Software and Security Engineer by day, breaking smart contracts by night.
Sherlock - Surge Finance - First depositor can steal funds from users by forcibly depositing to the lending pool
Sherlock - Olympus - Users can steal additional rewards after withdrawing with claimed set to true
Sherlock - Olympus - User rewards will be lost when a reward token is removed from the protocol
Sherlock - Olympus - Last claimed timestamp for internal rewards is not updated resulting in the theft of LDO tokens
Sherlock - Ajna - Auction timers following liquidity can cause pool insolvency
Code4rena - Caviar - Base tokens in pair contract are assumed to have 1e18 decimals
Code4rena - Caviar - Flaw in pair contract allows users to get free fractional tokens
Code4rena - Caviar - Critical flaw in providing liquidity results in an immediate loss of funds
Sherlock - MyCelium - Block future investors from receiving myLink causing a dos condition
Sherlock - Opyn - usdcAmount will be incorrect in WithdrawAuction() when attempting to transfer proportionate amount