XKET

Security Researcher

Contact Me

High

Total

Medium

Total

$3.11K

Total Earnings

#939 All Time

5x

Payouts

2x

Top 10

5x

Top 25

5x

Top 50

All

Sherlock

Feb '23

Derby

254.46 USDC • 3 total findings • Sherlock • XKET

#22

medium

Underflow during LP price diff calculation

medium

Users can lose their LP tokens after several withdrawal requests before the first rebalance.

medium

Reward calculation might be wrong

Fair Funding by Alchemix & Unstoppable

34.48 USDC • 1 total finding • Sherlock • XKET

medium

Attacker calls `settle` before `start_auction` to consume the first NFT and start auction without owner role

Carapace

455.70 USDC • 3 total findings • Sherlock • XKET

#18

high

`DefaultStateManager._calculateClaimableAmount()` calculates the claimable unlocked amount wrongly.

high

Sellers can bypass the withdrawal limit and earn premiums without any risk.

medium

`ProtectionPool.lockCapital()` might lock the already expired protection.

Blueberry

534.18 USDC • 2 total findings • Sherlock • XKET

#20

high

Underlying tokens can be locked in `BlueBerryBank` after `withdrawLend`

high

Liquidation logic is not correct

OpenQ

1,830.89 USDC • 5 total findings • Sherlock • XKET

high

An attacker can prevent claimers from claiming for atomic and tiered percentage bounties

high

An attacker can prevent claimers from claiming

high

Refund after close will cause lack of balance for TieredPercentageBounty

medium

An attacker can prevent claimers from claiming when `openQTokenWhitelist.TOKEN_ADDRESS_LIMIT > 0`

medium

`setPayoutSchedule` will revert for tiered bounties in some condition