https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/5ab758b4-a96b-4459-a1d7-603a54d0cdf9.png

covey0x07

Security Researcher

Contact Me

High

Total

Medium

Total

$2.06K

Total Earnings

#1123 All Time

5x

Payouts

1x

1st Places

1x

3rd Places

4x

Top 10

All

Sherlock

Aug '25

USG - Tangent

1,064.95 USDC • 7 total findings • Sherlock • covey0x07

#10

high

`MarketCore::_migrateFrom` doesn't check the validity of the `_controlTower`

high

Expired PT price miscalculation

medium

USDT transfer failure in `ZappingProxy::zapProxy`

medium

Missing fallback functionality in the zapProxy

medium

OraclePendlePT Incorrect Decimal Scaling Issue

medium

UISG price is not always $1

medium

In Wstable, tokens couldn't be redeem in 1:1 ratio.

Feb '25

Rova

0.04 USDC • 1 total finding • Sherlock • covey0x07

medium

A critical flaw in the logic of handling token amounts of the project token and currency token

Dec '24

Oku's New Order Types Contract Contest

322.89 OP • 5 total findings • Sherlock • covey0x07

#13

high

A malicious attacker can drain the protocol by using duplicated orderId

high

Reentrancy vulnerability in the `OracleLess.fillOrder` function

high

The `StopLimit` contract should receive tokens from the creator of orders instead of recipients

medium

A malicious attacker can create many orders that is not cancelable.

medium

In some cases, slippage can be inverted

Nov '24

Nouns DAO - Auction Streams

578.45 USDC • Sherlock • covey0x07

#10

vVv Launchpad - Investments & Token distribution

94.59 USDC • 1 total finding • Sherlock • covey0x07

high

Frontrunning vulnerability in the `claim()` function