https://sherlock-files.ams3.digitaloceanspaces.com/twitter_images/690ff2e4-b831-4d62-a31d-28e2b4ebb0e4.jpg

jah

Security Researcher

19| wannabe hacker |Blockchain security

Contact Me

High

16

Total

Medium

16

Total

$8.55K

Total Earnings

#601 All Time

33x

Payouts

bronze

2x

3rd Places

regular

7x

Top 10

regular

17x

Top 25

All

Sherlock

Code4rena

Feb '25

Usual Labs

Usual Labs

37.28 USDC • Sherlock • jah

#44

Dec '24

Oku's New Order Types Contract Contest

Oku's New Order Types Contract Contest

3.99 OP • 1 total finding • Sherlock • jah

#37

medium

Issues with safeApprove in Bracket's Token Approval Logic

Autonomint Colored Dollar V1

Autonomint Colored Dollar V1

26.44 OP • 3 total findings • Sherlock • jah

#41

high

loss of fund due to not verifying the Price

high

the function updateDownsideProtected is not protected

high

we should also subtract the downsideProtected from burning

Nov '24

Nouns DAO - Auction Streams

Nouns DAO - Auction Streams

79.76 USDC • Sherlock • jah

#34

Oct '24

Avantis v1.5: Cross-Asset Leverage

Avantis v1.5: Cross-Asset Leverage

527.28 OP • Sherlock • jah

#14

Findings not publicly available for private contests.

Aug '24

ZeroLend One

ZeroLend One

38.79 USDC • 2 total findings • Sherlock • jah

#41

high

in PositionBalanceConfiguration. getSupplyBalance and getDebtBalance return a wrong amount

high

wrong logic lead to wrong calculation of interest rate

Jul '24

MagicSea - the native DEX on the IotaEVM

MagicSea - the native DEX on the IotaEVM

31.51 USDC • 1 total finding • Sherlock • jah

#48

medium

a user can use the previous lockMultiplier even after the lock time is expired

Velocimeter

Velocimeter

747.73 USDC • 1 total finding • Sherlock • jah

#9

medium

the replace function doesn't properly replace the pair and gauge factory

May '24

Elfi

Elfi

9.71 USDC • 2 total findings • Sherlock • jah

#26

high

missing authorization and not forcing the user to transfer funds lead to loss of funds

medium

collateralUserCap is not properly checked when depositing

Mar '24

RadicalxChange

RadicalxChange

1.18 USDC • 1 total finding • Sherlock • jah

bronze

high

wrong calculation in englishperiodicautioninternal

Feb '24

Jala Swap

Jala Swap

799.98 USDC • 1 total finding • Sherlock • jah

bronze

medium

user losses there funds due to forgotten calculation

Jan '24

Telcoin Platform Audit

Telcoin Platform Audit

2.64 USDC • 1 total finding • Sherlock • jah

#9

high

wrong logic on burn function

Nov '23

Convergence

Convergence

377.77 USDC • 1 total finding • Sherlock • jah

#12

medium

wrong time when increasing the locking time

Oct '23

Real Wagmi #2

Real Wagmi #2

257.41 USDC • 1 total finding • Sherlock • jah

#14

high

the function takeoverDebt doesn't properly update

Sep '23

Allo V2

Allo V2

340.27 USDC • 4 total findings • Sherlock • jah

#22

high

a user can vote unlimited times

high

a user can still more fund than intended

medium

wrong vote calculation

medium

the function will not work as intended

Aug '23

Chainlink Staking v0.2

Chainlink Staking v0.2

3.86 USDC • Code4rena • jah

#58

Cooler Update

Cooler Update

25.53 USDC • 1 total finding • Sherlock • jah

#17

high

a malicious lender can prevent the borrower from repaying there debt

Jul '23

Tokensoft

Tokensoft

239.82 USDC • 2 total findings • Sherlock • jah

#10

high

a user can mint unlimited voting tokens

medium

_setTotal will revert

Beam

Beam

0.00 USDC • Sherlock • jah

#40

May '23

USSD - Autonomous Secure Dollar

USSD - Autonomous Secure Dollar

0.00 USDC • 2 total findings • Sherlock • jah

#92

high

In USSD.sol function UniV3SwapInput swap token without a slippage limit which makes it possible to do sandwich attack and create MEV sandwich attack

high

anyone can mint on ussd.sol for the contract which can broken the rebalance

Jun '22

Illuminate contest

Illuminate contest

73.84 USDC • 2 total findings • Code4rena • jah

#55

high

Able to mint any amount of PT

medium

Lend method signature for illuminate does not track the accumulated fee

May '22

Cally contest

Cally contest

71.88 USDC • 1 total finding • Code4rena • jah

#56

medium

Use safeTransferFrom instead of transferFrom for ERC721 transfers

Cudos contest

Cudos contest

1,239.62 USDC • 2 total findings • Code4rena • jah

#12

medium

Missing check in the updateValset function

medium

Protocol doesn't handle fee on transfer tokens

Apr '22

AbraNFT contest

AbraNFT contest

72.42 MIM • Code4rena • jah

#43

Phuture Finance contest

Phuture Finance contest

22.05 USDC • 1 total finding • Code4rena • jah

#35

medium

Chainlink's latestRoundData might return stale or incorrect results

Badger Citadel contest

Badger Citadel contest

143.43 USDC • Code4rena • jah

#48

Backed Protocol contest

Backed Protocol contest

181.41 USDC • 1 total finding • Code4rena • jah

#20

medium

`sendCollateralTo` is unchecked in `closeLoan()`, which can cause user's collateral NFT to be frozen

Mar '22

Paladin contest

Paladin contest

2,180.79 USDC • 1 total finding • Code4rena • jah

#8

medium

updating the state

Jan '22

Timeswap contest

Timeswap contest

74.53 USDC • Code4rena • jah

#21

Nov '21

Boot Finance contest

Boot Finance contest

5.56 USDC • Code4rena • jah

#28

Oct '21

BadgerDAO ibBTC Wrapper contest

BadgerDAO ibBTC Wrapper contest

216.06 ETH • Code4rena • jah

#16

Sep '21

Wild Credit contest

Wild Credit contest

263.84 USDC • Code4rena • jah

#10

Kuiper contest

Kuiper contest

453.74 USDC • Code4rena • jah

#19