https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/defaults/default_avatar_6.png

Madalad

Security Researcher

Contact Me

High

12

Total

Medium

32

Total

$12.93K

Total Earnings

#475 All Time

37x

Payouts

silver

1x

2nd Places

bronze

1x

3rd Places

regular

4x

Top 10

All

Sherlock

Code4rena

Immunefi

Nov '23

Audit Comp | DeGate

Audit Comp | DeGate

1,000 USDC • 1 total finding • Immunefi • Madalad

#22

low

Finding not yet public.

Canto Application Specific Dollars and Bonding Curves for 1155s

Canto Application Specific Dollars and Bonding Curves for 1155s

1.37 USDC • 1 total finding • Code4rena • Madalad

#31

medium

No slippage protection for Market functions

Kelp DAO | rsETH

Kelp DAO | rsETH

7.42 USDC • 1 total finding • Code4rena • Madalad

#51

high

The price of rsEHT could be manipulated by the first staker

Oct '23

Party Protocol

Party Protocol

445.14 USDC • 1 total finding • Code4rena • Madalad

#15

high

Single host can unfairly skip veto period for proposal that does not have full host support

NextGen

NextGen

14.33 USDC • 2 total findings • Code4rena • Madalad

#86

high

Attacker can drain all ETH from AuctionDemo when block.timestamp == auctionEndTime

medium

Auction winner can prevent payments via `safeTransferFrom` callback

Ethena Labs

Ethena Labs

1,957.12 USDC • 2 total findings • Code4rena • Madalad

silver

medium

users still forced to follow previously set cooldownDuration even when cooldown is off (set to zero) before unstaking

medium

Malicious users can front-run to cause a denial of service (DoS) for StakedUSDe due to MinShares checks

Badger eBTC Audit + Certora Formal Verification Competition

Badger eBTC Audit + Certora Formal Verification Competition

162.76 USDC • Code4rena • Madalad

#13

The Wildcat Protocol

The Wildcat Protocol

218.53 USDC • 1 total finding • Code4rena • Madalad

#33

medium

`create2WithStoredInitCode()` does not revert if contract deployment failed

Aug '23

Good Entry

Good Entry

250.17 USDC • 1 total finding • Code4rena • Madalad

#20

medium

First depositor can break minting of liquidity shares in GeVault

Jul '23

Tapioca DAO

Tapioca DAO

2,851.56 USDC • 10 total findings • Code4rena • Madalad

#25

high

Tokens can be stolen from other users who have approved Magnetar

high

Potential 99.5% loss in `emergencyWithdraw()` of two Yieldbox strategies

medium

token mights stuck in MagnetarMarketModule contract if the asset doesn't support cross-chain operation

medium

`MagnetarV2#burst` double counts `msg.value` for `TOFT_WRAP` operation, making the transaction revert unless the user overpays

medium

`StargateStrategy#_withdraw`: ether becomes trapped in the contract whenever a user withdraws

medium

`StargateStrategy#_currentBalance` calculation is incorrect and may lead to DoS

medium

all deposit and withdraw function in Convex and Curve nativeLP Strategy, apply slippage on internal pricing; which call real-time on chain price from Curve directly and subject to MEV

medium

Some actions inside MagnetarV2.burst will not work because msg.value is used inside delegate call

medium

Potential loss of value in YieldBox's `depositETHAsset()`

medium

[HB09] `emergencyWithdraw` on all strategy contracts useless without a pause mechanism

Jun '23

Llama

Llama

54.53 USDC • 1 total finding • Code4rena • Madalad

#21

medium

It is not possible to execute actions that require ETH (or other protocol token)

