https://sherlock-files.ams3.digitaloceanspaces.com/twitter_images/f53fb768-8582-4a31-a808-b00fda137b2f.jpg

horsefacts

Security Researcher

I’m eth newbie..just learning

Contact Me

High

12

Total

Medium

33

Total

$22.44K

Total Earnings

#343 All Time

35x

Payouts

bronze

2x

3rd Places

regular

7x

Top 10

regular

23x

Top 25

All

Code4rena

Mar '23

Wenwin contest

Wenwin contest

170.34 USDC • 1 total finding • Code4rena • horsefacts

#20

medium

The buyer of the ticket could be front-runned by the ticket owner who claims the rewards before the ticket's NFT is traded

Jan '23

Canto Identity Protocol contest

Canto Identity Protocol contest

4,453.74 CANTO • 1 total finding • Code4rena • horsefacts

bronze

medium

`CidNFT`: Broken `tokenURI` function

RabbitHole Quest Protocol contest

RabbitHole Quest Protocol contest

250.4 USDC • 2 total findings • Code4rena • horsefacts

#20

high

Protocol fees can be withdrawn multiple times in `Erc20Quest`

medium

DOS risk if enough tokens are minted in Quest.claim can lead, at least, to transaction fee lost

OpenSea Seaport 1.2 contest

OpenSea Seaport 1.2 contest

2,016.89 USDC • Code4rena • horsefacts

bronze
Ondo Finance contest

Ondo Finance contest

36.24 USDC • Code4rena • horsefacts

#19

Astaria contest

Astaria contest

765.06 USDC • 1 total finding • Code4rena • horsefacts

#19

high

`LienToken`: Lender and liquidator can collude to block auction and seize collateral

Biconomy - Smart Contract Wallet contest

Biconomy - Smart Contract Wallet contest

387.27 USDC • 1 total finding • Code4rena • horsefacts

#30

high

Attacker can gain control of counterfactual wallet

Nov '22

LooksRare Aggregator contest

LooksRare Aggregator contest

36.34 USDC • Code4rena • horsefacts

#24

SIZE contest

SIZE contest

146.82 USDC • 2 total findings • Code4rena • horsefacts

#25

medium

Incompatibility with fee-on-transfer/inflationary/deflationary/rebasing tokens, on both base tokens and quote tokens, with varying impacts

medium

Solmate's ERC20 does not check for token contract's existence, which opens up possibility for a honeypot attack

Oct '22

Paladin - Warden Pledges contest

Paladin - Warden Pledges contest

41.07 USDC • 1 total finding • Code4rena • horsefacts

#28

medium

Owner can transfer all ERC20 reward token out using function recoverERC20

Inverse Finance contest

Inverse Finance contest

418.21 USDC • 1 total finding • Code4rena • horsefacts

#22

medium

Chainlink oracle data feed is not sufficiently validated and can return stale `price`

3xcalibur contest

3xcalibur contest

43.99 USDC • Code4rena • horsefacts

#31

Sep '22

FEI and TRIBE Redemption contest

FEI and TRIBE Redemption contest

38.41 USDC • Code4rena • horsefacts

#9

Aug '22

Mimo August 2022 contest

Mimo August 2022 contest

3,209.75 USDC • 3 total findings • Code4rena • horsefacts

#7

medium

Malicious manipulation of gas reserve can deny access to MIMOProxy

medium

Malicious targets can manipulate MIMOProxy permissions

medium

If a MIMOProxy owner destroys their proxy, they cannot deploy another from the same address

Rigor Protocol contest

Rigor Protocol contest

651.67 USDC • 2 total findings • Code4rena • horsefacts

#18

high

Untyped data signing

high

Project funds can be drained by reusing signatures, in some cases

Jul '22

Axelar Network v2 contest

Axelar Network v2 contest

91.3 USDC • Code4rena • horsefacts

#23

Golom contest

Golom contest

174.91 USDC • Code4rena • horsefacts

#62

Yield Witch v2 contest

Yield Witch v2 contest

229.1 USDC • Code4rena • horsefacts

#6

Fractional v2 contest

Fractional v2 contest

251.15 USDC • 2 total findings • Code4rena • horsefacts

#44

high

Division rounding can make fraction-price lower than intended (down to zero)

