https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/c849318e-f1dd-4179-bc15-cf7422f4d682.jpeg

mladenov

Security Researcher

Contact Me

High

Total

Medium

Total

$4.55K

Total Earnings

#879 All Time

12x

Payouts

1x

1st Places

5x

Top 10

7x

Top 25

All

Sherlock

Code4rena

CodeHawks

Sep '25

Summer.fi - governance v2

76.81 USDC • 2 total findings • Sherlock • SafetyBytes

medium

Rewards Are Lost Due to Integer Division Rounding and Discrete Accumulation

medium

Re-adding Removed Reward Tokens Causes Incorrect Reward Distribution

Jul '25

Malda

1,501.07 USDC • 4 total findings • Sherlock • SafetyBytes

high

Lack of message validation for EverClear brdige

medium

Rebalancing system fails due to incorrect token transfer flow

medium

Bridge Operations Lack Recovery Mechanisms for Failed Transfers

medium

Decimal precision mismatch renders API3 oracle unusable in dual-oracle system

Jun '25

Chainlink Rewards

1.42 USDC • Code4rena • SafetyBytes

DODO Cross-Chain DEX

689.24 USDC • 5 total findings • Sherlock • SafetyBytes

high

Anyone Can Steal Non-EVM Cross-Chain Refunds

high

Parameter Validation Gap Enables Systematic Token Theft Across Bridge Contracts

high

Missing Native Token Amount Validation in `withdrawToNativeChain`

medium

Protocol doesn't work with USDT token

medium

Silent ETH Fund Loss in Cross-Chain Revert Mechanism

May '25

LEND

0.41 USDC • 2 total findings • Sherlock • SafetyBytes

#110

high

LEND Rewards Can Be Claimed Multiple Times Due to Missing State Reset

medium

Double Interest Calculation in Liquidation Logic Leads to Unfair Liquidation of Healthy Positions

Apr '25

Pareto USP, a credit-backed synthetic dollar

2,166.66 USDC • 1 total finding • Sherlock • SafetyBytes

medium

Accounting Failure in Credit Vault Valuation During Borrower Default

Dec '24

Alchemix Transmuter

3.30 op • 2 total findings • CodeHawks • mladenov

#28

low

Missing Router Update Mechanism in StrategyMainnet Contract

low

Old router retains token allowance after update

Oku's New Order Types Contract Contest

0.02 OP • 2 total findings • Sherlock • mladenov

#64

high

Order ID can be manipulated

medium

`PythOracle::currentValue` does not check price staleness correctly

Nov '24

Debita Finance V3

12.57 USDC • 1 total finding • Sherlock • mladenov

#49

medium

extendLoan function reverts due to unused time calculation

Project

80.34 USDC • 1 total finding • CodeHawks • mladenov

#13

medium

Reorg Vulnerability in DAO Membership Creation Allows Users to Join Incorrect DAOs

Aug '24

Cork Protocol

3.41 USDC • 1 total finding • Sherlock • mladenov

#17

medium

LVDepositNotPaused modifier does not work correctly

Jun '23

Lybra Finance

18.42 USDC • 1 total finding • Code4rena • mladenov

#80

high

Incorrectly implemented modifiers in LybraConfigurator.sol allow any address to call functions that are supposed to be restricted