48 total paid bug bounties on Immunefi. #18 on the all-time leaderboard on Immunefi.
- Maple Finance - Maple V2 Token
- Huma Finance
- Chroma.xyz
- Royco Protocol
- Collar Protocol - Solo
- Juice Finance
- Dahlia Protocol
- LI.FI
Only critical severity bugs are listed here.
| Name | Description |
|---|---|
| Gearbox | Stealth donation attack |
| Saddle Finance | A bug in StableSwap AMM |
| Aave v2 AMM Market | Price manipulation on GUNI USDC-USDT due to illiquidity |
| Liquidswap | Loss of precision bug |
| Tetu V2 | Reset share price bug |
| Superform | Insufficient checks for user arguments |
| Siren Protocol | Application-specific bug in minterAMM |
| Euler Finance | First deposit bug |
| Yield Protocol | Vulnerability in their roll process |
| Silo Finance | Infinite Interest rate glitch |
| Balancer V2 | Token Frontrun Vunerability |
| Interlay Protocol | Invalid Invariant Check |
| Connext & Geode Finance | A bug in StableSwap AMM |
| Exactly Protocol | Invalid check for insolvency that could have been weaponized |
| Aloe Protocol | Improper Pool Initialization |
- Infinite interest rate bug
- Advice for Security Researchers
- Exploiting an edge case in vaults
- Euler hack postmortem
- MIM hack postmortem
- Inflation attack through stealth donation
If you are developing an interesting DeFi protocol and need a security review, DM me on Telegram (@kankodu) or Twitter (@kankodu).