https://sherlock-files.ams3.digitaloceanspaces.com/twitter_images/9840ef2c-619e-43ed-941c-5820235cbd47.jpg

eLSeR17

Security Researcher

Looking for bugs anywhere :D

Contact Me

High

Total

Medium

Total

$8.07K

Total Earnings

#617 All Time

10x

Payouts

2x

3rd Places

3x

Top 10

4x

Top 25

All

Sherlock

Mar '25

PinLink: RWA-Tokenized DePIN Marketplace

4.83 USDC • Sherlock • eLSeR17

#65

Crestal Network

77.24 USDC • 2 total findings • Sherlock • eLSeR17

high

Payment.payWithERC20() function allows any user to steal ERC20 tokens approved for Blueprint contract

medium

Whitelist used for agent creation can be easily bypassed

Feb '25

Usual Labs

59.58 USDC • Sherlock • eLSeR17

#38

Yieldoor

29.53 USDC • 1 total finding • Sherlock • eLSeR17

#21

high

Strategy.collectFees() will not correctly claim the fees of VestingPosition

Rova

0.04 USDC • 1 total finding • Sherlock • eLSeR17

medium

Launch.updateParticipation() incorrectly updates launchTokens allocated for user

Jan '25

Plaza Finance

0.23 USDC • 1 total finding • Sherlock • eLSeR17

#99

medium

Malicious bidder can get blacklisted to prevent other users from bidding

Nov '24

Ethos Network Financial Contracts

55.83 USDC • 1 total finding • Sherlock • eLSeR17

#30

medium

Wrong fee calculation and distribution when creating or increasing a Vouch

Telcoin Update #2

0.04 USDC • Sherlock • eLSeR17

#56

Sep '24

Boost Core Incentive Protocol

7,840.68 USDC • 1 total finding • Sherlock • eLSeR17

high

IncentiveBits.setOrThrow() will revert, leading to a DoS

Jul '24

MagicSea - the native DEX on the IotaEVM

0.48 USDC • 1 total finding • Sherlock • eLSeR17

#63

medium

_requireOnlyApprovedOrOwnerOf() reverts if approved by using ERC721Upgradeable.setApprovalForAll()