TW
Tripwire
Find contracts. Test them. Review real vulns.
Confirmed Findings
2,205
crit 60 high 1157
All Findings
46,184
Across all runs
Chain
1
Mainnet focus
Signal Mix
24239
high severity in results
Findings
filter + triage
Reset
Quick filters: candidate lane confirmed only critical high detector codex
Severity Tool Title Address Value USD Validated Confirmed Found Run
medium codex Unprotected initializer can be front-run on new clones 0xc629a01ec23ab04e1050500a3717a2a5c0701497 $0.00 no 3 months ago 701e8689-a4fb-49ed-97a9-87257dc93dff
low codex Accounting assumes tokens are not fee-on-transfer or deflationary 0xc629a01ec23ab04e1050500a3717a2a5c0701497 $0.00 no 3 months ago 701e8689-a4fb-49ed-97a9-87257dc93dff
low codex Unchecked ERC20/LP token call results can desynchronize pool accounting 0xd51a44d3fae010294c616388b506acda1bfaae46 $8,996,583.59 no 3 months ago 3933824a-3fda-43bc-bad9-bba7be857a17
medium codex TWAP from internal Uniswap pool can be manipulated to over-mint ULTI 0xf576e1f09e2eb4992d5ffdf68bec4ea489fa417d $4,656,368.94 no 3 months ago 5ca1ae8a-9ddf-4b4a-88ef-09e4f55fd259
low codex Launch can be blocked by pre-creating the Uniswap pool 0xf576e1f09e2eb4992d5ffdf68bec4ea489fa417d $4,656,368.94 no 3 months ago 5ca1ae8a-9ddf-4b4a-88ef-09e4f55fd259
low codex Stale minimum contributor tracking can evict non-min contributors 0xf576e1f09e2eb4992d5ffdf68bec4ea489fa417d $4,656,368.94 no 3 months ago 5ca1ae8a-9ddf-4b4a-88ef-09e4f55fd259
low codex exchange_received lets any caller consume pre-transferred balances 0xc061caa073f3d95f80f8e5428d32d2d76f5e1622 $3,839,013.25 no 3 months ago ffb196f5-96d5-445c-8185-3b020d31e22a
medium codex External rate sources used without bounds or staleness checks can misprice swaps or DoS the pool 0x7e19f0253a564e026c63eeaa9338d6dbddef3b09 $2,883,864.58 no 3 months ago 8269a4b6-4f22-476a-9b2f-e422a2b0bba1
medium codex Wrap mints based on requested amount instead of actual received tokens 0xa250cc729bb3323e7933022a67b52200fe354767 $3,021,719.87 no 3 months ago bb5b93eb-4200-4976-ba61-e903af632b89
low codex Permit allows malleable signatures (no EIP-2 s/v checks) 0xa250cc729bb3323e7933022a67b52200fe354767 $3,021,719.87 no 3 months ago bb5b93eb-4200-4976-ba61-e903af632b89
medium codex Signatures are not domain-separated by contract address or chain ID 0xa4108aa1ec4967f8b52220a4f7e94a8201f2d906 $5,776,559.81 no 3 months ago d2059fa9-7d9b-46bb-87e6-c88defafd461
low codex Validator address uniqueness is not enforced in valsets 0xa4108aa1ec4967f8b52220a4f7e94a8201f2d906 $5,776,559.81 no 3 months ago d2059fa9-7d9b-46bb-87e6-c88defafd461
low codex Authorization depends on tx.origin (phishing-prone pattern) 0x9ba0cf1588e1dfa905ec948f7fe5104dd40eda31 $9,569,709.10 no 3 months ago 4ee9e6aa-cee2-43f6-81ad-5f467998a375
high codex Uninitialized lastFeeTime causes excessive management fees and can brick first settlement 0xe50554ec802375c9c3f9c087a8a7bb8c26d3dedf $0.00 no 3 months ago 42f21ca1-82d3-426a-a45a-788b3a4f9d5b
high codex HighWaterMark initialized with underlying decimals triggers performance fees immediately for <18-decimal assets 0xe50554ec802375c9c3f9c087a8a7bb8c26d3dedf $0.00 no 3 months ago 42f21ca1-82d3-426a-a45a-788b3a4f9d5b
