Banner
https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/3ee50d15-43f0-4b21-8749-cb1bcbda2ae3.jpg

oxelmiguel

Security Researcher

Smart contract security researcher and blockchain engineer

Contact Me

High

41

Total

Medium

1

Solo

22

Total

$13.97K

Total Earnings

#457 All Time

15x

Payouts

silver

1x

2nd Places

bronze

2x

3rd Places

regular

4x

Top 10

All

Sherlock

Code4rena

CodeHawks

May '25

LEND

LEND

123.42 USDC • 10 total findings • Sherlock • oxelmiguel

#27

high

Incorrect Debt Clearance During Cross-Chain Repayments Leading to Protocol Losses

high

Incorrect Cross-Chain Collateral Verification Leading to Over-Collateralization Requirement

high

Cross-Chain Borrowing State Corruption Due to Improper Mapping Updates

high

Incorrect Interest Accrual in Cross-Chain Borrow Update

high

Cross-Chain Debt Repayment Failure

high

Incorrect Liquidation Eligibility Check in Cross-Chain Lending Protocol

high

Cross-Chain Liquidation Debt Settlement Mismatch

high

Attackers Will Drain Collateral Reserves Through Faulty Liquidations

medium

Incorrect Application of Token-Specific borrowIndex on Aggregate Borrow Value

medium

Inefficient Liquidation Due to Close Factor Applied Only to Principal

Apr '25

Kinetiq

Kinetiq

541.38 USDC • 2 total findings • Code4rena • oxelmiguel12

#13

high

Mishandling of receiving HYPE in the StakingManager , lead to user can't confirm withdrawal and inflate the exchange ratio

high

Users Who Queue Withdrawal Before A Slashing Event Disadvantage Users Who Queue After And Eventually Leads To Loss Of Funds For Them

Mar '25

PinLink: RWA-Tokenized DePIN Marketplace

PinLink: RWA-Tokenized DePIN Marketplace

0.58 USDC • Sherlock • oxelmiguel

#84

Feb '25

SEDA Protocol

SEDA Protocol

21.95 USDC • 1 total finding • Sherlock • oxelmiguel

#22

high

Attacker Will Inflate Voting Power to Manipulate Consensus

Rova

Rova

0.04 USDC • 1 total finding • Sherlock • oxelmiguel

bronze

medium

Improper Validation Checks Will Affect User Participation Limits

Core Contracts

Core Contracts

1,851.34 usdc • 32 total findings • CodeHawks • oxelmiguel

bronze

high

Multiple Delegation by Double Spending Boosts and Lack of Delegation Tracking in BoostController Contract

high

Delegation Boost Not Usable by Delegatees

high

`BaseGauge` users can claim rewards without staking

high

Multiple issues from unnecessary balance increase calculation in DebtToken.mint

high

Incorrect Reward Claim Logic in FeeCollector::claimRewards Causes Denial of Service

high

Users can borrow more assets than they have deposited as collateral

high

Double Usage Index Scaling in StabilityPool Liquidation Inflates Required CRVUSD Balance

high

Attackers can double voting power and veToken amount by locking and increasing

high

Gauge Voting Misallocation Vulnerability

high

Gauge rewards are not transferred to gauge when distributeRewards() is called

high

Multiple calls to `BaseGauge::notifyRewardAmount()` override existing reward rate, causing loss of rewards for stakers

medium

`MAX_TOTAL_SUPPLY` Bypass in `veRAACToken` via `increase()` Function

medium

Gauge reward period can be extended indefinitely

medium

Incorrect DebtToken totalSupply Scaling Breaks Interest Rate Calculations

medium

Incorrect Return Values and Double Scaling in `RToken.burn` Function Leads to Denial of Service

medium

LendingPool deposits do not work with CurveVault due to lack of funds

medium

Multiple Critical Calculation And Logic Errors in `RToken::mint/burn` Function

medium

Workingsupply would always be overwritten in boostcontroller.sol impacting reward calculations

medium

Permanent boost inflation through delegation removal in Boostcontroller.sol

medium

Proposal Front-Running via Predictable Salt in `TimelockController::scheduleBatch`

medium

Flawed Boost Multiplier Calculation Always Yields Maximum Boost

medium

Incorrect rewardRate management in BaseGauge

medium

Missing Update of `lastUpdateTime` in `updatePeriod()

medium

Failure to Reset `rewardRate` in `updatePeriod()`

low

`mint` function in RToken contract doesn't return the correct expected values, leading to emission of ReserveLibrary `Deposit` event and LendingPool `Deposit` event with incorrect values.

