https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/43678336-7c61-4365-9438-50bc80d84070.jpg

werulez99

Security Researcher

Contact Me

High

3

Total

Medium

4

Total

$1.92K

Total Earnings

#1162 All Time

5x

Payouts

regular

2x

Top 10

regular

4x

Top 25

regular

4x

Top 50

All

Sherlock

Code4rena

Cantina

Sep '25

Summer.fi - governance v2

Summer.fi - governance v2

76.81 USDC • 2 total findings • Sherlock • werulez99

#6

medium

Removing a reward token doesn’t reset state and later re-adding lets late stakers steal historical rewards

medium

Malicious callers can throttle USDC/USDT/WBTC rewards by spamming getRewardFor.

Mar '25

Nudge.xyz

Nudge.xyz

610.41 USDC • 1 total finding • Code4rena • HaidutiSec

#6

medium

Anyone can DOS handleReallocation over and over

Feb '25

defi-app-contracts

defi-app-contracts

228.43 USDC • 2 total findings • Cantina • merulz99

#17

high

Finding not yet public.

medium

Finding not yet public.

Jan '25

Plaza Finance

Plaza Finance

1,004.24 USDC • 1 total finding • Sherlock • werulez99

#13

high

#Collateral level Inflation vulnerability

Feb '24

AI Arena

AI Arena

2.06 USDC • 1 total finding • Code4rena • Merulez99

#157

high

Malicious user can stake an amount which causes zero curStakeAtRisk on a loss but equal rewardPoints to a fair user on a win