https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/defaults/default_avatar_6.png

Jujic

Security Researcher

Contact Me

High

1

Total

Medium

17

Total

$17.87K

Total Earnings

#377 All Time

41x

Payouts

regular

5x

Top 10

regular

25x

Top 25

regular

34x

Top 50

All

Sherlock

Code4rena

Mar '23

Gitcoin

Gitcoin

329.30 USDC • Sherlock • Jujic

#11

Jan '23

Astaria contest

Astaria contest

25.33 USDC • 1 total finding • Code4rena • Jujic

#57

medium

Lack of support for fee-on-transfer token

Oct '22

Inverse Finance contest

Inverse Finance contest

34.01 USDC • 2 total findings • Code4rena • Jujic

#44

medium

Protocol withdrawals of collateral can be unexpectedly locked if governance sets the `collateralFactorBps` to 0.

medium

Chainlink oracle data feed is not sufficiently validated and can return stale `price`

Holograph contest

Holograph contest

26.35 USDC • Code4rena • Jujic

#39

The Graph L2 bridge contest

The Graph L2 bridge contest

20.79 USDC • Code4rena • Jujic

#16

Sep '22

Nouns Builder contest

Nouns Builder contest

60.77 USDC • Code4rena • Jujic

#97

Aug '22

Olympus DAO contest

Olympus DAO contest

11.03 USDC • 1 total finding • Code4rena • Jujic

#92

medium

[NAZ-M1] Chainlink's `latestRoundData` Might Return Stale Results

Rigor Protocol contest

Rigor Protocol contest

40.62 USDC • Code4rena • Jujic

#68

Jul '22

Golom contest

Golom contest

35.32 USDC • Code4rena • Jujic

#85

ENS contest

ENS contest

5.45 USDC • 1 total finding • Code4rena • Jujic

#71

medium

transfer() depends on gas consts

Jun '22

Connext Amarok contest

Connext Amarok contest

145.65 USDC • Code4rena • Jujic

#49

Apr '22

Badger Citadel contest

Badger Citadel contest

91.37 USDC • Code4rena • Jujic

#53

JPEG'd contest

JPEG'd contest

1,241.61 USDC • 2 total findings • Code4rena • Jujic

#13

medium

Chainlink pricer is using a deprecated API

medium

Oracle data feed is insufficiently validated.

Mar '22

Volt Protocol contest

Volt Protocol contest

586.89 USDC • Code4rena • Jujic

#8

Paladin contest

Paladin contest

934.14 USDC • 1 total finding • Code4rena • Jujic

#11

medium

Add a timelock to PaladinRewardReserve functions

LI.FI contest

LI.FI contest

694.4 USDC • 2 total findings • Code4rena • Jujic

#25

medium

WithdrawFacet's withdraw calls native payable.transfer, which can be unusable for DiamondStorage owner contract

medium

Reputation Risks with `contractOwner`

prePO contest

prePO contest

48.52 USDC • Code4rena • Jujic

#31

Biconomy Hyphen 2.0 contest

Biconomy Hyphen 2.0 contest

182.94 USDT • 1 total finding • Code4rena • Jujic

#37

medium

Incompatibility With Rebasing/Deflationary/Inflationary token

Feb '22

Hubble contest

Hubble contest

227.49 USDC • Code4rena • Jujic

#29

Redacted Cartel contest

Redacted Cartel contest

277.46 USDC • 1 total finding • Code4rena • Jujic

#21

medium

Send ether with call instead of transfer.

Aave Lens contest

Aave Lens contest

564.53 USDC • Code4rena • Jujic

#13

Badger Citadel contest

Badger Citadel contest

40.51 USDC • Code4rena • Jujic

#30

Concur Finance contest

Concur Finance contest

437.4 USDC • 2 total findings • Code4rena • Jujic

#27

medium

Owner can lock tokens in `MasterChef`

medium

[ConcurRewardPool] Possible reentrancy when claiming rewards

Jan '22

Notional contest

Notional contest

1,631.82 USDC • 1 total finding • Code4rena • Jujic

#8

medium

No upper limit on `coolDownTimeInSeconds` allows funds to be locked sNOTE owner.

Behodler contest

Behodler contest

8.37 USDC • Code4rena • Jujic

#31

Trader Joe contest

Trader Joe contest

1,616.67 USDT • 1 total finding • Code4rena • Jujic

#9

medium

Improper Upper Bound Definition on the Fee

ElasticSwap contest

ElasticSwap contest

213.59 USDC • Code4rena • Jujic

#11

Sherlock contest

Sherlock contest

358.43 USDC • Code4rena • Jujic

#17

Livepeer contest

Livepeer contest

92.63 tokens) • Code4rena • Jujic

#17

InsureDAO contest

InsureDAO contest

349.03 tokens) • Code4rena • Jujic

#22

Timeswap contest

Timeswap contest

97.53 USDC • Code4rena • Jujic

#20

XDEFI contest

XDEFI contest

77.58 USDC • Code4rena • Jujic

#22

Dec '21

Vader Protocol contest

Vader Protocol contest

109.45 USDC • Code4rena • Jujic

#14

Yeti Finance contest

Yeti Finance contest

1,392.9 USDC • Code4rena • Jujic

#12

Amun contest

Amun contest

336.92 USDC • Code4rena • Jujic

#21

PoolTogether TwabRewards contest

PoolTogether TwabRewards contest

51.14 USDC • Code4rena • Jujic

#23

Sublime contest

Sublime contest

1,213.36 USDC • 1 total finding • Code4rena • Jujic

#10

medium

Missing approve(0)

Kuiper contest

Kuiper contest

65.95 ETH • Code4rena • Jujic

#11

Mellow Protocol contest

Mellow Protocol contest

260.27 USDC • Code4rena • Jujic

#13

Nov '21

Streaming Protocol contest

Streaming Protocol contest

3,528.88 USDC • 1 total finding • Code4rena • Jujic

#10

high

Improper implementation of `arbitraryCall()` allows protocol gov to steal funds from users' wallets

Unlock Protocol contest

Unlock Protocol contest

405.5 USDC • Code4rena • Jujic

#14