https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/defaults/default_avatar_1.png

OpaBatyo

Security Researcher

Contact Me

High

34

Total

Medium

2

Solo

33

Total

$12.19K

Total Earnings

#490 All Time

13x

Payouts

silver

1x

2nd Places

bronze

1x

3rd Places

regular

5x

Top 10

All

Sherlock

Code4rena

Cantina

CodeHawks

Apr '25

ZKP2P V2

ZKP2P V2

672.40 OP • Sherlock • OpaBatyo

#5

Findings not publicly available for private contests.

Aegis.im YUSD

Aegis.im YUSD

139.83 OP • 1 total finding • Sherlock • OpaBatyo

bronze

medium

Malicious user can DoS whole period redeems when limit is in place

Mar '25

Crestal Network

Crestal Network

0.01 USDC • 1 total finding • Sherlock • OpaBatyo

#12

high

Any unused approvals to `BlueprintV5.sol` can be used to steal funds

Symmio, Staking and Vesting

Symmio, Staking and Vesting

8.90 USDC • 2 total findings • Sherlock • OpaBatyo

#16

medium

Attacker can easily disrupt reward distribution and render `SymmStaking` useless

medium

Adding liquidity to the LP will revert in some cases

Feb '25

Core Contracts

Core Contracts

1,767.99 usdc • 45 total findings • CodeHawks • OpaBatyo

#4

high

Wrong amount is minted to user when they deposit into the lending pool

high

Multiple Delegation by Double Spending Boosts and Lack of Delegation Tracking in BoostController Contract

high

`BaseGauge` users can claim rewards without staking

high

`GaugeController` does not send funds to FeeCollector disrupting fees distribution and causing loss of funds

high

Reward manipulation vulnerability in StabilityPool

high

Incorrect Reward Claim Logic in FeeCollector::claimRewards Causes Denial of Service

high

Attackers can get most of RAACToken rewards by withdrawing dust amount from StabilityPool multiple times

high

NFTs Get Permanently Locked in Stability Pool After Liquidation

high

Double Usage Index Scaling in StabilityPool Liquidation Inflates Required CRVUSD Balance

high

Ownership Parameter Mismatch in LendingPool’s Vault Withdrawal Logic

high

Lack of Access Control in BoostController::updateUserBoost Leading to Unauthorized Delegation Overwrite.

high

Treasury Balance Tracking Bypass in FeeCollector

high

Attackers can double voting power and veToken amount by locking and increasing

high

Gauge Voting Misallocation Vulnerability

high

The total voting power of all veRAAC tokens is wrongly assigned

high

Interest Accrual Failure Due to Incorrect Scaling in RToken Implementation

high

Incorrect Debt Token Accounting Due to Multiple Scaling Issues

high

Gauge rewards are not transferred to gauge when distributeRewards() is called

high

Untracked Direct Fee Transfers from RAACToken to FeeCollector Break Fee Distribution System

high

Ineffective Time-Weighted Average Implementation in Fee Distribution

medium

`MAX_TOTAL_SUPPLY` Bypass in `veRAACToken` via `increase()` Function

medium

Missing Boost Balance and other parameters Update in veRAACToken Functions. Incomplete Boost State Updates Result in Inaccurate Voting Power and Reward Distribution

medium

Incorrect utilization rate forces protocol to issue maximum rewards indefinitely

medium

RToken.transferFrom() Does Not Scale User Balances Due to Stale Liquidity Index

medium

LendingPool deposits do not work with CurveVault due to lack of funds

medium

Liquidation Cannot Be Closed Even With Healthy Position Due To Strict Debt Check

medium

Using balanceOf Instead of Voting Power

medium

There is no logic checking for RAACNFT price staleness before minting it

medium

Treasury Contract Deposit Function Can Be Frontrun To Deny Protocol Operations

medium

Workingsupply would always be overwritten in boostcontroller.sol impacting reward calculations

