minhquanym

Security Researcher

Contact Me

High

Total

Medium

Total

$80.22K

Total Earnings

#106 All Time

58x

Payouts

4x

2nd Places

3x

3rd Places

18x

Top 10

All

Sherlock

Code4rena

Cantina

CodeHawks

Jul '24

Zaros Part 1

25.25 USDC • 2 total findings • CodeHawks • minhquanym

#72

high

Inadequate Checking of `isIncreasing` when trader adjusts position size

high

Incorrect logic for checking isFillPriceValid

MagicSea - the native DEX on the IotaEVM

64.75 USDC • 4 total findings • Sherlock • minhquanym

#34

medium

Incorrect parameters passed in `_requireOnlyOperatorOrOwnerOf()` function allows any caller to have rights over any tokenID

medium

Inconsistent check in `harvestPositionsTo()` function

medium

`addToPosition()` might use incorrect `amountToAdd` value if amount received is different than input parameter

medium

Users are able to front-run reward distribution

Jan '24

Opus

12,319.79 USDC • Code4rena • minhquanym

Dec '23

stake.link

250.11 USDC • 1 total finding • CodeHawks • minhquanym

#16

medium

A user can lose funds in `sdlPoolSecondary` if tries to add more sdl tokens to a lock that has been queued to be completely withdrawn

Nov '23

core-and-erc1155a

282.99 USDC • 1 total finding • Cantina • minhquanym

#21

high

Finding not yet public.

Aug '23

Dopex

19.17 USDC • Code4rena • minhquanym

#109

Jun '23

Llama

80.16 USDC • Code4rena • minhquanym

#19

May '23

Maia DAO Ecosystem

5,802.61 USDC • Code4rena • minhquanym

#11

Juicebox Buyback Delegate

434.43 USDC • Code4rena • minhquanym

Mar '23

Neo Tokyo contest

3,004.1 USDC • Code4rena • minhquanym

Jan '23

RabbitHole Quest Protocol contest

44.45 USDC • Code4rena • minhquanym

#49

Ondo Finance contest

2,517.13 USDC • Code4rena • minhquanym

Dec '22

Caviar contest

850.48 USDC • Code4rena • minhquanym

Escher contest

239.83 USDC • Code4rena • minhquanym

#19

Maverick contest

728.88 USDC • Code4rena • minhquanym

#10

Nov '22

ParaSpace contest

13,222.4 USDC • Code4rena • minhquanym

Debt DAO contest

2,480.3 USDC • Code4rena • minhquanym

#11

Sense

99.23 USDC • 1 total finding • Sherlock • minhquanym

medium

Possible DOS in RollerPeriphery `approve()` function

Chainlink Staking contest

11,694.18 USDC • Code4rena • minhquanym

Oct '22

Astaria

85.66 USDC • 3 total findings • Sherlock • minhquanym

#22

high

Funds are not refunded to current bidder in `cancelAuction(...)` function

medium

Bug #1 - Incorrect `newDuration` calculation cause auction extending to `maxDuration` every time

medium

Bug #2 - Incorrect new duration logic cause DOS in `createBid(...)` function

NFTPort

176.00 USDC • 1 total finding • Sherlock • minhquanym

medium

User can deploy and call multiple times with the same signature

Juicebox contest

3,498.68 USDC • Code4rena • minhquanym

Mover

2,594.88 USDC • 1 total finding • Sherlock • minhquanym

high

Anyone can steal fee in ExchangeProxy to do the swap

Merit Circle

66.63 USDC • 1 total finding • Sherlock • minhquanym

#11

medium

Possible DOS in `deposit()`, `extendLock()` and `increaseLock()` because of potential overflow

Blur Exchange contest

114.82 USDC • Code4rena • minhquanym

#20

Mycelium

99.78 USDC • 1 total finding • Sherlock • minhquanym

high

First depositor can break minting of shares

Sep '22

Knox Finance

20.77 USDC • 1 total finding • Sherlock • minhquanym

#12

medium

Oracle data feed is insufficiently validated.

Harpie

537.28 USDC • 3 total findings • Sherlock • minhquanym

medium

Replay signature attack to changeRecipientAddress function

medium

Incompatability with deflationary / fee-on-transfer tokens

medium

There is no limit on the amount of fee users have to pay

Aug '22

Fraxlend (Frax Finance) contest

238.34 USDC • Code4rena • minhquanym

#22

Rigor Protocol contest

799.63 USDC • Code4rena • minhquanym

#17

Jul '22

Golom contest

212.42 USDC • Code4rena • minhquanym

#51

Fractional v2 contest

158.59 USDC • Code4rena • minhquanym

#53

Jun '22

Putty contest

2,830.87 USDC • Code4rena • minhquanym

Nibbl contest

49.7 USDC • Code4rena • minhquanym

#29

Yieldy contest

1,214.5 USDC • Code4rena • minhquanym

#14

Nested Finance contest

83.14 USDC • Code4rena • minhquanym

#15

Badger-Vested-Aura contest

1,881.47 USDC • Code4rena • minhquanym

Connext Amarok contest

255.69 USDC • Code4rena • minhquanym

#31

Notional x Index Coop

1,942.85 USDC • Code4rena • minhquanym

May '22

veToken Finance contest

268.73 USDT • Code4rena • minhquanym

#31

Velodrome Finance contest

294.83 USDC • Code4rena • minhquanym

#24

Rubicon contest

203.47 USDC • Code4rena • minhquanym

#39

Aura Finance contest

83.25 USDC • Code4rena • minhquanym

#52

Cally contest

113.11 USDC • Code4rena • minhquanym

#32

Enso Finance contest

174.21 USDT • Code4rena • minhquanym

#47

FactoryDAO contest

39.44 DAI • Code4rena • minhquanym

#59

Forgotten Runes Warrior Guild contest

45.77 USDC • Code4rena • minhquanym

#52

Apr '22

Phuture Finance contest

98.79 USDC • Code4rena • minhquanym

#20

Badger Citadel contest

1,815.58 USDC • Code4rena • minhquanym

#13

JPEG'd contest

2,280.15 USDC • Code4rena • minhquanym

Backed Protocol contest

181.41 USDC • Code4rena • minhquanym

#20

Mar '22

Joyn contest

325.2 USDC • Code4rena • minhquanym

#22

Paladin contest

160.66 USDC • Code4rena • minhquanym

#25

LI.FI contest

61.54 USDC • Code4rena • minhquanym

#56

prePO contest

80.3 USDC • Code4rena • minhquanym

#25

Biconomy Hyphen 2.0 contest

1,567.26 USDT • Code4rena • minhquanym

#11

Feb '22

JPYC contest

655.35 USDC • Code4rena • minhquanym

#18

Hubble contest

750.47 USDC • Code4rena • minhquanym

#17