Expert profile
OG Warden
SushiSwap
1M USDC bounty for assistance in discovering and mitigating a Miso vulnerability
"Sam helped mitigate $350M in potential financial losses and we are very grateful and even happy to pay this bounty."
Fuse
Tracked down the source of the $80M Fuse hack
"Fuse added a faily sophisticated system for global reentrancy protection on top of the forked Compound contracts, but the exitMarket() method was missing a reentrancy check. (Credit to @samczsun for tracking it down)"
Geth
Identified multiple vulnerabilities in go-ethereum
"What if you could hard fork the Ethereum blockchain with a snap of your fingers?"
OpenChain
A collection of open source tools. Look up unknown function selectors or event topics, a transaction tracer, and tools for encoding/decoding ABI data
samczsun.com
The Dangers of Surprising CodeThe only thing worse than a bug in your code that breaks everything is a bug in your code that subtly breaks one thing.
medium.com
The 'U Up?' Files with samczsunFew names strike more fear into the hearts of blackhats than samczsun, known as perhaps the most prolific whitehat in DeFi security.
cointelegraph.com
Attacker hijacks Tornado Cash governance via malicious proposalThe total control over Tornado Cash governance allows the attacker to withdraw all of the locked votes, drain all of the tokens in the governance contract and brick the router.
tokenlon.medium.com
Tokenlon 4.0 fee incident disclosuremedium.com
Sorbet Finance Vulnerability Post MortemHow the Gelato team and honorable community members rescued $27M at risk from an attacker.