https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/defaults/default_avatar_4.png

mgf15

Security Researcher

745fe9f9c2

Contact Me

High

6

Total

Medium

8

Total

$1.45K

Total Earnings

#1280 All Time

24x

Payouts

gold

1x

1st Places

regular

5x

Top 10

regular

7x

Top 25

All

Sherlock

Code4rena

Oct '25

Saffron Fixed Income Vaults

Saffron Fixed Income Vaults

3.16 USDC • Sherlock • mgf15

#70

Sep '25

Rezerve Money

Rezerve Money

1.80 USDC • Sherlock • mgf15

#94

Findings not publicly available for private contests.

Aug '25

USG - Tangent

USG - Tangent

5.60 USDC • 1 total finding • Sherlock • mgf15

#63

medium

zapProxy will revert when tokenIn in USDT

Jul '25

Notional Exponent

Notional Exponent

11.98 USDC • 1 total finding • Sherlock • mgf15

#49

medium

usdt will not work

Jun '25

DODO Cross-Chain DEX

DODO Cross-Chain DEX

0.26 USDC • 1 total finding • Sherlock • mgf15

#72

medium

unsafe erc-20 transfer

May '25

LEND

LEND

2.46 USDC • 1 total finding • Sherlock • mgf15

#106

medium

Unsafe transfer when redeems tokens

Dec '24

Flex Perpetuals

Flex Perpetuals

62.48 USDC • 1 total finding • Code4rena • mgf15

#4

medium

Missing slippage protection in `AerodromeDexter.sol` `swapExactTokensForTokens()`

Teller Lender Groups Update Audit

Teller Lender Groups Update Audit

134.33 USDC • 1 total finding • Sherlock • mgf15

#6

medium

uses `ERC20.approve` instead of safe approvals, causing it to always revert on some ERC20s

Lambo.win

Lambo.win

0 USDC • 1 total finding • Code4rena • mgf15

#36

high

Minting zero tokens when underlyingToken is not Ether in cashIn()

Nov '24

vVv Launchpad - Investments & Token distribution

vVv Launchpad - Investments & Token distribution

94.59 USDC • 1 total finding • Sherlock • mgf15

gold

high

attacker can front-run `claim` function and steal user tokens

Jul '24

Basin

Basin

135.48 USDC • 1 total finding • Code4rena • mgf15

#7

high

`WellUpgradeable` can be upgraded by anyone

TraitForge

TraitForge

0 USDC • 1 total finding • Code4rena • mgf15

#89

medium

Pause and unpause functions are inaccessible

Apr '24

Teller Finance

Teller Finance

49.68 USDC • 2 total findings • Sherlock • mgf15

#27

high

IERC20.transferFrom wil fail for USDT

medium

`executeOperation` will revert if _flashToken is USDT

Jan '24

Decent

Decent

0.09 USDC • 1 total finding • Code4rena • mgf15

#56

high

Anyone can update the address of the Router in the DcntEth contract to any address they would like to set.

Curves

Curves

7.43 USDC • Code4rena • mgf15

#85

reNFT

reNFT

42.44 USDC • Code4rena • mgf15

#47

Nov '23

Canto Application Specific Dollars and Bonding Curves for 1155s

Canto Application Specific Dollars and Bonding Curves for 1155s

91.26 USDC • Code4rena • mgf15

#20

Oct '23

Badger eBTC Audit + Certora Formal Verification Competition

Badger eBTC Audit + Certora Formal Verification Competition

21.02 USDC • Code4rena • mgf15

#17

Brahma

Brahma

129.7 USDC • Code4rena • mgf15

#10

Jul '23

Tapioca DAO

Tapioca DAO

459.56 USDC • Code4rena • mgf15

#57

Jun '23

Lybra Finance

Lybra Finance

80.43 USDC • Code4rena • mgf15

#61

Stader Labs

Stader Labs

40.19 USDC • Code4rena • mgf15

#33

May '23

Maia DAO Ecosystem

Maia DAO Ecosystem

74.27 USDC • Code4rena • mgf15

#63

Jan '23

Popcorn contest

Popcorn contest

1.15 USDC • 1 total finding • Code4rena • mgf15

#91

high

Staking rewards can be drained