This is a simple summary of the bugs that I've found as a Web3 security researcher in public audit contests.
| Contest | Platform | Findings | Date | Finding/s |
|---|---|---|---|---|
| Panoptic | Code4rena | 1 Medium | 04.2024 | slot0 is used in two function which could easily be manipulated |
| Noya | Code4rena | 1 Medium | 04.2024 | Missing updates to the accounting of the registry in addColl |
| xKeeper | Sherlock | 1 Low* | 04.2024 | Function values imported from EnumerableSet will cause out of gas issues |
| Predy** | Code4rena | 1 High, 1 Medium | 05.2024 | - Spot price is used for in-range liquidity reallocation, resulting in liquidity manipulation - Liquidity manipulation is possible when trading |
| MagicSea | Sherlock | 1 Medium, 1 Low* | 07.2024 | - Optional function decimals can cause deployment issues in MlumStaking - Incorrect calculation for PRECISION_FACTOR |
| Traitforge** | Code4rena | 2 Medium | 07.2024 | - User can mint the "Golden God” NFT without any difficulty - Functions Pause and Unpause aren't implemented in any contract |
* Sherlock does not consider low severity issues as valid issues for a payout, but I've decided to include my findings that were downgraded from a H/M
** I particpiated in this audit as a team with @cholakovv 🤝