https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/defaults/default_avatar_7.png

kazan

Security Researcher

Contact Me

High

8

Total

Medium

6

Total

$706.00

Total Earnings

#1440 All Time

10x

Payouts

regular

3x

Top 10

regular

4x

Top 25

regular

7x

Top 50

All

Sherlock

Code4rena

CodeHawks

Jul '25

Mellow Flexible Vaults

Mellow Flexible Vaults

7.06 USDC • 2 total findings • Sherlock • kazan

#38

high

A Consensus signer can use his power to withdraw all the money in the vault

medium

`DepositQueue::cancelDepositRequest` function modifies wrong deposit request index.

Jun '25

Chainlink Rewards

Chainlink Rewards

1.42 USDC • Code4rena • kazan

#8

DODO Cross-Chain DEX

DODO Cross-Chain DEX

0.26 USDC • 1 total finding • Sherlock • kazan

#72

medium

USDT missing return value, causing many function revert in `GatewaySend` contract.

May '25

LayerEdge - Staking

LayerEdge - Staking

167.63 USDC • 1 total finding • Sherlock • kazan

#6

high

Wrong logic implement in `_checkBoundariesAndRecord`, the function updates wrong rank for Tier 2 user

Apr '25

Burve

Burve

45.22 USDC • 1 total finding • Sherlock • kazan

#28

high

Incorrect calculation order of `assetsToDeposit` and `assetsToWithdraw` in `E4626::commit()` function causes users to withdraw incorrect amounts.

Mar '25

Nudge.xyz

Nudge.xyz

0.06 USDC • 1 total finding • Code4rena • kazan

#8

medium

Unauthorized Reallocation in `NudgeCampaign::handleReallocation` and Reward Disruption Vulnerability in `NudgeCampaign::invalidateParticipations`

Feb '25

Yieldoor

Yieldoor

0.09 USDC • 1 total finding • Sherlock • kazan

#28

medium

`repayFromWithdraw` is assigned wrong value in `Leverager::withdraw` function will cause `amountOut1` to be miscalculated or underflow error when subtracting `repayFromWithdraw`

Core Contracts

Core Contracts

11.18 usdc • 1 total finding • CodeHawks • kazan

#274

high

Critical Economic Design Flaw in ZENO Zero-Coupon Bond Implementation Leads to Guaranteed User Losses

Dec '24

QuantAMM

QuantAMM

466.07 op • 5 total findings • CodeHawks • kazan

#23

high

Fee Evasion via LP Token Transfer Resets Deposit Value

high

Loss of Fees for Router `UpliftOnlyExample` due to Division Rounding in Admin Fee Calculation, Causing Unfair Fee Distribution

high

Owner fee will be locked in `UpliftOnlyExample` contract due to incorrect recipient address in `UpliftOnlyExample::onAfterSwap`

medium

Transferring deposit NFT doesn't check if the receiver exceeds the 100 deposit limit

medium

Users are charged too much `exitFee` in `UpliftOnlyExample::onAfterRemoveLiquidity` function when `localData.lpTokenDepositValueChange > 0` and can cause underflow error if `lpTokenDepositValueChange` increase too much.

Nov '24

Debita Finance V3

Debita Finance V3

7.88 USDC • 1 total finding • Sherlock • kazan

#54

high

The ERC721 tokens transfered to buyOrder contract will be stuck in there.