Tokemak liquidity operator can steal funds
The story of the 0-day crit that wasn't
MED - Brahma.Fi - Wrong oracle used to calculate min slippage may cause loss of over 80% of rewards
MED - Brahma-Fi - Curve miscalculations may cause user withdraws to fail
CRIT - Brahma.Fi - L2 Position handler miscalculates position value leading to severe risks
CRIT - Brahma.Fi - Fee collection does not take previous losses into account 🚩
LOW - ANKR - User gets more gas than supposed to when distributing rewards
HIGH - Iron Bank - Collateral cap is not enforced at account initialization
HIGH - Iron Bank - Liquidator is not credited with correct collateral amount
HIGH - ANKR/Stader - Reward distribution is vulnerable to MEV leading to theft of reward 🚩
CRIT - Compound - Liquidators may seize assets not held as collateral - Closed as known issue
MED - Morpho Finance - Logic contract might be destructible via controlled delegatecall
Digging into a resurfaced nasty crypto scam 🚩
LOW - Polygon token-swap rounding error
hxp2020 CTF - “EXCELlent”
Hacklu 2019 Qualifiers - Yield 🚩
HackLu 2019 Qualifiers - Futuristic communications
HackTM 2020 Qualifiers - Trip to trick 🚩
HackTM 2020 Qualifiers - Count on Me 🚩
HackTM 2020 Qualifiers - HackDex