TW
Tripwire
Find contracts. Test them. Review real vulns.
Confirmed Findings
2,205
crit 60 high 1157
All Findings
46,184
Across all runs
Chain
1
Mainnet focus
Signal Mix
24239
high severity in results
Findings
filter + triage
Reset
Quick filters: candidate lane confirmed only critical high detector codex
Severity Tool Title Address Value USD Validated Confirmed Found Run
medium codex External CALL with value to computed target (untrusted) and no guard detected 0x3011e9752e6fe7031cefcc9d424ebabacb28c1ce $46,628.12 no 2 months ago 019be3d6-84ac-713f-9aba-70b18142c908
medium codex Ownership slot update appears without detected authorization checks 0x3011e9752e6fe7031cefcc9d424ebabacb28c1ce $46,628.12 no 2 months ago 019be3d6-84ac-713f-9aba-70b18142c908
low codex External CALLs use computed targets and can send ETH (target allowlist unclear from bytecode) 0x9b9c3ec4fee4a731a791019f864a839f82bb56dd $46,715.87 no 2 months ago 019be3d6-84a3-7326-b600-b1dc1f53377a
low codex External ERC20 calls do not validate return values 0xa6f38924b30d10a4cad7601cc13820cb53efc4f9 $46,835.19 no 2 months ago 019be3d6-849a-70ac-aa79-3872e5f41725
critical codex Untrusted DELEGATECALL target reachable (arbitrary code execution risk) 0x30689375f7ae75fb85d3a9cb7058ff231dd9f91c $46,862.02 no 2 months ago 019be3d6-8492-73c8-8ec4-edb49b23a550
high codex SELFDESTRUCT sends funds to CALLER 0x30689375f7ae75fb85d3a9cb7058ff231dd9f91c $46,862.02 no 2 months ago 019be3d6-8492-73c8-8ec4-edb49b23a550
medium codex Multiple CALLs with computed target/value (reentrancy or arbitrary transfer risk) 0x30689375f7ae75fb85d3a9cb7058ff231dd9f91c $46,862.02 no 2 months ago 019be3d6-8492-73c8-8ec4-edb49b23a550
high slither TimelockController._execute(address,uint256,bytes) (contracts/Contract.sol#1485-1491) sends eth to arbitrary user 0x528fb7f75384ec26c1a65c088b637f0d1bf35702 $46,873.00 no 2 months ago 019be3d6-8489-7000-bd40-224825ebd461
high slither Reentrancy in TimelockController.executeBatch(address[],uint256[],bytes[],bytes32,bytes32) (contracts/Contract.sol#1458-1483): 0x528fb7f75384ec26c1a65c088b637f0d1bf35702 $46,873.00 no 2 months ago 019be3d6-8489-7000-bd40-224825ebd461
high slither Reentrancy in TimelockController.execute(address,uint256,bytes,bytes32,bytes32) (contracts/Contract.sol#1437-1448): 0x528fb7f75384ec26c1a65c088b637f0d1bf35702 $46,873.00 no 2 months ago 019be3d6-8489-7000-bd40-224825ebd461
low codex Deployer retains TIMELOCK_ADMIN_ROLE, enabling immediate role changes outside timelock 0x528fb7f75384ec26c1a65c088b637f0d1bf35702 $46,873.00 no 2 months ago 019be3d6-8489-7000-bd40-224825ebd461
high slither PharaGoddess._withdraw(address,uint256) (contracts/Contract.sol#2005-2007) sends eth to arbitrary user 0x147aa9ada01b70c4c8c8b89b06afe767908aced7 $46,931.90 no 2 months ago 019be3d6-8480-72cd-9e22-b654093a3ebf
high slither Reentrancy in PharaGoddess.withdrawFund() (contracts/Contract.sol#1996-2004): 0x147aa9ada01b70c4c8c8b89b06afe767908aced7 $46,931.90 no 2 months ago 019be3d6-8480-72cd-9e22-b654093a3ebf
medium slither Reentrancy in PharaGoddess.presaleMint(uint256,uint8,bytes32,bytes32) (contracts/Contract.sol#1924-1964): 0x147aa9ada01b70c4c8c8b89b06afe767908aced7 $46,931.90 no 2 months ago 019be3d6-8480-72cd-9e22-b654093a3ebf
