https://sherlock-files.ams3.digitaloceanspaces.com/twitter_images/4a1179fe-928f-417c-8de9-ef98550a4d64.jpg

Sabit

Security Researcher

Smart Contract Security Researcher | Smart Contract Auditor | N.B. - I don't audit interest-based smart contracts.

Contact Me

High

8

Total

Medium

9

Total

$1.44K

Total Earnings

#1128 All Time

8x

Payouts

regular

2x

Top 10

regular

5x

Top 25

regular

6x

Top 50

All

Code4rena

Feb '25

THORWallet

THORWallet

0 USDC • 1 total finding • Code4rena • Sabit

#10

medium

Improper Transfer Restrictions on Non-Bridged Tokens Due to Boolean Bridged Token Tracking, Allowing a DoS Attack Vector

Dec '24

SecondSwap

SecondSwap

5.38 USDC • 4 total findings • Code4rena • Sabit

#48

high

`SecondSwap_Marketplace` vesting listing order affects how much the vesting buyers can claim at a given step

medium

Incorrect listing type validation bypasses enforcement of minimum purchase amount

medium

Listing potential can not be purchased with discounted price

medium

Incorrect referral fee calculations

Aug '24

Chakra

Chakra

337.65 USDT • 2 total findings • Code4rena • Sabit

#18

high

In settlement.cairo::receive_cross_chain_msg - the message will always be marked with Status::SUCCESS

high

SettlementSignatureVerifier is missing check for duplicate validator signatures

Jul '24

TraitForge

TraitForge

644.65 USDC • 2 total findings • Code4rena • Sabit

#8

high

Griefing attack on seller's airdrop benefits

medium

Funds can be locked indefinitely in NukeFund.sol

May '24

Munchables

Munchables

0.02 USDC • 3 total findings • Code4rena • Sabit

#15

high

Malicious User can call `lockOnBehalf` repeatedly extend a users `unlockTime`, removing their ability to withdraw previously locked tokens

high

Invalid validation allows users to unlock early

medium

Missing disapproval check in `LockManager.sol::approveUSDPrice` allows simultaneous approval and disapproval of a price proposal

Apr '24

Renzo

Renzo

0 USDC • Code4rena • Sabit

#58

DYAD

DYAD

205.73 USDC • 3 total findings • Code4rena • Sabit

#55

high

Attacker can make 0 value deposit() calls to deny user from redeeming or withdrawing collateral

high

Inability to perform partial liquidations allows huge positions to accrue bad debt in the system

medium

No incentive to liquidate small positions could result in protocol going underwater

Feb '24

AI Arena

AI Arena

246.18 USDC • 2 total findings • Code4rena • Sabit

#22

medium

Minter / Staker / Spender roles can never be revoked`..,

medium

Burner role can not be revoked