high codex Hardcoded privileged borrow bypasses Comptroller risk checks 0x2ac63723a576f89b628d514ff671300801dc1702 $0.00 no 3 months ago a66a7849-282c-405c-94d3-afe6d6d3f5a1
low codex Reentrancy during `_mint` can bypass `depositCap` 0x1b992302652a92611dcd5090d1cb388c6377f455 $0.00 no 3 months ago b92d2e03-21a2-487f-9e4b-54e0e3b1a93c
info codex Shares minted without verifying actual assets received 0x1b992302652a92611dcd5090d1cb388c6377f455 $0.00 no 3 months ago b92d2e03-21a2-487f-9e4b-54e0e3b1a93c
high codex Unprotected initialize allows hostile setup of critical bridge addresses 0xe80b4e0ed5e92d865f4708eee0e1564287a7d848 $0.00 no 3 months ago e9597aef-e9cc-49ba-9d81-2312231691b5
medium codex Liquidation status persists after transient undercollateralization 0x1e0447b19bb6ecfdae1e4ae1694b0c3659614e4e $6,277,274.45 no 3 months ago 3c6ff52f-c8f2-4d99-9d2f-bd09425954ea
medium codex Public initializer can be front-run to configure ATokenInstance 0xb2668573828029917ffbd1e76270373511818498 $0.00 no 3 months ago a6e22563-3c6a-48bc-9056-6d560ad9206b
high codex LP share accounting ignores trader PnL and vault asset flows, enabling over-redemption 0xe3d41d19564922c9952f692c5dd0563030f5f2ef $21,609,903.28 no 3 months ago dc08fc38-6d54-4fb0-8a86-bb65f82abb39
low codex Privileged selfdestruct path can destroy the contract 0x1f2f10d1c40777ae1da742455c65828ff36df387 $10,735,151.93 no 3 months ago 41f1c8a7-fdd5-43e7-9ca2-22b8a272517e
medium codex Reward accrual can be skipped when updateRewards resets lastUpdateBlock 0xbcd7254a1d759efa08ec7c3291b2e85c5dcc12ce $9,190,195.44 no 3 months ago 46a061cb-b215-4d54-b156-a9ace98d5799
low codex Unchecked return values on token operations can mask failures 0xbcd7254a1d759efa08ec7c3291b2e85c5dcc12ce $9,190,195.44 no 3 months ago 46a061cb-b215-4d54-b156-a9ace98d5799
low codex Unchecked ERC20 return values in withdrawal/redemption flow 0x9f205e1ac7698f59edbaa0a28c4a4c4ed605b722 $6,500,000.00 no 3 months ago 073f3e74-0f6a-484b-9199-a379c502677a
medium codex Fee-on-transfer or deflationary assets break share accounting 0x1b992302652a92611dcd5090d1cb388c6377f455 $0.00 no 3 months ago 8ec2f2fa-e10f-4766-9520-8c4e451b8c4f
medium codex Deposit cap can be bypassed via reentrancy during asset transfer 0x1b992302652a92611dcd5090d1cb388c6377f455 $0.00 no 3 months ago 8ec2f2fa-e10f-4766-9520-8c4e451b8c4f
low codex Permit accepts malleable ECDSA signatures 0x1b992302652a92611dcd5090d1cb388c6377f455 $0.00 no 3 months ago 8ec2f2fa-e10f-4766-9520-8c4e451b8c4f
medium codex Fee-on-transfer/deflationary ERC-20s break accounting (mint/repay credited by nominal amount, not actual received) 0x39aa39c021dfbae8fac545936693ac917d5e7563 $10,780,058.47 no 3 months ago 5c6a8037-f1d5-41f4-91a4-8653256c442f
medium codex Interest can be minted multiple times via reentrancy before lastAggUpdateTime is updated 0xeb5a8c825582965f1d84606e078620a84ab16afe $17,612,166.21 no 3 months ago 614e8405-f6c9-4781-bd65-282f3a654a08
high codex Unrestricted initialization of tap allows attacker-controlled liquidator 0x448a5065aebb8e423f0896e6c5d525c040f59af3 $20,792,403.90 no 3 months ago a07440d4-9742-4482-9bb0-05239d80eb1f
medium codex Adapter credits full `wad` without verifying actual tokens received 0x08638ef1a205be6762a8b935f5da9b700cf7322c $21,018,934.63 no 3 months ago 45fffa69-527a-49a0-8082-76e0b3db5719
