Security Researcher
High
Total
Medium
Total Earnings
#890 All Time
Payouts
2nd Places
Top 10
Top 25
All
Sherlock
Code4rena
Cantina
CodeHawks
Mar '25
0.00 USDC • 1 total finding • Sherlock • dimah7
#18
medium
Anyone can add fraction rewards and slow down the reward per token
Feb '25
128.12 USDC • Sherlock • dimah7
#28
Jan '25
0.82 USDC • 1 total finding • Cantina • cantinaresearcher19
#119
high
86.96 USDC • Sherlock • dimah7
#86
15.29 usdc • CodeHawks • dimah7
#21
Dec '24
0.33 OP • 2 total findings • Sherlock • dimah7
#65
Core functions can be DoS-ed, which will lead to loss of funds for CDS owners
Treasury reserves can be drained
Nov '24
0.47 USDC • 1 total finding • Sherlock • dimah7
#56
A malicious user can DoS the matching of offers
Oct '24
314.34 OP • 1 total finding • Sherlock • dimah7
Leftover amounts from rounding in reward distribution will be stuck forever in the `GammaRewarder`
9.4 USDC • 1 total finding • Cantina • cantinaresearcher19
#104
Sep '24
1,478.57 USDC • 1 total finding • CodeHawks • dimah7
#8
Vault fee receivers can conditionally block rewards distribution flow
53.53 USDC • 3 total findings • Cantina • cantinaresearcher19
Aug '24
12.56 USDC • 1 total finding • Code4rena • dimah7
#44
Attacker can DOS user from selling shares of a credId
30.04 USDC • 1 total finding • Sherlock • dimah7
#24
Admin can steal funds from ticket sales, and rug raffle participants
114.84 USDC • 2 total findings • Sherlock • dimah7
#31
Missing circuit breaker checks for Chainlink price feeds
Super pools can't be paused, in case of an emergency
3.44 USDC • 3 total findings • CodeHawks • dimah7
#134
TokenManager - Unlimited withdraw
Native token withdrawal fails until manually approved
Malicious user can drain protocol by bypassing `ASK` offer abortion validation in `Turbo` mode
Jul '24
0.01 USDC • 2 total findings • Code4rena • dimah7
#88
Pause and unpause functions are inaccessible
Discrepancy between nfts minted, price of nft when a generation changes & position of `_incrementGeneration()` inside `_mintInternal()` & `_mintNewEntity()`
May '24
81.46 USDC • 1 total finding • CodeHawks • dimah7
#34
low
Permit functions will not work with certain tokens
578.16 USDC • 1 total finding • CodeHawks • dimah7
#10
Use of CREATE method is suspicious of reorg attack
Apr '24
23.11 USDC + NOYA stars • 1 total finding • Code4rena • dimah7
#77
`executeWithdraw` may be blocked if any of the users are blacklisted from the `baseToken`