https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/defaults/default_avatar_3.png

shenwilly

Security Researcher

Contact Me

High

19

Total

Medium

41

Total

$40.96K

Total Earnings

#235 All Time

36x

Payouts

bronze

1x

3rd Places

regular

7x

Top 10

regular

21x

Top 25

All

Code4rena

Nov '23

Canto Application Specific Dollars and Bonding Curves for 1155s

Canto Application Specific Dollars and Bonding Curves for 1155s

4.08 USDC • Code4rena • shenwilly

#30

Oct '23

NextGen

NextGen

0 USDC • 1 total finding • Code4rena • shenwilly

#115

high

Attacker can drain all ETH from AuctionDemo when block.timestamp == auctionEndTime

Jan '23

Canto Identity Protocol contest

Canto Identity Protocol contest

2,112.78 CANTO • 2 total findings • Code4rena • shenwilly

#4

medium

Griefing risk in `mint`

medium

Multiple accounts can have the same identity

Aug '22

Olympus DAO contest

Olympus DAO contest

56.31 USDC • Code4rena • shenwilly

#81

Nouns DAO contest

Nouns DAO contest

35.44 USDC • Code4rena • shenwilly

#41

Foundation Drop contest

Foundation Drop contest

2,398.02 USDC • 3 total findings • Code4rena • shenwilly

#5

medium

NFT creator sales revenue recipients can steal gas

medium

User may get all of the creator fees by specifying high number for himself

medium

Possible to bypass saleConfig.limitPerAccount

Jul '22

Golom contest

Golom contest

206.42 USDC • Code4rena • shenwilly

#52

Fractional v2 contest

Fractional v2 contest

848.66 USDC • 6 total findings • Code4rena • shenwilly

#23

high

Any fractions deposited into any proposal can be stolen at any time until it is commited

high

Fund will be stuck if a buyout is started while there are pending migration proposals

high

Steal NFTs from a Vault, and ETH + Fractional tokens from users.

high

Division rounding can make fraction-price lower than intended (down to zero)

high

Cash-out from a successful buyout allows an attacker to drain Ether from the `Buyout` contract

medium

An attacker can DoS vault's buyout with as little as 1 wei per 4 days

Jun '22

Putty contest

Putty contest

330.63 USDC • 3 total findings • Code4rena • shenwilly

#33

medium

Order duration can be set to 0 by Malicious maker

medium

Options with a small strike price will round down to 0 and can prevent assets to be withdrawn

medium

Putty position tokens may be minted to non ERC721 receivers

Nibbl contest

Nibbl contest

28.7 USDC • Code4rena • shenwilly

#56

Illuminate contest

Illuminate contest

784.13 USDC • 6 total findings • Code4rena • shenwilly

#19

high

ERC5095 redeem/withdraw does not update allowances

high

Incorrect implementation of APWine and Tempus `redeem`

high

Able to mint any amount of PT

high

Illuminate PT redeeming allows for burning from other accounts

high

[H-05] Not minting iPTs for lenders in several lend functions

medium

Centralisation Risk: Admin Can Change Important Variables To Steal Funds

Infinity NFT Marketplace contest

Infinity NFT Marketplace contest

5,213.95 USDC • 4 total findings • Code4rena • shenwilly

bronze

high

Missing Complication check in `takeMultipleOneOrders`

medium

Malicious governance can use `updateWethTranferGas` to steal WETH from buyers

medium

Maker order buyer is forced to reimburse the gas cost at any `tx.gasprice`

medium

Protocol fee rate can be arbitrarily modified by the owner and the new rate will apply to all existing orders

Connext Amarok contest

Connext Amarok contest

2,736.28 USDC • 3 total findings • Code4rena • shenwilly

#11

medium

Single Error Within SponsorVault Contract Could Cause Entire Cross-Chain Communication To Break Down

medium

`LibDiamond.diamondCut()` should check `diamondStorage().acceptanceTimes[keccak256(abi.encode(_diamondCut))] != 0`

medium

Diamond upgrade proposition can be falsified

May '22

Backd Tokenomics contest

Backd Tokenomics contest

2,852.35 USDC • 1 total finding • Code4rena • shenwilly

#12

medium

Potential DoS when removing keeper gauge

veToken Finance contest

veToken Finance contest

3,119.75 USDT • 2 total findings • Code4rena • shenwilly

#8

medium

Not updating `totalWeight` when operator is removed in `VeTokenMinter`

medium

Governance can arbitrarily burn VeToken from any address

Rubicon contest

Rubicon contest

1,785.19 USDC • 11 total findings • Code4rena • shenwilly

#9

high

Ineffective ReserveRatio Enforcement

high

BathToken LPs Unable To Receive Bonus Token Due To Lack Of Wallet Setter Method

high

Attacker Could Steal Almost All The Bonus Token In BathBuddy Vesting Wallet

medium

Strategists can't be removed

medium

RubiconRouter: Excess ether did not return to the user

medium

No cap on fees can result in a DOS in BathToken.withdraw()

