Security Researcher
Information Security Engineer, Bug Hunter @ #Hackerone | whitehat @Immunefi | CTF player | currently into web3 security. |
High
Total
Medium
Total
Total Earnings
#406 All Time
Payouts
Top 10
Top 25
Top 50
All
Sherlock
Code4rena
Cantina
CodeHawks
May '25
high
high
high
Apr '25
high
medium
Mar '25
Feb '25
medium
high
ZENO Token Redemption Returns Negligible USDC Amount Compared to Purchase Price
high
Incorrect decimal handling in `Auction::buy()` leads to massive overpayment for ZENO tokens
high
RAACNFT mint function receives funds to address(this) but has no way of withdrawing them
high
`BaseGauge` users can claim rewards without staking
high
Gauge period cannot be updated
high
Wrong use of the `GaugeController::typeWeights` multiplier in `GaugeController::_calculateReward` causes a reduction in gauge rewards instead
high
`GaugeController` does not send funds to FeeCollector disrupting fees distribution and causing loss of funds
high
Multiple issues from unnecessary balance increase calculation in DebtToken.mint
high
Double Usage Index Scaling in StabilityPool Liquidation Inflates Required CRVUSD Balance
high
Ownership Parameter Mismatch in LendingPool’s Vault Withdrawal Logic
high
Treasury Balance Tracking Bypass in FeeCollector
high
Gauge rewards are not transferred to gauge when distributeRewards() is called
medium
Missing StabilityPool Integration in `mintRewards` Function
medium
LendingPool deposits do not work with CurveVault due to lack of funds
medium
Insufficient Balance Validation in BaseGauge Can Lead to Reward Insolvency
medium
Token Accounting Mismatch Between tick() and mintRewards() in RAACMinter
low
Missing Controller Functions in GaugeController
Jan '25
high
high
high
high
medium
high
Dec '24
Oct '24
Aug '24
Jul '24
May '24
Mar '24
Feb '24
medium
medium
high
Jan '24
Dec '23
Oct '23
high
Lenders can escape the blacklisting of their accounts because they can move their MarketTokens to different accounts and gain the WithdrawOnly Role on any account they want
high
Borrower has no way to update `maxTotalSupply` of `market` or close market.
high
Borrower can drain all funds of a sanctioned lender
Sep '23
Aug '23
high
The settle feature will be broken if attacker arbitrarily transfer collateral tokens to the PerpetualAtlanticVaultLP
high
The peg stability module can be compromised by forcing lowerDepeg to revert.
high
`UniV3LiquidityAMO::recoverERC721` will cause `ERC721` tokens to be permanently locked in `rdpxV2Core`
Jul '23
medium
Proposals which intend to send native tokens to target addresses can't be executed
medium
missing check for the max/min price in the `chainlinkOracle.sol` contract
medium
accrueInterest is expected to revert when the rate is higher than the maximum allowed rate, which is possible since the utilization can be more than 1
high
Reentrancy in `USDO.flashLoan()`, enabling an attacker to borrow unlimited USDO exceeding the max borrow limit
high
TOFT and USDO Modules Can Be Selfdestructed
medium
all deposit and withdraw function in Convex and Curve nativeLP Strategy, apply slippage on internal pricing; which call real-time on chain price from Curve directly and subject to MEV
May '23
high
Removing a BribeFlywheel from a Gauge does not remove the reward asset from the rewards depo, making it impossible to add a new Flywheel with the same reward token
high
Missing unwrapping of native token in RootBridgeAgent.sweep() causes fees to be stuck
high
Multiple issues with decimal scaling will cause incorrect accounting of hTokens and underlying tokens
medium
deposit gas through depositGasAnycallConfig should not withdraw the nativeToken
Apr '23
Feb '23