https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/defaults/default_avatar_4.png

mgf15

Security Researcher

745fe9f9c2

Contact Me

High

6

Total

Medium

8

Total

$1.45K

Total Earnings

#1296 All Time

25x

Payouts

gold

1x

1st Places

regular

5x

Top 10

regular

7x

Top 25

All

Sherlock

Code4rena

Nov '25

Privacy Cash

Privacy Cash

2.00 USDC • Sherlock • mgf15

#66

Findings not publicly available for private contests.

Oct '25

Saffron Fixed Income Vaults

Saffron Fixed Income Vaults

3.16 USDC • Sherlock • mgf15

#70

Sep '25

Rezerve Money

Rezerve Money

1.80 USDC • Sherlock • mgf15

#94

Findings not publicly available for private contests.

Aug '25

USG - Tangent

USG - Tangent

5.60 USDC • 1 total finding • Sherlock • mgf15

#63

medium

zapProxy will revert when tokenIn in USDT

Jul '25

Notional Exponent

Notional Exponent

11.98 USDC • 1 total finding • Sherlock • mgf15

#49

medium

usdt will not work

Jun '25

DODO Cross-Chain DEX

DODO Cross-Chain DEX

0.26 USDC • 1 total finding • Sherlock • mgf15

#72

medium

unsafe erc-20 transfer

May '25

LEND

LEND

2.46 USDC • 1 total finding • Sherlock • mgf15

#106

medium

Unsafe transfer when redeems tokens

Dec '24

Flex Perpetuals

Flex Perpetuals

62.48 USDC • 1 total finding • Code4rena • mgf15

#4

medium

Missing slippage protection in `AerodromeDexter.sol` `swapExactTokensForTokens()`

Teller Lender Groups Update Audit

Teller Lender Groups Update Audit

134.33 USDC • 1 total finding • Sherlock • mgf15

#6

medium

uses `ERC20.approve` instead of safe approvals, causing it to always revert on some ERC20s

Lambo.win

Lambo.win

0 USDC • 1 total finding • Code4rena • mgf15

#36

high

Minting zero tokens when underlyingToken is not Ether in cashIn()

Nov '24

vVv Launchpad - Investments & Token distribution

vVv Launchpad - Investments & Token distribution

94.59 USDC • 1 total finding • Sherlock • mgf15

gold

high

attacker can front-run `claim` function and steal user tokens

Jul '24

Basin

Basin

135.48 USDC • 1 total finding • Code4rena • mgf15

#7

high

`WellUpgradeable` can be upgraded by anyone

TraitForge

TraitForge

0 USDC • 1 total finding • Code4rena • mgf15

#89

medium

Pause and unpause functions are inaccessible

Apr '24

Teller Finance

Teller Finance

49.68 USDC • 2 total findings • Sherlock • mgf15

#27

high

IERC20.transferFrom wil fail for USDT

medium

`executeOperation` will revert if _flashToken is USDT

Jan '24

Decent

Decent

0.09 USDC • 1 total finding • Code4rena • mgf15

#56

high

Anyone can update the address of the Router in the DcntEth contract to any address they would like to set.

Curves

Curves

7.43 USDC • Code4rena • mgf15

#85

reNFT

reNFT

42.44 USDC • Code4rena • mgf15

#47

Nov '23

Canto Application Specific Dollars and Bonding Curves for 1155s

Canto Application Specific Dollars and Bonding Curves for 1155s

91.26 USDC • Code4rena • mgf15

#20

Oct '23

Badger eBTC Audit + Certora Formal Verification Competition

Badger eBTC Audit + Certora Formal Verification Competition

21.02 USDC • Code4rena • mgf15

#17

Brahma

Brahma

129.7 USDC • Code4rena • mgf15

#10

Jul '23

Tapioca DAO

Tapioca DAO

459.56 USDC • Code4rena • mgf15

#57

Jun '23

Lybra Finance

Lybra Finance

80.43 USDC • Code4rena • mgf15

#61

Stader Labs

Stader Labs

40.19 USDC • Code4rena • mgf15

#33

May '23

Maia DAO Ecosystem

Maia DAO Ecosystem

74.27 USDC • Code4rena • mgf15

#63

Jan '23

Popcorn contest

Popcorn contest

1.15 USDC • 1 total finding • Code4rena • mgf15

#91

high

Staking rewards can be drained