low

Limited veRaac Token Supply Triggers DoS, Hampering Proper Governance Participation.

low

Unauthorized Vote Casting Vulnerability

low

Incorrect Initialization of minBoost in BaseGauge Constructor Breaks Core Contract Functionality

low

Missing Checkpoint Reset in `veRAACToken::emergencyWithdraw` Function

low

Insufficient ETH Forwarding in Governance Execution Mechanism Causes Proposal Failures

low

Missing `BaseGauge::distributionCap` validation leads to over-emission of rewards

low

Wrong event emitted in `LendingPool::_repay`

Jan '25

Liquid Ron

Liquid Ron

0 USDC • 1 total finding • Code4rena • oxelmiguel12

#12

medium

Incorrect Logic in onlyOperator Modifier Leading to Denial-of-Service for Authorized Operators Across Critical Functions

Part 2

Part 2

1,299.62 usdc • 7 total findings • CodeHawks • oxelmiguel

#14

high

Incorrect Credit Capacity Validation in `VaultRouterBranch.redeem` Enables Locked Collateral Drainage

high

Vaults weth reward is not distributed correctly

high

Unclaimed Rewards Loss Due to Missing Validation in `VaultRouterBranch.stake()`

high

Incorrect Debt Check in `CreditDelegationBranch::settleVaultsDebt` Function

high

Incorrect calculation in CreditDelegationBranch::withdrawUsdTokenFromMarket allows attacker mint any amount of usdz

medium

Attacker can manipulate the amount of output tokens of users in ZlpVault

medium

Issue with Decimal Offset Calculation Leading to Weak Donation Protection

Plaza Finance

Plaza Finance

0.18 USDC • 1 total finding • Sherlock • oxelmiguel

#100

high

Incorrect Period Reference in `transferReserveToAuction` Leading to Denial of Service for Auction Contracts

Sep '24

Staking

Staking

1,375.83 USDC • CodeHawks • oxelmiguel

#15

Boost Core Incentive Protocol

Boost Core Incentive Protocol

8,001.42 USDC • 5 total findings • Sherlock • oxelmiguel

silver

high

Boost Creators Unable to Retrieve Funds or Draw Raffle Winners Due to Missing Entry Points

high

Malicious Actor Can Block Incentive Claims for Legitimate Users

medium

Inability to Handle Fee-on-Transfer Tokens in Budget Allocation

medium

Unlimited Referral Fee Allows Boost Creator to Bypass Protocol Fee

medium

Vulnerable Randomness in drawRaffle() Allows Manipulation of Raffle Results by Malicious Actors

Aug '24

Cork Protocol

Cork Protocol

511.85 USDC • 3 total findings • Sherlock • oxelmiguel

#7

high

Incorrect RA Transfer on Reserve's DS Sale

high

The lvRedeemRaWithCtDs Function Fails to Reduce Locked RA When Burning CT and DS

high

Inconsistent application of exchange rate

ZeroLend One

ZeroLend One

10.48 USDC • 1 total finding • Sherlock • oxelmiguel

#44

high

Incorrect Supply and Debt Balance Calculation in PositionBalanceConfiguration

Winnables Raffles

Winnables Raffles

1.80 USDC • 1 total finding • Sherlock • oxelmiguel

#37

high

Failure to Update _lockedETH Will Cause Withdrawal Failures for Contract Admin

Tadle

Tadle

229.45 USDC • 7 total findings • CodeHawks • oxelmiguel

#25

high

TokenManager - Unlimited withdraw

high

Native token withdrawal fails until manually approved

high

Formulaic Error Rounds Down Causing Total Loss Of Funds For Bid Takers During Abort

high

Malicious user can drain protocol by bypassing `ASK` offer abortion validation in `Turbo` mode

high

Token withdrawal fails until someone manually approves spending

high

Fund Withdrawal Flaw in preMarket Allows Users to Avoid Settlement Obligations

low

`listOffer` Unsafely References Fungible Identifiers