Awesome
Kiki's Security Reviews, Bounties and Contributions
Currently operating as a Security Researcher. My work includes performing security reviews with one of the top firms, Guardian Audits, working directly with protocols via private audits, and finding bugs in live contracts through bug bounties. For inquiries, you can reach me through Twitter or Telegram.
Guardian Audits
| Report | Date |
|---|---|
| Undisclosed - Perpetual for Gas Prices | September 2024 |
| GMX V2 GLV - GM Token Vault | September 2024 |
| Undisclosed - GMX V2 Integration Gamma Strategy | August 2024 |
| Undisclosed - Token Launch | July 2024 |
| Undisclosed - Pyth integration | July 2024 |
| Undisclosed - Sythetics Perpetual Exchange | July 2024 |
| Undisclosed - Decentralized Spot and Perpetual Exchange | May 2024 |
| Undisclosed - GMX V2 Backed Stablecoin | April 2024 |
| Undisclosed - Staking and Token Migration | March 2024 |
| Undisclosed - GMX V1 Backed Stablecoin | March 2024 |
| Rest - Liquid Restaking EigenLayer Integration | January 2024 |
| Umami - GMX V2 Market Index | December 2023 |
| Ambit - Borrowing & Lending | November 2023 |
| Dolomite - GMX V2 Module | November 2023 |
| Parifi - Decentralized Synthetics Perpetuals Exchange | October 2023 |
| Orderly - Perpetuals With Off-Chain Order Book | October 2023 |
| IVX - Options | September 2023 |
| Poolshark - Directional AMM Limit Pool | July 2023 |
| GMX V2 - Synthetics Perpetual Exchange | May 2023 |
Bug Bounties
| Vulnerability | Date | Protocol Type | Severity |
|---|---|---|---|
| Attacker Can Liquidate All Healthy Positions | February 2024 | Perpetual | Critical |
| Attacker Can lock all funds | February 2024 | Perpetual | Medium |
| Reward tokens are locked if no claimers at any point during the period | January 2024 | Yield Aggregator and LST | Medium |
| Attacker Can Brick Operations In and Out of GMX | January 2024 | Lending & Borrowing | Medium |
| First Depositor Can Steal Funds From Vault | November 2023 | Derivatives protocol | Medium |
| Attacker Can Steal From Options Writers | August 2023 | Options Exchange | High |
| Attacker Can DoS the Settlement of Options | August 2023 | Options Exchange | High |
| Attacker Can Buy Option for 0 Premium | August 2023 | Options Exchange | High |
| Attacker Can Steal and/or Lock Funds With Elastic Supply Tokens | June 2023 | Staking Launchpad | Low |
| Duplicates :( |
Other Engagements
Guardian Defender Audits
| Report | Date |
|---|---|
| Poodl - Dividend Paying Token | March 2023 |
| Raisin Labs - Peer to Peer Fundraiser | Febuary 2023 |
Contest
| Contest | Date | Platform | My findings |
|---|---|---|---|
| USSD | May 2023 | Sherlock | 8H, 3M |
| Footium | April 2023 | Sherlock | 1H, 2M |
| Caviar | April 2023 | Code4rena | 3M |
| Olympus | February 2023 | Sherlock | 1M |
| OpenQ | February 2023 | Sherlock | 1H, 2M |
| Surge | February 2023 | Sherlock | 1M |
| Cooler | January 2023 | Sherlock | 1H, 1M |
| Caviar | December 2022 | Code4rena | 1M |
| GogoPool | December 2022 | Code4rena | 1M |
| Escher | December 2022 | Code4rena | 1H, 1M |