https://sherlock-files.ams3.digitaloceanspaces.com/twitter_images/e8661796-121f-4a89-940e-2827e4a7caa4.png

moray5554

Security Researcher

Contact Me

High

9

Total

Medium

10

Total

$3.33K

Total Earnings

#862 All Time

15x

Payouts

silver

1x

2nd Places

regular

5x

Top 10

regular

9x

Top 25

All

Sherlock

Code4rena

Cantina

Apr '25

Aegis.im YUSD

Aegis.im YUSD

45.94 OP • 1 total finding • Sherlock • moray5554

#4

high

Insurance Fee taken from burn YUSD amount which leads to broken core invariant

Mar '25

Nudge.xyz

Nudge.xyz

0.06 USDC • 1 total finding • Code4rena • moray5554

#8

medium

Unauthorized Reallocation in `NudgeCampaign::handleReallocation` and Reward Disruption Vulnerability in `NudgeCampaign::invalidateParticipations`

PinLink: RWA-Tokenized DePIN Marketplace

PinLink: RWA-Tokenized DePIN Marketplace

68.91 USDC • Sherlock • moray5554

#18

Crestal Network

Crestal Network

21.72 USDC • 1 total finding • Sherlock • moray5554

#9

medium

Attacker will be able to reuse signature and force someone to over-pay for updating config

Symmio, Staking and Vesting

Symmio, Staking and Vesting

8.90 USDC • 2 total findings • Sherlock • moray5554

#16

medium

Donating small amount of reward tokens will infliate reward for other users

medium

Vesting plan might not be modifyed with at desired amount under certain coditions

Feb '25

Usual Labs

Usual Labs

849.83 USDC • Sherlock • moray5554

#16

Jan '25

daao-contracts

daao-contracts

106.35 USDC • 3 total findings • Cantina • moray5554

#36

high

Finding not yet public.

high

Finding not yet public.

medium

Finding not yet public.

Plaza Finance

Plaza Finance

1,647.68 USDC • 6 total findings • Sherlock • moray5554

#6

high

User is able to receive bigger amount shares for previous periods by transefering Bonds between another users

high

Incosistency between Eth amount before and after auction leads to unfair leverage, reserves decrese

high

Fee incosistency

medium

Auction will be dosed forever in case remainder of division TotalBuyCouponAmount/maxBids != 0

medium

Inconsistency beetwen MAX_BID_AMOUNT and poolSaleLimit could lead to DOS of auction

medium

User is able to claim usdc for new period even if auction not ended yet in case there is enough unclaimed shares

Aave v3.3

Aave v3.3

140.06 USDC • Sherlock • moray5554

#71

Dec '24

Ethos Reputation Market Fix Review Contest

Ethos Reputation Market Fix Review Contest

144.76 USDC • 1 total finding • Sherlock • moray5554

silver

medium

Seller might acces initial market liquidity leading to loss of funds for users and temporary DOS

Oku's New Order Types Contract Contest

Oku's New Order Types Contract Contest

0.47 OP • 1 total finding • Sherlock • moray5554

#61

high

Mapping orders not being updated while order canceling and perfromUpKeep() leads to drain of funds from protocol

Autonomint Colored Dollar V1

Autonomint Colored Dollar V1

0.14 OP • 1 total finding • Sherlock • moray5554

#67

high

anyone can call updateDownsideProtected() to increment state variable and cause dos of main function in protocol

Nov '24

Ethos Network Financial Contracts

Ethos Network Financial Contracts

279.18 USDC • 1 total finding • Sherlock • moray5554

#17

high

User is able to took funds from previous vouchers pool even if he the only, who vouched

Nouns DAO - Auction Streams

Nouns DAO - Auction Streams

2.83 USDC • Sherlock • moray5554

#65

Debita Finance V3

Debita Finance V3

12.57 USDC • 1 total finding • Sherlock • moray5554

#49

medium

underflow leads to be impossible to execute extendLoan function