Banner
https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/aee32151-d397-4b6e-a29a-5db0cd479a19.jpeg

ZoA

Blockchain Security Researcher

https://x.com/zoasec

Contact Me

High

7

Total

Medium

3

Solo

20

Total

$9.35K

Total Earnings

#551 All Time

4x

Payouts

silver

1x

2nd Places

bronze

2x

3rd Places

regular

3x

Top 10

All

Sherlock

Mar '25

Symmio, Staking and Vesting

Symmio, Staking and Vesting

39.70 USDC • 2 total findings • Sherlock • ZoA

#14

medium

Anyone can delay rewards distribution

medium

`SymmVesting` contract fails to initialize

Feb '25

Rova

Rova

0.04 USDC • 1 total finding • Sherlock • ZoA

bronze

medium

Incorrect checking about Min/Max limit in `Launch`.`updateParticipation`

Jan '25

Peapods

Peapods

6,181.12 USDC • 10 total findings • Sherlock • ZoA

bronze

high

`AutoCompoundingPodLp`.`_getSwapAmt` always uses `r0` because `_pairedLpTokenToPodLp` uses incorrect tokens order

high

Users lose their borrow assets during removing leverage because of the incorrect calculation of remaining borrow amount.

medium

Unbond fee is applied twice in `spTKNMinimalOracle` contract

medium

Users will lose rewards when shares change during reward token pause period

medium

`_protocolFees` can be applied multiple times in `AutoCompoundingPodLp` contract

medium

Incorrect logic of process rewards in `AutoCompoundingPodLp` contract allows users to steal rewards from other users

medium

Reward tokens could be locked in `VotingPool` contract

medium

Open fee is overcharged in `_addLeveragePostCallback` function

medium

`removeLeverage` function in `LeverageManager` contract might fail because of rounding down in shares calculation

medium

Users can avoid paying close fee by setting `_podSwapAmtOutMin` high.

Plaza Finance

Plaza Finance

3,125.32 USDC • 14 total findings • Sherlock • ZoA

silver

high

`endAuction` always reverts

high

Users can mint more `LeverageToken` by splitting a single large deposit into multiple smaller deposits.

high

Users can add just-in-time liquidity to steal coupons

high

Incorrect price handling in `BondOracleAdapter` contract

high

Incorrect handling of `marketRate` during redemption of leverage token

medium

Precision loss in `redeemRate` calculation

medium

Bid with high price effectively can end up with lower price

medium

Imprecise slot size calculation will prevent auction completion.

medium

USD token blacklisted attacker can get whole reserve tokens from protocol

medium

A malicious depositor can manipulate the initial collateral level of pools

medium

An attacker can steal assets of users who deposit through `joinBalancerAndPredeposit` function of `BalancerRouter` contract

medium

Failed auctions will leave `bondToken` holders uncompensated.

medium

A malicious leverage token holder could manipulate reserve token amount of the pool to prevent auctions from success

medium

Incorrect handling of decimals of `marketRate` during token redemption