| Finding | Target | Severity | Est. Payout | Status |
|---|---|---|---|---|
| Polymarket NegRiskOperator DELAY_PERIOD=0 post-audit regression | Polymarket (Cantina, $5M pool) | CRITICAL | $200K-$1M | Submission-ready - Foundry PoC verified, awaiting Kingsley Cantina submit |
| Centrifuge V3.1 Gateway.retry duplicate-execution | Centrifuge Protocol | HIGH | $15-50K DAI | Disclosed - awaiting acknowledgement |
| dYdX v4 Megavault equity asymmetry | dYdX v4 (Cantina) | HIGH | $150K-$1M | Banked-not-submitted (audit-adjacent: 2024-Q2 Informal Systems INFORMATIONAL) |
| Date | Target | Reason | Saved |
|---|---|---|---|
| 2026-05-09 | Reserve Protocol Cantina ($10M pool) | Audit-saturation: 16+ prior audits cover backing-basket/issuance/redemption surfaces. Step 1 audit-coverage check killed candidate in 55 min. | Cantina submission slot + 3-4h Buddy time |
| 2026-05-09 | dYdX v4 Cantina (Cosmos hook ordering) | Architecture mismatch - dYdX uses direct keeper imports + ABCI order, not hooks pattern. Banked sub-rule under Rule 36. | Cantina submission slot + 4-6h Buddy time |
| 2026-05-08 | Fireblocks MPC Bugcrowd | Pattern A docs explicitly require event_id dedup (Rule 34 sub-rule) | Bugcrowd submission slot |
| 2026-05-08 | Centrifuge V3.1 Sherlock contest 1028 | Contest finished Nov 17 2025 (Rule 35) | Sherlock submission slot - pivoted to direct disclosure |
| 2026-05-08 | Babylon Phase-2 cycles 1+2 | Disclosed GHSAs already public + Skeptic gate 4 unconfirmed | 2 Sherlock submission slots |
| 2026-05-08 | Kinepolis Lane B | Capacitor APK region-locked + OIDC findings only P5 informational | Intigriti submission slot |
| 2026-05-08 | TrueLayer cycle 2 weaponize | TrueLayer docs explicitly require event_id dedup (Rule 34 sub-rule founder) | Intigriti submission slot |
| 2026-05-08 | OpenSea + Auth0 + Adstruc sourcemaps | Tier B classified (no secrets in compiled bundles per Rule 34 logic) | 3 Bugcrowd/H1 submission slots |
| # | Rule | Date | Summary |
|---|---|---|---|
| RULE 38 | Post-audit regression hunting primitive | 2026-05-09 | Audit findings marked RESOLVED/FIXED can REGRESS, often buried in unrelated PRs. Pull audits + grep current code + diff = HIGH-EV bug class. Proven on Polymarket DELAY_PERIOD (12h to 1h to 0). |
| RULE 37 | Adapt primitive to architecture, don't walk on mismatch | 2026-05-09 | Walks belong to scope/status/saturation - NOT architecture-mismatch. Audit primitives compound at INVARIANT level, not syntax level. Unlocked dYdX HIGH finding within hours. |
| RULE 36 | Lane B pattern saturation landscape | 2026-05-08 | Track which primitives are saturated vs fresh. Spend ~50% time on novel primitive discovery. |
| RULE 35 | Verify Sherlock contest STATUS first (Step -1) | 2026-05-08 | Sherlock contest pages SPA-rendered, can't auto-extract. Browser-verify Open/Judging/Finished before scope work. |
| RULE 34 | Information-disclosure findings need exploitable follow-on (Tier A/B) | 2026-05-08 | Generalizes Rule 33 to sourcemap/openapi/banner/verbose-error/.env classes. Pure disclosure = OOS-class on most programs. |
| Tier | EYE | Type | Target | Detected |
|---|---|---|---|---|
| Tier-2 | EYE 10 | all-a-records-migrated | www.yeswehack.com | 3h ago |
| Tier-2 | EYE 10 | all-a-records-migrated | www.microsoft.com | 3h ago |
| Tier-2 | EYE 10 | all-a-records-migrated | www.shffls.com | 3h ago |
| Tier-2 | EYE 10 | all-a-records-migrated | docs.immutable.com | 3h ago |
| Tier-2 | EYE 10 | all-a-records-migrated | chrome.google.com | 3h ago |
| Tier-2 | EYE 10 | all-a-records-migrated | wiki.atom-lens.com | 3h ago |
| Tier-2 | EYE 10 | all-a-records-migrated | devedge.t-mobile.com | 3h ago |
| Tier-2 | EYE 10 | all-a-records-migrated | sprint.com | 3h ago |
| Tier-2 | EYE 4 | github-commit-new | https://github.com/anza-xyz/agave | 4h ago |
| Tier-2 | EYE 4 | github-commit-new | https://github.com/anza-xyz/agave | 4h ago |