medium

Emergency revoke in RAACReleaseOrchestrator will freeze revoked RAAC tokens in orchestrator

medium

Insufficient Balance Validation in BaseGauge Can Lead to Reward Insolvency

medium

`veRAACToken::_updateBoostState` function sets individual user voting power instead of system-wide totals

medium

Missing Boost State Update in extend() and withdraw()

medium

Gauge emissions revert when emissions are higher than the leftover buffer instead of depositing the difference

medium

User may not be able to increase the amount of locked RAAC tokens

medium

`GaugeController::distributeRewards` can be called multiple times by anyone, leading to excessive reward distribution

medium

Lack of Time-Weighted Voting and Weight Decay in GaugeController

low

Limited veRaac Token Supply Triggers DoS, Hampering Proper Governance Participation.

low

Irreversible emission cap reduction in BaseGauge

low

Impossible to rescue funds from `RToken` contract

low

Incorrect Initialization of minBoost in BaseGauge Constructor Breaks Core Contract Functionality

low

Missing Checkpoint Reset in `veRAACToken::emergencyWithdraw` Function

low

Missing Pause Functionality in veRAACToken Contract Can Be Abused When Emergency Withdrawal Mechanism Is Activated

low

`FeeCollector::updateFeeType` wrong fee share validation leads to impossible update for some fee types

Jan '25

Peapods

Peapods

130.12 USDC • 1 total finding • Sherlock • OpaBatyo

#24

medium

Hardcoded addresses

Dec '24

Alchemix Transmuter

Alchemix Transmuter

3.30 op • 2 total findings • CodeHawks • OpaBatyo

#28

low

Missing Router Update Mechanism in StrategyMainnet Contract

low

Old router retains token allowance after update

Numa

Numa

4,647.12 USDC • 2 total findings • Sherlock • OpaBatyo

#6

medium

Buy fee PID is updated with wrong amounts leading to unexpected fee growth

medium

Vaults can be purposefully bricked by leaving small amounts of rETH

Teller Lender Groups Update Audit

Teller Lender Groups Update Audit

3,648.53 USDC • 3 total findings • Sherlock • OpaBatyo

silver

high

Lenders can force borrowers into liquidation

high

Lender group members can be prevented from burning their shares forever

medium

Overpaying a loan can DoS an entire lender commitment group

Lambo.win

Lambo.win

34.72 USDC • 2 total findings • Code4rena • OpaBatyo

#28

high

Minting zero tokens when underlyingToken is not Ether in cashIn()

medium

`sellQuote` and `buyQuote` are missing deadline check in `LamboVEthRouter`

Sep '24

Royco Protocol

Royco Protocol

84.39 USDC • 4 total findings • Cantina • OpaBatyo

#42

high

Finding not yet public.

high

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

Flayer

Flayer

952.52 USDC • 7 total findings • Sherlock • OpaBatyo

#16

high

Malicious attacker can brick users claiming sale proceeds from collection shutdown by reclaiming vote

high

`ERC721Bridgable` cannot receive ETH for royalty payouts

high

Users cannot claim royalties for `ERC1155`

high

Users can create permanent protected listings and inflate interest rates

medium

If a collection has been shutdown but later re-initialized, it cannot be shutdown again

medium

Users can dodge `createListing` fees

medium

Users can sandwich unlocking their protected listings to pay less fees

Aug '24

Phi

Phi

96.86 USDC • 6 total findings • Code4rena • OpaBatyo

#19

high

Unrestricted Changes to Token Settings Allow Artists to Alter Critical Features

high

Exposed `_removeCredIdPerAddress` & `_addCredIdPerAddress` allows anyone to cause issues to current holders as well as upcoming ones

high

`shareBalance` bloating eventually blocks curator rewards distribution

high

Signature replay in `createArt` allows to impersonate artist and steal royalties

medium

Refunds sent to incorrect addresses in certain cases

medium

Incorrect Fee Handling Prevents Protocol from Updating Fees