https://sherlock-files.ams3.digitaloceanspaces.com/twitter_images/d7c4d7da-b7a5-440d-8822-d446252723ca.jpg

devtooligan

Security Researcher

blocksec eng @trailofbits buidlr💻 makr🤖 ascii artiste🎨 chief pharmacist @huff_language💊 prev @yield @spearbitDAO

Contact Me

Medium

Total

$4.50K

Total Earnings

#780 All Time

6x

Payouts

2x

Top 10

4x

Top 25

6x

Top 50

All

Sherlock

Code4rena

CodeHawks

Dec '24

Tally ARB Staker

856.59 USDC • Sherlock • devtooligan

Jul '23

CodeHawks Escrow Contract - Competition Details

88.44 USDC • 3 total findings • CodeHawks • devtooligan

#39

medium

[H-01] Lack of emergency withdraw function when no arbiter is set

gas

Critical addresses rely on single-step process

gas

if (tokenContract.balanceOf(address(this)) < price) revert Escrow__MustDeployWithTokenBalance();

Sep '22

Art Gobblers contest

525.56 USDC • 1 total finding • Code4rena • devtooligan

#17

medium

The reveal process could brick if `randProvider` stops working

Aug '22

Sentiment

629.58 USDC • 3 total findings • Sherlock • devtooligan

#15

medium

Account.sweepTokens vulnerable to reentrancy - HIGH

medium

Disallowed collateral can be borrowed or withdrawn against - HIGH

medium

Oracle data feed is insufficiently validated - MEDIUM

Olympus DAO contest

168.24 USDC • 1 total finding • Code4rena • devtooligan

#47

medium

Heart::beat() could be called several times in one block if no one called it for a some time

Jul '22

Swivel v3 contest

2,234.68 USDC • 1 total finding • Code4rena • devtooligan

medium

ERC20 Incorrect check on returnedAddress in permit() results in unlimited approval of zero address