https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/defaults/default_avatar_2.png

Nyx

Security Researcher

Contact Me

High

38

Total

Medium

1

Solo

43

Total

$66.76K

Total Earnings

#125 All Time

51x

Payouts

silver

1x

2nd Places

bronze

2x

3rd Places

regular

14x

Top 10

All

Sherlock

Code4rena

Cantina

Feb '25

TermMax

TermMax

6,470.43 USDC • 4 total findings • Cantina • Nyksx

silver

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

Jan '25

dahlia-protocol

dahlia-protocol

1,535.13 USDC • 1 total finding • Cantina • Nyksx

#11

high

Finding not yet public.

infrared-contracts

infrared-contracts

1,186.35 USDC • 1 total finding • Cantina • Nyksx

#24

medium

Finding not yet public.

Dec '24

story-protocol

story-protocol

1,205.98 USDC • 1 total finding • Cantina • Nyksx

#47

high

Finding not yet public.

Nov '24

TermMax

TermMax

3,975.28 USDC • 1 total finding • Cantina • Nyksx

#4

high

Finding not yet public.

hyperlend

hyperlend

2,751.5 USDC • 2 total findings • Cantina • Nyksx

#5

high

Finding not yet public.

medium

Finding not yet public.

Oct '24

stakeup-bloomv2

stakeup-bloomv2

114.94 USDC • 2 total findings • Cantina • Nyksx

#50

medium

Finding not yet public.

medium

Finding not yet public.

mev-commit

mev-commit

430.24 USDC • 2 total findings • Cantina • Nyksx

#22

high

Finding not yet public.

high

Finding not yet public.

Aug '24

Perennial V2 Update #3

Perennial V2 Update #3

1,562.03 USDC • 2 total findings • Sherlock • Nyx

#5

high

Attackers can bypass The MarketFactory.authorization check

medium

Keepers can lose compensation fee

Jul '24

LoopFi

LoopFi

35.69 USDC • 2 total findings • Code4rena • Nyx

#45

medium

PositionAction.decreaseLever() fails to consider the loan fee in Flashlender when calculating loanAmount, as a result, the functionanlity will not work when protocolFee != 0.

medium

`PositionAction4626::increaseLever` will always revert

Velocimeter

Velocimeter

459.66 USDC • 3 total findings • Sherlock • Nyx

#19

high

Users can lose their tokens in the gauge

high

DOS attack by delegating tokens

medium

totalWeight can be wrong and this can cause wrong voting results

Jun '24

Size

Size

146.35 USDC • 2 total findings • Code4rena • Nyx

#43

high

Users won't liquidate positions because the logic used to calculate the liquidator's profit is incorrect

medium

LiquidateWithReplacement does not charge swap fees on the borrower

Mar '24

WOOFi Swap

WOOFi Swap

627.48 USDC • 1 total finding • Sherlock • Nyx

#9

medium

_handleERC20Received takes external fees even if the swap router isn't 1inch router

Feb '24

curvance

curvance

12,028.55 USDC • 4 total findings • Cantina • Nyksx

#10

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

arcadexyz/arcade-protocol

arcadexyz/arcade-protocol

10,453.37 USDC • 2 total findings • Cantina • Nyksx

bronze

medium

Finding not yet public.

medium

Finding not yet public.

Nov '23

core-and-erc1155a

core-and-erc1155a

5,937.33 USDC • 2 total findings • Cantina • Nyksx

#8

medium

Finding not yet public.

medium

Finding not yet public.

Nouns Builder

Nouns Builder

21.94 USDC • 1 total finding • Sherlock • Nyx

#9

high

Founders may get less tokens than expected

Oct '23

NextGen

NextGen

5.96 USDC • 2 total findings • Code4rena • Nyx

#97

medium

Bidder Funds Can Become Unrecoverable Due to 1 second Overlap in `participateToAuction()` and `claimAuction()`

medium

Auction winner can prevent payments via `safeTransferFrom` callback

Badger eBTC Audit + Certora Formal Verification Competition

Badger eBTC Audit + Certora Formal Verification Competition

3,243.95 USDC • 1 total finding • Code4rena • Nyx

#8

medium

Batched liquidations doesn't distribute bad debt on next batches in the list

Real Wagmi #2

Real Wagmi #2

345.93 USDC • 2 total findings • Sherlock • Nyx

#13

high

Usage of the Wrong borrowing key inside the takeOverDebt() can cause borrowers to lose funds

high

The borrower may receive lower profits because of slippage

Aloe

Aloe

443.47 USDC • 1 total finding • Sherlock • Nyx

#8

high

Wrong repay amount inside the liquidate function

zkSync Era

zkSync Era

656.33 USDC • Code4rena • Nyx

#33

Sep '23

Allo V2

Allo V2

2.50 USDC • 2 total findings • Sherlock • Nyx

#65

high

maxVoiceCreditsPerAllocator can be bypassed

medium

RFPSimpleStrategy._registerRecipient() cant be usable with useRegistryAnchor==true

Aug '23

Chainlink Staking v0.2

Chainlink Staking v0.2

44.97 USDC • Code4rena • Nyx

#56

Dopex

Dopex

158.31 USDC • 3 total findings • Code4rena • Nyx

#65

high

The settle feature will be broken if attacker arbitrarily transfer collateral tokens to the PerpetualAtlanticVaultLP

high

The peg stability module can be compromised by forcing lowerDepeg to revert.

medium

User can avoid paying high premium price by correctly timing his bond call

Jul '23

Moonwell

Moonwell

437.82 USDC • 1 total finding • Code4rena • Nyx

#22

medium

accrueInterest is expected to revert when the rate is higher than the maximum allowed rate, which is possible since the utilization can be more than 1

