https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/7ab0faff-7cc8-4b18-8f56-33954ae990cc.png

Valves

Security Researcher

Core team @Vesko_210 | @Merulez99 Book now: https://t.me/Vesko210

Contact Me

High

Total

Medium

Total

$18.77K

Total Earnings

#460 All Time

6x

Payouts

1x

1st Places

2x

3rd Places

5x

Top 10

All

Sherlock

Code4rena

Cantina

Jan '26

Olas

336.64 USDC • 5 total findings • Code4rena • Valves

#26

high

Finding not yet public.

high

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

Flying Tulip

4,309.47 USDC • Sherlock • Valves

Dec '25

Panoptic: Next Core

9,260.89 USDC • 5 total findings • Code4rena • Valves

high

BuilderWallet `init()` is unprotected/re-initializable, enabling takeover and theft of builder fees

medium

Self-settlement via `dispatchFrom` bypasses refund mechanism allowing underfunded debt settlement

medium

Withdrawing just before a bad debt event can increase losses for remaining liquidity providers

medium

`dispatchFrom()` Liveness DoS via `StaleOracle`: Spot Price Manipulation Blocks Liquidations, Force Exercises, and Premium Settlements

medium

Commission Share-Burn Distribution is JIT-Capturable When `builderCode == 0` (Default)

Monolith Stablecoin Factory

1,691.10 USDC • 2 total findings • Sherlock • Valves

high

Borrower can extract unbacked Coin at the expense of the protocol

medium

A single borrower being written off will create unbacked stablecoins for all users

Nov '25

SukukFi

2,652.15 USDC • 3 total findings • Code4rena • Valves

high

Missing access control in `WERC7575Vault` allows unauthorized withdrawals

medium

The unregistering of vaults can be DoSed by a malicious user.

medium

Stale Redemption Liabilities Lead to Leveraged Losses for Remaining Shareholders and Potential Denial of Service

Oct '25

Avon-Contracts

524.22 USDC • 5 total findings • Cantina • Valves

medium

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.