https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/373a29c4-9891-45ba-af9e-3ef60c11df01.jpg

Saurabh_Singh

Security Researcher

IT Junior National Institute of Technology,Jalandhar || Blockchain Security Auditor || Blockchain Developer

Contact Me

High

6

Total

Medium

7

Total

$89.00

Total Earnings

#1842 All Time

8x

Payouts

bronze

1x

3rd Places

regular

2x

Top 10

regular

3x

Top 25

All

Sherlock

Code4rena

CodeHawks

Feb '25

THORWallet

THORWallet

0.35 USDC • 1 total finding • Code4rena • Saurabh_Singh

#8

high

MergeTgt has no handling if TGT_TO_EXCHANGE is exceeded during the exchange period

Rova

Rova

0.04 USDC • 1 total finding • Sherlock • Saurabh_Singh

bronze

medium

Incorrect `if` check condition in the `updateParticipation` function for verifying `theminTokenAmountPerUser` for a user

Jan '25

Plaza Finance

Plaza Finance

2.86 USDC • 2 total findings • Sherlock • Saurabh_Singh

#90

high

The fee calculations in the `pool` contract are incorrect, with different total fee amounts calculated during user creation/redeem and when the `feeBeneficiary` claims.

medium

An attacker can intentionally prevent the auction from succeeding by placing a bid that makes the `totalSellReserveAmount` exceed the sale limit just before bidding ends.

Dec '24

QuantAMM

QuantAMM

11.54 op • 2 total findings • CodeHawks • saurabh_singh

#72

high

Fee Evasion via LP Token Transfer Resets Deposit Value

medium

quantAMMSwapFeeTake used for both getQuantAMMSwapFeeTake and getQuantAMMUpliftFeeTake.

SecondSwap

SecondSwap

2.81 USDC • 2 total findings • Code4rena • Saurabh_Singh

#60

high

Users can claim more that their actual allotment

medium

maxSellPercent can be buypassed by selling previously bought vestings at a later time

Oct '24

Dria

Dria

71.01 USDC • 5 total findings • CodeHawks • saurabh_singh

#19

high

Subtraction in `variance()` will revert due to underflow

high

Potential underflow vulnerability in score range calculation of `LLMOracleCoordinator::finalizeValidation`, leading to DoS.

medium

Request responses and validations can be mocked leading to extraction of fees and/or forcing other generators to lose their fees by making them outliers

medium

Unrestricted validation score range for validators in `LLMOracleCoordinator::validate`.

low

`LLMOracleCoordinator::request` lacks a check for non-empty `task.input`, making `assertValidNonce` easier to pass due to reduced uniqueness

Aug '24

Winnables Raffles

Winnables Raffles

0.76 USDC • 1 total finding • Sherlock • Saurabh_Singh

#38

medium

[MEDIUM]- User role can't be removed .The `_setRole` function cannot remove a role for a user due to incorrect implementation; it fails to remove the user's role.

Jul '24

TraitForge

TraitForge

0 USDC • Code4rena • Saurabh_Singh

#89