TW
Tripwire
Find contracts. Test them. Review real vulns.
Confirmed Findings
2,205
crit 60 high 1157
All Findings
46,184
Across all runs
Chain
1
Mainnet focus
Signal Mix
24239
high severity in results
Findings
filter + triage
Reset
Quick filters: candidate lane confirmed only critical high detector codex
Severity Tool Title Address Value USD Validated Confirmed Found Run
low codex External CALLs with ETH to computed targets require strict authorization 0xa2d07d64d7cfc0fe1b58549ea36119e9e81a88f6 $43,703.23 no 2 months ago 019c0ea9-0900-7147-9322-e26ba5b89eeb
critical detector Untrusted DELEGATECALL target reachable 0xd3f582f6b4814e989ee8e96bc3175320b5a540ab $0.00 no no 2 months ago 019c0eab-41f8-709b-a0d5-a4b9b6478fe1
high detector ETH value transfer possible 0xd3f582f6b4814e989ee8e96bc3175320b5a540ab $0.00 no no 2 months ago 019c0eab-41f8-709b-a0d5-a4b9b6478fe1
high detector Untrusted CALL target/value reachable 0xd3f582f6b4814e989ee8e96bc3175320b5a540ab $0.00 no no 2 months ago 019c0eab-41f8-709b-a0d5-a4b9b6478fe1
medium cast DELEGATECALL present 0xd3f582f6b4814e989ee8e96bc3175320b5a540ab $0.00 no 2 months ago 019c0eab-41f8-709b-a0d5-a4b9b6478fe1
info cast Heavy CALL-family usage 0xd3f582f6b4814e989ee8e96bc3175320b5a540ab $0.00 no 2 months ago 019c0eab-41f8-709b-a0d5-a4b9b6478fe1
medium slither Reentrancy in ERC1155LazyPayableClaim.initializeClaim(address,uint256,IERC1155LazyPayableClaim.ClaimParameters) (contracts/lazyclaim/ERC1155LazyPayableClaim.sol#41-79): 0x26bbea7803dcac346d5f5f135b57cf2c752a02be $43,747.70 no 2 months ago 019c0ea9-08f1-726f-a59c-d9b65fc803ef
low codex Delegated merkle mints mint to msg.sender instead of mintFor 0x26bbea7803dcac346d5f5f135b57cf2c752a02be $43,747.70 no 2 months ago 019c0ea9-08f1-726f-a59c-d9b65fc803ef
medium slither Reentrancy in UniswapV3Pool.collectProtocol(address,uint128,uint128) (contracts/UniswapV3Pool.sol#848-868): 0xc3b9903f07c7b7614b9b5b490c7ce89bd688282e $43,752.75 no 2 months ago 019c0ea9-08ea-70fe-ab48-b337c339a3c7
medium slither Reentrancy in UniswapV3Pool.swap(address,bool,int256,uint160,bytes) (contracts/UniswapV3Pool.sol#596-788): 0xc3b9903f07c7b7614b9b5b490c7ce89bd688282e $43,752.75 no 2 months ago 019c0ea9-08ea-70fe-ab48-b337c339a3c7
high codex Authorization relies on tx.origin 0xde527099f9ecf94a67bc94c676694453f6bda781 $43,810.73 no 2 months ago 019c0ea9-08e3-7163-96ac-fbbb435f09e3
low codex CALL sites with computed targets/values (untrusted call surface uncertain) 0xde527099f9ecf94a67bc94c676694453f6bda781 $43,810.73 no 2 months ago 019c0ea9-08e3-7163-96ac-fbbb435f09e3
low codex Nonzero ETH value transfer possible via CALL 0xde527099f9ecf94a67bc94c676694453f6bda781 $43,810.73 no 2 months ago 019c0ea9-08e3-7163-96ac-fbbb435f09e3
medium slither Contract locking ether found: 0x0b57c3d5a7a93c3e9652459aff3c7fef792a7c2c $43,828.31 no 2 months ago 019c0ea9-08db-7251-a242-d503c3242510
medium codex CALLCODE with computed targets (delegatecall-like execution) 0xfdc77b9cb732eb8c896b152e28294521f5f62e67 $43,861.09 no 2 months ago 019c0ea9-08d3-73c7-9a5b-cdbf6695439c
medium codex Authorization uses tx.origin (phishing-prone) 0xfdc77b9cb732eb8c896b152e28294521f5f62e67 $43,861.09 no 2 months ago 019c0ea9-08d3-73c7-9a5b-cdbf6695439c
low codex Many external CALLs use computed target/value (untrusted call surface) 0xfdc77b9cb732eb8c896b152e28294521f5f62e67 $43,861.09 no 2 months ago 019c0ea9-08d3-73c7-9a5b-cdbf6695439c
