https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/defaults/default_avatar_7.png

gajiknownnothing

Security Researcher

Contact Me

High

4

Total

Medium

2

Total

$7.00

Total Earnings

#2206 All Time

3x

Payouts

regular

2x

Top 50

All

Sherlock

Dec '24

Oku's New Order Types Contract Contest

Oku's New Order Types Contract Contest

2.28 OP • 3 total findings • Sherlock • gajiknownnothing

#45

high

Missing `msg.sender == recipient` check allows steal user's tokens

high

User Can Refund Tokens Multiple Times by Modifying a Cancelled Order

medium

Malicious User Will Cause `_cancelOrder()` Function Denial of Service

Aug '24

Winnables Raffles

Winnables Raffles

5.62 USDC • 2 total findings • Sherlock • gajiknownnothing

#30

high

Not updating `_lockedETH` in the `refundPlayers()` function leads to the asset being locked

high

Raffle cancellation can be front-run to lock assets on Ethereum

Jul '24

MagicSea - the native DEX on the IotaEVM

MagicSea - the native DEX on the IotaEVM

0.08 USDC • 1 total finding • Sherlock • gajiknownnothing

#64

medium

Protocol is incompatible with rebase ERC20 tokens that have a mechanism for balance modifications outside of transfers