Vulnerability Tester

DON'T BID IF YOU DON'T FOLLOW THE INSTRUCTIONS, I WILL HIDE YOUR BID AND IGNORE Please read before you apply , you must accomplish the following before applying (DO NOT APPLY IF YOU DON’T HAVE A VULNERABILITY POC FOR THIS PROJECT TO SHOW): 1. Have read all the sections below 2. Have found a vulnerability in the sections below and have found a solution based off the vulnerability list 3. Have written a POC based off the POC guidelines I will message or reply only freelancers that have done this, follow this and we would work long term with a lot of advantages. Also you're don't need to find vulnerabilities in all assets in scope -- you can just find as much as possible, more that are solid - more money. POC 1. POC Guidelines and Rules ([login to view URL] )
 2. POC Templates Article ([login to view URL] ) PROJECT OVERVIEW Your POC should identify vulnerabilities on either the smart contract or app that prevent: Loss of funds Loss of more than 10% of yield Freezing of funds that cannot be undone by admin actions Ability for an unauthorized user to use admin actions Governance process failures Redirected funds by address modification Shell access on server Injection of text Ability to have other users run arbitrary code on the site ASSET IN SCOPE Smart Contract [login to view URL] Target Smart Contract - OUSD Type [login to view URL] Target Smart Contract - Vault Type [login to view URL] Target Smart Contract - Oracle Router Type [login to view URL] Target Smart Contract - Aave Strategy Type [login to view URL] Target Smart Contract - Compound Strategy Type [login to view URL] Target Smart Contract - Convex Strategy Type [login to view URL] Target Smart Contract - Convex OUSD Metastrategy Type [login to view URL] Target Smart Contract - Morpho Strategy Type [login to view URL] Target Smart Contract - OGV Type [login to view URL] Target Smart Contract - veOGV Type [login to view URL] Target Smart Contract - OGV Inflation Controller Type [login to view URL] Target Smart Contract - Governor / Timelock Type [login to view URL] Target Smart Contract - OGN Buyback Type [login to view URL] Target Smart Contract - OGN Staking Type [login to view URL] Target Smart Contract - OUSD Swap Type [login to view URL] Target Smart Contract - Harvester Type [login to view URL] Target Smart Contract - Dripper Type [login to view URL] Target Smart Contract - OETH Token Type [login to view URL] Target Smart Contract - wOETH Token Type [login to view URL] Target Smart Contract - OETH Vault Type [login to view URL] Target Smart Contract - OETH Frax Staking Strategy Type [login to view URL] Target Smart Contract - OETH Harvester Type [login to view URL] Target Smart Contract - Convex OETH Meta Strategy Type [login to view URL] Target Smart Contract - OETH Dripper Type [login to view URL] Target Websites and Applications Type Vulnerability List So after you’re done with your analysis on the Assets in Scope tell me alongside your POC if the vulnerability includes one or more of the following and your POC Solving it: On Smart Contracts: 1. Any governance voting result manipulation 2. Direct theft of any user funds, whether at-rest or in-motion, other than unclaimed yield 3. Permanent freezing of funds 4. Protocol Insolvency 5. Theft of unclaimed yield 6. Permanent freezing of unclaimed yield 7. Temporary freezing of funds On the Website or Application: 1. Ability to execute system commands 2. Stealing User Cookies 3. Signing transactions for other users 4. Redirection of user deposits and withdrawals 5. Subdomain takeover resulting in financial loss (applicable for subdomains with addresses published) 6. Wallet interaction modification resulting in financial loss 7. Direct theft of user funds 8. Tampering with transactions submitted to the user’s wallet 9. Submitting malicious transactions to an already-connected wallet 10. Spoofing content on the target application (Persistent) 11. Users Confidential information disclosure such as Email 12. Privilege escalation to access unauthorized functionalities