Skip to content
View 0xnirlin's full-sized avatar
25 followers · 12 following

Achievements

Achievement: Pull SharkAchievement: Starstruck

Achievements

Achievement: Pull SharkAchievement: Starstruck

Block or report 0xnirlin

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
0xnirlin/README.md

Group 15 (3)

For more information, visit Syntegrity

Private Engagements

MacBook Air - 1

Project Website Report Security Rating
Juicebox https://juicebox.money/ Report 8/10
Dein Finance https://dein.fi Report 7/10
Mem Bridge (EVM to AO Bridge) https://decent.land Report 7.5/10
Mem Bridge (Solidity, JS, Lua) https://decent.land Report 8.5/10
Chad Finance https://chadfinance.xyz Report 9.5/10
Prophet Bots https://prophetbots.io Report 7/10
Seraph https://www.seraph.game/#/main Report 10/10
Zero Finance https://zerog.finance/ Report 7.8/10
Wirex https://wirexapp.com/ Report N/A

⚔️ Audit Competitions Wins

Group 12 (2)

Contest Platform Rank
Chainlink Code4rena 🥇 1st
KelpDao Code4rena 🥈 2nd
Aloe V2 Sherlock 🥈 2nd
Hubble Exchange Sherlock 🥉 3rd
Unstoppable Sherlock 4th
Ondo Finance Code4rena 4th
Axelar Code4rena 6th
These achievements demonstrate my expertise in identifying critical vulnerabilities and providing valuable insights across various blockchain projects.

Group 12 (1)

📊 Contest Findings

Dopex Findings

High Severity

  1. The settle feature will be broken if attacker arbitrarily transfer collateral tokens to the PerpetualAtlanticVaultLP

Medium Severity

  1. Change of fundingDuration causes "time travel" of PerpetualAtlanticVault.nextFundingPaymentTimestamp()

  2. User can avoid paying high premium price by correctly timing his bond call

  3. Inaccurate swap amount calculation in ReLP leads to stuck tokens and lost liquidity

Analysis

Grade A analysis of protocol

Rubicon Findings

High Severity

  1. One user can drain all the rewards from the bathBuddy

  2. User can do an first deposit inflation attack on bathToken and can take away all the shares and rewards too.

  3. Reward vesting formula is wrongly implemented and lead to wrong and unevenly distribution of rewards

  4. Using batchOffer() and batchQuote() functions malicious user can disrupt the whole order book in his benefit and can drain the whole contract balance.

  5. Buy function transfers the assets to zero address for the offer where owner and recipient are both zero

Medium Severity

  1. Wrong use of block.number on optimism leads to wrong interest calculations and user may end up paying alot of interest or unable to close leverage position.

  2. No deadline parameter in sellAllAmount() and buyAllAmount() functions

Axelar Findings

Medium Severity

  1. Interchain token transfer can be dossed due to flow limit

Gitcoin Allo V2 Findings

High Severity

  1. recipientsCounter should start from 1 in DonationVotingMerkleDistributionBaseStrategy

  2. Registry.sol generate clone Anchor.sol never work. Profile owner cannot use their Anchor wallet

Medium Severity

  1. The RFPSimpleStrategy._registerRecipient() does not work when the strategy was created using the useRegistryAnchor=true causing that nobody can register to the pool

  2. CREATE3 is not available in the zkSync Era.

  3. Anchor contract is unable to receive NFTs of any kind

Ondo Finance Findings

Medium Severity

  1. All bridged funds will be lost for the users using the account abstraction wallet

ENS Findings

Medium Severity

  1. Some tokens enable the direct draining of all approved ERC20Votes tokens

#Y2k Finance Findings

High Severity

  1. Funds can be stolen because of incorrect update to ownerToRollOverQueueIndex for existing rollovers

Medium Severity

  1. ControllerPeggedAssetV2: outdated price may be used which can lead to wrong depeg events

  2. ControllerPeggedAssetV2: triggerEndEpoch function can be called even if epoch is null epoch leading to loss of funds

  3. VaultFactoryV2#changeTreasury misconfigures the vault

Footium Findings

Medium Severity

  1. Users might lose funds as claimERC20Prize() doesn't revert for no-revert-on-transfer tokens

IronSide Findings

Medium Severity

  1. Vulnerability not specified

  2. PriceOracle will use the wrong price if the Chainlink registry returns price outside min/max range

  3. getPriceFromChainlink() doesn't check If Arbitrum sequencer is down in Chainlink feeds

USSD Findings

High Severity

  1. Price calculation susceptible to flashloan exploits

  2. Not using slippage parameter or deadline while swapping on UniswapV3

  3. Lack of access control for mintRebalancer() and burnRebalancer()

Medium Severity

  1. Calls to Oracles don't check for stale prices

  2. Risk of Incorrect Asset Pricing by StableOracle in Case of Underlying Aggregator Reaching minAnswer

  3. Lack of Redeem Feature

Index Coop Findings

Medium Severity

  1. No validation to ensure the arbitrum sequencer is down

  2. Chainlink price feed is deprecated, not sufficiently validated and can return stale prices

Unstoppable Findings

High Severity

  1. Vault: _update_debt does not accrue interest

  2. Adversary manipulate the middle path when calling execute_dca_order, resulting user loss, benefiting the attacker

  3. Interested calculated is amplified by multiple of 1000 in _debt_interest_since_last_update

Hubble Exchange Findings

Medium Severity

  1. User will be forced liquidated

  2. No minAnswer/maxAnswer Circuit Breaker Checks while Querying Prices in Oracle.sol

  3. Chainlink.latestRoundData() may return stale results

Personal Projects and Contributions

The Proof of Concept (POC) for the recent thirdweb exploit: A simplified ERC20 version utilizing ERC2771 context and OpenZeppelin's Multicall, demonstrating the potential for an attacker to transfer anyone's tokens among other exploits. Participated in multiple contests and consistently ranked in the top 5, showcasing a strong understanding and skill set in smart contract security. Repo Link

📫 How to Reach Us

You can connect with me at:

Popular repositories Loading

  1. Thirdweb-Exploit-POC Thirdweb-Exploit-POC Public

    Repositery to show case the recent thirdweb exploit that raised due to using openzeppelin ERC2771 implementation with a multi call.

    Solidity 17 4

  2. lil-web3 lil-web3 Public

    Forked from m1guelpf/lil-web3

    Simple, intentionally-limited versions of web3 protocols & apps.

    Solidity 1

  3. Reading-Room-ZKETH Reading-Room-ZKETH Public

    Forked from D-Squared70/Reading-Room

    A repository to house all the links, notes, photos, and random thoughts from previous D-squared YouTube recordings

    1

  4. Dapp-Learning Dapp-Learning Public

    Forked from Dapp-Learning-DAO/Dapp-Learning

    Dapp learning project for developers at all stages. Becoming and cultivating sovereign individuals. Nonprofit organization.

    Solidity 1

  5. DeFiVulnLabs DeFiVulnLabs Public

    Forked from SunWeb3Sec/DeFiVulnLabs

    To learn common smart contract vulnerabilities using Foundry!

    Solidity 1

  6. Speed-Run-Ethereum-Foundry Speed-Run-Ethereum-Foundry Public

    Solidity 1