Stader Labs

Stader Labs

41.33 USDC • 1 total finding • Code4rena • Madalad

#32

medium

Chainlink's `latestRoundData` may return stale or incorrect result

May '23

Maia DAO Ecosystem

Maia DAO Ecosystem

546.05 USDC • 4 total findings • Code4rena • Madalad

#42

medium

[M-01] Some functions in Talos contracts does not allow user to supply slippage and deadline, which may cause swap revert

medium

RestakeToken function is not permissionless

medium

Lack of slippage protection can lead to significant loss of user funds

medium

Protocol fees can become trapped indefinitely inside Talos vault contracts

Iron Bank

Iron Bank

109.39 USDC • 3 total findings • Sherlock • Madalad

#10

medium

Chainlink's `latestRoundData` may return stale or incorrect result

medium

Chainlink aggregators return the incorrect price if it drops below `minAnswer`

medium

Missing check if Chainlink sequencer is down

BASE

BASE

813.4 USDC • Code4rena • Madalad

bronze
USSD - Autonomous Secure Dollar

USSD - Autonomous Secure Dollar

33.33 USDC • 5 total findings • Sherlock • Madalad

#49

high

Missing deadline checks allow pending transactions to be maliciously executed

high

Incorrect initialization of `ethOracle`

high

Anyone can arbitrarily inflate the USSD `totalSupply` and cause DoS

medium

Chainlink's latestRoundData return stale or incorrect result

medium

Oracles will return the wrong price for asset if underlying aggregator hits minAnswer

Index

Index

0.17 USDC • 1 total finding • Sherlock • Madalad

#25

medium

Use of deprecated Chainlink functions

Juicebox Buyback Delegate

Juicebox Buyback Delegate

321.72 USDC • Code4rena • Madalad

#12

Apr '23

Frankencoin

Frankencoin

22.6 USDC • Code4rena • Madalad

#66

Caviar Private Pools

Caviar Private Pools

5.77 USDC • 1 total finding • Code4rena • Madalad

#74

high

Risk of silent overflow in reserves update

Rubicon v2

Rubicon v2

76.85 USDC • 1 total finding • Code4rena • Madalad

#64

medium

Calling `Position._marketBuy` and `Position._marketSell` functions that calculate `_fee` by dividing by `10000` can cause incorrect calculations

Mar '23

Asymmetry contest

Asymmetry contest

23.92 USDC • Code4rena • Madalad

#99

Canto Identity Subprotocols contest

Canto Identity Subprotocols contest

12.03 USDC • Code4rena • Madalad

#29

zkSync Era System Contracts contest

zkSync Era System Contracts contest

237.7 USDC • Code4rena • Madalad

#11

Neo Tokyo contest

Neo Tokyo contest

2,868.66 USDC • 1 total finding • Code4rena • Madalad

#5

high

Updating a pool's total points doesn't affect existing stake positions for rewards calculation

Wenwin contest

Wenwin contest

103.11 USDC • Code4rena • Madalad

#23

Aragon Protocol contest

Aragon Protocol contest

53.96 USDC • Code4rena • Madalad

#15

Feb '23

Ethos Reserve contest

Ethos Reserve contest

42.07 USDC • Code4rena • Madalad

#34

Jan '23

Popcorn contest

Popcorn contest

69.82 USDC • Code4rena • Madalad

#70

Cooler

Cooler

0.30 USDC • 1 total finding • Sherlock • Madalad

#30

high

Use OpenZeppelin's `SafeERC20` library for ERC20 token transfers

Reserve contest

Reserve contest

72.44 USDC • Code4rena • Madalad

#27

Dec '22

Forgeries contest

Forgeries contest

155.98 USDC • 1 total finding • Code4rena • Madalad

#15

medium

Protocol safeguards for time durations are skewed by a factor of 7. Protocol may potentially lock NFT for period of 7 years.

Caviar contest

Caviar contest

14.83 USDC • Code4rena • Madalad

#45

Tigris Trade contest

Tigris Trade contest

231.18 USDC • 2 total findings • Code4rena • Madalad

#38

medium

GovNFT: maxBridge has no effect

medium

Centralization risks: owner can freeze withdraws and use timelock to steal all funds

prePO contest

prePO contest

52.84 USDC • 1 total finding • Code4rena • Madalad

#30

medium

Manager can get around min reserves check, draining all funds from Collateral.sol

Escher contest

Escher contest

2.18 USDC • 2 total findings • Code4rena • Madalad

#65

high

`LPDA` price can underflow the price due to bad settings and potentially brick the contract

medium

ETH will get stuck if all NFTs do not get sold.

PoolTogether contest

PoolTogether contest

53.42 USDC • Code4rena • Madalad

#12