Banner
https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/defaults/default_avatar_0.png

kutugu

Security Researcher

Contact Me

High

38

Total

Medium

2

Solo

64

Total

$62.88K

Total Earnings

#148 All Time

51x

Payouts

silver

3x

2nd Places

bronze

2x

3rd Places

regular

19x

Top 10

All

Sherlock

Code4rena

Jan '25

Liquid Ron

Liquid Ron

0 USDC • 1 total finding • Code4rena • kutugu

#12

medium

Incorrect Logic in onlyOperator Modifier Leading to Denial-of-Service for Authorized Operators Across Critical Functions

IQ AI

IQ AI

915.76 USDC • 1 total finding • Code4rena • kutugu

#5

medium

Attacker can DOS liquidity migration in LiquidityManager.sol

Aug '24

The Wildcat Protocol

The Wildcat Protocol

811.93 USDC • 1 total finding • Code4rena • kutugu

#11

medium

AccessControlHooks onQueueWithdrawal() does not check if market is hooked which could lead to unexpected errors such as temporary DoS

Chakra

Chakra

3.02 USDT • 5 total findings • Code4rena • kutugu

#52

high

There is no refund mechanism in `ChakraSettlement.processCrossChainCallback` or `ChakraSettlementHandler.receive_cross_chain_callback` function

high

Anyone can manipulate user nonce (nonce_manager) in settlement contract

high

SettlementSignatureVerifier is missing check for duplicate validator signatures

high

In Starknet already processed messages can be re-submitted and by anyone

medium

Does not check if to_chain and to_handler is whitelisted in cross_chain_erc20_settlement

Jul '24

TraitForge

TraitForge

208.04 USDC • 4 total findings • Code4rena • kutugu

#24

high

`mintToken()`, `mintWithBudget()`, and `forge()` in the `TraitForgeNft` Contract Will Fail Due to a Wrong Modifier Used in `EntropyGenerator.initializeAlphaIndices()`

high

Number of entities in generation can surpass the 10k number

medium

Lack of Slippage Protection in Dynamic Pricing Mint Function

medium

Pause and unpause functions are inaccessible

Feb '24

UniStaker Infrastructure

UniStaker Infrastructure

694.3 USDC • Code4rena • kutugu

#5

Althea Liquid Infrastructure

Althea Liquid Infrastructure

267.84 USDC • 2 total findings • Code4rena • kutugu

#12

medium

Withdrawal from NFTs can be temporarily blocked

medium

Distribution can be bricked, and double claims by a few holders are possible when owner calls `LiquidInfrastructureERC20::setDistributableERC20s`

AI Arena

AI Arena

29.15 USDC • 2 total findings • Code4rena • kutugu

#103

high

Non-transferable `GameItems` can be transferred with `GameItems::safeBatchTransferFrom(...)`

medium

Minter / Staker / Spender roles can never be revoked`..,

Jan '24

Decent

Decent

85.03 USDC • 2 total findings • Code4rena • kutugu

#37

high

When `DecentBridgeExecutor.execute` fails, funds will be sent to a random address

medium

DecentEthRouter.sol#_bridgeWithPayload() - Any refunded ETH (native token) will be refunded to the DecentBridgeAdapter, making them stuck

Curves

Curves

189.9 USDC • 4 total findings • Code4rena • kutugu

#25

high

Unrestricted claiming of fees due to missing balance updates in `FeeSplitter`

high

Unauthorized Access to setCurves Function

medium

A subject creator within a single block can claim holder fees without holding due to unprotected reentrancy path

medium

onBalanceChange causes previously unclaimed rewards to be cleared

Nov '23

Nouns Builder

Nouns Builder

828.43 USDC • 1 total finding • Sherlock • kutugu

#8

medium

Malicious pausing auction attack

Oct '23

Open Dollar

Open Dollar

524.08 USDC • 2 total findings • Code4rena • kutugu

#11

medium

Test addresses and incorrect interface in code prevent integration with UniswapV3 and Camelot

medium

Vault721.tokenURI does not comply with ERC721 - Metadata specification

Real Wagmi #2

Real Wagmi #2

257.41 USDC • 1 total finding • Sherlock • kutugu

#14

high

The takeOverDebt uses the wrong borrowingKey

Canto Liquidity Mining Protocol

Canto Liquidity Mining Protocol

797.35 USDC • 1 total finding • Code4rena • kutugu

#6

medium

Positions that are not eligible for rewards will affect the reward income of eligible positions.

