This repository represents my collection of bug hunting findings for my portfolio.
| Vulnerability | Severity | Protocol |
|---|---|---|
| Wrong interest rate calculation | High | UniLend |
| Bypassing modify Blacklist function | Medium | Aura Finance |
| Persistent DOS to stakeListing function | Medium | Arkham |
| Owner can steal all user funds | Medium | Davos |
| lend() function always return minted tokens equal to zero | Low | UniLend |
| The availableReward function may return a higher available reward than actual available reward. | Low | UniLend |
| Wrong use of assembly builtin function | Low | Hyperlane |
| Revert during calling claim function even when listing is closed | Low | Arkham |
| createCanonicalERC20Wrapper reverts on right erc20 implementation | Low | Superfluid |
| Unchecked low level call | Low | Aurora |
| Wrong emission of event | Informational | Revest |
| Wrong implementation of supportsInterface() | Informational | Revest |
| Protocol | Findings | Platform | Rank |
|---|---|---|---|
| Goat Tech | 3H, 2M | Cantina | 3rd |
| MorphL2 | 1H, 3M | Sherlock | 4th |
| Biconomy: Nexus | 2H, 1M | Codehawks | 4th |
| Gamma | 1M | Sherlock | 3rd |
| Asymmetry | 2H | Code4rena | - |
| Popcorn | 1H | Code4rena | - |
I am available for smart contract security consulting. Reach out to me on:
- Twitter - @0xRajkumar
- Discord - 0xRajkumar#1861