Security Researcher
Securiy Audit Service Company in Tokyo
High
Total
Medium
Total Earnings
#1222 All Time
Payouts
Top 10
Top 25
Top 50
All
Sherlock
Code4rena
Feb '25
109.12 USDC • Sherlock • Bugvorus
#29
Aug '24
3.41 USDC • 1 total finding • Sherlock • ravikiran.web3
#17
medium
VaultCore::depositLv and previewLvDeposit functions will not work as expected due to incorrect implementation of Modifier
3.15 USDC • Sherlock • ravikiran.web3
#28
4.49 USDC • 2 total findings • Code4rena • TECHFUND-inc
#49
`PhiFactory:claim` Potentially Causing Loss of Funds If `mintFee` Changed Beforehand
Refunds sent to incorrect addresses in certain cases
14.70 USDC • 1 total finding • Sherlock • ravikiran.web3
#41
validation to liquidation should include Liquidation fees as they are liable from customers
Jul '24
0.01 USDC • 2 total findings • Code4rena • TECHFUND-inc
#88
Pause and unpause functions are inaccessible
Discrepancy between nfts minted, price of nft when a generation changes & position of `_incrementGeneration()` inside `_mintInternal()` & `_mintNewEntity()`
0.39 USDC • 1 total finding • Code4rena • TECHFUND-inc
#48
high
Single plot can be occupied by multiple renters
0.35 USDC • Sherlock • Gowtham_Ponnana
#119
213.68 USDC • 1 total finding • Sherlock • Bugvorus
#8
H-2: VouchFacet::claimTokens lacks to update the state after operation causes caller to claim token much more than they should.
0.48 USDC • 1 total finding • Sherlock • Gowtham_Ponnana
#63
Non-Admins can able to Add/Modify an existing Staking Position without any owner or allowance rights.
0.48 USDC • 1 total finding • Sherlock • dev0cloo
Improper Access Control of addToPosition() allows anyone to increase the position of any existing lsNFT
11.00 USDC • 1 total finding • Sherlock • dev0cloo
#52
Claimable rewards are permanently locked in Voter.sol when `killGaugeTotally()` is called
Jun '24
18.87 USDC • 1 total finding • Code4rena • TECHFUND-inc
#19
Due to the use of `msg.value` in for loop, anyone can drain all the funds from the `THORChain_Router` contract
May '24
323.85 USDC • 1 total finding • Code4rena • TECHFUND-inc
#20
`updateIRMParams` does not call `applyInterestForToken` before updating `irmParams` which leads to incorrect calculation of interest rate for subsequent trades.
Jan '24
15.14 USDC • Sherlock • ravikiran.web3
#24
371.15 USDC • 2 total findings • Sherlock • ravikiran.web3
#6
StakingRewardManager::topUp() implementation is buggy
CouncilMember::burn() function is incorrectly implemented
May '23
1.32 USDC • 3 total findings • Sherlock • ravikiran.web3
#80
Chainlink address for StableOracleWBTC is wrong
Minting and Burning are exposed as public function in USSD contract, there is no restriction
removeCollateral function in USSD is risky as it does not check of index to be with in valid range.
0.00 USDC • 1 total finding • Sherlock • ravikiran.web3
#35
FootiumEscrow contract's transferERC20 function is not checking the status of the transfer.