https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/cc0a2c45-600e-4a8d-83a2-564808e3609b.jpeg

sandy

Security Researcher

I break smart contracts.

Contact Me

High

13

Total

Medium

8

Total

$1.28K

Total Earnings

#1162 All Time

21x

Payouts

bronze

2x

3rd Places

regular

2x

Top 10

regular

7x

Top 25

All

Sherlock

Code4rena

CodeHawks

Jul '24

Munchables

Munchables

0.39 USDC • 3 total findings • Code4rena • sandy

#48

high

Invalid validation allows users to unlock early

high

Single plot can be occupied by multiple renters

medium

Players can gain more NFTs benefiting from that past remainder in subsequent locks

TempleGold

TempleGold

31.81 USDC • 2 total findings • CodeHawks • 0xsandy

#32

high

Incompatibility with Multisig Wallets in `TempleGold::send` Function

low

Incosistent message generation in TempleTeleporter.quote() and TempleTeleporter.teleport() results in inaccurate required fee calculation by TempleTeleporter.quote()

May '24

Beanstalk: The Finale

Beanstalk: The Finale

106.15 USDC • 1 total finding • CodeHawks • 0xsandy

#33

medium

Improper Domain Separator Hash in _domainSeparatorV4() Function

Munchables

Munchables

28.81 USDC • 3 total findings • Code4rena • sandy

#12

high

Invalid validation allows users to unlock early

high

Single plot can be occupied by multiple renters

medium

Players can gain more NFTs benefiting from that past remainder in subsequent locks

Sablier

Sablier

201.07 USDC • 1 total finding • CodeHawks • 0xsandy

#18

low

SablierV2Lockup is not EIP4906 compliant.

LoopFi

LoopFi

386.08 USDC • 1 total finding • Code4rena • sandy

bronze

high

Availability of deposit invariant can be bypassed

Mar '24

vVv Vesting & Staking

vVv Vesting & Staking

0.99 USDC • Sherlock • sandy

#43

RadicalxChange

RadicalxChange

1.18 USDC • 1 total finding • Sherlock • sandy

bronze

high

Highest bidder can cancel his bids and withdraw all the collateral using ``_cancelAllBids()`` function.

Feb '24

AI Arena

AI Arena

30.27 USDC • 3 total findings • Code4rena • sandy

#101

high

Fighters cannot be minted after the initial generation due to uninitialized `numElements` mapping

high

Non-transferable `GameItems` can be transferred with `GameItems::safeBatchTransferFrom(...)`

medium

Minter / Staker / Spender roles can never be revoked`..,

Jan '24

MorpheusAI

MorpheusAI

44.19 USDC • 2 total findings • CodeHawks • 0xsandy

#17

low

Use custom gas in `sendMintMessage` instead of default gas

low

Do not hardcode `_zroPaymentAddress` field to `address(0)`

Dec '23

The Standard

The Standard

0.27 USDC • 3 total findings • CodeHawks • 0xsandy

#92

high

Rewards can be drained because of lack of access control

medium

Missing deadline check allow pending transactions to be maliciously executed

low

`costInEuros` calculation will incur precision loss due to division before multiplication

Footium Update

Footium Update

1.41 USDC • Sherlock • sandy

#37

Oct '23

Canto Liquidity Mining Protocol

Canto Liquidity Mining Protocol

35.19 USDC • Code4rena • sandy

#17

Sep '23

Centrifuge

Centrifuge

12.79 USDC • Code4rena • sandy

#34

Ondo Finance

Ondo Finance

25.93 USDC • Code4rena • sandy

#28

Aug '23

Cooler Update

Cooler Update

19.86 USDC • 2 total findings • Sherlock • sandy

#18

medium

A malicious lender can call ``rollLoan()`` himself to increase ``borrowers`` loan repay amount.

medium

A malicious lender can front-run ``rollLoan()`` to set additional ``duration_`` to 1 and ``interest_`` very high.

Sparkn

Sparkn

75.82 USDC • 3 total findings • CodeHawks • 0xsandy

#37

low

If a winner is blacklisted on any of the tokens they can't receive their funds

low

Centralization Risk for trusted organizers

low

Organizers are not incentivized to deploy and distribute to winners causing that winners may not to be rewarded for a long time and force the protocol owner to manage the distribution

veRWA

veRWA

9.82 USDC • Code4rena • sandy

#52

Jul '23

Beedle - Oracle free perpetual lending

Beedle - Oracle free perpetual lending

134.28 USDC • 9 total findings • CodeHawks • 0xsandy

#32

high

Borrower can bypass maxLoanRatio's configuration of a pool via buyLoan()

high

[H-04] Lender#buyLoan - Malicious user could take over a loan for free without having a pool because of wrong access control

high

Attacker can steal a loan's collateral and break the protocol

low

Zero address leads to transaction reverts

low

Lender fails to giveLoan because of inconsistent length between `loadIds` and `poolIds`

low

Missing Events Emitting

gas

No use of Ownable in Staking contract.

gas

Use do while loops instead of for loops.

gas

MaxLoanRatio is not configured properly.

Foundry DeFi Stablecoin CodeHawks Audit Contest

Foundry DeFi Stablecoin CodeHawks Audit Contest

5.30 USDC • 4 total findings • CodeHawks • 0xsandy

#92

medium

Chainlink oracle will return the wrong price if the aggregator hits `minAnswer`

low

Lack of events for critical actions

gas

Double checks

gas

[G-01] - Use `do-while` loop instead of `for-loop` to save users gas cost.

CodeHawks Escrow Contract - Competition Details

CodeHawks Escrow Contract - Competition Details

129.73 USDC • 4 total findings • CodeHawks • 0xsandy

#33

low

Lack of proper event emission at resolveDispute function.

gas

Use Constants instead of Enum

gas

Incomplete, incorrect or ambiguous comments

gas

Reentrancy guard and nonReentrant modifier not required.