https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/0ada4d72-702c-42f8-9f9a-5078d630fe5a.jpg

sakibcy

Security Researcher

Web3 Security Researcher | Smart Contract Auditor

Contact Me

High

Total

Medium

Solo

Total

$1.67K

Total Earnings

#1141 All Time

8x

Payouts

1x

3rd Places

4x

Top 10

4x

Top 25

All

Sherlock

CodeHawks

Mar '25

PinLink: RWA-Tokenized DePIN Marketplace

0.00 USDC • Sherlock • sakibcy

#106

Feb '25

Usual Labs

0.03 USDC • Sherlock • sakibcy

#58

Rova

0.04 USDC • 1 total finding • Sherlock • sakibcy

medium

On `Launch::updateParticipation#L355` it is using `refundCurrencyAmount` which is wrong

Core Contracts

58.22 usdc • 7 total findings • CodeHawks • sakibcy

#187

high

Boost Miscalculation Leads to Excess Distribution

high

Gauge stakers won't get any reward due to round-down in user weight calculation

medium

Failure to update `lastClaimTime` mapping when users claim rewards in FeeCollector Causes Time-Based Reward Calculation Issues

medium

Inconsistent Fee Collector Address Validation in RAACMinter: Denial of Service for Disabling Fee Collection

low

Canceled vote still get voted on and accumulate voting power in Goverance.sol

low

Incorrect Initialization of minBoost in BaseGauge Constructor Breaks Core Contract Functionality

low

`FeeCollector::updateFeeType` wrong fee share validation leads to impossible update for some fee types

Jan '25

Aave DIVA Wrapper

0.04 usdc • 1 total finding • CodeHawks • sakibcy

low

Incorrect sequence of AaveDIVAWrapper constructor parameters

Aave v3.3

350.76 USDC • Sherlock • sakibcy

#54

Dec '24

Oku's New Order Types Contract Contest

505.85 OP • 2 total findings • Sherlock • sakibcy

medium

Checking for `Stale Price` on `PythOracle::currentValue` has `wrong implementation`

medium

Malicious users can `createOrder` with `0 amount` and make `DOS` for all

Nov '24

Project

757.71 USDC • 1 total finding • CodeHawks • sakibcy

high

Missing KYC and NFT Ownership Verification for Ecosystem Access