https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/defaults/default_avatar_9.png

blockchain555

Security Researcher

High

26

Total

Medium

25

Total

$3.66K

Total Earnings

#839 All Time

18x

Payouts

regular

2x

Top 10

regular

7x

Top 25

regular

13x

Top 50

All

Sherlock

Code4rena

Sep '24

Flayer

Flayer

276.83 USDC • 8 total findings • Sherlock • blockchain555

#38

high

Incorrect handling of `_listings` mapping variable in `Listings.sol#reserve()` function

high

The owner of LiquidationListing can steal funds from the protocol.

high

Rounding error when calculating `param.quorumVotes` in `CollectionShutdown` contract

high

The `shutdownVoters` is not processed in the `CollectionShutdown.sol#cancel()` function.

high

In the `Listings.sol#relist()` function, `listing.created` is not set to `block.timestamp`.

high

Incorrect CheckPoint of ProtectedListings created within the same block

medium

Incorrect Logic of Refund mechanism in the `Locker.sol#initializeCollection()` function

medium

Incorrect handling of `created` in `Listings.sol#modifyListings()` function

Aug '24

Midas - Instant Minter/Redeemer

Midas - Instant Minter/Redeemer

607.37 USDC • 1 total finding • Sherlock • blockchain555

#8

medium

Missing of the validation for token allowance in the `RedemptionVault.sol#_approveRequest()` function

Jul '24

Basin

Basin

8.44 USDC • 1 total finding • Code4rena • FastChecker

#11

high

Incorrectly assigned `decimal1` parameter upon decoding

TraitForge

TraitForge

63.26 USDC • 5 total findings • Code4rena • FastChecker

#52

high

The maximum number of generations is infinite

high

Number of entities in generation can surpass the 10k number

high

Wrong minting logic based on total token count across generations

medium

Excess ETH from `forgingFee` can get stuck in `EntityForging` under certain situations

medium

Discrepancy between nfts minted, price of nft when a generation changes & position of `_incrementGeneration()` inside `_mintInternal()` & `_mintNewEntity()`

Exactly Protocol Update - Staking Contract

Exactly Protocol Update - Staking Contract

251.60 USDC • 2 total findings • Sherlock • blockchain555

#5

medium

Rewards may not be charged when depositing.

medium

The `StakedEXA.sol#harvest()` function can be DoSed.

MagicSea - the native DEX on the IotaEVM

MagicSea - the native DEX on the IotaEVM

102.69 USDC • 5 total findings • Sherlock • blockchain555

#26

high

Users cannot receive reawrds accurately, and the remaining rewards are permanently locked in the contract.

high

Users do not lose voting power even after the lock duration of the`Staking Position` has expired.

high

DoS by the Incorrect validation in function `BribeRewarder.sol#_modify()`.

medium

A DoS occurs because the Fee_On_Transfer token is not supported in the `BribeRewarder.sol#fundAndBribe()` function.

medium

A malicious attacker can damage the bribe distribution function at low cost.

Velocimeter

Velocimeter

11.00 USDC • 1 total finding • Sherlock • blockchain555

#52

high

Incorrect handling of gauge rewards in `pauseGauge` and `killGaugeTotally` functions of `Voter` contract.

Apr '24

Renzo

Renzo

17.75 USDC • 5 total findings • Code4rena • FastChecker

#42

high

Incorrect withdraw queue balance in TVL calculation

high

Incorrect calculation of queued withdrawals can deflate TVL and increase ezETH mint rate

medium

Deposits will always revert if the amount being deposited is less than the bufferToFill value

medium

Lack of slippage and deadline during withdraw and deposit

medium

Withdrawals and Claims are meant to be pausable, but it is not possible in practice

NOYA

NOYA

18.52 USDC + NOYA stars • 4 total findings • Code4rena • FastChecker

#84

high

`executeWithdraw` may be blocked if any of the users are blacklisted from the `baseToken`

medium

Withdrawals in AccountManager are prone to DOS attacks.

medium

The `TVLHelper.sol#getTVL` function is DOSed by the `under collateralized connector`, and as a result, many parts of the protocol may be DOS.

medium

Attacker can increase the length of `withdrawQueue` by withdrawing 0 amount of tokens frequently

Teller Finance

Teller Finance

25.89 USDC • 2 total findings • Sherlock • blockchain555

#30

high

Collateral assets are locked without being transferred to the liquidator in the `LenderCommitmentGroup_Smart.sol#liquidateDefaultedLoanWithIncentive()` function.

high

Some collateral will be locked in the contract

TITLES Publishing Protocol

TITLES Publishing Protocol

6.61 USDC • 2 total findings • Sherlock • blockchain555

#46

high

Issue with Fee Distribution in `FeeManager.sol` Prevents Collection Referrers from Receiving Fees

high

Denial of Service (DOS) Vulnerability in `Edition.sol#mintBatch()`

DYAD

DYAD

154.85 USDC • 2 total findings • Code4rena • FastChecker

#59

high

User can get their Kerosene stuck because of an invalid check on withdraw

medium

setUnboundedKerosineVault not called during deployment, causing reverts when querying for Kerosene value after adding it as a Kerosene vault

Zivoe

Zivoe

41.91 USDC • 3 total findings • Sherlock • blockchain555

#49

high

Distribution of `ZVE` Tokens to ITO users is not supplied as intended by the protocol.

high

Unrestricted Access to `depositReward()` in `ZivoeRewards.sol`

medium

DOS may be occur in function `OCL_ZVE.sol#pushToLockerMulti()`

Panoptic

Panoptic

1,139.25 USDC • 1 total finding • Code4rena • FastChecker

#12

medium

Wrong leg `chunkKey` calculation in `haircutPremia` function

Mar '24

Ondo Finance

Ondo Finance

8.28 USDC • Code4rena • FastChecker

#17

Revert Lend

Revert Lend

791.02 USDC • 2 total findings • Code4rena • FastChecker

#14

medium

`DailyLendIncreaseLimitLeft` and `dailyDebtIncreaseLimitLeft` are not adjusted accurately.

medium

Users can lend and borrow above allowed limitations

PoolTogether

PoolTogether

132.61 USDC • 2 total findings • Code4rena • FastChecker

#21

high

Any fee claim lesser than the total `yieldFeeBalance` as unit of shares is lost and locked in the `PrizeVault` contract

medium

Lack of Slippage Protection in `withdraw`/`redeem` Functions of the Vault

Jan '24

Curves

Curves

5.35 USDC • 5 total findings • Code4rena • FastChecker

#97

high

Unauthorized Access to setCurves Function

medium

Protocol and referral fee would be permanently stuck in the Curves contract when selling a token

medium

onBalanceChange causes previously unclaimed rewards to be cleared

medium

Curves::_buyCurvesToken(), Excess of Eth received is not refunded back to the user.

medium

If a user sets their curve token symbol as the default one plus the next token counter instance it will render the whole default naming functionality obsolete