https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/c849318e-f1dd-4179-bc15-cf7422f4d682.jpeg

mladenov

Security Researcher

Contact Me

High

7

Total

Medium

11

Total

$4.48K

Total Earnings

#852 All Time

11x

Payouts

gold

1x

1st Places

regular

4x

Top 10

regular

6x

Top 25

All

Sherlock

Code4rena

CodeHawks

Jul '25

Malda

Malda

1,501.07 USDC • 4 total findings • Sherlock • SafetyBytes

#9

high

Lack of message validation for EverClear brdige

medium

Rebalancing system fails due to incorrect token transfer flow

medium

Bridge Operations Lack Recovery Mechanisms for Failed Transfers

medium

Decimal precision mismatch renders API3 oracle unusable in dual-oracle system

Jun '25

Chainlink Rewards

Chainlink Rewards

1.42 USDC • Code4rena • SafetyBytes

#8

DODO Cross-Chain DEX

DODO Cross-Chain DEX

689.24 USDC • 5 total findings • Sherlock • SafetyBytes

#4

high

Anyone Can Steal Non-EVM Cross-Chain Refunds

high

Parameter Validation Gap Enables Systematic Token Theft Across Bridge Contracts

high

Missing Native Token Amount Validation in `withdrawToNativeChain`

medium

Protocol doesn't work with USDT token

medium

Silent ETH Fund Loss in Cross-Chain Revert Mechanism

May '25

LEND

LEND

0.41 USDC • 2 total findings • Sherlock • SafetyBytes

#110

high

LEND Rewards Can Be Claimed Multiple Times Due to Missing State Reset

medium

Double Interest Calculation in Liquidation Logic Leads to Unfair Liquidation of Healthy Positions

Apr '25

Pareto USP, a credit-backed synthetic dollar

Pareto USP, a credit-backed synthetic dollar

2,166.66 USDC • 1 total finding • Sherlock • SafetyBytes

gold

medium

Accounting Failure in Credit Vault Valuation During Borrower Default

Dec '24

Alchemix Transmuter

Alchemix Transmuter

3.30 op • 2 total findings • CodeHawks • mladenov

#28

low

Missing Router Update Mechanism in StrategyMainnet Contract

low

Old router retains token allowance after update

Oku's New Order Types Contract Contest

Oku's New Order Types Contract Contest

0.02 OP • 2 total findings • Sherlock • mladenov

#64

high

Order ID can be manipulated

medium

`PythOracle::currentValue` does not check price staleness correctly

Nov '24

Debita Finance V3

Debita Finance V3

12.57 USDC • 1 total finding • Sherlock • mladenov

#49

medium

extendLoan function reverts due to unused time calculation

Project

Project

80.34 USDC • 1 total finding • CodeHawks • mladenov

#13

medium

Reorg Vulnerability in DAO Membership Creation Allows Users to Join Incorrect DAOs

Aug '24

Cork Protocol

Cork Protocol

3.41 USDC • 1 total finding • Sherlock • mladenov

#17

medium

LVDepositNotPaused modifier does not work correctly

Jun '23

Lybra Finance

Lybra Finance

18.42 USDC • 1 total finding • Code4rena • mladenov

#80

high

Incorrectly implemented modifiers in LybraConfigurator.sol allow any address to call functions that are supposed to be restricted