Sep '23

Venus Prime

Venus Prime

4.37 USDC • Code4rena • kutugu

#39

Ondo Finance

Ondo Finance

272.76 USDC • 1 total finding • Code4rena • kutugu

#17

medium

TWO DIFFERENT TRANSACTIONS CAN RESULT IN THE SAME `txnHash` VALUE THUS BREAKING THE APPROVAL PROCESS OF TRANSACTION MINTING

Aug '23

Dopex

Dopex

1,423.83 USDC • 5 total findings • Code4rena • kutugu

#13

high

The settle feature will be broken if attacker arbitrarily transfer collateral tokens to the PerpetualAtlanticVaultLP

high

`ReLPContract` wrongfully assumes protocol owns all of the liquidity in the UniswapV2 pool

high

Incorrect precision assumed from RdpxPriceOracle creates multiple issues related to value inflation/deflation

medium

Inaccurate swap amount calculation in ReLP leads to stuck tokens and lost liquidity

medium

reLP() mintokenAAmount the calculations are wrong.

veRWA

veRWA

9.82 USDC • Code4rena • kutugu

#52

Tangible Caviar

Tangible Caviar

79.68 USDC • Code4rena • kutugu

#52

Good Entry

Good Entry

2,493.83 USDC • 1 total finding • Code4rena • kutugu

bronze

medium

addDust does not achieve the goal correctly and may overflow revert

Jul '23

Moonwell

Moonwell

846.77 USDC • 2 total findings • Code4rena • kutugu

#12

medium

`fastTrackProposalExecution` doesn't check `intendedRecipient`

medium

`TemporalGovernor` can be bricked by `guardian`

Amphora Protocol

Amphora Protocol

214.79 USDC • 1 total finding • Code4rena • kutugu

#14

high

Rounding error in `WUSDA` can result in loss of user funds, especially when manipulated by an attacker

Tokensoft

Tokensoft

318.42 USDC • 3 total findings • Sherlock • kutugu

#8

high

After InitializeDistributionRecord buying tokens again will DOS claim airdrop in PriceTierVestingSale_2_0

medium

When allowance is not 0, calling safeApprove will revert

medium

xcall does not set a relayerfee

Beam

Beam

0.49 USDC • Sherlock • kutugu

#7

PoolTogether

PoolTogether

140.3 USDC • Code4rena • kutugu

#52

Tapioca DAO

Tapioca DAO

345.29 USDC • 6 total findings • Code4rena • kutugu

#61

high

Collateral can be locked in BigBang contract when `debtStartPoint` is nonzero

high

Tokens can be stolen from other users who have approved Magnetar

medium

`ARBTriCryptoOracle` is vulnerable to read-only reentrancy

medium

`extractTAP()` function can allow minting an infinite amount in one week, leading to a DoS attack in `emitForWeek()`

medium

CompoundStrategy `_currentBalance` uses `exchangeRateStored` which is leaks value

medium

all deposit and withdraw function in Convex and Curve nativeLP Strategy, apply slippage on internal pricing; which call real-time on chain price from Curve directly and subject to MEV

Chainlink Cross-Chain Contract Administration: Multi-signature Contract, Timelock and Call Proxies

Chainlink Cross-Chain Contract Administration: Multi-signature Contract, Timelock and Call Proxies

1,268.45 USDC • Code4rena • kutugu

bronze
GFX Labs

GFX Labs

1,286.25 USDC • 3 total findings • Sherlock • kutugu

#5

high

The owner can rug pull all wrappedNative token

medium

latestRoundData without checking the L2 sequencer is offline

medium

feePerUser calculation has precision error resulting in low protocol income

Basin

Basin

4,694.79 USDC • 3 total findings • Code4rena • kutugu

silver

medium

Transferout exclusive feeOnTransfer tokens will run out of well

medium

There is a large precision error in sqrt calculation of lp

medium

Due to slot confusion, reserve amounts in the pump will be corrupted, resulting in wrong oracle values

Nouns DAO

Nouns DAO

15,841.87 USDC • 1 total finding • Code4rena • kutugu

silver

medium

cancelSig will not completely cancel signatures due to malleability vulnerabilities

Bond Options

Bond Options

99.50 USDC • 1 total finding • Sherlock • kutugu

#17

high

A malicious user can use reclaim to steal teller funds

Jun '23

Unstoppable

Unstoppable

834.68 USDC • 3 total findings • Sherlock • kutugu

#10

high

The vault interest was miscalculated

medium

Spot dex should check the balance difference before and after the transfer

medium

_account_for_withdraw_liquidity rounding in the wrong direction will run out of the vault

