TW
Tripwire
Find contracts. Test them. Review real vulns.
Confirmed Findings
2,205
crit 60 high 1157
All Findings
46,184
Across all runs
Chain
1
Mainnet focus
Signal Mix
24239
high severity in results
Findings
filter + triage
Reset
Quick filters: candidate lane confirmed only critical high detector codex
Severity Tool Title Address Value USD Validated Confirmed Found Run
low codex `onlyHuman` contract check is bypassable via constructor calls 0xf317a365cfef0aa4357abd057048808a1d430402 $58,424.26 no 3 months ago 019bab3b-ab84-72af-bef3-c28e12418fef
low codex Game timing and price logic depend on block.timestamp manipulation 0xf317a365cfef0aa4357abd057048808a1d430402 $58,424.26 no 3 months ago 019bab3b-ab84-72af-bef3-c28e12418fef
medium codex Reentrancy window when paying winners if safeGas is raised 0x1e2fbe6be9eb39fc894d38be976111f332172d83 $58,500.43 no 3 months ago 019bab3b-ab7c-7102-8fd8-1dd8c9e21d98
medium codex Oracle randomness accepted without proof verification 0x1e2fbe6be9eb39fc894d38be976111f332172d83 $58,500.43 no 3 months ago 019bab3b-ab7c-7102-8fd8-1dd8c9e21d98
low codex Failed Oraclize query can lock user funds in an unresolved bet 0x1e2fbe6be9eb39fc894d38be976111f332172d83 $58,500.43 no 3 months ago 019bab3b-ab7c-7102-8fd8-1dd8c9e21d98
medium codex tx.origin used in sensitive logic (heuristic) 0x2d83ff1cb1c79c68fe530d35f439a92a645faded $58,548.25 no 3 months ago 019bab3b-ab74-7343-a3d1-557498378979
low codex Low-level external CALLs with computed target/value and no return-data validation 0x2d83ff1cb1c79c68fe530d35f439a92a645faded $58,548.25 no 3 months ago 019bab3b-ab74-7343-a3d1-557498378979
high codex Reentrancy in sendPayment enables multiple payouts 0xde5d4949f445650325c7c8739610c3a979c7a6db $58,651.07 no 3 months ago 019bab3b-ab66-71c2-bd2e-5152da730c58
high codex Claim mints tokenId 0 for every NFT, causing claim DoS 0xde5d4949f445650325c7c8739610c3a979c7a6db $58,651.07 no 3 months ago 019bab3b-ab66-71c2-bd2e-5152da730c58
low codex Tie-breaker randomness is miner-influenced 0xde5d4949f445650325c7c8739610c3a979c7a6db $58,651.07 no 3 months ago 019bab3b-ab66-71c2-bd2e-5152da730c58
low codex Ownable constructor not executed in proxy deployments, potentially bricking initialization 0x77e034c8a1392d99a2c776a6c1593866fee36a33 $58,741.61 no 3 months ago 019bab3b-ab5f-70f2-8756-7b17d7fdd28f
critical codex Unprotected network initialization lets attacker set critical contract dependencies 0xf211128cc6d925a3a328647cf78b322b51429c53 $58,771.78 no 3 months ago 019bab3b-ab50-73ed-9109-2fa3a622bb57
medium codex External call before state updates enables reentrancy/price manipulation 0xf211128cc6d925a3a328647cf78b322b51429c53 $58,771.78 no 3 months ago 019bab3b-ab50-73ed-9109-2fa3a622bb57
medium codex Computed CALL targets/values may allow arbitrary external calls and ETH transfers if user-controlled 0x705ec547b17ff8c4a2996f47fdfc399604163606 $58,826.95 no 3 months ago 019bab3b-ab41-7206-bacf-aa21d1411cf4
low codex Implementation contract can be initialized directly (missing _disableInitializers) 0x764737fb03f2443798eb317677d253ff226b97a9 $58,849.00 no 3 months ago 019bab3b-ab39-73a1-800d-3ee1abd6ba0d