medium

Missing checks allow strategists to steal all fund via `tailOff`

medium

Outstanding Amount Of A Pool Reduced Although Tokens Are Not Repaid

medium

Admin rug vectors

medium

Use `safeTransfer()`/`safeTransferFrom()` instead of `transfer()`/`transferFrom()`

medium

Use `call()` instead of `transfer()` when transferring ETH in RubiconRouter

Cally contest

Cally contest

123.15 USDC • 4 total findings • Code4rena • shenwilly

#28

medium

Use safeTransferFrom instead of transferFrom for ERC721 transfers

medium

Owner can modify the feeRate on existing vaults and steal the strike value on exercise

medium

Owner can set the feeRate to be greater than 100% and cause all future calls to `exercise` to revert

medium

Vault is Not Compatible with Fee Tokens and Vaults with Such Tokens Could Be Exploited

Enso Finance contest

Enso Finance contest

2,028.82 USDT • Code4rena • shenwilly

#13

Alchemix contest

Alchemix contest

206.53 DAI • Code4rena • shenwilly

#34

FactoryDAO contest

FactoryDAO contest

173.16 DAI • 1 total finding • Code4rena • shenwilly

#29

medium

Malicious token reward could disable withdrawals

Cudos contest

Cudos contest

114.28 USDC • Code4rena • shenwilly

#41

Forgotten Runes Warrior Guild contest

Forgotten Runes Warrior Guild contest

907.37 USDC • 1 total finding • Code4rena • shenwilly

#13

medium

Contract may not have enough fund to cover refund

Apr '22

Mimo DeFi contest

Mimo DeFi contest

89.04 USDC • Code4rena • shenwilly

#24

Backd contest

Backd contest

8,037.73 USDC • 4 total findings • Code4rena • shenwilly

#5

medium

ERC777 tokens can bypass `depositCap` guard

medium

`_decimalMultiplier` doesn't account for tokens with decimals higher than 18

medium

`getNewCurrentFees` reverts when `minFeePercentage` > `feeRatio`

medium

Inconsistency between constructor and setting method for slippageTolerance

Badger Citadel contest

Badger Citadel contest

1,178.76 USDC • 2 total findings • Code4rena • shenwilly

#16

high

StakedCitadel doesn't use correct balance for internal accounting

medium

Funding.deposit() doesn't work if there is no discount set

Backed Protocol contest

Backed Protocol contest

206.27 USDC • Code4rena • shenwilly

#19

Mar '22

Volt Protocol contest

Volt Protocol contest

125.78 USDC • Code4rena • shenwilly

#26

LI.FI contest

LI.FI contest

2,530.8 USDC • 2 total findings • Code4rena • shenwilly

#10

high

Reliance on lifiData.receivingAssetId can cause loss of funds

medium

Reputation Risks with `contractOwner`

Biconomy Hyphen 2.0 contest

Biconomy Hyphen 2.0 contest

99.26 USDT • 1 total finding • Code4rena • shenwilly

#48

medium

Incompatibility With Rebasing/Deflationary/Inflationary token

Feb '22

Foundation contest

Foundation contest

1,479.11 USDC • 1 total finding • Code4rena • shenwilly

#11

high

An offer made after auction end can be stolen by an auction winner

Jan '22

Sandclock contest

Sandclock contest

265.72 USDC • Code4rena • shenwilly

#22

Dec '21

Yeti Finance contest

Yeti Finance contest

308.8 USDC • Code4rena • shenwilly

#19

NFTX contest

NFTX contest

279.88 USDC • 1 total finding • Code4rena • shenwilly

#21

high

A vault can be locked from MarketplaceZap and StakingZap

Amun contest

Amun contest

0 USDC • Code4rena • shenwilly

#28

Nov '21

Malt Finance contest

Malt Finance contest

15.26 USDC • Code4rena • shenwilly

#31

Sep '21

Kuiper contest

Kuiper contest

279.33 USDC • 1 total finding • Code4rena • shenwilly

#22

medium

Use safeTransfer instead of transfer