https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/defaults/default_avatar_7.png

grearlake

Security Researcher

Contact Me

High

25

Total

Medium

37

Total

$10.95K

Total Earnings

#522 All Time

26x

Payouts

regular

5x

Top 10

regular

13x

Top 25

regular

20x

Top 50

All

Sherlock

Code4rena

Jan '25

Liquid Ron

Liquid Ron

0.02 USDC • 1 total finding • Code4rena • grearlake

#11

high

The calculation of `totalAssets()` could be wrong if `operatorFeeAmount` > 0, this can cause potential loss for the new depositors

Aug '24

Axelar Network

Axelar Network

274.32 USDC • 1 total finding • Code4rena • grearlake

#7

medium

Axelar cross chain token transfers balance tracking logic is completely broken for rebasing tokens and the transfers of these type of tokens can be exploited

Jul '24

LoopFi

LoopFi

27.83 USDC • 3 total findings • Code4rena • grearlake

#46

high

`Flashlender.sol#flashLoan()` should use `mintProfit()` to mint fees. The current implemetation may lead to locked up WETH in PoolV3.

medium

Malicious actor can abuse the minimum shares check in `StakingLPEth` and cause DoS or locked funds for the last user that withdraws

medium

`PendleLPOracle::_fetchAndValidate` uses Chainlink's deprecated `answeredInRound`

Jun '24

Size

Size

1,489.02 USDC • 2 total findings • Code4rena • grearlake

#21

medium

Sandwich attack on loan fulfillment will temporarily prevent users from accessing their borrowed funds

medium

Size uses wrong source to query available liquidity on Aave, resulting in borrow and lend operations being bricked upon mainnet deployment

May '24

Predy

Predy

15.35 USDC • 1 total finding • Code4rena • grearlake

#33

medium

incorrect price for negative ticks due to lack of rounding down

Munchables

Munchables

0.01 USDC • 1 total finding • Code4rena • grearlake

#16

high

Malicious User can call `lockOnBehalf` repeatedly extend a users `unlockTime`, removing their ability to withdraw previously locked tokens

Apr '24

Renzo

Renzo

2,809.45 USDC • 4 total findings • Code4rena • grearlake

#4

high

Incorrect withdraw queue balance in TVL calculation

high

Withdrawals logic allows MEV exploits of TVL changes and zero-slippage zero-fee swaps

high

Withdrawals can be locked forever if recipient is a contract

medium

Not handling the failure of cross chain messaging

NOYA

NOYA

2,586.88 USDC + NOYA stars • 10 total findings • Code4rena • grearlake

#7

high

BalancerConnector has incorrect implementation of totalSupply, positionTVL and total TVL will be invalid

high

PrismaConnector are not able to claim surplus collateral in removery mode

high

`executeWithdraw` may be blocked if any of the users are blacklisted from the `baseToken`

high

Numerous errors when calculating the TVL for the MorphoBlue connector

medium

Lack of function to claim reward in `AaveConnector`

medium

Stale price can be used in `getValueFromChainlinkFeed` function

medium

`maxDeposit`, `maxMint`, `maxWithdraw`, and `maxRedeem` functions do not return 0 when they should

medium

Noya is not compatible with tokens whose balance changes outside of transfers causing funds to get stuck in the contract

medium

If a curve pool which CurveConnector uses is killed the vault manager can't close the position leading to loss of funds

medium

Balancer flashloan contract can be DOSed completely by sending 1 wei to it

DYAD

DYAD

68.51 USDC • 5 total findings • Code4rena • grearlake

#65

high

Attacker can make 0 value deposit() calls to deny user from redeeming or withdrawing collateral

high

Design flaw and mismanagement in vault licensing leads to double counting in collateral ratios and positions collateralized entirely with kerosine

medium

Attacker can frontrun to prevent vaults from being removed from the dNFT owner's position

medium

No incentive to liquidate small positions could result in protocol going underwater

medium

Liquidation bonus logic is wrong

Panoptic

Panoptic

32.96 USDC • Code4rena • grearlake

#18

Mar '24

Ondo Finance

Ondo Finance

8.28 USDC • Code4rena • grearlake

#17

Abracadabra Mimswap

Abracadabra Mimswap

443.43 USDC • 2 total findings • Code4rena • grearlake

#13

medium

Adjusting "_I_" will create a sandwich opportunity because of price changes

medium

Permanent loss of yield for stakers in reward pools due to precision loss.

