https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/defaults/default_avatar_2.png

cozzetti

Security Researcher

Contact Me

High

5

Total

Medium

5

Total

$5.38K

Total Earnings

#788 All Time

2x

Payouts

gold

1x

1st Places

regular

1x

Top 10

regular

2x

Top 25

All

Code4rena

Dec '22

GoGoPool contest

GoGoPool contest

1,772.64 USDC • 6 total findings • Code4rena • cozzetti

#17

high

MinipoolManager: node operator can avoid being slashed

high

Hijacking of node operators minipool causes loss of staked funds

high

ProtocolDAO lacks a method to take out GGP

medium

NodeOp can get rewards even if there was an error in registering the node as a validator

medium

slashing fails when node operator doesn't have enough staked `GGP`

medium

NodeOp funds may be trapped by a invalid state transition

Caviar contest

Caviar contest

3,609.31 USDC • 4 total findings • Code4rena • cozzetti

gold

high

Reentrancy in buy function for ERC777 tokens allows buying funds with considerable discount

high

First depositor can break minting of shares

medium

Price will not always be 18 decimals, as expected and outlined in the comments

medium

Missing deadline checks allow pending transactions to be maliciously executed