https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/b3ee30ab-4a05-4c01-b4ae-72f021e22528.png

pyk

https://pyk.sh

High

Total

Medium

Total

$3.31K

Total Earnings

#941 All Time

5x

Payouts

1x

Top 10

3x

Top 25

4x

Top 50

All

Sherlock

Cantina

Jul '25

Malda

1,020.78 USDC • 1 total finding • Sherlock • pyk

#14

medium

get_proof_data_zkvm_input panics if chain_id=1 and l1_inclusion=true

Jun '25

DODO Cross-Chain DEX

492.62 USDC • 5 total findings • Sherlock • pyk

#12

high

Invalid Check in `GatewayCrossChain.claimRefund` Allows Anyone To Claim Refunds Intended for Non-EVM Addresses

high

Missing `params.toToken == decoded.targetZRC20` Validation in `GatewayCrossChain.onCall` Allows Anyone to Drain Arbitrary `decoded.targetZRC20` from GatewayCrossChain

high

Empty `swapData` in `GatewayTransferNative.onCall` Bypasses Swap and Allows Draining of Arbitrary `targetZRC20`

high

`GatewayCrossChain.onCall` Swaps Arbitrary Contract's ZRC20 When `swapDataZ.fromToken` Mismatches Deposited `zrc20`

medium

`GatewayTransferNative.withdraw` Truncates 32-Byte Bitcoin Addresses in `revertMessage`

May '25

stability-contracts

16.61 USDC • 1 total finding • Cantina • sepyke

#37

medium

Finding not yet public.

alchemix-v3

1,784.42 USDC • 7 total findings • Cantina • sepyke

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

high

Finding not yet public.

Apr '25

mighty-contracts

0.23 USDC • 2 total findings • Cantina • sepyke

#93

high

Finding not yet public.

high

Finding not yet public.