Security Researcher
Digital sleuth 🔍 | Rust & Solidity Auditor | Safeguarding the blockchain, one bug at a time.
High
Solo
Total
Medium
Solo
Total
Total Earnings
#501 All Time
Payouts
1st Places
2nd Places
3rd Places
All
Sherlock
Code4rena
Cantina
CodeHawks
Hats Finance
Mar '25
medium
Feb '25
high
The verifyBatchSignatures function may trigger an index out-of-range panic for consensus nodes, due to missing lower-bound check
high
Attacker can frontrun unstake calls to manipulate withdrawals
high
postBatch doesn’t check for duplicate signatures resulting in being able to overcome the consensus threshold
Jan '25
high
high
high
medium
medium
Nov '24
Findings not publicly available for private contests.
Oct '24
medium
Platform fees withdrawal will sweep oracle agents earned fees
medium
Request responses and validations can be mocked leading to extraction of fees and/or forcing other generators to lose their fees by making them outliers
medium
Users can list assets with price < 1 ERC20 (ETH, WETH), leading to potential DoS vulnerability.
low
Lack of output validation in `LLMOracleCoordinator::respond` allows empty responses and potential fee exploitation by oracles.
low
`LLMOracleCoordinator::request` lacks a check for non-empty `task.input`, making `assertValidNonce` easier to pass due to reduced uniqueness
Sep '24
Jul '24