The repository serves as a comprehensive showcase of my experience in blockchain security, with a primary focus on conducting thorough smart contract security audits, participating in challenging bug bounty contests, and Capture The Flag (CTF) events. These experiences have honed my skills in identifying vulnerabilities, assessing potential risks, and proposing effective solutions within the blockchain ecosystem.
Additionally, the repository includes a collection of in-depth summary articles I've authored, which delve into various aspects of smart contract security, providing valuable insights and best practices for developers and auditors alike.
💡 Deposits on long one leverage vault don't actually finalize the flow, leading to a Denial of Service (DoS)
This causes a Denial of Service (DoS) for the long one leverage vault, rendering the vault useless since it cannot proceed with another flow.
💡 Loss of fee refund due to premature state deletion in PerpetualVault::_handleReturn function
The user will lose all fee without getting any refund and the execution fee becomes stuck in the
GmxProxycontract.
| Report | Date | Team |
|---|---|---|
| (Private) FWX - Future Trading | October 2024 | Valix |
| (Private) FWX - Permissionless Future Trading | October 2024 | Valix |
| (Private) FWX - DeFi Perpeptual Futures | September 2024 | Valix |
| (Private) REAME - Token & NFT Smart Contract | April 2024 | Valix |
| (Private) Starlet - Music NFT Smart Contract | April 2024 | Valix |
| (Private) FWX - Permissionless Future Trading | March 2024 | Valix |
| BIG BANG THEORY - Smart Contract (Token & NFT) | September 2023 | Valix |
| NFTGT Co., Ltd. - NFTGT Factory and Contract | April 2023 | Valix |
| Code Sekai - NFT Minting & Transferring In-game/Out-game | April 2023 | Valix |
| Xtatuz DMCC - XTATUZ asset tokenization | March 2023 | Valix |
| Vega Investment Group Limited - CrownToken and VucaStaking | December 2022 | Valix |
| Vega Investment Group Limited - CrownToken | November 2022 | Valix |
| Aniverse - ANIV721Land | September 2022 | Valix |
| Warden Finance - Wondrous-X | September 2022 | Valix |
| Contest | Type | Awards | Findings | Language | Date | @ | Platform | Contest Report | My Report |
|---|---|---|---|---|---|---|---|---|---|
| Gamma - Liquidity Management | The Perpetual Vault Protocol | 36th | 2H | Solidity | Feb 2025 | Individual | CodeHawks | 📑 | 💾 |
| Flayer - NFT Liquidity Protocol | NFT Liquidity Protocol, Uniswap v4 Hooks | 65th | 1M | Solidity | Sep 2024 | Individual | Sherlock | 📑 | 💾 |
| CTF | Year | Ranking | Reference |
|---|---|---|---|
| ONLYPWNER | 2024 | 15 challs solved | https://onlypwner.xyz/leaderboard |
| Damn Vulnerable DeFi V3 | 2023 | All challs solved | https://github.com/jokerstudio/damn-vulnerable-defi-solution |
| Title | Date |
|---|---|
| Cairo for Solidity Developer and Smart Contract Auditor | October 2024 |
| EIP7702: Closing the Gap Between EOAs and Smart Contracts | September 2024 |
| Upgradeable Smart Contract | October 2023 |