Lybra Finance

Lybra Finance

570.57 USDC • 4 total findings • Code4rena • kutugu

#18

high

EUSD.mint function wrong assumption of cases when calculated sharesAmount = 0

medium

If `ProtocolRewardsPool` is insufficient in EUSD, users will not be able to calim any rewards

medium

Incorrect function call in LybraRETHVault's getAssetPrice

medium

Incorrect Reward Distribution Calculation in `ProtocolRewardsPool`

Hubble Exchange

Hubble Exchange

862.91 USDC • 4 total findings • Sherlock • kutugu

#11

high

processWithdrawals failure causes user funds to be permanently locked

high

A malicious user can steal gas when another user calls processWithdrawals

medium

When a stablecoin is depegging will affect protocol operation

medium

The oracle price freshness was not checked

Canto

Canto

348.84 USDC • Code4rena • kutugu

#9

RealWagmi

RealWagmi

304.07 USDC • 2 total findings • Sherlock • kutugu

#7

high

Uniswap3 TWAP price may be manipulated

medium

Multipool and Dispatcher don't have slippage or timestamp protection

DODO V3

DODO V3

5,601.08 USDC • 7 total findings • Sherlock • kutugu

silver

high

withdrawnReserves create an arbitrage opportunity to steal staking users' fund

medium

parseAllPrice not support the tokens whose decimal is greater than 18

medium

DODOv3 approve cannot interact with some tokens such as USDT

medium

ERC20 token transfers should check the return value

medium

Oracle price does not check if L2 sequencer is down

medium

Chainlink aggregators return the minAnswer price if it's below minAnswer

medium

getMaxReceive calculation has accuracy error may result in a transaction failure

Symmetrical

Symmetrical

525.33 USDC • 4 total findings • Sherlock • kutugu

#20

high

The liquidator can set any stale price data by setSymbolsPrice and others can't override it

high

depositAndAllocateForPartyB method implementation error

medium

lockQuote increaseNonce implementation error

medium

A malicious liquidator can frontrun setSymbolsPrice to steal the reward

Arrakis

Arrakis

617.21 USDC • 1 total finding • Sherlock • kutugu

#15

high

addLiquidityPermit2 isToken0Weth is always false

Llama

Llama

3,069.12 USDC • 1 total finding • Code4rena • kutugu

#6

high

In `LlamaRelativeQuorum`, the governance result might be incorrect as it counts the wrong approval/disapproval.

Unitas Protocol

Unitas Protocol

66.20 USDC • 1 total finding • Sherlock • kutugu

#19

medium

_checkPrice not check price freshness

Stader Labs

Stader Labs

31.8 USDC • 1 total finding • Code4rena • kutugu

#34

medium

Chainlink's `latestRoundData` may return stale or incorrect result

May '23

Maia DAO Ecosystem

Maia DAO Ecosystem

2,666.63 USDC • 6 total findings • Code4rena • kutugu

#22

high

Malicious user can front-run Gauges's `addBribeFlywheel` to steal bribe rewards

high

Multiple issues with decimal scaling will cause incorrect accounting of hTokens and underlying tokens

high

Use of slot0 to get sqrtPriceLimitX96 can lead to price manipulation.

medium

[M-01] Some functions in Talos contracts does not allow user to supply slippage and deadline, which may cause swap revert

medium

RestakeToken function is not permissionless

medium

deposit gas through depositGasAnycallConfig should not withdraw the nativeToken

Iron Bank

Iron Bank

0.03 USDC • 2 total findings • Sherlock • kutugu

#23

medium

Oracle price not check for accuracy

medium

Oracle price can be stale when L2 sequencer is down

Chainlink Cross-Chain Services: CCIP and ARM Network

Chainlink Cross-Chain Services: CCIP and ARM Network

7,993.6 USDC • Code4rena • kutugu

#6

USSD - Autonomous Secure Dollar

USSD - Autonomous Secure Dollar

0.87 USDC • 4 total findings • Sherlock • kutugu

#82

high

StaticOracle address is incorrect

high

StableOracleDAI chainlink oracle decimal is 18

high

Uniswap no slippage protection

medium

latestRoundData can return expired value

Index

Index

364.26 USDC • 3 total findings • Sherlock • kutugu

#12

medium

latestAnswer interface is deprecated

medium

Chainlink may return stale price when L2 sequencer is down

medium

If AmmModule approve more token may result DOS

Juicebox Buyback Delegate

Juicebox Buyback Delegate

16.19 USDC • Code4rena • kutugu

#18

Ajna Protocol

Ajna Protocol

1,221.35 USDC • 1 total finding • Code4rena • kutugu

#7

medium

_updateBucketExchangeRateAndCalculateRewards reward calculation accuracy loss

Apr '23

Rubicon v2

Rubicon v2

9.63 USDC • 3 total findings • Code4rena • kutugu

#104

high

Reward accounting is incorrect in BathBuddy contract

medium

Fee inclusivity calculations are inaccurate in RubiconMarket

medium

Incorrect fee handling in Position.sol's Market Buy/Sell functions

Mar '23

Neo Tokyo contest

Neo Tokyo contest

2,819.69 USDC • 1 total finding • Code4rena • kutugu

#7

high

Updating a pool's total points doesn't affect existing stake positions for rewards calculation