https://sherlock-files.ams3.digitaloceanspaces.com/twitter_images/32b05374-606d-4e76-bfb7-ae5c6dde19d2.jpg

teddav

Security Researcher

Web3 security | EVM and Cosmos | Solidity/Yul, Rust | My blog: https://t.co/977jUVI6sg

Contact Me

High

Total

Medium

Total

$2.50K

Total Earnings

#945 All Time

8x

Payouts

1x

Top 10

3x

Top 25

5x

Top 50

All

Code4rena

Apr '23

Caviar Private Pools

846.91 USDC • 2 total findings • Code4rena • teddav

#10

high

PrivatePool owner can steal all ERC20 and NFT from user via arbitrary execution

high

Royalty receiver can drain a private pool

Rubicon v2

0.26 USDC • 2 total findings • Code4rena • teddav

#124

high

Reward accounting is incorrect in BathBuddy contract

medium

Calling `Position._marketBuy` and `Position._marketSell` functions that calculate `_fee` by dividing by `10000` can cause incorrect calculations

Mar '23

Asymmetry contest

0.14 USDC • 1 total finding • Code4rena • teddav

#126

high

Staking, unstaking and rebalanceToWeight can be sandwiched (Mainly rETH deposit )

Aug '22

Mimo August 2022 contest

224.5 USDC • 1 total finding • Code4rena • teddav

#20

medium

Malicious targets can manipulate MIMOProxy permissions

Rigor Protocol contest

21.72 USDC • Code4rena • teddav

#73

Jul '22

Golom contest

362.48 USDC • Code4rena • teddav

#35

May '22

Velodrome Finance contest

153.59 USDC • Code4rena • teddav

#36

Forgotten Runes Warrior Guild contest

891.81 USDC • 1 total finding • Code4rena • teddav

#14

medium

Contract may not have enough fund to cover refund