https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/defaults/default_avatar_0.png

jprod15

Security Researcher

Contact Me

High

15

Total

Medium

13

Total

$3.74K

Total Earnings

#832 All Time

17x

Payouts

regular

2x

Top 10

regular

6x

Top 25

regular

12x

Top 50

All

Sherlock

CodeHawks

Mar '25

PinLink: RWA-Tokenized DePIN Marketplace

PinLink: RWA-Tokenized DePIN Marketplace

40.73 USDC • Sherlock • jprod15

#30

Crestal Network

Crestal Network

77.24 USDC • 2 total findings • Sherlock • jprod15

#4

high

all allowances can be steal

medium

createAgentWithWhitelistUsers can bypass using createAgentWithNFT

Jan '25

Plaza Finance

Plaza Finance

0.42 USDC • 2 total findings • Sherlock • jprod15

#98

high

function endAuction() always revert in state = State.SUCCEEDED

medium

user can break the flow core of the auction if their address added in blacklisted token

Aug '24

Tadle

Tadle

0.00 USDC • 1 total finding • CodeHawks • jprod15

#177

high

TokenManager - Unlimited withdraw

Jan '24

Avail

Avail

133.02 USDC • Sherlock • jprod15

#13

Oct '23

Steadefi

Steadefi

17.28 USDC • 1 total finding • CodeHawks • jprod15

#49

low

Broken `convertToUsdValue` calculation on tokens that have more than 18 decimal places

Jul '23

Beedle - Oracle free perpetual lending

Beedle - Oracle free perpetual lending

32.78 USDC • 6 total findings • CodeHawks • jprod15

#90

high

Lender contract can be drained by re-entrancy in `setPool`

high

Sandwich attack to steal all ERC-20 tokens in the Fees contract

high

[H-04] Lender#buyLoan - Malicious user could take over a loan for free without having a pool because of wrong access control

high

Attacker can steal a loan's collateral and break the protocol

high

Token spending by Uniswap router doesn't get approved

medium

Lender contract can be drained by re-entrancy in `seizeLoan`

Foundry DeFi Stablecoin CodeHawks Audit Contest

Foundry DeFi Stablecoin CodeHawks Audit Contest

64.06 USDC • 3 total findings • CodeHawks • jprod15

#32

high

Liquidation Is Prevented Due To Strict Implementation of Liqudation Bonus

medium

Chainlink oracle will return the wrong price if the aggregator hits `minAnswer`

medium

All of the USD pair price feeds doesn't have 8 decimals

CodeHawks Escrow Contract - Competition Details

CodeHawks Escrow Contract - Competition Details

37.93 USDC • 1 total finding • CodeHawks • jprod15

#55

medium

High - Funds can be lost if any participant is blacklisted

Beam

Beam

99.09 USDC • Sherlock • jprod15

#30

Jun '23

DODO V3

DODO V3

1,529.18 USDC • 3 total findings • Sherlock • jprod15

#8

high

A malicious user can steal all allowances

medium

contracts not work with token does not comply with the ERC-20 standard

medium

Lacks check to ensure the arbitrum sequencer is down

May '23

USSD - Autonomous Secure Dollar

USSD - Autonomous Secure Dollar

0.00 USDC • 1 total finding • Sherlock • jprod15

#105

high

UniV3SwapInput do not have any slippage protection

Footium

Footium

0.01 USDC • 1 total finding • Sherlock • jprod15

#32

medium

Transfers can fail

Apr '23

JOJO Exchange

JOJO Exchange

961.08 USDC • 2 total findings • Sherlock • jprod15

#16

high

Malicious users could steal funds from other users due to a lack of input data validation

medium

Users could avoid be liquidated

Mar '23

Y2K

Y2K

595.80 USDC • 3 total findings • Sherlock • jprod15

#24

high

malicious user can break mintDepositInQueue making users loss fund

high

users can make other user not mint their position in mintRollovers

medium

Too many depositQueue can cause the mintDepositInQueue reach the block gas limit

Feb '23

Carapace

Carapace

89.34 USDC • 2 total findings • Sherlock • jprod15

#31

high

Malicious seller can withdraw at same cycle what deposit

medium

Deposit can fail after lockCapital in ProtectionPool.sol

Jan '23

UXD Protocol

UXD Protocol

59.58 USDC • 1 total finding • Sherlock • jprod15

#25

medium

function rebalance in PerpDepository.sol It doesn't work