https://sherlock-files.ams3.digitaloceanspaces.com/twitter_images/a2280cab-d494-40f2-9c2d-67e7a3e829a8.jpg

sashik_eth

Security Researcher

Web3 Security Researcher | Warden @code4rena | Watson @sherlockdefi

Contact Me

High

33

Total

Medium

36

Total

$31.68K

Total Earnings

#268 All Time

45x

Payouts

silver

1x

2nd Places

regular

8x

Top 10

regular

21x

Top 25

All

Sherlock

Code4rena

Jul '24

MakerDAO Endgame

MakerDAO Endgame

1,551.21 USDC • Sherlock • sashik_eth

#47

Apr '24

DYAD

DYAD

26.03 USDC • 6 total findings • Code4rena • sashik_eth

#78

high

Attacker can make 0 value deposit() calls to deny user from redeeming or withdrawing collateral

high

Kerosene collateral is not being moved on liquidation, exposing liquidators to loss

high

Users can get their Kerosene stuck until TVL becomes greater than Dyad's supply

high

Unable to withdraw Kerosene from `vaultmanagerv2::withdraw` as it expects a `vault.oracle()` method which is missing in Kerosene vaults

medium

Attacker can frontrun to prevent vaults from being removed from the dNFT owner's position

medium

Incorrect deployment / missing contract will break functionality

Feb '24

AI Arena

AI Arena

178.41 USDC • 6 total findings • Code4rena • sashik_eth

#33

high

A locked fighter can be transferred; leads to game server unable to commit transactions, and unstoppable fighters

high

Since you can reroll with a different fighterType than the NFT you own, you can reroll bypassing maxRerollsAllowed and reroll attributes based on a different fighterType

high

Player can mint more fighter NFTs during claim of rewards by leveraging reentrancy on the `claimRewards() function `

high

Fighters cannot be minted after the initial generation due to uninitialized `numElements` mapping

high

Non-transferable `GameItems` can be transferred with `GameItems::safeBatchTransferFrom(...)`

high

FighterFarm:: reroll won't work for nft id greator than 255 due to input limited to uint8

Sep '23

Venus Prime

Venus Prime

4.37 USDC • Code4rena • sashik_eth

#39

Allo V2

Allo V2

673.44 USDC • 3 total findings • Sherlock • sashik_eth

#9

medium

RFPSimpleStrategy#_registerRecipient would always revert if useRegistryAnchor initialized with true

medium

Anchor would not be able to hold soulbound NFTs as expected

medium

Paying fees could be avoided when in the fundPool function

Aug '23

Chainlink Staking v0.2

Chainlink Staking v0.2

16,005.26 USDC • Code4rena • sashik_eth

#4

Tangible Caviar

Tangible Caviar

580.42 USDC • Code4rena • sashik_eth

#21

Jul '23

Beam

Beam

248.56 USDC • Sherlock • sashik_eth

#12

Jun '23

RealWagmi

RealWagmi

299.01 USDC • 2 total findings • Sherlock • sashik_eth

#8

high

Using slot0 data could lead to price manipulations

medium

Missing deadline protection on deposit/withdraw

Unitas Protocol

Unitas Protocol

1,692.95 USDC • 2 total findings • Sherlock • sashik_eth

#4

high

Oracle update could be sandwiched

medium

DOS of withdrawing assets if IP does not have enough reserves

May '23

Iron Bank

Iron Bank

951.16 USDC • 3 total findings • Sherlock • sashik_eth

#8

medium

Oracles would not work on L2s

medium

Missing sanity check on Chainlink return data

medium

Missing checks for active sequencer in L2s oracle

USSD - Autonomous Secure Dollar

USSD - Autonomous Secure Dollar

203.12 USDC • 10 total findings • Sherlock • sashik_eth

#9

high

Incorrect hardcoded oracles addresses

high

Wrong decimal number on DAI/ETH Chainlink priceFeed

high

Incorrect order of calculation in DAI oracle

high

Incorrect check in SellUSSDBuyCollateral function

high

Missing onlyBalancer modifier

high

Missing deadline and slippage protection on UniV3SwapInput

high

getOwnValuation function would overflow on a high sqrtPriceX96 value

medium

Missing sanity checks on chainlink priceFeeds

medium

Wrong calculation in WBTC oracle

medium

Missing redeem function

Index

Index

163.66 USDC • 2 total findings • Sherlock • sashik_eth

#16

medium

Not checking if the L2 sequencer is down during the call to Chainlink feeds

medium

Use of deprecated Chainlink function - latestAnswer()

DODO Margin Trading

DODO Margin Trading

116.10 USDC • 1 total finding • Sherlock • sashik_eth

silver

high

executeOperation() does not check that initiator of flash-loan is the user

Venus Protocol Isolated Pools

Venus Protocol Isolated Pools

815.47 USDC • 2 total findings • Code4rena • sashik_eth

#20

high

Incorrect `blocksPerYear` constant in `WhitepaperInterestRateModel`

medium

DOS attack prevents refunding previous bid in Shortfall.sol and malicious bidder always wins the auction

Footium

Footium

419.77 USDC • 4 total findings • Sherlock • sashik_eth

#6

high

Buyer of the club could be front-runned by the club seller during trade

high

Previous owner of the club could steal club inventory

medium

safeMint in FootiumClub is not "safe"

medium

Use safeTransfer consistently instead of transfer

Apr '23

EigenLayer Contest

EigenLayer Contest

1,515.53 USDC • 1 total finding • Code4rena • sashik_eth

#12

high

It is impossible to slash queued withdrawals that contain a malicious strategy due to a misplacement of the ++i increment

