This page is designed to track my progress in web3 security where I share my failures and victories.
Contest | Platform | Category | Ranking 🏆 | Findings 🔎 | Comment |
---|---|---|---|---|---|
Puffer | Immunefi | LRST | N/A | 1L | Puffer held a small audit with their Timelock, Depositor and Vault contracts in scope. Found a small issue in the Timelock -- it removes a transaction from the queue when it fails resulting in wasted time for voting and reexecution. |
Blast | Cantina | L2, Bridge | TBA | TBA | Blast held the biggest contest in history with 1.2M reward pot. Although audited previously by Spearbit I managed to find some vulnerabilites which I'm proud of. Eagerly waiting for results. |
Arcade | Cantina | NFT lending | TBA | TBA | Very solid codebase previously audited by a top-tier firm. Some good findings of mine were downgraded to low which were non-payable for this contest, unfortunately. |
Allo V2 | Sherlock | Capital management | #10/397 | 5M | Found lots of vulns once I wrapped my head around the codebase. I wish I started a bit earlier. |
Sparkn | Codehawks | Escrow | #5/100 | 1H, 1M, 4L | Small and solid codebase but still has some bugs in it. |
BeedleFi | Codehawks | Oracle-free perp lending | #100/300+ | 4H, 2M, 1L | Very first security contest. Result was not great but I learnt some well-known vulnerabilites. |