medium codex CALLCODE usage with computed target/value 0xcf7cdbd3de63764f6724f55f1de79a7054085eb9 $58,962.00 no 3 months ago 019bab3b-ab1b-7086-bbe8-d2c9031cd737
medium codex tx.origin used in authorization path (phishing-prone access control) 0xcf7cdbd3de63764f6724f55f1de79a7054085eb9 $58,962.00 no 3 months ago 019bab3b-ab1b-7086-bbe8-d2c9031cd737
low codex Multiple external CALLs to computed targets/values (possible untrusted-call surface) 0xcf7cdbd3de63764f6724f55f1de79a7054085eb9 $58,962.00 no 3 months ago 019bab3b-ab1b-7086-bbe8-d2c9031cd737
low codex Delegatecall to upgradeable implementation slot allows arbitrary logic execution if upgrade authority is compromised 0xc120c7db0804ae3abeb1d5f9c9c70402347b4685 $58,985.68 no 3 months ago 019bab3b-ab13-7280-88f3-49b837f879fe
medium codex Centralized, unbounded price oracle can arbitrarily change token pricing 0xb3b33f59174f2ef62167770e4c9cabaa3879eb5d $59,091.10 no 3 months ago 019bab3b-ab0b-7271-88f2-a566c8ee7df8
high codex Reentrancy enables double-withdraw of staked VIRTUE 0x0dd5a35fe4cd65fe7928c7b923902b43d6ea29e7 $59,125.30 no 3 months ago 019bab3b-ab05-7055-bef7-363c9c09e395
medium codex Slashing can cause underflow and permanently block reward updates 0x0dd5a35fe4cd65fe7928c7b923902b43d6ea29e7 $59,125.30 no 3 months ago 019bab3b-ab05-7055-bef7-363c9c09e395
low codex Division by zero when no VIRTUE is staked can revert sales/reward distribution 0x0dd5a35fe4cd65fe7928c7b923902b43d6ea29e7 $59,125.30 no 3 months ago 019bab3b-ab05-7055-bef7-363c9c09e395
medium codex Trading lock bypass via direct capital withdrawal 0x31a0c9e9506ce7f3749aeebd20397618a2879788 $59,142.36 no 3 months ago 019bab3b-aafe-72b1-9cd0-b829a8b102dc
high codex Unregistered address can execute BNFT deposit flow 0x00c452affee3a17d9cecc1bcd2b8d5c7635c4cb9 $59,182.72 no 3 months ago 019bab3b-aaee-7307-8a62-f0c903f3c8f8
low codex Division-by-zero DoS in fund source allocation 0x00c452affee3a17d9cecc1bcd2b8d5c7635c4cb9 $59,182.72 no 3 months ago 019bab3b-aaee-7307-8a62-f0c903f3c8f8
low codex Computed external CALLs with value and no detected guards (conditional reentrancy/ETH loss risk) 0xd838f9c9792bf8398e1f5fbfbd3b43c5a86445aa $59,194.58 no 3 months ago 019bab3b-aae7-7376-9148-d1bfc8a66858
high codex Owner can arbitrarily change fees and limits, enabling honeypot behavior 0xf20bc3b10b95cde1368a2f4219a63ed3fd8b9089 $59,327.00 no 3 months ago 019bab3b-aacf-703b-9022-3246f6b562b2
medium codex Fee parameter underflow/division by zero can brick sell-side swaps 0xf20bc3b10b95cde1368a2f4219a63ed3fd8b9089 $59,327.00 no 3 months ago 019bab3b-aacf-703b-9022-3246f6b562b2
low codex ETH payouts use .transfer and can revert if recipient is a contract 0xf20bc3b10b95cde1368a2f4219a63ed3fd8b9089 $59,327.00 no 3 months ago 019bab3b-aacf-703b-9022-3246f6b562b2
medium codex SELFDESTRUCT reachable with unclear access control 0xd1901bd2063d2c8f649bf31b6df6d0f853a6bda3 $59,416.92 no 3 months ago 019bab3b-aab8-7367-9218-8babaed6813f
low codex CREATE/CREATE2 opcodes reachable; deployment control unclear 0xd1901bd2063d2c8f649bf31b6df6d0f853a6bda3 $59,416.92 no 3 months ago 019bab3b-aab8-7367-9218-8babaed6813f
low codex Computed CALLs with value and unchecked returndata 0xd1901bd2063d2c8f649bf31b6df6d0f853a6bda3 $59,416.92 no 3 months ago 019bab3b-aab8-7367-9218-8babaed6813f