PoolTogether

PoolTogether

1,665.52 USDC • 3 total findings • Code4rena • Nyx

#15

high

`Vault.mintYieldFee` FUNCTION CAN BE CALLED BY ANYONE TO MINT `Vault Shares` TO ANY RECIPIENT ADDRESS

medium

Users can manipulate observation creation

medium

`drawManager` CAN BE SET TO A MALICIOUS ADDRESS

Tapioca DAO

Tapioca DAO

256.59 USDC • 2 total findings • Code4rena • Nyx

#62

high

`_liquidateUser()` should not re-use the same minimum swap amount out for multiple liquidation

medium

all deposit and withdraw function in Convex and Curve nativeLP Strategy, apply slippage on internal pricing; which call real-time on chain price from Curve directly and subject to MEV

May '23

USSD - Autonomous Secure Dollar

USSD - Autonomous Secure Dollar

7.15 USDC • 4 total findings • Sherlock • Nyx

#68

high

No slippage control

high

Impossible to rebalance with collaterals that have low decimals.

high

No access control in mint and burn functions.

medium

Chainlink's latestRoundData might return stale or incorrect results

Apr '23

GMX Update

GMX Update

5,623.72 USDC • 1 total finding • Sherlock • Nyx

#6

high

Limit orders are unnecessarily delayed by a block

JOJO Exchange

JOJO Exchange

219.99 USDC • 1 total finding • Sherlock • Nyx

#35

medium

Lack of slippage check

Teller

Teller

65.07 USDC • 3 total findings • Sherlock • Nyx

#39

medium

Missing access control in withdraw() function.

medium

Marketplace owner can front-run and manipulate fees

medium

Protocol doesn’t handle fee on transfer tokens

Frankencoin

Frankencoin

252 USDC • 2 total findings • Code4rena • Nyx

#30

high

Challenges can be frontrun with de-leveraging to cause lossses for challengers

medium

POSITION LIMIT COULD BE FULLY REDUCED TO ZERO BY CLONES

Caviar Private Pools

Caviar Private Pools

9.33 USDC • 1 total finding • Code4rena • Nyx

#70

medium

Royalty recipients will not get fair share of royalties

Rubicon v2

Rubicon v2

1.39 USDC • 2 total findings • Code4rena • Nyx

#116

high

DOS of market operations with malicious offers

medium

Calling `Position._marketBuy` and `Position._marketSell` functions that calculate `_fee` by dividing by `10000` can cause incorrect calculations

Mar '23

Polynomial Protocol contest

Polynomial Protocol contest

108.18 USDC • Code4rena • Nyx

#27

Feb '23

Derby

Derby

77.46 USDC • 1 total finding • Sherlock • Nyx

#32

high

Lack of slippage control

Blueberry

Blueberry

525.64 USDC • 2 total findings • Sherlock • Nyx

#21

medium

Position shouldn't be liquidatable when repay is not allowed.

medium

Chainlink's `latestRoundData` might return stale or incorrect results

Jan '23

Popcorn contest

Popcorn contest

57.5 USDC • 1 total finding • Code4rena • Nyx

#73

medium

`quitPeriod` is effectively always just `1 day`

Cooler

Cooler

31.00 USDC • 2 total findings • Sherlock • Nyx

#29

high

Use safeTransfer/safeTransferFrom instead of transfer/transferFrom

medium

The borrower can call roll() before lenders toggleRoll() call.

Dec '22

GoGoPool contest

GoGoPool contest

78.95 USDC • 2 total findings • Code4rena • Nyx

#61

medium

State Transition: Minipools can be created using other operator's AVAX deposit via recreateMinipool

medium

Bypass `whenNotPaused` modifier

Nov '22

DODO

DODO

514.19 USDC • 2 total findings • Sherlock • Nyx

bronze

medium

Usage of transfer() may revert.

medium

Use safeTransferFrom() instead of transferFrom().

FrankenDAO

FrankenDAO

67.07 USDC • 1 total finding • Sherlock • Nyx

#15

medium

Use safeTransferFrom() instead of transferFrom() for erc721 transfers

LooksRare Aggregator contest

LooksRare Aggregator contest

36.34 USDC • Code4rena • Nyx

#24

Debt DAO contest

Debt DAO contest

72.1 USDC • 2 total findings • Code4rena • Nyx

#46

medium

address.call{value:x}() should be used instead of payable.transfer()

medium

Borrower/Lender excessive ETH not refunded and permanently locked in protocol

Oct '22

Rage Trade

Rage Trade

2,529.70 USDC • 1 total finding • Sherlock • Nyx

#4

high

Attacker can steal funds

Paladin - Warden Pledges contest

Paladin - Warden Pledges contest

9.91 USDC • 1 total finding • Code4rena • Nyx

#35

medium

Owner can transfer all ERC20 reward token out using function recoverERC20

Illuminate

Illuminate

154.95 USDC • 1 total finding • Sherlock • Nyx

#23

high

Lender.mint() May Take The Illuminate PT As Input Which Will Transfer And Mint More Illuminate PT Cause an Infinite Supply

3xcalibur contest

3xcalibur contest

0 USDC • Code4rena • Nyx

#39

Trader Joe v2 contest

Trader Joe v2 contest

0.01 USDC • Code4rena • Nyx

#33

Blur Exchange contest

Blur Exchange contest

114.82 USDC • 1 total finding • Code4rena • Nyx

#20

high

StandardPolicyERC1155.sol returns amount == 1 instead of amount == order.amount