Payouts
1st Places
3rd Places
Top 10
All
Sherlock
Code4rena
CodeHawks
Jun '25
high
Anyone Can Steal Non-EVM Cross-Chain Refunds
high
Parameter Validation Gap Enables Systematic Token Theft Across Bridge Contracts
high
Missing Native Token Amount Validation in `withdrawToNativeChain`
medium
Protocol doesn't work with USDT token
medium
Silent ETH Fund Loss in Cross-Chain Revert Mechanism
May '25
Apr '25
2,166.66 USDC • 1 total finding • Sherlock • SafetyBytes
Feb '25
high
ZENO Token Redemption Returns Negligible USDC Amount Compared to Purchase Price
high
Incorrect decimal handling in `Auction::buy()` leads to massive overpayment for ZENO tokens
high
RAACNFT mint function receives funds to address(this) but has no way of withdrawing them
high
Users Can Overwrite Existing Locks in veRAACToken Resulting in Permanent Loss of Funds
high
Users can borrow more assets than they have deposited as collateral
high
Attackers can get most of RAACToken rewards by withdrawing dust amount from StabilityPool multiple times
high
NFTs Get Permanently Locked in Stability Pool After Liquidation
medium
LendingPool deposits do not work with CurveVault due to lack of funds
low
Emergency withdraw functionality in veRAACToken takes longer than expected
Dec '24
Nov '24
Aug '24
May '24
Feb '24