medium codex Low-level CALLs with computed target/value lack visible authorization 0xfdffb38544dc145795e9ea2b82fc3dcb3c72e59c $59,434.01 no 3 months ago 019bab3b-aaaf-72e1-b91d-acd00fc28602
low codex External CALLs combined with storage writes; no reentrancy guard detected 0xfdffb38544dc145795e9ea2b82fc3dcb3c72e59c $59,434.01 no 3 months ago 019bab3b-aaaf-72e1-b91d-acd00fc28602
low codex Low-level token transfer call does not appear to validate return data 0xfdffb38544dc145795e9ea2b82fc3dcb3c72e59c $59,434.01 no 3 months ago 019bab3b-aaaf-72e1-b91d-acd00fc28602
high codex Signed mint does not bind payment amount, enabling free or underpriced mints 0x69bcb93d13d1063335269e8602b009485abd3e87 $59,479.28 no 3 months ago 019bab3b-aaa7-70e2-8f3a-b33ac294d2ca
medium codex Signature expiry and domain separation are ineffective 0x69bcb93d13d1063335269e8602b009485abd3e87 $59,479.28 no 3 months ago 019bab3b-aaa7-70e2-8f3a-b33ac294d2ca
medium codex Reentrancy in stake via token callback can double-count pending rewards 0x377e168af6a06075423aede50856de177efaac3e $59,515.65 no 3 months ago 019bab3b-aaa0-7151-a374-c3fe4af4842d
low codex Validator-manager signature can be replayed for registerValidators, allowing duplicate validator deposits 0xb36fc5e542cb4fc562a624912f55da2758998113 $59,728.43 no 3 months ago 019bab3b-aa91-70e2-a7d3-704d770ca089
low codex Unchecked ERC20 transfers can silently fail 0x5ad6211cd3fde39a9cecb5df6f380b8263d1e277 $59,740.59 no 3 months ago 019bab3b-aa89-730a-8b3c-b49db1fb7914
info codex wrapEth ignores WETH deposit failure 0x5ad6211cd3fde39a9cecb5df6f380b8263d1e277 $59,740.59 no 3 months ago 019bab3b-aa89-730a-8b3c-b49db1fb7914
low codex Fallback allows calldata-driven external CALLs with ETH value transfers 0x3de8eb830000f1d914294d000051000031a81d00 $59,891.96 no 3 months ago 019bab3b-aa82-7335-b614-433ed19c750a
medium codex Computed low-level CALLs may be reachable by untrusted callers 0xf652d990e50af27d8d423ac80631b4f5ef6d4113 $59,926.04 no 3 months ago 019bab3b-aa70-7067-80e5-886b31472ece
low codex Low-level CALLs do not validate return data 0xf652d990e50af27d8d423ac80631b4f5ef6d4113 $59,926.04 no 3 months ago 019bab3b-aa70-7067-80e5-886b31472ece
low codex Value-carrying CALLs use computed target/value (untrusted call risk, unconfirmed) 0x9c5570e4615b1b1ae72f878edccb73b3951d0cb0 $59,990.27 no 3 months ago 019bab3b-aa63-72d5-84fa-0e2c93349ffe
medium codex Computed external CALL(s) with possible ETH value transfer and unclear target control 0xd47b0f5d0a24191fdd6878fcde3f03dd4735adc1 $60,000.00 no 3 months ago 019bab3b-aa5a-71ce-8f7e-70bc3f037e9d
medium codex SELFDESTRUCT opcodes present with no detected guards 0xd47b0f5d0a24191fdd6878fcde3f03dd4735adc1 $60,000.00 no 3 months ago 019bab3b-aa5a-71ce-8f7e-70bc3f037e9d
medium codex Admin removal corrupts index mapping, making some admins non-removable 0x3d88fc5d3fb84caf45011a790a994928789c31a8 $60,000.97 no 3 months ago 019bab3b-aa50-70a2-8a41-e573c49b0a5e
low codex Whitelist removal corrupts index mapping, making some recipients non-removable 0x3d88fc5d3fb84caf45011a790a994928789c31a8 $60,000.97 no 3 months ago 019bab3b-aa50-70a2-8a41-e573c49b0a5e