martin

Security Researcher

Contact Me

High

Total

Medium

Total

$1.79K

Total Earnings

#1060 All Time

33x

Payouts

2x

Top 10

8x

Top 25

22x

Top 50

All

Sherlock

Code4rena

CodeHawks

Jul '23

Beedle - Oracle free perpetual lending

0.21 USDC • 2 total findings • CodeHawks • Martin

#214

high

Sandwich attack to steal all ERC-20 tokens in the Fees contract

medium

No expiration deadline leads to losing a lot of funds

Jun '23

Stader Labs

102.27 USDC • 1 total finding • Code4rena • martin

#29

medium

`pause/unpause` functionnalities not implemented in many pausable contracts

May '23

Iron Bank

0.08 USDC • 1 total finding • Sherlock • martin

#22

medium

`getPriceFromChainlink` function might return stale results

USSD - Autonomous Secure Dollar

0.01 USDC • 3 total findings • Sherlock • martin

#89

high

Critical Loss of Funds

high

Hard-coded price feed addresses

medium

Chainlink’s oracle might return stale results

Mar '23

Gitcoin

21.38 USDC • Sherlock • martin

#63

Sense Update #1

238.96 USDC • 1 total finding • Sherlock • martin

medium

Usage of deprecated `transfer` to send Ether

Y2K

41.79 USDC • 1 total finding • Sherlock • martin

#57

medium

Chainlink’s `latestRoundData` might return stale results

Neo Tokyo contest

29.67 USDC • Code4rena • martin

#21

Wenwin contest

21.7 USDC • Code4rena • martin

#26

Feb '23

Derby

26.40 USDC • 1 total finding • Sherlock • martin

#36

medium

[M-02] Non-Compliant Allowance Logic

Ethos Reserve contest

61.26 USDC • Code4rena • martin

#33

Jan '23

RabbitHole Quest Protocol contest

17.95 USDC • 1 total finding • Code4rena • martin

#73

high

Protocol fees can be withdrawn multiple times in `Erc20Quest`

Timeswap contest

65.35 USDC • Code4rena • martin

#20

Dec '22

prePO contest

25.05 USDC • Code4rena • martin

#32

Escher contest

0.61 USDC • 1 total finding • Code4rena • martin

#71

medium

Use of `payable.transfer()` Might Render ETH Impossible to Withdraw

Nov '22

ParaSpace contest

103.92 USDC • Code4rena • martin

#51

Canto contest

73.58 CANTO • Code4rena • martin

#10

Redacted Cartel contest

53.49 USDC • Code4rena • martin

#46

LSD Network - Stakehouse contest

52.03 USDC • Code4rena • martin

#52

Blur Exchange contest

64.77 USDC • Code4rena • martin

#27

Debt DAO contest

115.92 USDC • 1 total finding • Code4rena • martin

#40

medium

address.call{value:x}() should be used instead of payable.transfer()

Oct '22

Inverse Finance contest

19.39 USDC • 1 total finding • Code4rena • martin

#48

medium

Chainlink oracle data feed is not sufficiently validated and can return stale `price`

Holograph contest

82.04 USDC • 1 total finding • Code4rena • martin

#31

medium

`_payoutToken[s]()` is not compatible with tokens with missing return value

3xcalibur contest

34.98 USDC • Code4rena • martin

#33

Juicebox contest

25.96 USDC • Code4rena • martin

#19

The Graph L2 bridge contest

20.79 USDC • Code4rena • martin

#16

Sep '22

QuickSwap and StellaSwap contest

77.62 USDC • Code4rena • martin

#39

VTVL contest

28.18 USDC • Code4rena • martin

#67

Art Gobblers contest

55.2 USDC • Code4rena • martin

#21

PartyDAO contest

117.69 USDC • Code4rena • martin

#48

Nouns Builder contest

106.39 USDC • Code4rena • martin

#83

Aug '22

Olympus DAO contest

86.95 USDC • Code4rena • martin

#73

Nouns DAO contest

16.97 USDC • Code4rena • martin

#43