Security Researcher
Blockchain Security Researcher Blockchain Developer | Open-Source Freedom Fighter
High
Total
Medium
Total
Total Earnings
#1201 All Time
Payouts
Top 10
Top 25
Top 50
All
Sherlock
Code4rena
Cantina
CodeHawks
Immunefi
Jun '25
medium
May '25
high
Findings not publicly available for private contests.
medium
high
high
medium
medium
medium
medium
Apr '25
high
Buffer Silently Locks Staked HYPE in Contract Without Using Them For Withdrawals Or Providing A Way To Be Pulled Out Or Moved To L1
high
Mishandling of receiving HYPE in the StakingManager , lead to user can't confirm withdrawal and inflate the exchange ratio
medium
Inconsistent State Restoration in `cancelWithdrawal` Function
medium
Mar '25
Feb '25
high
Multiple Delegation by Double Spending Boosts and Lack of Delegation Tracking in BoostController Contract
high
RAACNFT mint function receives funds to address(this) but has no way of withdrawing them
high
Users Can Overwrite Existing Locks in veRAACToken Resulting in Permanent Loss of Funds
high
Reward manipulation vulnerability in StabilityPool
high
Incorrect Reward Claim Logic in FeeCollector::claimRewards Causes Denial of Service
high
RToken's transfer function lead to loss of funds due to incorrect math
high
Users can borrow more assets than they have deposited as collateral
high
NFTs Get Permanently Locked in Stability Pool After Liquidation
medium
RToken.transferFrom() Does Not Scale User Balances Due to Stale Liquidity Index
medium
Workingsupply would always be overwritten in boostcontroller.sol impacting reward calculations
medium
Cordinated group of attacker can artificially lower quorum threshold during active proposals forcing malicious proposals to pass without true majority support.
medium
Incorrect boost calculation in `BoostController#_calculateBoost()` can be exploited to gain an unfair advantage in reward distribution
medium
Flawed Boost Multiplier Calculation Always Yields Maximum Boost
low
Limited veRaac Token Supply Triggers DoS, Hampering Proper Governance Participation.
low
`FeeCollector::updateFeeType` wrong fee share validation leads to impossible update for some fee types
low
Insufficient ETH Forwarding in Governance Execution Mechanism Causes Proposal Failures
Jan '25