medium slither Reentrancy in PharaGoddess.publicSaleMint(uint256) (contracts/Contract.sol#1964-1980): 0x147aa9ada01b70c4c8c8b89b06afe767908aced7 $46,931.90 no 2 months ago 019be3d6-8480-72cd-9e22-b654093a3ebf
medium slither Reentrancy in ERC721A._mint(address,uint256,bytes,bool) (contracts/Contract.sol#1386-1438): 0x147aa9ada01b70c4c8c8b89b06afe767908aced7 $46,931.90 no 2 months ago 019be3d6-8480-72cd-9e22-b654093a3ebf
medium slither Reentrancy in PharaGoddess.reservedMint(uint256,address) (contracts/Contract.sol#1986-1990): 0x147aa9ada01b70c4c8c8b89b06afe767908aced7 $46,931.90 no 2 months ago 019be3d6-8480-72cd-9e22-b654093a3ebf
high codex Royalty accounting lets newly minted tokens claim past rewards 0x147aa9ada01b70c4c8c8b89b06afe767908aced7 $46,931.90 no 2 months ago 019be3d6-8480-72cd-9e22-b654093a3ebf
medium slither Reentrancy in UniswapV3Pool.collectProtocol(address,uint128,uint128) (contracts/UniswapV3Pool.sol#848-868): 0xf77f281680421bb6358978060ae5b064b7aa5740 $46,936.41 no 2 months ago 019be3d6-8478-70a1-afca-1110fd9fc08e
medium slither Reentrancy in UniswapV3Pool.swap(address,bool,int256,uint160,bytes) (contracts/UniswapV3Pool.sol#596-788): 0xf77f281680421bb6358978060ae5b064b7aa5740 $46,936.41 no 2 months ago 019be3d6-8478-70a1-afca-1110fd9fc08e
medium codex Configurable safeSend gas enables reentrancy before accounting updates 0xe8a51be86ad96447d45ddeddc55013f25157688c $46,950.88 no 2 months ago 019be3d6-846c-719a-925b-75105823bfc2
low codex Unchecked Oraclize query ID can lock bets when price is unexpectedly high 0xe8a51be86ad96447d45ddeddc55013f25157688c $46,950.88 no 2 months ago 019be3d6-846c-719a-925b-75105823bfc2
high slither Batch.batch(bytes[]) (node_modules/@sablier/evm-utils/src/Batch.sol#13-34) has delegatecall inside a loop in a payable function: (success,result) = address(this).delegatecall(ca... 0x7a86d3e6894f9c5b5f25ffbdaae658cfc7569623 $46,956.22 no 2 months ago 019be3d6-8451-73ae-9304-bf01aa16f7fb
high slither SablierFlowState._streams (src/abstracts/SablierFlowState.sol#32) is never initialized. It is used in: 0x7a86d3e6894f9c5b5f25ffbdaae658cfc7569623 $46,956.22 no 2 months ago 019be3d6-8451-73ae-9304-bf01aa16f7fb
high slither SablierFlowState.aggregateAmount (src/abstracts/SablierFlowState.sol#20) is never initialized. It is used in: 0x7a86d3e6894f9c5b5f25ffbdaae658cfc7569623 $46,956.22 no 2 months ago 019be3d6-8451-73ae-9304-bf01aa16f7fb
high slither Comptrollerable.transferFeesToComptroller() (node_modules/@sablier/evm-utils/src/Comptrollerable.sol#62-74) sends eth to arbitrary user 0x7a86d3e6894f9c5b5f25ffbdaae658cfc7569623 $46,956.22 no 2 months ago 019be3d6-8451-73ae-9304-bf01aa16f7fb
medium codex Computed external CALLs with possible ETH value transfer 0x8f1bd425c64725013ebc98efc246c8f60da8812d $46,974.29 no 2 months ago 019be3d6-8449-73e8-b404-c5a444d506e6
low codex No access-control guards detected on state-modifying functions 0x8f1bd425c64725013ebc98efc246c8f60da8812d $46,974.29 no 2 months ago 019be3d6-8449-73e8-b404-c5a444d506e6
low codex ERC20 approve race allows double-spend of allowance 0xb8c77482e45f1f44de1745f52c74426c631bdd52 $46,980.15 no 2 months ago 019be3d6-8440-70da-9fb5-83113843d72c
medium codex MF_ONE pricing relies on unbounded/stale oracle values, enabling share mispricing 0xc9ecc74110850168fc7373c2586e5a525b02b02f $47,048.85 no 2 months ago 019be3d6-842f-702c-a179-72c42be44b63
