RedOneN

Security Researcher

Contact Me

High

Total

Medium

Total

$1.77K

Total Earnings

#1255 All Time

18x

Payouts

4x

Top 25

10x

Top 50

All

Code4rena

Jul '23

Tapioca DAO

387.51 USDC • 4 total findings • Code4rena • RedOneN

#59

high

Reentrancy in `USDO.flashLoan()`, enabling an attacker to borrow unlimited USDO exceeding the max borrow limit

high

Collateral can be locked in BigBang contract when `debtStartPoint` is nonzero

high

Ability to steal user funds and increase collateral share infinitely in BigBang and Singularity

medium

`totalCollateralShare` state variable not updated in `Singularity` market upon liquidation, resulting in an error on `addCollateral` with skim functionality

Jun '23

Lybra Finance

63.43 USDC • 1 total finding • Code4rena • RedOneN

#68

medium

Understatement of `poolTotalPeUSDCirculation` amounts due to incorrect accounting after function `_repay` is called

Nov '22

SIZE contest

49.89 USDC • 1 total finding • Code4rena • RedOneN

#32

medium

Attacker may DOS auctions using invalid bid parameters

Debt DAO contest

117.29 USDC • 2 total findings • Code4rena • RedOneN

#39

medium

address.call{value:x}() should be used instead of payable.transfer()

medium

Borrower/Lender excessive ETH not refunded and permanently locked in protocol

Oct '22

Holograph contest

277.94 USDC • 1 total finding • Code4rena • RedOneN

#23

medium

`_payoutToken[s]()` is not compatible with tokens with missing return value

Jul '22

ENS contest

215.78 USDC • 2 total findings • Code4rena • RedOneN

#29

medium

transfer() depends on gas consts

medium

The `unwrapETH2LD` use `transferFrom` instead of `safeTransferFrom` to transfer ERC721 token