https://sherlock-files.ams3.digitaloceanspaces.com/twitter_images/caa78be2-dfbe-4af7-b1e7-3cc205642946.jpg

nicobevi

Security Researcher

Software engineer Crypto enthusiast. @code4rena, @sherlockdefi and @SpearbitDAO auditor (trying at least). whitehat @immunefi

Contact Me

High

Total

Medium

Total

$1.74K

Total Earnings

#1262 All Time

13x

Payouts

1x

Top 10

6x

Top 25

11x

Top 50

All

Sherlock

Code4rena

Apr '23

Teller

184.50 USDC • 1 total finding • Sherlock • nicobevi

#31

high

CollateralManager.setCollateralEscrowBeacon has not access restrictions and could be frontrun

Dec '22

Caviar contest

40.26 USDC • 1 total finding • Code4rena • nicobevi

#44

high

Liquidity providers may lose funds when adding liquidity

Nov '22

ParaSpace contest

257.37 USDC • 3 total findings • Code4rena • nicobevi

#41

high

Anyone can prevent themselves from being liquidated as long as they hold one of the supported NFTs

medium

Front-running admin setPrice call allows a single compromised oracle to set any price, allowing the oracle manipulator to drain all protocol funds

medium

Centralization risk: admin can with rug the project by removing asset and price manipulation on oracle.

Oct '22

Blur Exchange contest

531.64 USDC • 1 total finding • Code4rena • nicobevi

#14

high

StandardPolicyERC1155.sol returns amount == 1 instead of amount == order.amount