https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/defaults/default_avatar_9.png

dan__vinci

Security Researcher

Contact Me

High

24

Total

Medium

35

Total

$72.91K

Total Earnings

#150 All Time

19x

Payouts

gold

1x

1st Places

silver

1x

2nd Places

bronze

3x

3rd Places

All

Sherlock

Code4rena

Cantina

CodeHawks

Immunefi

Nov '25

Audit Comp | Vechain | Stargate Hayabusa

Audit Comp | Vechain | Stargate Hayabusa

9,975 USDT • 6 total findings • Immunefi • danvinci_20

gold

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

medium

Finding not yet public.

low

Finding not yet public.

Megapot

Megapot

304.11 USDC • 3 total findings • Code4rena • dan__vinci

#10

high

Attacker can steal `JackpotTicketNFT`'s from `JackpotBridgeManager.sol`

medium

Changing Payout Calculator During Active Drawing Causes Loss of Unclaimed Winnings

medium

`lpEarnings` generated in emergency mode become stuck on the contract

Oct '25

Index Fun Order Book

Index Fun Order Book

2.16 USDC • 1 total finding • Sherlock • dan__vinci

#14

high

Fees are wrongly charged

Sep '25

Summer.fi - governance v2

Summer.fi - governance v2

381.18 USDC • 1 total finding • Sherlock • dan__vinci

#5

medium

Improper Minting of Governance Tokens Handling

Aug '25

GTE Perps and Launchpad

GTE Perps and Launchpad

5,548.14 USDC • 2 total findings • Code4rena • dan__vinci

#4

medium

Margin Balance can be forced to be < 0 even realizing upnl indirectly

medium

Loss for protocol by incorrectly assuming the position has been fully closed

GTE Perps and Launchpad

GTE Perps and Launchpad

6,994 USDC • 7 total findings • Code4rena • VinciGearHead

bronze

high

Total reward shares for token can reach zero after unlocking, causing `GTELaunchpadV2Pair` to be bricked

high

Donations to `Distributor` with arbitrary `quoteToken` can be used to drain all quote rewards from distributor

medium

Launchpad slippage is not enforced properly during token graduation

medium

Partial Fills before `amendOrder` TX exposes Users to unintended Risks

medium

Reduce-only orders can be used to inflate `quoteOI` and DoS the orderbook

medium

Bonding Shares Incorrectly Reduced/unstaked on Transfer in launchToken.

medium

`LaunchToken` transfers cause staking rewards to be lost to the `LaunchPad`

Jul '25

Malda

Malda

657.98 USDC • 5 total findings • Sherlock • dan__vinci

#19

medium

Bridge fails to pull funds from Rebalancer, Bridging fails

medium

Bridge approves fee adapter for `params.amount` but fee adapter pulls `params.amount + fee`

medium

Expired transfer window still considers size of old batch, permanently blocking new transfers

medium

Stale/manipulated prices may bypass checks

medium

Division-by-Zero in Utilization Rate Can Freeze Market and Lock Collateral

Mellow Flexible Vaults

Mellow Flexible Vaults

2,034.70 USDC • 6 total findings • Sherlock • dan__vinci

#7

high

ETH Redemption Reverts Due to Unsupported `balanceOf` Call

high

performance fee is wrongly calculated

medium

Improper Transfer Whitelist Logic Blocks Legitimate Transfers Despite Permissions

medium

Missing `receive()` Function in `SignatureRedeemQueue` Breaks Native Token Withdrawals

medium

DoS in Redemption Due to Unchecked Asset Support in Subvaults

medium

Fee Shares Minted to Fee Recipient May Become Permanently Locked Due to Continuous Lockup Extension

Audit Comp | Folks Smart Contract Library

Audit Comp | Folks Smart Contract Library

1,683 USDC • 2 total findings • Immunefi • danvinci_20

bronze

medium

Finding not yet public.

low

Finding not yet public.

Notional Exponent

Notional Exponent

209.18 USDC • 4 total findings • Sherlock • dan__vinci

#26

medium

`BaseLib::finalizeAndRedeemWithdrawRequest()` assumes incorrectly leading to a denial-of-service via division by zero

medium

[H-03] Market Initialization Can Be Permanently Blocked by External Front-Running

medium

Zero-Debt Users Cannot Migrate Positions Due to Improper Repay Handling in `_exitWithRepay`

medium

`withdrawAndUnwrap` Usage Breaks Withdrawal Compatibility on Sidechains Due to Function Absence in Convex Reward Pools

Jun '25

Chainlink Rewards

Chainlink Rewards

28,965.72 USDC • Code4rena • dan__vinci

silver
Panoptic

Panoptic

118.95 USDC • Code4rena • dan__vinci

#7

May '25

Audit Comp | Flare | FAssets

Audit Comp | Flare | FAssets

6,493 • 13 total findings • Immunefi • danvinci_20

#5

high

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

low

Finding not yet public.

low

Finding not yet public.

low

Finding not yet public.

low

Finding not yet public.

low

Finding not yet public.

low

Finding not yet public.

alchemix-v3

alchemix-v3

353.91 USDC • 11 total findings • Cantina • VinciGearHead

#28

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

Apr '25

Burve

Burve

247.24 USDC • 2 total findings • Sherlock • VinciGearHead

#21

high

H[02]-Double-Charging of Tax in `removeValueSingle`

high

H[01]-Incorrect variable used in mulDiv calculation — realTax is always zero

Mar '25

Storage Proofs

Storage Proofs

167.35 op • 1 total finding • CodeHawks • dan__vinci

#7

low

Missing Event Emission in update_profit_max_unlock_time

Jan '25

dahlia-protocol

dahlia-protocol

4,442.93 USDC • 3 total findings • Cantina • Bug-Finders

#5

high

Finding not yet public.

medium

Finding not yet public.

medium

Finding not yet public.

Ignite

Ignite

1,211.11 usdc • CodeHawks • dan__vinci

bronze

Dec '24

Audit Comp | Folks: Liquid Staking

Audit Comp | Folks: Liquid Staking

3,122 USDC • 3 total findings • Immunefi • danvinci_20

#4

high

Finding not yet public.

low

Finding not yet public.

low

Finding not yet public.