https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/984bd920-cb7c-4d3a-8f19-536d3f369c72.jpeg

Kose

Senior Watson

Independent EVM/SVM Security Researcher prev @GuardianAudits

Contact Me

High

4

Total

Medium

1

Solo

10

Total

$49.48K

Total Earnings

#192 All Time

8x

Payouts

gold

3x

1st Places

regular

4x

Top 10

regular

7x

Top 25

All

Sherlock

Hats Finance

Feb '25

Stealth

Stealth

37,000 USDC • Sherlock • Kose

gold

Findings not publicly available for private contests.

Apr '24

xKeeper

xKeeper

7,172.15 USDC • 2 total findings • Sherlock • Kose

gold

medium

Keep3r Relay Implementations are Not Compatible with Keep3r in Optimism and Executions Will Always Revert

medium

OpenRelay does not take into account the L1 fees in L2 deployments

Mar '24

Axis Finance

Axis Finance

150.71 USDC • 2 total findings • Sherlock • Kose

#21

high

All Accounting Is Broken Starting from Second Auction in Axis Because of Wrong Update in Storage

medium

Code that Written in Order to Optimize Gas, Instead Nearly Triples Gas Usage

Mento

Mento

3,571.42 USDC • 1 total finding • Sherlock • Kose

gold

medium

Participation to Governance Without Having a Lock is Possible by Taking Advantage of stop() Call

Feb '24

Blast Futures Exchange

Blast Futures Exchange

499.7 USDC • Hats • Kose

#4

Jun '23

Symmetrical

Symmetrical

1,025.76 USDC • 3 total findings • Sherlock • Kose

#17

medium

User account and its funds got stuck in liquidation phase

medium

System can get into a state where user actions are paused while liquidations not

medium

Malicious PartyB can force their PartyA's into liquidation

May '23

Iron Bank

Iron Bank

0.08 USDC • 1 total finding • Sherlock • Kose

#22

medium

Check for stale data before trusting Chainlink's response

USSD - Autonomous Secure Dollar

USSD - Autonomous Secure Dollar

60.86 USDC • 5 total findings • Sherlock • Kose

#35

high

No slippage parameter and expiration deadline in uniRouter

high

Anyone can mint and burn arbitrary amount of USSD

high

Users will lose significant amount of fund in mintForToken if they mint with WBTC

medium

Check for stale data before trusting Chainlink's response

medium

Because of missing slippage parameter, mintForToken() can be front-runned