TW
Tripwire
Find contracts. Test them. Review real vulns.
Confirmed Findings
2,205
crit 60 high 1157
All Findings
46,184
Across all runs
Chain
1
Mainnet focus
Signal Mix
24239
high severity in results
Findings
filter + triage
Reset
Quick filters: candidate lane confirmed only critical high detector codex
Severity Tool Title Address Value USD Validated Confirmed Found Run
high codex Relayer refund can be reentered to withdraw multiple times 0x965983977c29158ec53a296a6f47be145ddecc36 $0.00 no 2 months ago 019c0ea9-e35a-710a-b93e-e2ba664180fb
medium codex Author confirmations and lower proofs lack domain separation (replayable signatures) 0x965983977c29158ec53a296a6f47be145ddecc36 $0.00 no 2 months ago 019c0ea9-e35a-710a-b93e-e2ba664180fb
low codex Pause bypass for relayer operations 0x965983977c29158ec53a296a6f47be145ddecc36 $0.00 no 2 months ago 019c0ea9-e35a-710a-b93e-e2ba664180fb
low codex Chainlink price used without sanity or staleness checks 0x965983977c29158ec53a296a6f47be145ddecc36 $0.00 no 2 months ago 019c0ea9-e35a-710a-b93e-e2ba664180fb
low codex Unchecked ERC20 transfer return values 0x965983977c29158ec53a296a6f47be145ddecc36 $0.00 no 2 months ago 019c0ea9-e35a-710a-b93e-e2ba664180fb
high codex Initializer callable by anyone enables hostile bridge configuration 0x3203e813930bd710043c1d899fe38dd359307352 $0.00 no 2 months ago 019c0ea9-c986-7300-a119-1cc3848d4c55
critical codex Untrusted DELEGATECALL target reachable (arbitrary code execution risk) 0x97edcc0f6bb77191b4bf69a930e6d2383397433a $0.00 no 2 months ago 019c0ea9-9972-71e4-a291-55d964b938b2
medium codex External CALL with computed target/value (ETH transfer possible) 0x97edcc0f6bb77191b4bf69a930e6d2383397433a $0.00 no 2 months ago 019c0ea9-9972-71e4-a291-55d964b938b2
low codex Minimum-shares invariant can lock the last withdrawal for a token 0x28def88a5225fd50cdd081306be18fa7368e59f9 $0.00 no 2 months ago 019c0ea9-71ec-7140-b362-268cfeffbc7f
medium codex Low-level CALL with ETH value to computed target 0x7e0ae8e65fc3c322c9f2bedf630ce8ef799e292e $0.00 no 2 months ago 019c0ea9-2c1f-712c-a452-775a4bc4cf33
medium codex Computed DELEGATECALL target reachable (possible arbitrary code execution if unguarded) 0x7e0ae8e65fc3c322c9f2bedf630ce8ef799e292e $0.00 no 2 months ago 019c0ea9-2c1f-712c-a452-775a4bc4cf33
medium codex SELFDESTRUCT opcode present and marked reachable 0x7e0ae8e65fc3c322c9f2bedf630ce8ef799e292e $0.00 no 2 months ago 019c0ea9-2c1f-712c-a452-775a4bc4cf33
high codex Authorization uses tx.origin 0x9dc55070584ca0a58cdfe98eeb32b9a48dc9885c $42,772.61 no 2 months ago 019c0ea9-09c2-7372-be3e-5cedc6bce266
low codex External CALLs with computed target/value (potentially user-controlled) 0x9dc55070584ca0a58cdfe98eeb32b9a48dc9885c $42,772.61 no 2 months ago 019c0ea9-09c2-7372-be3e-5cedc6bce266
high slither Reentrancy in RobTheBank._bigLottery(address) (contracts/Contract.sol#257-298): 0x51e9244bae3fca7473fe48651dfd7db53aa55856 $42,830.95 no 2 months ago 019c0ea9-09bb-708b-a5eb-c7330d8c9ab3
high slither Reentrancy in RobTheBank._buy(uint256,uint256) (contracts/Contract.sol#193-232): 0x51e9244bae3fca7473fe48651dfd7db53aa55856 $42,830.95 no 2 months ago 019c0ea9-09bb-708b-a5eb-c7330d8c9ab3
