Banner
https://sherlock-files.ams3.digitaloceanspaces.com/twitter_images/c0f761a1-6788-495e-a3f4-3b6f11548fb9.jpg

jokr

Team of two Security Researchers

@jokrsec @0xVijayReddy .

Contact Me

High

10

Total

Medium

4

Solo

11

Total

$82.89K

Total Earnings

#102 All Time

7x

Payouts

gold

2x

1st Places

silver

1x

2nd Places

regular

6x

Top 10

All

Sherlock

Code4rena

CodeHawks

May '25

MetaLend - May 19th 2025

MetaLend - May 19th 2025

Collaborative Audit • Sherlock • jokr

Index.Fun Beta Smart Contract Security Audit – Q2 2025

Index.Fun Beta Smart Contract Security Audit – Q2 2025

Collaborative Audit • Sherlock • jokr

Feb '25

MetaLend Ronin Lending Protocol

MetaLend Ronin Lending Protocol

Collaborative Audit • Sherlock • jokr

Dec '24

Numa

Numa

41,643.87 USDC • 6 total findings • Sherlock • jokr

gold

high

An attacker can drain NumaVault right after deployment

high

cLST market can be drained using a fake collateral token address in leverageStrategy function

medium

leverageStrategy will revert due users interest rate accrual

medium

Precision loss in setMaxSpotOffsetBps function leads to Incorrect Numa Prices

medium

No slippage check for leverageStrategy function

medium

Numa tokens fee on transfer can be bypassed

Oct '24

Avantis v1.5: Cross-Asset Leverage

Avantis v1.5: Cross-Asset Leverage

8,377.43 OP • Sherlock • jokr

silver

Findings not publicly available for private contests.

Jul '24

ArkProject: NFT Bridge

ArkProject: NFT Bridge

1,987.35 USDC • 7 total findings • CodeHawks • jokrsec

#6

high

`Tokens` Are Automatically Whitelisted Upon Creation And Binding Even When `_whiteListEnabled == false`

high

The Bridging Process will revert if the Collection is matched on the destination chain and not matched on the source chain

high

Infinite loop breaks whitelist removal funtionality on L2

high

`Bridge` is unable to transfer ownership and upgrade on `ERC721Bridgeable`

medium

Starknet tokens deposited with use_withdraw_auto can never be withdrawn

medium

Tokens irrecoverable by owner on L1 if not an `ERC721` receiver

low

Upon the transfer of an escrowed NFT from the bridge to the user on StarkNet, the escrow status remains unaltered, failing to be reset

Deepr

Deepr

18,894.00 USDC • Sherlock • jokr

gold

Findings not publicly available for private contests.

Apr '24

Renzo

Renzo

452.72 USDC • 6 total findings • Code4rena • jokr

#23

high

The amount of `xezETH` in circulation will not represent the amount of `ezETH` tokens 1:1

high

Withdrawals logic allows MEV exploits of TVL changes and zero-slippage zero-fee swaps

high

Incorrect calculation of queued withdrawals can deflate TVL and increase ezETH mint rate

medium

stETH/ETH Feed being used opens up to 2 way deposit<->withdrawal arbitrage

medium

Deposits will always revert if the amount being deposited is less than the bufferToFill value

medium

Lack of slippage and deadline during withdraw and deposit

Feb '24

Jala Swap

Jala Swap

363.37 USDC • 1 total finding • Sherlock • jokr

#5

medium

Permit is supported by `JalaRouter02` not implemented in `JalaERC20`

Perpetual

Perpetual

11,168.04 USDC • 2 total findings • Sherlock • jokr

#4

high

Instant arbitrage oppurtunity in OracleMaker

medium

Incorrect premium calculation in OracleMaker

Dec '23

Tally

Tally

Collaborative Audit • Sherlock • jokr