https://sherlock-files.ams3.digitaloceanspaces.com/twitter_images/dd37881d-9821-4306-8fca-17d95f6ee777.jpg

SanketKogekar

Security Researcher

šŸ”‘ Smart Contract Security āš”ļø SaaS / AI / Web3 Builder šŸ’Ž Business / Venture Capital ā© DM - https://t.co/kZD4RYfdCh

Contact Me

High

7

Total

Medium

9

Total

$6.37K

Total Earnings

#680 All Time

19x

Payouts

bronze

1x

3rd Places

regular

2x

Top 10

regular

4x

Top 25

All

Sherlock

Code4rena

CodeHawks

Jan '24

MorpheusAI

MorpheusAI

4.59 USDC • 1 total finding • CodeHawks • SanketKogekar

#26

low

LayerZeroEndpoint.send() in L1Sender.sol may revert if the user does not provide enough native gas as specified

Curves

Curves

0 USDC • 2 total findings • Code4rena • SanketKogekar

#137

high

Unauthorized Access to setCurves Function

medium

Curves::_buyCurvesToken(), Excess of Eth received is not refunded back to the user.

Dec '23

The Standard

The Standard

0.24 USDC • 3 total findings • CodeHawks • SanketKogekar

#93

high

Rewards can be drained because of lack of access control

high

Looping over unbounded `pendingStakes` array can lead to permanent DoS and frozen funds

medium

Missing deadline check allow pending transactions to be maliciously executed

Oct '23

Steadefi

Steadefi

60.13 USDC • 2 total findings • CodeHawks • SanketKogekar

#35

medium

Chainlinks oracle feeds are not immutable

low

Lack of events for critical actions

Sep '23

Maia DAO - Ulysses

Maia DAO - Ulysses

25.68 USDC • Code4rena • SanketKogekar

#55

Centrifuge

Centrifuge

12.79 USDC • Code4rena • SanketKogekar

#34

Aug '23

Cooler Update

Cooler Update

0.70 USDC • 1 total finding • Sherlock • SanketKogekar

#20

medium

Missing check in `Cooler.provideNewTermsForRoll` which allows lender to modify loan terms

Sparkn

Sparkn

6.34 USDC • 2 total findings • CodeHawks • SanketKogekar

#67

low

If a winner is blacklisted on any of the tokens they can't receive their funds

low

Signature missing nonce & expiration deadline

PoolTogether V5: Part Deux

PoolTogether V5: Part Deux

300.75 USDC • 1 total finding • Code4rena • SanketKogekar

#17

medium

Missing `deadline` param in `swapExactAmountOut()` allowing outdated slippage and allow pending transaction to be executed unexpectedly.

Tangible Caviar

Tangible Caviar

6.15 USDC • Code4rena • SanketKogekar

#82

Good Entry

Good Entry

12.88 USDC • 1 total finding • Code4rena • SanketKogekar

#34

medium

Return value of low level `call` not checked.

Jul '23

CodeHawks Escrow Contract - Competition Details

CodeHawks Escrow Contract - Competition Details

3.12 USDC • 1 total finding • CodeHawks • SanketKogekar

#93

medium

[H-01] Lack of emergency withdraw function when no arbiter is set

Amphora Protocol

Amphora Protocol

5,087.73 USDC • 2 total findings • Code4rena • SanketKogekar

#5

high

Rounding error in `WUSDA` can result in loss of user funds, especially when manipulated by an attacker

high

Reentrancy issue with the 'withdraw' method of USDC. All tokens could be drained.

Beam

Beam

0.04 USDC • Sherlock • SanketKogekar

#43

Jun '23

Lybra Finance

Lybra Finance

9.93 USDC • Code4rena • SanketKogekar

#83

May '23

BASE

BASE

813.4 USDC • Code4rena • SanketKogekar

bronze
USSD - Autonomous Secure Dollar

USSD - Autonomous Secure Dollar

0.87 USDC • 3 total findings • Sherlock • SanketKogekar

#83

high

Missing access control on `mintRebalancer()` and `burnRebalancer()`

high

Incorrect decimals used in the `getPriceUSD` function which uses Chainlink oracle to fetch real time price.

medium

Chainlink's `latestRoundData` could return stale or incorrect result (and no implemention of try-catch block)

Footium

Footium

0.01 USDC • 1 total finding • Sherlock • SanketKogekar

#32

medium

Usage of `transfer()` in place of `safeTransfer()` for ERC20 tokens.

Apr '23

Frankencoin

Frankencoin

22.6 USDC • Code4rena • SanketKogekar

#66