https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/defaults/default_avatar_9.png

handsomegiraffe

Security Researcher

Contact Me

High

4

Total

Medium

1

Solo

6

Total

$5.13K

Total Earnings

#744 All Time

6x

Payouts

bronze

1x

3rd Places

regular

2x

Top 10

regular

4x

Top 25

All

Sherlock

Code4rena

Feb '24

AI Arena

AI Arena

4.43 USDC • 3 total findings • Code4rena • handsomegiraffe

#137

high

Malicious user can stake an amount which causes zero curStakeAtRisk on a loss but equal rewardPoints to a fair user on a win

medium

NFTs can be transferred even if StakeAtRisk remains, so the user's win cannot be recorded on the chain due to underflow, and can recover past losses that can't be recovered(steal protocol's token)

medium

Fighter created by mintFromMergingPool can have arbitrary weight and element

Jan '24

Salty.IO

Salty.IO

2,659.2 USDC • 1 total finding • Code4rena • handsomegiraffe

bronze

medium

Caller of Upkeep may skip step 11 to save gas

Oct '23

Real Wagmi #2

Real Wagmi #2

1,216.39 USDC • 2 total findings • Sherlock • handsomegiraffe

#4

high

Malicious liquidity provider can prevent liquidation of loan and loss of funds to other liquidity providers

medium

If loan is not liquidated in time, underflow may prevent loan from being liquidated using emergency mode

Mar '23

Asymmetry contest

Asymmetry contest

45.32 USDC • 3 total findings • Code4rena • handsomegiraffe

#80

high

Staking, unstaking and rebalanceToWeight can be sandwiched (Mainly rETH deposit )

high

`WstEth` derivative assumes a ~1=1 peg of stETH to ETH

medium

No slippage protection on `stake()` in SafEth.sol

Neo Tokyo contest

Neo Tokyo contest

29.67 USDC • Code4rena • handsomegiraffe

#21

Feb '23

GMX

GMX

1,174.14 USDC • 1 total finding • Sherlock • handsomegiraffe

#18

medium

[M-01] Incorrect refund of execution fee to user