| Tier-2 | EYE 10 | all-a-records-migrated | www.yeswehack.com | 9h ago |
| Tier-2 | EYE 10 | all-a-records-migrated | itunes.apple.com | 9h ago |
| Tier-2 | EYE 10 | all-a-records-migrated | www.microsoft.com | 9h ago |
| Tier-2 | EYE 10 | all-a-records-migrated | chrome.google.com | 9h ago |
| Tier-2 | EYE 10 | all-a-records-migrated | www.shffls.com | 9h ago |
| Tier-2 | EYE 10 | all-a-records-migrated | auth.immutable.com | 9h ago |
| Tier-2 | EYE 10 | all-a-records-migrated | docs.immutable.com | 9h ago |
| Tier-2 | EYE 10 | all-a-records-migrated | wiki.atom-lens.com | 9h ago |
| Tier-2 | EYE 10 | all-a-records-migrated | www.sophos.com | 9h ago |
| Tier-2 | EYE 10 | all-a-records-migrated | docs.sophos.com | 9h ago |
| Tier-2 | EYE 10 | all-a-records-migrated | www.assurancewireless.com | 9h ago |
| Tier-2 | EYE 10 | all-a-records-migrated | devedge.t-mobile.com | 9h ago |
| Tier-2 | EYE 10 | all-a-records-migrated | api.t-mobile.com | 9h ago |
| Tier-2 | EYE 10 | all-a-records-migrated | tfb.t-mobile.com | 9h ago |
| Tier-2 | EYE 10 | all-a-records-migrated | account.t-mobile.com | 9h ago |
| Host | Path | Size | Files | Recovered |
|---|---|---|---|---|
| marketplace.auth0.com | /_next/static/chunks/pages/_app-5472c689... | 5696.1 KB | 1213 | 17h ago |
| marketplace.auth0.com | /_next/static/chunks/pages/index-f374b1d... | 0.5 KB | 1 | 1d ago |
| marketplace.auth0.com | /_next/static/chunks/framework-67c9938e3... | 183.8 KB | 9 | 1d ago |
| wallet.opensea.io | /assets/index-DGk1JYWX.js.map | 9197.9 KB | 1237 | 1d ago |
| marketplace.auth0.com | /_next/static/chunks/webpack-5aadf7b0e00... | 13.4 KB | 21 | 2d ago |
| marketplace.auth0.com | /_next/static/chunks/main-7e69766e8eff35... | 656.8 KB | 134 | 2d ago |
| clients.adstruc.com | /static/js/main.45ab4b31.js.map | 15953.6 KB | 2141 | 2d ago |
| wallet.opensea.io | /assets/index-BWT8Nbv7.js.map | 9197.9 KB | 1237 | 2d ago |
| Repo | Label | SHA | Message | Committed |
|---|---|---|---|---|
| coinbase/smart-wallet | security | e7fde11a50fa | Add SECURITY.md (#167) | 11d ago |
| Uniswap/v4-periphery | generic_bypass | 9dafaaecc1e2 | fix: pin npm to specific version in deploy workflow (#520) | 37d ago |
| babylonlabs-io/babylon | security | d00e68415909 | chore(deps): bump google.golang.org/grpc from 1.77.0 to 1.79.3 in the go_modules group acr | 45d ago |
| babylonlabs-io/babylon | security | 65d793a0a8b8 | ci: enhance backport workflow security (#1977) | 54d ago |
| Uniswap/UniswapX | security | 9c8f9017a694 | fix: resolve zizmor GitHub Actions security findings (#362) | 60d ago |
| Uniswap/v4-periphery | security | cfa74b47304d | fix: resolve zizmor GitHub Actions security findings (#515) | 60d ago |
| babylonlabs-io/babylon | security | 0a2d17d8df02 | chore(deps): bump the go_modules group across 1 directory with 4 updates (#1974) | 68d ago |
| dydxprotocol/v4-chain | security | 07b2c964e689 | upgrade cometbft and cosmos-sdk for tachyon security fix (#3320) | 103d ago |
| Uniswap/UniswapX | security | 687d9e122082 | fix(DCA): dca allocation bug (#360) | 106d ago |
| Uniswap/UniswapX | security | 898d71736220 | ci: integrate Nethermind Audit Agent for automated security scanning (#357) | 108d ago |
| Truelayer/truelayer-signing | security | 868e7e7c04ba | Bump Python library from 0.3.7 to 0.3.8 (#343) | 295d ago |
| Uniswap/v4-core | security | 5f00c8416c19 | Safer readme example (#961) | 402d ago |
| Cluster | Members |
|---|---|
| FDJ-Kindred | 16 |
| ByteDance-TLB | 8 |
| Atlassian-Edge | 7 |
| Salesforce-Experience-Cloud | 6 |
| Apple-Geneva-Staging | 5 |
| Intergamma | 4 |
| IDnow | 2 |
| Mozilla-allizom-Staging | 2 |
| AutoDiscovered-GitRepo-intergamma/shopfront | 2 |
| Host | Note | Detected |
|---|---|---|
| - | state changed suspended->active | 1d ago |
| - | state changed suspended->active | 2d ago |
| - | state changed active->suspended | 2d ago |