low codex Rapid withdrawal refunds do not restore user limits 0xc9ecc74110850168fc7373c2586e5a525b02b02f $47,048.85 no 2 months ago 019be3d6-842f-702c-a179-72c42be44b63
high detector Untrusted DELEGATECALL target reachable 0x71ea0eb2605bd63fe69012a60c75bdbd22e8b3d3 $0.00 yes yes 2 months ago 019be3d8-dab2-7125-9844-e6c896367631
high detector Authorization based on tx.origin 0x71ea0eb2605bd63fe69012a60c75bdbd22e8b3d3 $0.00 no 2 months ago 019be3d8-dab2-7125-9844-e6c896367631
medium detector CREATE/CREATE2 reachable 0x71ea0eb2605bd63fe69012a60c75bdbd22e8b3d3 $0.00 no no 2 months ago 019be3d8-dab2-7125-9844-e6c896367631
medium detector ETH value transfer possible 0x71ea0eb2605bd63fe69012a60c75bdbd22e8b3d3 $0.00 no no 2 months ago 019be3d8-dab2-7125-9844-e6c896367631
medium detector Untrusted CALL target/value reachable 0x71ea0eb2605bd63fe69012a60c75bdbd22e8b3d3 $0.00 no no 2 months ago 019be3d8-dab2-7125-9844-e6c896367631
medium cast DELEGATECALL present 0x71ea0eb2605bd63fe69012a60c75bdbd22e8b3d3 $0.00 no 2 months ago 019be3d8-dab2-7125-9844-e6c896367631
low cast Contract creation opcode present 0x71ea0eb2605bd63fe69012a60c75bdbd22e8b3d3 $0.00 no 2 months ago 019be3d8-dab2-7125-9844-e6c896367631
info cast Heavy EXTCODE*/BALANCE usage 0x71ea0eb2605bd63fe69012a60c75bdbd22e8b3d3 $0.00 no 2 months ago 019be3d8-dab2-7125-9844-e6c896367631
info cast Heavy CALL-family usage 0x71ea0eb2605bd63fe69012a60c75bdbd22e8b3d3 $0.00 no 2 months ago 019be3d8-dab2-7125-9844-e6c896367631
medium slither Reentrancy in UniswapV3Pool.collectProtocol(address,uint128,uint128) (contracts/UniswapV3Pool.sol#848-868): 0x269a70a223f215f31acd4d91f52a3ef99113475e $47,081.08 no 2 months ago 019be3d6-841e-7355-8d2f-8c648bf8b58c
medium slither Reentrancy in UniswapV3Pool.swap(address,bool,int256,uint160,bytes) (contracts/UniswapV3Pool.sol#596-788): 0x269a70a223f215f31acd4d91f52a3ef99113475e $47,081.08 no 2 months ago 019be3d6-841e-7355-8d2f-8c648bf8b58c
medium slither Reentrancy in UniswapV3Pool.swap(address,bool,int256,uint160,bytes) (contracts/UniswapV3Pool.sol#596-788): 0x7090cc8dfa04b0bbac6520063c9c1ea677c368a0 $47,147.55 no 2 months ago 019be3d6-8415-716b-b745-e535a41d563b
medium slither Reentrancy in UniswapV3Pool.collectProtocol(address,uint128,uint128) (contracts/UniswapV3Pool.sol#848-868): 0x7090cc8dfa04b0bbac6520063c9c1ea677c368a0 $47,147.55 no 2 months ago 019be3d6-8415-716b-b745-e535a41d563b
high detector Authorization based on tx.origin 0xa0d828a754961ff78e733701eb98d22084db242c $0.00 no 2 months ago 019be3d8-bb60-7023-94d5-bc2e86082ed0
medium detector ETH value transfer possible 0xa0d828a754961ff78e733701eb98d22084db242c $0.00 no no 2 months ago 019be3d8-bb60-7023-94d5-bc2e86082ed0
medium detector Untrusted CALL target/value reachable 0xa0d828a754961ff78e733701eb98d22084db242c $0.00 no no 2 months ago 019be3d8-bb60-7023-94d5-bc2e86082ed0
info cast Heavy CALL-family usage 0xa0d828a754961ff78e733701eb98d22084db242c $0.00 no 2 months ago 019be3d8-bb60-7023-94d5-bc2e86082ed0
info cast Heavy EXTCODE*/BALANCE usage 0xa0d828a754961ff78e733701eb98d22084db242c $0.00 no 2 months ago 019be3d8-bb60-7023-94d5-bc2e86082ed0
medium codex Dividend per-token calculation over-scales by 1e18, causing massive payouts or overflow 0xc16b542ff490e01fcc0dc58a60e1efdc3e357ca6 $47,233.83 no 2 months ago 019be3d6-83fb-70cc-861b-5b64aafec5b5