Hi,
I'm Czar102, a security researcher and math nerd.
In case you would like to contact me, you can reach me on Telegram @Czar102, 𝕏 @_Czar102, Discord @czar102, or via email at [email protected].
1st place – Certora Gho Token formal verification
2nd place – Code4rena Paladin
1st place – Code4rena Badger Citadel
2nd place – Code4rena Amun
DoT Oracle - $35k
Livepeer - $15k
Buttonwood - $14.5k
Vulnerability found in Livepeer was within Openzellelin signature validation, turned out to be also an OpenZepplin contracts vulnerability, reported a few months later by another whitehat. It is one of the very few High Severity vulnerabilities ever discovered in OpenZeppelin contracts.
OpenZeppelin vulnerability which allowed for a bypass of an ERC20 total supply cap in ERC20Capped. It could happen if the _beforeTokenTransfer hook was reentrant. OpenZeppelin considered this out of scope for their bug bounty, despite _beforeTokenTransfer is considered a black box.
Balancer's bug in BaseSplitCodeFactory potentially causing code corruption of newly created contracts.
I'm a laureate of 3 Polish Olympiads: in Mathematics, Informatics and Physics!
I was the Head of Judging at Sherlock in Nov 2023 - Apr 2024.
Got 3 out of a total of 5 prizes in the Certora's Borda specification challange.