high slither RobTheBank._bigLottery(address) (contracts/Contract.sol#257-298) sends eth to arbitrary user 0x51e9244bae3fca7473fe48651dfd7db53aa55856 $42,830.95 no 2 months ago 019c0ea9-09bb-708b-a5eb-c7330d8c9ab3
high codex Predictable/manipulable randomness for winner and jackpot selection 0x51e9244bae3fca7473fe48651dfd7db53aa55856 $42,830.95 no 2 months ago 019c0ea9-09bb-708b-a5eb-c7330d8c9ab3
medium codex Service can call lottery before round end and without winKey set 0x51e9244bae3fca7473fe48651dfd7db53aa55856 $42,830.95 no 2 months ago 019c0ea9-09bb-708b-a5eb-c7330d8c9ab3
low codex Initializer is externally callable; uninitialized proxy can be taken over 0xb71125df00a98a671f82c7b2e70e646ea2fa5894 $42,913.53 no 2 months ago 019c0ea9-09b4-70d2-b921-de227abe0b6b
medium detector SELFDESTRUCT reachable 0x5018cc0d628fb322b2a040cfcd269a36c60b1538 $0.00 no no 2 months ago 019c0eac-1141-73a4-bb86-3f06ad5c30a9
medium detector Untrusted CALL target/value reachable 0x5018cc0d628fb322b2a040cfcd269a36c60b1538 $0.00 no no 2 months ago 019c0eac-1141-73a4-bb86-3f06ad5c30a9
medium detector ETH value transfer possible 0x5018cc0d628fb322b2a040cfcd269a36c60b1538 $0.00 no no 2 months ago 019c0eac-1141-73a4-bb86-3f06ad5c30a9
high cast SELFDESTRUCT present 0x5018cc0d628fb322b2a040cfcd269a36c60b1538 $0.00 no 2 months ago 019c0eac-1141-73a4-bb86-3f06ad5c30a9
medium slither Reentrancy in UniswapV3Pool.swap(address,bool,int256,uint160,bytes) (contracts/UniswapV3Pool.sol#596-788): 0x64a0d84d1c1b92fdc1149ffe3cee5e2fe0febd8e $42,978.85 no 2 months ago 019c0ea9-09af-72d0-bcda-4242239497f6
medium slither Reentrancy in UniswapV3Pool.collectProtocol(address,uint128,uint128) (contracts/UniswapV3Pool.sol#848-868): 0x64a0d84d1c1b92fdc1149ffe3cee5e2fe0febd8e $42,978.85 no 2 months ago 019c0ea9-09af-72d0-bcda-4242239497f6
medium codex Unchecked ERC20 transfer/transferFrom return values can desync accounting 0x264c13cfed981e3137fb43b198d14d8d5d64977e $42,983.22 no 2 months ago 019c0ea9-09a9-73f4-811c-8ba88e5365e8
medium codex Refunding current bidder via transfer can permanently block new bids or buys 0x41a322b28d0ff354040e2cbc676f0320d8c8850d $43,020.73 no 2 months ago 019c0ea9-09a2-715c-9fce-2dd33d658215
medium codex Payout transfers can revert and block all sales for a token (or globally if maintainer is a contract) 0x41a322b28d0ff354040e2cbc676f0320d8c8850d $43,020.73 no 2 months ago 019c0ea9-09a2-715c-9fce-2dd33d658215
low codex Owner can set fee percentages to values that make payouts revert 0x41a322b28d0ff354040e2cbc676f0320d8c8850d $43,020.73 no 2 months ago 019c0ea9-09a2-715c-9fce-2dd33d658215
medium slither Reentrancy in UniswapV3Pool.swap(address,bool,int256,uint160,bytes) (contracts/UniswapV3Pool.sol#596-788): 0x84383fb05f610222430f69727aa638f8fdbf5cc1 $43,104.67 no 2 months ago 019c0ea9-099c-735e-9272-ff3f3fee805d
medium slither Reentrancy in UniswapV3Pool.collectProtocol(address,uint128,uint128) (contracts/UniswapV3Pool.sol#848-868): 0x84383fb05f610222430f69727aa638f8fdbf5cc1 $43,104.67 no 2 months ago 019c0ea9-099c-735e-9272-ff3f3fee805d
high codex Initializer is publicly callable, enabling admin takeover if proxy is left uninitialized 0xfcf8eda095e37a41e002e266daad7efc1579bc0a $43,190.99 no 2 months ago 019c0ea9-0991-73a8-9d8e-2bfc551e719c