high codex Proposal hash omits assetId, enabling cross-asset replay within the same vault 0x99571e95db76b5cbc986ad1044ac73a0a7a09e28 $43,892.15 no 2 months ago 019c0ea9-08cc-7154-a38a-1d2d33f60a5c
low codex Observer bitmap truncation if constructor sets >128 observers allows unlimited voting by high-index observers 0x99571e95db76b5cbc986ad1044ac73a0a7a09e28 $43,892.15 no 2 months ago 019c0ea9-08cc-7154-a38a-1d2d33f60a5c
medium slither Reentrancy in UniswapV3Pool.swap(address,bool,int256,uint160,bytes) (contracts/UniswapV3Pool.sol#596-788): 0x3afbae812f3c29b5926504250888415a01aac57f $43,895.02 no 2 months ago 019c0ea9-08c4-73fa-a21d-fb67c5117c7f
medium slither Reentrancy in UniswapV3Pool.collectProtocol(address,uint128,uint128) (contracts/UniswapV3Pool.sol#848-868): 0x3afbae812f3c29b5926504250888415a01aac57f $43,895.02 no 2 months ago 019c0ea9-08c4-73fa-a21d-fb67c5117c7f
medium codex CALLCODE to computed target can execute arbitrary logic in caller storage 0xbc27b882b65e40205efcb9373b11b06caa7c0f81 $44,034.33 no 2 months ago 019c0ea9-08bd-7012-bb9e-216b37447f5f
medium codex External CALLs with computed targets/values and no return checks 0xbc27b882b65e40205efcb9373b11b06caa7c0f81 $44,034.33 no 2 months ago 019c0ea9-08bd-7012-bb9e-216b37447f5f
high slither TokenDistributor.emergencyExecute(address,bytes) (contracts/distribution/TokenDistributor.sol#306-319) uses delegatecall to a input-controlled function id 0x1ca2007a81f8a7491bb6e11d8e357fd810896454 $44,058.05 no 2 months ago 019c0ea9-08b4-71da-b1cb-0a3294685f27
medium slither Reentrancy in TokenDistributor._transfer(ITokenDistributor.TokenType,address,address,uint256) (contracts/distribution/TokenDistributor.sol#361-389): 0x1ca2007a81f8a7491bb6e11d8e357fd810896454 $44,058.05 no 2 months ago 019c0ea9-08b4-71da-b1cb-0a3294685f27
medium codex Anyone can create a distribution for any party using global unaccounted balances, enabling front‑running theft of deposits 0x1ca2007a81f8a7491bb6e11d8e357fd810896454 $44,058.05 no 2 months ago 019c0ea9-08b4-71da-b1cb-0a3294685f27
medium slither Reentrancy in UniswapV3Pool.collectProtocol(address,uint128,uint128) (contracts/UniswapV3Pool.sol#848-868): 0x119f1bbb25e8894929229b592a98a328e039ae96 $44,108.97 no 2 months ago 019c0ea9-08ac-727e-b639-5b694e59a5d3
medium slither Reentrancy in UniswapV3Pool.swap(address,bool,int256,uint160,bytes) (contracts/UniswapV3Pool.sol#596-788): 0x119f1bbb25e8894929229b592a98a328e039ae96 $44,108.97 no 2 months ago 019c0ea9-08ac-727e-b639-5b694e59a5d3
medium slither Reentrancy in UniswapV3Pool.collectProtocol(address,uint128,uint128) (contracts/UniswapV3Pool.sol#848-868): 0x97bde121a739046a3f4ff88e4e4d4176af5e8c2d $44,118.27 no 2 months ago 019c0ea9-08a4-7246-9594-157d74fe16f4
medium slither Reentrancy in UniswapV3Pool.swap(address,bool,int256,uint160,bytes) (contracts/UniswapV3Pool.sol#596-788): 0x97bde121a739046a3f4ff88e4e4d4176af5e8c2d $44,118.27 no 2 months ago 019c0ea9-08a4-7246-9594-157d74fe16f4
medium slither Reentrancy in UniswapV3Pool.collectProtocol(address,uint128,uint128) (contracts/UniswapV3Pool.sol#848-868): 0x27f82c89b5380da1a39a8f4f2b56145256a98d34 $44,128.20 no 2 months ago 019c0ea9-089d-72c1-b9af-03353e367c20
medium slither Reentrancy in UniswapV3Pool.swap(address,bool,int256,uint160,bytes) (contracts/UniswapV3Pool.sol#596-788): 0x27f82c89b5380da1a39a8f4f2b56145256a98d34 $44,128.20 no 2 months ago 019c0ea9-089d-72c1-b9af-03353e367c20
