https://sherlock-files.ams3.digitaloceanspaces.com/twitter_images/7e7f4022-8db6-45fb-b3f5-3d0e50f1aacf.jpg

cryptic

Security Researcher

Blockchain Security

Contact Me

High

10

Total

Medium

5

Total

$1.06K

Total Earnings

#1220 All Time

6x

Payouts

regular

2x

Top 25

regular

5x

Top 50

All

Sherlock

Nov '24

Ethos Network Financial Contracts

Ethos Network Financial Contracts

2.85 USDC • 2 total findings • Sherlock • cryptic

#31

high

`ReputationMarket::buyVotes` incorrectly includes protocol and donation fees when tallying market funds, causing DoS or stolen funds

medium

`ReputationMarket::sellVotes` is missing slippage protection

Nouns DAO - Auction Streams

Nouns DAO - Auction Streams

77.48 USDC • Sherlock • cryptic

#35

Jul '24

MakerDAO Endgame

MakerDAO Endgame

329.55 USDC • Sherlock • cryptic

#80

Velocimeter

Velocimeter

509.67 USDC • 6 total findings • Sherlock • cryptic

#17

high

Attacker can permanently lock users' tokens by calling `OptionTokenV4::exerciseLp` on their behalf

high

Attacker can permanently block deposits in `VotingEscrow` due to lack of 0 amount check in `VotingEscrow::split`

high

`RewardsDistributorV2` incorrect reward calculation due to caching total `ve_supply`

high

Inadequate slippage protection for `OptionTokenV4::exerciseVe` and `OptionTokenV4::exerciseLp`

high

Pausing and unpausing gauges will cause the gauge to lose all claimable rewards

medium

First Liquidity Provider can DoS stable pair pools by exploiting rounding error

Apr '24

Teller Finance

Teller Finance

124.27 USDC • 4 total findings • Sherlock • cryptic

#23

high

`LenderCommitGroup_Smart::acceptFundsForAcceptBid` will not revert if insufficient collateral is provided

high

`LenderCommitmentGroup_Smart::liquidateDefaultedLoanWithIncentive` does not send collateral to the caller

high

Multiple contracts incompatible with USDT

medium

`LenderCommitmentGroup` pools will have incorrect exchange rate when fee-on-transfer tokens are used

TITLES Publishing Protocol

TITLES Publishing Protocol

17.73 USDC • 3 total findings • Sherlock • cryptic

#40

high

Fees owed to collection referrer are sent to mint referrer instead

medium

Excess ETH can be stolen since it is refunded from the incorrect contract

medium

Attacker can front-run `acknowledgeEdge` and `unacknowledgeEdge`, causing DoS