mahyar

Security Researcher

Contact Me

High

Total

Medium

Total

$2.52K

Total Earnings

#1005 All Time

9x

Payouts

1x

Top 10

2x

Top 25

3x

Top 50

All

Sherlock

Code4rena

CodeHawks

Nov '23

Canto Application Specific Dollars and Bonding Curves for 1155s

1.37 USDC • 1 total finding • Code4rena • mahyar

#31

medium

No slippage protection for Market functions

Kelp DAO | rsETH

4.66 USDC • 1 total finding • Code4rena • mahyar

#53

high

The price of rsEHT could be manipulated by the first staker

Oct '23

NextGen

0 USDC • 1 total finding • Code4rena • mahyar

#115

high

Attacker can drain all ETH from AuctionDemo when block.timestamp == auctionEndTime

Aug '23

Tangible Caviar

56.88 USDC • Code4rena • mahyar

#59

Jul '23

Foundry DeFi Stablecoin CodeHawks Audit Contest

16.36 USDC • 4 total findings • CodeHawks • mahyar

#69

high

Theft of collateral tokens with fewer than 18 decimals

medium

All of the USD pair price feeds doesn't have 8 decimals

gas

Prefer array assignment over pushing elements in for-loops

gas

Using `nonReentrant` when it's unnecessary

CodeHawks Escrow Contract - Competition Details

2.47 USDC • 1 total finding • CodeHawks • mahyar

#94

gas

Contract Can Be Deployed Without Funds.

PoolTogether

1,643.98 USDC • 1 total finding • Code4rena • mahyar

#18

medium

PrizePool -> Winners wouldn't be able to claim prize correctly in `claimPrize` function

GFX Labs

780.43 USDC • 1 total finding • Sherlock • mahyar

high

LimitOrderRegistry -> owenr can steal funds from user

Jun '23

Lybra Finance

18.42 USDC • 1 total finding • Code4rena • mahyar

#80

high

Incorrectly implemented modifiers in LybraConfigurator.sol allow any address to call functions that are supposed to be restricted