https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/501f096a-409a-46ca-ad17-a11eefdfd8d9.jpeg

Wojack

Security Researcher

Smart Contract Auditor & Web3 Security Researcher Solidity | Move | Vyper | Rust https://hackenproof.com/hackers/Wojack

Contact Me

High

1

Total

Medium

4

Total

$35.00

Total Earnings

#2363 All Time

3x

Payouts

regular

1x

Top 25

regular

3x

Top 50

All

Sherlock

Code4rena

Nov '25

stNXM by EaseDeFi

stNXM by EaseDeFi

0.79 USDC • 3 total findings • Sherlock • Wojack

#47

high

Reliance on Uniswap V3 spot price in totalAssets allows share price manipulation via flash loans

medium

Duplicate tranche IDs in stakeNxm cause double-counting of assets, leading to totalAssets inflation and potential vault drainage

medium

Strict APY sanity check in StNxmOracle causes permanent Denial of Service for Morpho operations shortly after deployment

Oct '25

Index Fun Order Book

Index Fun Order Book

0.62 USDC • 1 total finding • Sherlock • Wojack

#15

medium

An authorized matcher can steal all protocol fees by changing the treasury address

Hybra Finance

Hybra Finance

34.43 USDC • 1 total finding • Code4rena • Wojack

#28

medium

CL gauge accepts unverified pools, allowing malicious pool to brick distribution