rena • Josiah

#24

Inverse Finance contest

36.73 USDC • Code4rena • Josiah

#42

Holograph contest

55.67 USDC • Code4rena • Josiah

#36

3xcalibur contest

34.98 USDC • Code4rena • Josiah

#33

Trader Joe v2 contest

0.01 USDC • 1 total finding • Code4rena • Josiah

#32

medium

Very critical `Owner` privileges can cause complete destruction of the project in a possible privateKey exploit

The Graph L2 bridge contest

50.28 USDC • Code4rena • Josiah

#15