A high-severity DoS vulnerability in Sui's Narwhal consensus layer allowed attackers to crash validator nodes via Out-of-Memory (OOM) attacks by sending a single malicious request with 1.2M certificate digests (37MB payload), bypassing the absence of response limits and timeout handling in the get_certificates() function. The vulnerability was patched by removing the vulnerable GetCertificates and GetPayloadAvailability handlers, with the researcher earning a $50,000 SUI bounty.
A portfolio page showcasing multiple critical smart contract vulnerability disclosures across DeFi protocols (88mph, Polygon, KeeperDAO, Alchemix, Ondo Finance) and bug bounty wins totaling over $6.5M in rescued funds, with brief technical descriptions of UUPS proxy exploits, access control flaws, and token theft vulnerabilities.
A round-down arithmetic vulnerability in Astroport's Staking.rs contract allows an attacker to deflate the xASTRO token and break staking for all users by exploiting the absence of minimum liquidity requirements, potentially leading to governance control via vote monopolization.
Security researcher discovered two critical bugs in Cronos Gravity Bridge: (1) an incorrect ERC-20 deploy event check causing nonce mismatch that halts cross-chain transfers from Ethereum to Cronos, and (2) a malicious token that can disable the entire bridge. The vulnerabilities stem from inadequate validation in the MsgSubmitEthereumEvent handler and token supply checks.
Acala's Homa staking protocol contained an unbounded loop in the process_redeem_requests function that could be exploited by an attacker with 12,000+ DOT to create 22,000 redemption requests, causing the validator's on_initialize function to exceed block finalization time limits and halt the entire parachain's block production.
A critical vulnerability in Axelar Network allowed attackers to force validators to miss votes by crafting transactions with excessive logs that exceed Tendermint's 1MB RPC request limit, leading to automatic Chain Maintainer deregistration and potential halt of cross-chain operations. The vulnerability has been patched via governance proposal 256 disabling the auto-deregistration mechanism.
Researcher disclosed two critical bugs in Sei Network's Cosmos blockchain: (1) an ABCI EndBlocker panic triggered via vesting accounts that would halt the chain, and (2) a balance transfer vulnerability in EVM integration allowing arbitrary fund transfers. Both were caught pre-mainnet and awarded $75k and $2M respectively.
Story Network's postmortem analysis reveals two critical vulnerabilities discovered during mainnet launch. The first issue allowed attackers to create arbitrarily large EVM transaction payloads (>4MB) that would cause validator crashes and network shutdown through JSON marshalling inefficiencies and inadequate block size validation inherited from Octane codebase.
A denial-of-service vulnerability in LayerZero's ONFT (ERC721) implementation allows attackers to freeze cross-chain token transfers by passing a malicious receiver contract that exhausts gas in the onERC721Received() callback, causing the message to block indefinitely at the Endpoint level. The issue stems from NonBlockingLzApp's insufficient gas reservation (1/64 of gasLimit) to handle failed message storage when all allocated gas is consumed.
Trust Security discovered a class of DOS vulnerabilities affecting 100+ projects that abuse the frontrunnable nature of EIP-2612 Permit function when composed with other contract logic. The vulnerability allows attackers to force transaction reverts by front-running permit() calls, causing griefing attacks that block normal function execution, with $50k in bounties awarded across 15 projects.
A critical bug in Thena's merge() function fails to reset the supply variable when merging two veNFTs, allowing attackers to artificially inflate supply and manipulate weekly emissions, reduce reward distribution, or cause DOS attacks against the protocol. The vulnerability was disclosed to Thena via Immunefi and rewarded $20k.