Taiko

Taiko

211.06 USDC • 1 total finding • Code4rena • grearlake

#28

medium

retryMessage unable to handle edge cases.

Revert Lend

Revert Lend

1,303.31 USDC • 4 total findings • Code4rena • grearlake

#10

high

`_getReferencePoolPriceX96()` will show incorrect price for negative tick deltas in current implementation cause it doesn't round up for them

medium

V3Oracle susceptible to price manipulation

medium

Repayments and liquidations can be forced to revert by an attacker that repays miniscule amount of shares

medium

No `minLoanSize` means liquidators will have no incentive to liquidate small positions

Feb '24

AI Arena

AI Arena

65.88 USDC • 6 total findings • Code4rena • grearlake

#76

high

A locked fighter can be transferred; leads to game server unable to commit transactions, and unstoppable fighters

high

Since you can reroll with a different fighterType than the NFT you own, you can reroll bypassing maxRerollsAllowed and reroll attributes based on a different fighterType

high

Player can mint more fighter NFTs during claim of rewards by leveraging reentrancy on the `claimRewards() function `

high

Non-transferable `GameItems` can be transferred with `GameItems::safeBatchTransferFrom(...)`

medium

Can mint NFT with the desired attributes by reverting transaction

medium

DoS in `MergingPool::claimRewards` function and potential DoS in `RankedBattle::claimNRN` function if called after a significant amount of rounds passed.

Jan '24

Salty.IO

Salty.IO

1,016.87 USDC • 3 total findings • Code4rena • grearlake

#14

medium

`_getUniswapTwapWei()` will show incorrect price for negative ticks cause it doesn't round up for negative ticks.

medium

Chainlink price feed uses BTC, not WBTC. In case of depegging, oracles will become easier to manipulate.

medium

Reusing a SALT that has already been used for voting can allow a malicious proposal to pass and compromise the protocol.

Telcoin Platform Audit

Telcoin Platform Audit

2.64 USDC • 1 total finding • Sherlock • grearlake

#9

high

No council member can be created after burning a NFT token

Curves

Curves

55.94 USDC • 6 total findings • Code4rena • grearlake

#59

high

Whitelised accounts can be forcefully DoSed from buying curveTokens during the presale

high

Unrestricted claiming of fees due to missing balance updates in `FeeSplitter`

high

Unauthorized Access to setCurves Function

medium

Protocol and referral fee would be permanently stuck in the Curves contract when selling a token

medium

Curves::_buyCurvesToken(), Excess of Eth received is not refunded back to the user.

medium

Withdrawing with amount = 0 will forcefully set name and symbol to default and disable some functions for token subject

Dec '23

Ethereum Credit Guild

Ethereum Credit Guild

412.22 USDC • 5 total findings • Code4rena • grearlake

#33

high

Users staking via the `SurplusGuildMinter` can be immediately slashed when staking into a gauge that had previously incurred a loss

high

The creation of bad debt (`mark-down` of Credit) can force other loans in auction to also create bad debt

medium

Wrong ProfitManager in GuildToken, will always revert for other types of gauges leading to bad debt

medium

Anyone can prolong the time for the rewards to get distributed

medium

Malicious borrower can decrease Guild holders reward

Nov '23

Panoptic

Panoptic

11.32 USDC • Code4rena • grearlake

#28

Sep '23

Allo V2

Allo V2

5.30 USDC • 2 total findings • Sherlock • grearlake

#62

medium

Incorrect check in RFPSimpleStrategy#_distribute lead to function unintended fail in some case

medium

Protocol does not really work with fee-on-transfers tokens

Centrifuge

Centrifuge

47.48 USDC • Code4rena • grearlake

#32

Aug '23

Dopex

Dopex

0.05 USDC • 2 total findings • Code4rena • grearlake

#127

high

The settle feature will be broken if attacker arbitrarily transfer collateral tokens to the PerpetualAtlanticVaultLP

high

The peg stability module can be compromised by forcing lowerDepeg to revert.

Good Entry

Good Entry

12.88 USDC • 1 total finding • Code4rena • grearlake

#34

medium

Return value of low level `call` not checked.

Jul '23

Amphora Protocol

Amphora Protocol

9.43 USDC • Code4rena • grearlake

#23

PoolTogether

PoolTogether

38.88 USDC • 1 total finding • Code4rena • grearlake

#60

medium

`VaultFactory` allows deployment of vaults with non-authentic `TwabController` and `PrizePool`