Vulnerability Research
Curious what I've been up to?
Here are some of my findings (sorted in descending order by date) in case you wanted to see them all in one spot
Software
- Etherscan
- Another exploit in go-ethereum
- Another consensus bug in go-ethereum
- DoS in Pillow <6.2.2 (CVE-2019-19911)
- A consensus bug in go-ethereum
- Authentication bypass in allow-deny
- Various sandbox escapes in mathjs
Smart contracts
- BendDAO
- NFTTrader
- LayerZero
- Rari
- Idols NFT
- Nuclear Nerds
- SushiSwap MISO
- ENS Name Wrapper
- Tokenlon
- Ambisafe
- Opium Finance
- COTI
- 0x DAO
- ElasticDAO
- NFTX
- EulerBeats
- ForTube
- Hashmasks
- Optimism: 1, 2, 3, 4, 5
- Frax Finance: 1, 2
- Yield Protocol
- 88mph
- Alpha Homora
- Aavegotchi Staking
- Incognito Chain
- Lien Finance
- xTokens
- yVault
- Atomic Loans
- Aragon Court
- Synthetix
- Hegic
- Nexus Mutual
- Authereum
- Kyber Network
- Ethereum Name Service
- Curve Finance
- Cheese Wizards
- Hydro Protocol
- bZx Network
- Livepeer
- 0x Exchange