https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/defaults/default_avatar_1.png

radevweb3

Security Researcher

Contact Me

High

12

Total

Medium

17

Total

$7.28K

Total Earnings

#730 All Time

31x

Payouts

gold

2x

1st Places

bronze

1x

3rd Places

regular

11x

Top 10

All

Sherlock

Code4rena

Sep '25

Summer.fi - governance v2

Summer.fi - governance v2

76.81 USDC • 2 total findings • Sherlock • radevweb3

#6

medium

Rewards are lost due to integer division rounding and discrete reward updates

medium

Removing token and adding it back on causes new stakers to receive more rewards than intended

Aug '25

Neutrl Protocol

Neutrl Protocol

941.02 USDC • 1 total finding • Sherlock • radevweb3

gold

medium

FULL-restricted user can still stake by depositing to an unrestricted receiver (policy bypass in sNUSD)

Jun '25

DODO Cross-Chain DEX

DODO Cross-Chain DEX

493.25 USDC • 5 total findings • Sherlock • radevweb3

#11

high

Missing Validation for Native Token Amount in `withdrawToNativeChain`

high

Incorrect Access Control in `claimRefund`: Anyone Can Claim Refunds

high

Token Mismatch Vulnerability in `GatewayTransferNative` Functions

medium

ETH Refund Failure in `GatewaySend::onRevert()` Causes Permanent Loss

medium

USDT Incompatibility in GatewaySend: Assumes Standard ERC20 Behavior

Feb '25

Yieldoor

Yieldoor

0.09 USDC • 1 total finding • Sherlock • MaslarovK

#28

medium

Incorrect debt repayment due to wrong variable usage

THORWallet

THORWallet

346.49 USDC • 1 total finding • Code4rena • radev_sw

bronze

high

The user can send tokens to any address by using two bridge transfers, even when transfers are restricted.

Oct '24

Gamma Brevis Rewarder

Gamma Brevis Rewarder

445.40 OP • 2 total findings • Sherlock • MaslarovK

gold

high

Broken Rewards Distribution Logic in `GammaRewarder.sol`

medium

Loss of Precision in createDistribution() Due to Division Rounding in Epoch Calculation

Jul '24

Munchables

Munchables

0.39 USDC • 1 total finding • Code4rena • radev_sw

#48

high

Single plot can be occupied by multiple renters

May '24

LoopFi

LoopFi

213.33 USDC • 1 total finding • Code4rena • Pechenite

#5

high

Availability of deposit invariant can be bypassed

Apr '24

DYAD

DYAD

0.02 USDC • 1 total finding • Code4rena • Pechenite

#114

high

Attacker can make 0 value deposit() calls to deny user from redeeming or withdrawing collateral

Mar '24

Ondo Finance

Ondo Finance

563.06 USDC • 2 total findings • Code4rena • radev_sw

#9

medium

Users can lose access to funds due to minimum withdrawal limits.

medium

The `BURNER` cannot burn tokens from accounts not KYC verified due to the check in `_beforeTokenTransfer`.

DittoETH

DittoETH

191.73 USDC • Code4rena • Pechenite

#18

zkSync Era

zkSync Era

619.88 USDC • Code4rena • Pechenite

#10

Taiko

Taiko

60.3 USDC • Code4rena • Pechenite

#34

Feb '24

UniStaker Infrastructure

UniStaker Infrastructure

694.3 USDC • Code4rena • radev_sw

#5

AI Arena

AI Arena

107.58 USDC • 2 total findings • Code4rena • radev_sw

#60

high

A locked fighter can be transferred; leads to game server unable to commit transactions, and unstoppable fighters

medium

DoS in `MergingPool::claimRewards` function and potential DoS in `RankedBattle::claimNRN` function if called after a significant amount of rounds passed.

Jan '24

Decent

Decent

12.28 USDC • Code4rena • Pechenite

#54

Salty.IO

Salty.IO

20.79 USDC • Code4rena • Pechenite

#107

Dec '23

Revolution Protocol

Revolution Protocol

67.06 USDC • 3 total findings • Code4rena • Pechenite

#50

medium

The quorumVotes can be bypassed

medium

CultureIndex.sol#dropTopVotedPiece() - Malicious user can manipulate topVotedPiece to DoS the whole CultureIndex and AuctionHouse

medium

Bidder can use donations to get VerbsToken from auction that already ended.

Nov '23

Kelp DAO | rsETH

Kelp DAO | rsETH

272.35 USDC • 2 total findings • Code4rena • Pechenite

#15

medium

Lack of slippage control on LRTDepositPool.depositAsset

medium

Update in strategy will cause wrong issuance of shares

Oct '23

Party Protocol

Party Protocol

884.91 USDC • 2 total findings • Code4rena • Pechenite

#9

medium

ETHCrowdfundBase.sol#processContribution - Impossible to finalize crowdfund because of minContribution check

medium

`PartyGovernanceNFT#rageQuit()` can lead to token loss for users when dealing with zero-balance ERC20 during a `rageQuit()`

Ethena Labs

Ethena Labs

126.34 USDC • Code4rena • radev_sw

#25

The Wildcat Protocol

The Wildcat Protocol

163.8 USDC • 2 total findings • Code4rena • radev_sw

#39

high

Lenders can escape the blacklisting of their accounts because they can move their MarketTokens to different accounts and gain the WithdrawOnly Role on any account they want

high

Borrower has no way to update `maxTotalSupply` of `market` or close market.

Brahma

Brahma

152.13 USDC • Code4rena • radev_sw

#8

ENS

ENS

141.52 USDC • Code4rena • radev_sw

#6

Canto Liquidity Mining Protocol

Canto Liquidity Mining Protocol

113.58 USDC • Code4rena • radev_sw

#13

Sep '23

Venus Prime

Venus Prime

17.24 USDC • Code4rena • radev_sw

#37

Aug '23

Chainlink Staking v0.2

Chainlink Staking v0.2

41.45 USDC • Code4rena • radev_sw

#57

Good Entry

Good Entry

482.48 USDC • 1 total finding • Code4rena • radev_sw

#18

high

Overflow can still happened when calculating `priceX8` inside `poolMatchesOracle` operation

Tangible Caviar

Tangible Caviar

0.72 USDC • Code4rena • Pechenite

#86

Jul '23

Basin

Basin

17.52 USDC • Code4rena • radev_sw

#26

May '23

Juicebox Buyback Delegate

Juicebox Buyback Delegate

16.19 USDC • Code4rena • radev_sw

#18