Security Researcher
High
Total
Medium
Total Earnings
#1203 All Time
Payouts
Top 10
Top 25
Top 50
All
Sherlock
Code4rena
Mar '25
0.06 USDC • 1 total finding • Code4rena • hl_
#8
medium
Unauthorized Reallocation in `NudgeCampaign::handleReallocation` and Reward Disruption Vulnerability in `NudgeCampaign::invalidateParticipations`
Jul '24
3.28 USDC • 4 total findings • Code4rena • hl_
#75
high
The maximum number of generations is infinite
There is no slippage check in the `nuke()` function.
Pause and unpause functions are inaccessible
NFTs mature too slowly under default settings.
51.43 USDC • 3 total findings • Sherlock • hl_
#48
Claimable gauge distributions are bricked when `killGaugeTotally` is called
DOS attack by delegating tokens with `MAX_DELEGATES = 1024`
First liquidity provider of a stable pair can exploit the pool
Jun '23
73.06 USDC • 2 total findings • Code4rena • hl_
#64
Incorrect function call in LybraRETHVault's getAssetPrice
Understatement of `poolTotalPeUSDCirculation` amounts due to incorrect accounting after function `_repay` is called
Mar '23
50.33 USDC • 1 total finding • Code4rena • hl_
#77
DoS due to external call failure
318.44 USDC • 1 total finding • Code4rena • hl_
#16
The buyer of the ticket could be front-runned by the ticket owner who claims the rewards before the ticket's NFT is traded
Feb '23
42.07 USDC • Code4rena • hl_
#34
14.61 USDC • 1 total finding • Sherlock • hl_
#35
Chainlink's latestRoundData may return stale or incorrect results
Jan '23
140.9 USDC • 2 total findings • Code4rena • hl_
#31
Protocol fees can be withdrawn multiple times in `Erc20Quest`
Funds can be stuck due to wrong order of operations
36.5 USDC • Code4rena • hl_
#55
332.26 USDC • 2 total findings • Sherlock • hl_
#17
Possible attacks on users for fees paid
getDebtValue function not used
Nov '22
25.32 USDC • 1 total finding • Code4rena • hl_
#50
Underlying assets stealing in `AutoPxGmx` and `AutoPxGlp` via share price manipulation
52.03 USDC • Code4rena • hl_
#52