medium

Use of `payable.transfer()` may lock user funds

Juicebox V2 contest

Juicebox V2 contest

895.12 USDC • 3 total findings • Code4rena • horsefacts

#15

high

ORACLE DATA FEED CAN BE OUTDATED YET USED ANYWAYS WHICH WILL IMPACT ON PAYMENT LOGIC

medium

Use a safe transfer helper library for ERC20 transfers

medium

Unhandled chainlink revert would lock all price oracle access

Jun '22

Putty contest

Putty contest

1,728.45 USDC • 6 total findings • Code4rena • horsefacts

#10

medium

Order duration can be set to 0 by Malicious maker

medium

`fillOrder()` and `exercise()` may lock Ether sent to the contract, forever

medium

Putty position tokens may be minted to non ERC721 receivers

medium

Use of Solidity version 0.8.13 which has two known issues applicable to PuttyV2

medium

The contract serves as a flashloan pool without fee

medium

`fee` can change without the consent of users

Infinity NFT Marketplace contest

Infinity NFT Marketplace contest

148.21 USDC • 2 total findings • Code4rena • horsefacts

#37

high

Overpayment of native ETH is not refunded to buyer

high

Accumulated ETH fees of InfinityExchange cannot be retrieved

May '22

veToken Finance contest

veToken Finance contest

160.3 USDT • Code4rena • horsefacts

#40

Velodrome Finance contest

Velodrome Finance contest

228.83 USDC • 1 total finding • Code4rena • horsefacts

#26

medium

Malicious user can populate `rewards` array with tokens of their interest reaching limits of `MAX_REWARD_TOKENS`

Rubicon contest

Rubicon contest

120.95 USDC • 3 total findings • Code4rena • horsefacts

#51

medium

RubiconRouter: Excess ether did not return to the user

medium

No cap on fees can result in a DOS in BathToken.withdraw()

medium

Use `safeTransfer()`/`safeTransferFrom()` instead of `transfer()`/`transferFrom()`

Cally contest

Cally contest

1,057.95 USDC • 4 total findings • Code4rena • horsefacts

#15

medium

Owner can modify the feeRate on existing vaults and steal the strike value on exercise

medium

Vaults steal rebasing tokens' rewards

medium

Vault is Not Compatible with Fee Tokens and Vaults with Such Tokens Could Be Exploited

medium

User's may accidentally overpay in `buyOption()` and the excess will be paid to the vault creator

Alchemix contest

Alchemix contest

272.37 DAI • Code4rena • horsefacts

#25

FactoryDAO contest

FactoryDAO contest

854.9 DAI • 3 total findings • Code4rena • horsefacts

#10

high

SpeedBumpPriceGate: Excess ether did not return to the user

medium

safeTransferFrom is recommended instead of transfer (1)

medium

amount requires to be updated to contract balance increase (1)

Forgotten Runes Warrior Guild contest

Forgotten Runes Warrior Guild contest

134.87 USDC • 1 total finding • Code4rena • horsefacts

#31

medium

Use of `.send()` May Revert if The Recipient's Fallback Function Consumes More Than 2300 Gas

Apr '22

PoolTogether Aave v3 contest

PoolTogether Aave v3 contest

162.91 USDC • Code4rena • horsefacts

#17

AbraNFT contest

AbraNFT contest

1,258.83 MIM • 1 total finding • Code4rena • horsefacts

#12

high

Critical Oracle Manipulation Risk by Lender

Backd contest

Backd contest

1,144.85 USDC • 2 total findings • Code4rena • horsefacts

#12

medium

Chainlink's latestRoundData might return stale or incorrect results

medium

`call()` should be used instead of `transfer()` on an `address payable`

Badger Citadel contest

Badger Citadel contest

575.88 USDC • 1 total finding • Code4rena • horsefacts

#25

high

StakedCitadel: wrong setupVesting function name

JPEG'd contest

JPEG'd contest

233.86 USDC • 1 total finding • Code4rena • horsefacts

#35

medium

Chainlink pricer is using a deprecated API

Backed Protocol contest

Backed Protocol contest

51.87 USDC • Code4rena • horsefacts

#34