Banner
https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/defaults/default_avatar_0.png

clems4ever

Security Researcher

Contact Me

High

22

Total

Medium

2

Solo

8

Total

$74.64K

Total Earnings

#120 All Time

9x

Payouts

silver

3x

2nd Places

bronze

2x

3rd Places

regular

7x

Top 10

All

Sherlock

Code4rena

Feb '23

Volta

Volta

976.93 USDC • Sherlock • clems4ever

#4

Findings not publicly available for private contests.

Carapace

Carapace

24,829.29 USDC • 7 total findings • Sherlock • clems4ever

bronze

high

Protection buyer loses protection if NFT is transferred or split

high

Protection buyer may buy multiple protections for same goldfinch NFT

high

Dos due to unbounded array of active protections may prevent locking of capital

high

Seller may bypass the 2 cycles safeguard after initial 2 cycles

high

Sybil on withdrawal requests can allow leverage factor manipulation with flashloans

medium

Freezing of the protocol when totalSTokenUnderlying is zero but totalSupply is non-zero

medium

Growing of totalSupply after successive lock/unlockCapital can freeze protection pools by uint overflow

OpenQ

OpenQ

1,122.18 USDC • 5 total findings • Sherlock • clems4ever

#15

high

Token might become unrefundable because of arithmetic overflow in `getLockedFunds`

high

Number of deposits can increase infinitely and prevent any refund

high

A rogue deposited ERC-20 token can break the payouts

medium

Resizing the payout schedule with less items might revert

medium

DoS on NFT deposit due to deposit limit

Jan '23

UXD Protocol

UXD Protocol

1,453.53 USDC • 2 total findings • Sherlock • clems4ever

#9

high

Rage trade senior vault may deny withdrawals when lending utilization is high

high

Risk free profit by exploiting negative PNL rebalancing

Dec '22

GoGoPool contest

GoGoPool contest

4.97 USDC • 1 total finding • Code4rena • clems4ever

#81

high

Hijacking of node operators minipool causes loss of staked funds

Lyra

Lyra

18,286.44 USDC • Sherlock • clems4ever

bronze

Findings not publicly available for private contests.

Nov '22

Isomorph

Isomorph

3,338.65 USDC • 4 total findings • Sherlock • clems4ever

silver

high

In some cases a hundred tokens is a too large value to use for pricing liquidity

high

isoUSDLoaned used instead of isoUSDLoanAndInterest in openLoan of Vault_Synths.sol

high

Theft of rewards in Depositor.sol

medium

priceLiquidity may revert in directional market conditions preventing legitimate liquidations

LSD Network - Stakehouse contest

LSD Network - Stakehouse contest

7,681.38 USDC • 6 total findings • Code4rena • clems4ever

silver

high

Incorrect accounting in SyndicateRewardsProcessor results in any LP token holder being able to steal other LP tokens holder's ETH from the fees and MEV vault.

high

Giant pools can be drained due to weak vault authenticity check

high

Any user being the first to claim rewards from GiantMevAndFeesPool can unexepectedly collect them all

high

Possibly reentrancy attacks in `_distributeETHRewardsToUserForToken` function

high

Rewards of GiantMevAndFeesPool can be locked for all users

high

Theft of ETH of free floating SLOT holders

Oct '22

Rage Trade

Rage Trade

16,945.05 USDC • 5 total findings • Sherlock • clems4ever

silver

high

The function withdraw is unprotected

high

Noop rebalance under a particular condition

medium

Share manipulation in senior vault

medium

Wrong min amount calculation in WithdrawPeriphery.sol

medium

Wrong price calculation in DnGmxJuniorVaultManager.sol