medium slither Reentrancy in UniswapV3Pool.swap(address,bool,int256,uint160,bytes) (contracts/UniswapV3Pool.sol#596-788): 0x7a323515fe92b13e171407d371683f30d60cc0d8 $44,135.49 no 2 months ago 019c0ea9-0897-70fc-bb16-4cd704c6f678
medium slither Reentrancy in UniswapV3Pool.collectProtocol(address,uint128,uint128) (contracts/UniswapV3Pool.sol#848-868): 0x7a323515fe92b13e171407d371683f30d60cc0d8 $44,135.49 no 2 months ago 019c0ea9-0897-70fc-bb16-4cd704c6f678
medium slither Reentrancy in UniswapV3Pool.swap(address,bool,int256,uint160,bytes) (contracts/UniswapV3Pool.sol#596-788): 0x99950bae3d0b79b8bee86a8a208ae1b087b9dcb0 $44,156.33 no 2 months ago 019c0ea9-088f-704c-a082-c014221b2003
medium slither Reentrancy in UniswapV3Pool.collectProtocol(address,uint128,uint128) (contracts/UniswapV3Pool.sol#848-868): 0x99950bae3d0b79b8bee86a8a208ae1b087b9dcb0 $44,156.33 no 2 months ago 019c0ea9-088f-704c-a082-c014221b2003
medium codex Potential authorization based on tx.origin 0x7c0672f0b74b89d4e8cf928ed42064cc1ae57d5b $44,190.48 no 2 months ago 019c0ea9-0888-70f2-b5cc-602ce8b6093e
medium codex Computed CALL target/value allows potential arbitrary call/ETH transfer (context unclear) 0x44664edd1785266e8c5c23492dc73836136866bc $44,202.38 no 2 months ago 019c0ea9-0881-7272-8ad3-993262b19dcd
medium codex Partner share accounting double-counts 10% of team fee, creating insolvency risk 0xd7378939089abd6656d3f523bf55edcd2213332c $44,209.24 no 2 months ago 019c0ea9-087a-7236-bc5e-74b0177b1ff2
low codex Team pot distribution uses integer division before multiplication, effectively zeroing most payouts 0xd7378939089abd6656d3f523bf55edcd2213332c $44,209.24 no 2 months ago 019c0ea9-087a-7236-bc5e-74b0177b1ff2
medium codex Unbounded external oracle/ERC4626 rates can be manipulated to skew pricing 0x1220868672d5b10f3e1cb9ab519e4d0b08545ea4 $44,216.16 no 2 months ago 019c0ea9-0873-7027-8bad-1578e90d309c
low codex permit accepts malleable ECDSA signatures (no low‑s enforcement) 0x1220868672d5b10f3e1cb9ab519e4d0b08545ea4 $44,216.16 no 2 months ago 019c0ea9-0873-7027-8bad-1578e90d309c
medium codex External CALLs with computed target/value may allow arbitrary call/value forwarding 0x9665368f54e19e94adbd0780326871ce9660f61d $44,223.88 no 2 months ago 019c0ea9-086b-7039-af33-ba1f33f7260e
low codex ERC20 transfer/transferFrom calls do not appear to validate return data 0x9665368f54e19e94adbd0780326871ce9660f61d $44,223.88 no 2 months ago 019c0ea9-086b-7039-af33-ba1f33f7260e
low codex CREATE2 result appears unchecked 0x9665368f54e19e94adbd0780326871ce9660f61d $44,223.88 no 2 months ago 019c0ea9-086b-7039-af33-ba1f33f7260e
critical codex Untrusted DELEGATECALL target reachable (not a proxy) 0x3e2d7bf7f7b883e0ef771821d0b421529c5e97ff $44,239.52 no 2 months ago 019c0ea9-0863-70d8-91df-737c5ebff191
medium codex ETH value CALLs to computed targets 0x3e2d7bf7f7b883e0ef771821d0b421529c5e97ff $44,239.52 no 2 months ago 019c0ea9-0863-70d8-91df-737c5ebff191
medium codex Anyone can end another user’s matured stake, cutting off their future rewards 0xbc0043bc5b0c394d9d05d49768f9548f8cf9587b $44,257.70 no 2 months ago 019c0ea9-085c-723d-86d7-deacd328451d
low codex Share/accounting assumes full token transfer; deflationary tokens can break invariants 0xbc0043bc5b0c394d9d05d49768f9548f8cf9587b $44,257.70 no 2 months ago 019c0ea9-085c-723d-86d7-deacd328451d
medium slither Reentrancy in UniswapV3Pool.collectProtocol(address,uint128,uint128) (contracts/UniswapV3Pool.sol#848-868): 0x06904bcff4084899bb8cc5a7dd8c918fe81fb265 $44,333.77 no 2 months ago 019c0ea9-084e-73b3-b954-026d06619243