Frankencoin

Frankencoin

22.6 USDC • Code4rena • sashik_eth

#66

Caviar Private Pools

Caviar Private Pools

165.14 USDC • 7 total findings • Code4rena • sashik_eth

#33

high

Risk of silent overflow in reserves update

high

PrivatePool owner can steal all ERC20 and NFT from user via arbitrary execution

medium

`Factory.create`: Predictability of pool address creates multiple issues.

medium

Malicious royalty recipient can steal excess eth from buy orders

medium

Loss of funds for traders due to accounting error in royalty calculations

medium

Royalty recipients will not get fair share of royalties

medium

Flash loan fee is incorrect in Private Pool contract

Rubicon v2

Rubicon v2

30.17 USDC • 2 total findings • Code4rena • sashik_eth

#88

high

An attacker can steal all tokens of users that use `FeeWrapper`

medium

Calling `Position._marketBuy` and `Position._marketSell` functions that calculate `_fee` by dividing by `10000` can cause incorrect calculations

Mar '23

Gitcoin

Gitcoin

274.65 USDC • Sherlock • sashik_eth

#13

Asymmetry contest

Asymmetry contest

3.49 USDC • 1 total finding • Code4rena • sashik_eth

#123

high

An attacker can manipulate the preDepositvePrice to steal from other users.

Wenwin contest

Wenwin contest

193.23 USDC • 1 total finding • Code4rena • sashik_eth

#19

medium

The buyer of the ticket could be front-runned by the ticket owner who claims the rewards before the ticket's NFT is traded

Jan '23

RabbitHole Quest Protocol contest

RabbitHole Quest Protocol contest

39.56 USDC • 2 total findings • Code4rena • sashik_eth

#56

high

Protocol fees can be withdrawn multiple times in `Erc20Quest`

medium

User may loose rewards if the receipt is minted after quest end time

Nov '22

SIZE contest

SIZE contest

8.54 USDC • 1 total finding • Code4rena • sashik_eth

#41

medium

Incompatibility with fee-on-transfer/inflationary/deflationary/rebasing tokens, on both base tokens and quote tokens, with varying impacts

Sep '22

VTVL contest

VTVL contest

228.64 USDC • 1 total finding • Code4rena • sashik_eth

#30

medium

Reentrancy may allow an admin to steal funds

Aug '22

FIAT DAO veFDT contest

FIAT DAO veFDT contest

14.95 USDC • Code4rena • sashik_eth

#72

Jul '22

Axelar Network v2 contest

Axelar Network v2 contest

87.35 USDC • Code4rena • sashik_eth

#37

Golom contest

Golom contest

56.49 USDC • Code4rena • sashik_eth

#82

Yield Witch v2 contest

Yield Witch v2 contest

16.99 USDC • Code4rena • sashik_eth

#52

Swivel v3 contest

Swivel v3 contest

157.79 USDC • Code4rena • sashik_eth

#19

ENS contest

ENS contest

123.43 USDC • Code4rena • sashik_eth

#48

Fractional v2 contest

Fractional v2 contest

125.21 USDC • Code4rena • sashik_eth

#58

Juicebox V2 contest

Juicebox V2 contest

38.83 USDC • Code4rena • sashik_eth

#60

Jun '22

Putty contest

Putty contest

556.88 USDC • 4 total findings • Code4rena • sashik_eth

#27

medium

`fillOrder()` and `exercise()` may lock Ether sent to the contract, forever

medium

Unbounded loops may cause `exercise()`s and `withdraw()`s to fail

medium

Options with a small strike price will round down to 0 and can prevent assets to be withdrawn

medium

Malicious Token Contracts May Lead To Locking Orders

Nibbl contest

Nibbl contest

46.14 USDC • Code4rena • sashik_eth

#36

Yieldy contest

Yieldy contest

1,238.27 USDC • 1 total finding • Code4rena • sashik_eth

#13

medium

instantUnstake function can be frontrunned with fee increase

Illuminate contest

Illuminate contest

517.46 USDC • 2 total findings • Code4rena • sashik_eth

#25

high

Allowance check always true in ERC5095 redeem

high

ERC5095 redeem/withdraw does not update allowances

May '22

Backd Tokenomics contest

Backd Tokenomics contest

212.43 USDC • Code4rena • sashik_eth

#23

veToken Finance contest

veToken Finance contest

257.98 USDT • Code4rena • sashik_eth

#33

Velodrome Finance contest

Velodrome Finance contest

232.42 USDC • Code4rena • sashik_eth

#25

Rubicon contest

Rubicon contest

800.9 USDC • 5 total findings • Code4rena • sashik_eth

#18

high

BathToken LPs Unable To Receive Bonus Token Due To Lack Of Wallet Setter Method

high

Attacker Could Steal Almost All The Bonus Token In BathBuddy Vesting Wallet

medium

No cap on fees can result in a DOS in BathToken.withdraw()

medium

Admin rug vectors

medium

Use `safeTransfer()`/`safeTransferFrom()` instead of `transfer()`/`transferFrom()`

OpenSea Seaport contest

OpenSea Seaport contest

435.74 USDC • Code4rena • sashik_eth

#48

Aura Finance contest

Aura Finance contest

244.97 USDC • Code4rena • sashik_eth

#30

Alchemix contest

Alchemix contest

103.27 DAI • Code4rena • sashik_eth

#41