low codex Bus-mode refund ignores failed native transfer, leaving excess fees trapped 0xc026395860db2d07ee33e05fe50ed7bd583189c7 $24,471,349.97 no 3 months ago 102810a6-7e26-4aff-859d-6b198fdc4401
high codex `setup` is externally callable via proxy with no one-time initializer guard 0x99b5fa03a5ea4315725c43346e55a6a6fbd94098 $0.00 no 3 months ago 8a7c4282-fe4b-4a35-b94c-7694cbef39ea
medium codex Delegatecall to `tokenDeployer` allows storage corruption if the deployer is compromised or upgradeable 0x99b5fa03a5ea4315725c43346e55a6a6fbd94098 $0.00 no 3 months ago 8a7c4282-fe4b-4a35-b94c-7694cbef39ea
critical codex Unprotected initializer allows arbitrary subcontract replacement and delegatecall execution 0x2c0df87e073755139101b35c0a51e065291cc2d3 $0.00 no 3 months ago 00827adf-489d-4605-a887-6e6ea5b81451
high codex Unprotected one-time admin initialization can be front‑run 0x1681195c176239ac5e72d9aebacf5b2492e0c4ee $34,620,088.63 no 3 months ago 2d583407-2d3a-41a0-85ac-6f1a8195edd9
medium codex Price feed responses lack staleness/round validation 0x2bea101d992b58da3f52c4c2aaeb49d33f7dce14 $0.00 no 3 months ago 041088fa-570d-423d-91ea-e5b574e99283
high codex Unprotected tap assignment allows attacker to seize liquidation/tax flows 0xbda109309f9fafa6dd6a9cb9f1df4085b27ee8ef $43,734,589.13 no 3 months ago f58f1e0d-d765-4f42-8774-1b1e4abc5a43
medium codex Reentrancy window on collateral exit can drain gem before burning SKR 0xbda109309f9fafa6dd6a9cb9f1df4085b27ee8ef $43,734,589.13 no 3 months ago f58f1e0d-d765-4f42-8774-1b1e4abc5a43
critical codex Unrestricted migrateTo_3_3_0 allows attacker-controlled interest implementation and token siphoning 0x8eb3b7d8498a6716904577b2579e1c313d48e347 $0.00 no 3 months ago f4cc9992-10b3-41d9-89ef-eb26729f6005
low codex Unchecked low-level callback can silently fail and mask external reverts 0x8eb3b7d8498a6716904577b2579e1c313d48e347 $0.00 no 3 months ago f4cc9992-10b3-41d9-89ef-eb26729f6005
medium codex Price feeds lack staleness/round completeness checks 0xdd922b4a799b5066902e325300069226f95c7988 $0.00 no 3 months ago 4186bccb-00b8-40b8-a6ed-805de3deb6c3
high codex Chainlink oracle responses are not validated for negative/stale data 0x6fcbbb527fb2954bed2b224a5bb7c23c5aeeb6e1 $266,056.63 no 3 months ago 019b426d-be82-7158-aec7-2fbd5b8cb931
medium codex Removed collateral can still be withdrawn 0x6fcbbb527fb2954bed2b224a5bb7c23c5aeeb6e1 $266,056.63 no 3 months ago 019b426d-be82-7158-aec7-2fbd5b8cb931
medium codex Reserve ratio can be steered by manipulable Uniswap oracle updates 0x6fcbbb527fb2954bed2b224a5bb7c23c5aeeb6e1 $266,056.63 no 3 months ago 019b426d-be82-7158-aec7-2fbd5b8cb931
medium codex Predictable seed generation allows trait manipulation 0x8754f54074400ce745a7ceddc928fb1b7e985ed6 $668,818.61 no 3 months ago 019b4236-fb81-71aa-86bf-cc46196cb9ac
high codex Gateway-controlled delegatecall enables arbitrary code execution in Agent context 0xd803472c47a87d7b63e888de53f03b4191b846a8 $7,165,862.10 no 3 months ago 019b422c-5600-71b9-95ab-04ba54ca9f3f
low codex EIP-712 type hash mismatch for relayer callpath blocks signatures for callpaths >255 0xaaaaaaaaa24eeeb8d57d431224f73832bc34f688 $487,276.57 no 3 months ago 019b421f-6355-7264-b48a-04e2fef9e548