https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/5833d8ec-63e9-4f07-ba30-bd15f66fad69.png

_karanel

Security Researcher

⛅: Software Developer 🌃: Smart Contract Security Researcher 🎓: Mechanical Engineer NITR'23

Contact Me

High

10

Total

Medium

8

Total

$6.19K

Total Earnings

#687 All Time

11x

Payouts

silver

1x

2nd Places

regular

5x

Top 10

regular

6x

Top 25

All

Code4rena

Cantina

CodeHawks

Jan '25

Initia Rollup Modules

Initia Rollup Modules

1,200 USDC • Code4rena • _karanel

#5

Dec '24

Alchemix Transmuter

Alchemix Transmuter

11.67 op • 2 total findings • CodeHawks • karanel

#26

medium

not adding `claimable` balance to the total assets in `_harvestAndReport` can cause losses.

low

Old router retains token allowance after update

Chainlink Payment Abstraction

Chainlink Payment Abstraction

2,521.11 USDC • Code4rena • _karanel

silver

Oct '24

spend-permissions

spend-permissions

325 USDC • Cantina • karanel

#4

Sep '24

Royco Protocol

Royco Protocol

0.16 USDC • 1 total finding • Cantina • karanel

#75

high

Finding not yet public.

Aug '24

zetachain-protocol

zetachain-protocol

125.02 USDC • 3 total findings • Cantina • 0xSolWrecker

#56

high

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

Tadle

Tadle

121.48 USDC • 7 total findings • CodeHawks • karanel

#45

high

Incorrect set up and logic of `referralInfoMap` in `SystemConfig::updateReferrerInfo` function

high

TokenManager - Unlimited withdraw

high

Token withdrawal fails until someone manually approves spending

medium

Unnecessary balance checks and precision issues in TokenManager::_transfer

low

[Low-01] Missing Access Control in `CapitalPool::approve()` Function Allows any User to call it to set Allowance Amount `TokenContract` to `type(uint256).max`.

low

`listOffer` Unsafely References Fungible Identifiers

low

[H-2] `PreMarkets::createOffer` allows a user to create an offer with `eachTradeTax` more than `Constants.EACH_TRADE_TAX_MAXINUM` allowing the user to even charge 100% of the future sales

Jul '24

TraitForge

TraitForge

94.78 USDC • 7 total findings • Code4rena • _karanel

#39

high

`mintToken()`, `mintWithBudget()`, and `forge()` in the `TraitForgeNft` Contract Will Fail Due to a Wrong Modifier Used in `EntropyGenerator.initializeAlphaIndices()`

high

Number of entities in generation can surpass the 10k number

high

Griefing attack on seller's airdrop benefits

medium

Forger Entities can forge more times than intended

medium

Pause and unpause functions are inaccessible

medium

Duplicate NFT generation via repeated forging with the same parent

medium

`Golden God` Tokens can be minted twice per generation

CCIP v1.5

CCIP v1.5

1,265.29 USDC • CodeHawks • 0xSolWrecker

#9

Jun '24

Thorchain

Thorchain

458.56 USDC • 1 total finding • Code4rena • _karanel

#13

high

ThorChain will be informed wrongly about the unsuccessful ETH transfers due to the incorrect events emissions

May '24

LoopFi

LoopFi

71.11 USDC • 1 total finding • Code4rena • _karanel

#8

high

Availability of deposit invariant can be bypassed