medium codex Rounding in external↔internal unit conversion allows transfers exceeding displayed balance and misleading Transfer events 0xfcf8eda095e37a41e002e266daad7efc1579bc0a $43,190.99 no 2 months ago 019c0ea9-0991-73a8-9d8e-2bfc551e719c
medium codex Computed CALL targets/values could enable arbitrary external calls/ETH forwarding (if user-controlled) 0x2c79e1a51e25fffff54c3becadbf1554841a8fc8 $43,226.89 no 2 months ago 019c0ea9-0984-7238-bcd4-f122b4ccad2e
low codex External calls can occur before storage updates along CFG path 0x2c79e1a51e25fffff54c3becadbf1554841a8fc8 $43,226.89 no 2 months ago 019c0ea9-0984-7238-bcd4-f122b4ccad2e
medium slither Reentrancy in SetToken.removeModule(address) (contracts/Contract.sol#2188-2199): 0x1db6e3ea822c093a93240880da037c0f421d05d1 $43,232.75 no 2 months ago 019c0ea9-097d-7034-a546-1aa22ef5db1b
high codex Orders are unauthenticated, allowing relays to execute arbitrary trades or penalties against any trader 0xfca6a62a11cd75ef6506c4973a67c5b2a3d8915f $43,264.41 no 2 months ago 019c0ea9-0976-7128-8854-e104b5d873b5
low codex Unchecked ERC20 return values can silently fail transfers and strand/refund tokens in Uniswapper 0xfca6a62a11cd75ef6506c4973a67c5b2a3d8915f $43,264.41 no 2 months ago 019c0ea9-0976-7128-8854-e104b5d873b5
critical detector Untrusted DELEGATECALL target reachable 0x4a1dc57d949db46a456d0104f437ed87ee24422f $0.00 no no 2 months ago 019c0eab-c14a-7068-a5b7-e9885803d0b8
high detector Untrusted CALL target/value reachable 0x4a1dc57d949db46a456d0104f437ed87ee24422f $0.00 no no 2 months ago 019c0eab-c14a-7068-a5b7-e9885803d0b8
high detector ETH value transfer possible 0x4a1dc57d949db46a456d0104f437ed87ee24422f $0.00 no no 2 months ago 019c0eab-c14a-7068-a5b7-e9885803d0b8
medium detector CREATE/CREATE2 reachable 0x4a1dc57d949db46a456d0104f437ed87ee24422f $0.00 no no 2 months ago 019c0eab-c14a-7068-a5b7-e9885803d0b8
medium cast DELEGATECALL present 0x4a1dc57d949db46a456d0104f437ed87ee24422f $0.00 no 2 months ago 019c0eab-c14a-7068-a5b7-e9885803d0b8
low cast Contract creation opcode present 0x4a1dc57d949db46a456d0104f437ed87ee24422f $0.00 no 2 months ago 019c0eab-c14a-7068-a5b7-e9885803d0b8
info cast Heavy EXTCODE*/BALANCE usage 0x4a1dc57d949db46a456d0104f437ed87ee24422f $0.00 no 2 months ago 019c0eab-c14a-7068-a5b7-e9885803d0b8
info cast Heavy CALL-family usage 0x4a1dc57d949db46a456d0104f437ed87ee24422f $0.00 no 2 months ago 019c0eab-c14a-7068-a5b7-e9885803d0b8
medium slither Reentrancy in UniswapV3Pool.swap(address,bool,int256,uint160,bytes) (contracts/UniswapV3Pool.sol#596-788): 0x531b6a4b3f962208ea8ed5268c642c84bb29be0b $43,289.39 no 2 months ago 019c0ea9-096f-7327-b98f-97b2df5b24f3
medium slither Reentrancy in UniswapV3Pool.collectProtocol(address,uint128,uint128) (contracts/UniswapV3Pool.sol#848-868): 0x531b6a4b3f962208ea8ed5268c642c84bb29be0b $43,289.39 no 2 months ago 019c0ea9-096f-7327-b98f-97b2df5b24f3
medium codex Mint signatures are not bound to a trusted signer (anyone can self‑authorize) 0xdaca87395f3b1bbc46f3fa187e996e03a5dcc985 $43,294.45 no 2 months ago 019c0ea9-0968-7020-87be-641769d60ed2