https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/cbec9ff6-b135-4458-94d9-f118809686ad.png

jnforja

Hobbyist Security Researcher

Having fun breaking contracts.

Contact Me

High

Total

Medium

Total

$2.08K

Total Earnings

#1070 All Time

7x

Payouts

1x

Top 10

2x

Top 25

4x

Top 50

All

Code4rena

Mar '24

Revert Lend

64.63 USDC • 2 total findings • Code4rena • jnforja

#52

medium

Repayments and liquidations can be forced to revert by an attacker that repays miniscule amount of shares

medium

V3Vault is not ERC-4626 compliant

Feb '24

Spectra

139.66 USDC • 1 total finding • Code4rena • jnforja

#12

medium

PrincipalToken is not ERC-5095 compliant

AI Arena

64.49 USDC • 3 total findings • Code4rena • jnforja

#82

high

A locked fighter can be transferred; leads to game server unable to commit transactions, and unstoppable fighters

high

Player can mint more fighter NFTs during claim of rewards by leveraging reentrancy on the `claimRewards() function `

high

Non-transferable `GameItems` can be transferred with `GameItems::safeBatchTransferFrom(...)`

Dec '23

Revolution Protocol

28.64 USDC • 2 total findings • Code4rena • jnforja

#62

medium

Since buyToken function has no slippage checking, users can get less tokens than expected when they buy tokens directly

medium

Bidder can use donations to get VerbsToken from auction that already ended.

Nov '23

Canto Application Specific Dollars and Bonding Curves for 1155s

1.37 USDC • 1 total finding • Code4rena • jnforja

#31

medium

No slippage protection for Market functions

Oct '23

ENS

1,774.19 USDC • 1 total finding • Code4rena • jnforja

medium

Some tokens enable the direct draining of all approved `ERC20Votes` tokens

Sep '23

Venus Prime

4.37 USDC • Code4rena • jnforja

#39