https://sherlock-files.ams3.digitaloceanspaces.com/profile_images/b1bb14b5-0bb5-4554-8872-cfd9947aec49.jpeg

yovchev_yoan

Security Researcher

Contact Me

High

Total

Medium

Total

$587.00

Total Earnings

#1414 All Time

9x

Payouts

1x

3rd Places

2x

Top 10

4x

Top 25

All

Sherlock

Code4rena

CodeHawks

Dec '24

Alchemix Transmuter

3.30 op • 2 total findings • CodeHawks • yovchevyoan

#28

low

Missing Router Update Mechanism in StrategyMainnet Contract

low

Old router retains token allowance after update

Oku's New Order Types Contract Contest

0.02 OP • 2 total findings • Sherlock • yovchev_yoan

#64

high

Order ID Manipulation

medium

Incorrect price staleness check in `PythOracle::currentValue`

Nov '24

Debita Finance V3

12.57 USDC • 1 total finding • Sherlock • yovchev_yoan

#49

medium

Loan Extension Fails Due to Unused Time Calculation

Telcoin Update #2

9.10 USDC • Sherlock • yovchev_yoan

#44

Project

80.34 USDC • 1 total finding • CodeHawks • yovchevyoan

#13

medium

Reorg Vulnerability in DAO Membership Creation Allows Users to Join Incorrect DAOs

Aug '24

Cork Protocol

3.41 USDC • 1 total finding • Sherlock • yovchev_yoan

#17

medium

`LvDepositNotPaused` modifier does not correctly check if the given Ids' deposits are paused, leading to users being able to deposit even if deposit is paused

May '24

Midas

69.66 USDC • 1 total finding • Sherlock • yovchev_yoan

medium

[H-1] `ManageableVault` contract is missing storage gaps, potentially leading to storage collision

LoopFi

386.08 USDC • 1 total finding • Code4rena • yovchev_yoan

high

Availability of deposit invariant can be bypassed

Feb '24

AI Arena

22.56 USDC • 1 total finding • Code4rena • yovchev_yoan

#107

medium

DoS in `MergingPool::claimRewards` function and potential DoS in `RankedBattle::claimNRN` function if called after a significant amount of rounds passed.