Research
Audit Contests
0xjarix - No Storage Gap For Upgradeable Contracts · Issue #48 · sherlock-audit/2024-05-midas-judging
0xjarix medium No Storage Gap For Upgradeable Contracts Summary Storage of DepositVault and RedemptionVault vaults might be corrupted during an upgrade. Vulnerability Detail Upgradeability involves…
sherlock-auditSingle plot can be occupied by multiple renters · Issue #198 · code-423n4/2024-07-munchables-findings
Lines of code https://github.com/code-423n4/2024-07-munchables/blob/94cf468aaabf526b7a8319f7eba34014ccebe7b9/src/managers/LandManager.sol#L199 Vulnerability details Description The LandManager cont…
code-423n4Pause and unpause functions are inaccessible · Issue #212 · code-423n4/2024-07-traitforge-findings
Lines of code https://github.com/code-423n4/2024-07-traitforge/blob/main/contracts/TraitForgeNft/TraitForgeNft.sol#L19 https://github.com/code-423n4/2024-07-traitforge/blob/main/contracts/NukeFund/…
code-423n4
0xjarix - Funds stuck in the `WinnablesTicketManager` contract · Issue #480 · sherlock-audit/2024-08-winnables-raffles-judging
0xjarix High Funds stuck in the WinnablesTicketManager contract Summary Funds stuck in the WinnablesTicketManager contract due to outdated _lockedETH variable. Vulnerability Detail Consider the fol…
sherlock-audit
0xjarix - protocol will prevent users from claiming their rewards of the same token from different epochs of the same distribution · Issue #136 · sherlock-audit/2024-10-gamma-rewarder-judging
0xjarix High protocol will prevent users from claiming their rewards of the same token from different epochs of the same distribution Summary Bad state variable choice mapping(address => mapping(ad…
sherlock-audit
0xjarix - Attacker can claim innocent users’ tokens by frontrunning their transaction · Issue #138 · sherlock-audit/2024-11-vvv-exchange-update-judging
0xjarix High Attacker can claim innocent users’ tokens by frontrunning their transaction Summary The missing check in VVVVCTokenDistributor.sol will cause a loss of funds for users as an attacker c…
sherlock-audit
Cyfrin CodeHawks | Submission - Owner unable to remove splitter when calling `LSTRewardsSplitterController::removeSplitter(...)`
Cyfrin CodeHawks | Competitive Smart Contract Audits - Liquid Staking submission - Owner unable to remove splitter when calling `LSTRewardsSplitterController::removeSplitter(...)`: # Summary The Owner is unable to remove…
Educational Contests
Audits/CodeHawks/FirstFlights/PuppyRaffle-security-review.md at main · 0xjarix/Audits
A collection of vulnerabilities I found while securing/learning how to secure the web3.0 - 0xjarix/Audits
0xjarixAudits/CodeHawks/FirstFlights/SantasList-security-review.md at main · 0xjarix/Audits
A collection of vulnerabilities I found while securing/learning how to secure the web3.0 - 0xjarix/Audits
0xjarixAudits/CodeHawks/FirstFlights/VotingBooth-security-review.md at main · 0xjarix/Audits
A collection of vulnerabilities I found while securing/learning how to secure the web3.0 - 0xjarix/Audits
0xjarixAudits/CodeHawks/FirstFlights/OneShot-security-review.md at main · 0xjarix/Audits
A collection of vulnerabilities I found while securing/learning how to secure the web3.0 - 0xjarix/Audits
0xjarixAudits/CodeHawks/FirstFlights/SnekRaffle-security-review.md at main · 0xjarix/Audits
A collection of vulnerabilities I found while securing/learning how to secure the web3.0 - 0xjarix/Audits
0xjarix