https://sherlock-files.ams3.digitaloceanspaces.com/twitter_images/31ef13fb-2d90-402a-8d62-566d3f377f5d.jpg

TheSavageTeddy

Security Researcher

aka TheSavageTeddy | 🚩Vice Captain - @EmuExploit CTF team | Highschool | DEFCON 32 Finalist | OSCP

Contact Me

High

Total

Medium

Total

$1.10K

Total Earnings

#1275 All Time

5x

Payouts

1x

Top 10

3x

Top 25

4x

Top 50

All

Code4rena

Apr '24

DYAD

763.89 USDC • 6 total findings • Code4rena • TheSavageTeddy

high

Attacker can make 0 value deposit() calls to deny user from redeeming or withdrawing collateral

high

Design flaw and mismanagement in vault licensing leads to double counting in collateral ratios and positions collateralized entirely with kerosine

high

Users can get their Kerosene stuck until TVL becomes greater than Dyad's supply

high

Flash loan protection mechanism can be bypassed via self-liquidations

medium

Attacker can frontrun to prevent vaults from being removed from the dNFT owner's position

medium

Incorrect deployment / missing contract will break functionality

Feb '24

Althea Liquid Infrastructure

155.22 USDC • 2 total findings • Code4rena • TheSavageTeddy

#16

high

Holders array can be manipulated by transferring or burning with amount 0, stealing rewards or bricking certain functions

medium

Distribution can be bricked, and double claims by a few holders are possible when owner calls `LiquidInfrastructureERC20::setDistributableERC20s`

Jul '23

Basin

75.99 USDC • Code4rena • TheSavageTeddy

#21

May '23

Maia DAO Ecosystem

62.33 USDC • Code4rena • TheSavageTeddy

#64

Feb '23

Ethos Reserve contest

42.07 USDC • Code4rena • TheSavageTeddy

#34