Security Researcher
High
Total
Medium
Total Earnings
#1735 All Time
Payouts
Top 10
Top 25
Top 50
All
Sherlock
Sep '25
232.28 OP • 2 total findings • Sherlock • harry
#17
high
Attacker can front-run liquidity transactions to cause gauge DCA rewards to be lost
Gauge emissions per token not per pool allow malicious pools to capture unearned rewards
Jul '25
10.64 USDC • 2 total findings • Sherlock • harry
#44
medium
`wrapAndSupplyOnExtensionMarket` fails due to missing gas fee forwarding
`Rebalancer.sendMsg` uses stale transfer size causing persistent DoS
9.22 USDC • Sherlock • harry
#78
11.98 USDC • 1 total finding • Sherlock • harry
#49
USDT approval revert leads to position entry failure
Jun '25
16.16 USDC • 1 total finding • Sherlock • harry
#11
Malicious user can register many operators, leading to DoS in core view functions
2.74 USDC • 2 total findings • Sherlock • harry
#68
Non-standard token incompatibility in `GatewaySend::depositAndCall`
`GatewayTransferNative::withdraw` allows attacker to overwrite refund info using the same `externalId` leading to user fund loss
May '25
5.30 USDC • 2 total findings • Sherlock • harry
#97
Incorrect check in `_checkLiquidationValid` may cause healthy accounts to be liquidated
`CoreRouter::supply` uses a stale `exchangeRateStored` which causes internal accounting mismatches
Apr '25
45.94 OP • 1 total finding • Sherlock • harry
#4
Fee calculation logic in `approveRedeemRequest` is incorrect
