TW
Tripwire
Find contracts. Test them. Review real vulns.
Confirmed Findings
2,205
crit 60 high 1157
All Findings
46,184
Across all runs
Chain
1
Mainnet focus
Signal Mix
24239
high severity in results
Findings
filter + triage
Reset
Severity Tool Title Address Value USD Validated Confirmed Found Run
low codex Low-level CALL with computed target/value and unclear success enforcement 0xb0e5bea9f6e7e66e284bcfd47e354aa3484de62e $48,725.00 no 2 months ago 019be3d6-8282-7361-9368-6a167143af5d
medium codex Dynamic external CALLs with ETH value in selector 0xddca3f43 may be reachable without clear access control 0x05def6d34631bbdd35e212cb749cacaebf8c963d $48,728.11 no 2 months ago 019be3d6-8279-71c2-917d-11a31b51016c
low codex CALL success flag appears to be discarded before return-data checks 0x05def6d34631bbdd35e212cb749cacaebf8c963d $48,728.11 no 2 months ago 019be3d6-8279-71c2-917d-11a31b51016c
medium slither Reentrancy in UniswapV3Pool.swap(address,bool,int256,uint160,bytes) (contracts/UniswapV3Pool.sol#596-788): 0xc8219b876753a85025156b22176c2edea17aac53 $48,765.50 no 2 months ago 019be3d6-8270-7067-b971-3ac9683646ec
medium slither Reentrancy in UniswapV3Pool.collectProtocol(address,uint128,uint128) (contracts/UniswapV3Pool.sol#848-868): 0xc8219b876753a85025156b22176c2edea17aac53 $48,765.50 no 2 months ago 019be3d6-8270-7067-b971-3ac9683646ec
high slither KotoV3.bondLp(uint256) (src/KotoV3.sol#161-201) ignores return value by IERC20Minimal(pair).transferFrom(msg.sender,address(BOND_DEPOSITORY),_lpAmount) (src/KotoV3.sol#164) 0x64c7d8c8abf28daf9d441c507cfe9be678a0929c $48,840.97 no 2 months ago 019be3d6-8267-739c-b062-5f21bd63b2eb
medium slither Reentrancy in KotoV3.bondLp(uint256) (src/KotoV3.sol#161-201): 0x64c7d8c8abf28daf9d441c507cfe9be678a0929c $48,840.97 no 2 months ago 019be3d6-8267-739c-b062-5f21bd63b2eb
medium codex Bond market parameters derived from manipulable Uniswap spot reserves 0x64c7d8c8abf28daf9d441c507cfe9be678a0929c $48,840.97 no 2 months ago 019be3d6-8267-739c-b062-5f21bd63b2eb
low codex LP bonding does not verify LP token transfer success 0x64c7d8c8abf28daf9d441c507cfe9be678a0929c $48,840.97 no 2 months ago 019be3d6-8267-739c-b062-5f21bd63b2eb
medium codex Computed DELEGATECALL target (slot 0x13) with no detected access control 0xe9bb610e707a631e3460a9830821d3970a378166 $48,948.90 no 2 months ago 019be3d6-8257-7158-b579-591cc8b3ef79
high detector Untrusted CALL target/value reachable 0x40b45c2a9b30927292db21625de50de38f577c66 $0.00 no no 2 months ago 019be3d7-168b-7122-9efc-7b635b193209
high detector ETH value transfer possible 0x40b45c2a9b30927292db21625de50de38f577c66 $0.00 no no 2 months ago 019be3d7-168b-7122-9efc-7b635b193209
info cast Heavy CALL-family usage 0x40b45c2a9b30927292db21625de50de38f577c66 $0.00 no 2 months ago 019be3d7-168b-7122-9efc-7b635b193209
low codex Potential external CALL with value to computed target (reentrancy/funds risk if user-controlled) 0xbeb3e32355a933501c247e2dbde6e6ca2489bf3d $49,027.02 no 2 months ago 019be3d6-8246-7204-b331-1fa7006bb405
medium codex External CALLs use computed targets/values loaded from storage/mappings (value transfer possible) 0x205718799d502fe2c45d3afc91c3c8ccb5c0836f $49,035.70 no 2 months ago 019be3d6-823c-7170-bc2d-39f5e89bacf5
low codex Return data from external CALLs is not validated 0x205718799d502fe2c45d3afc91c3c8ccb5c0836f $49,035.70 no 2 months ago 019be3d6-823c-7170-bc2d-39f5e89bacf5
low codex EOA-only guard via EXTCODESIZE is bypassable 0x205718799d502fe2c45d3afc91c3c8ccb5c0836f $49,035.70 no 2 months ago 019be3d6-823c-7170-bc2d-39f5e89bacf5
medium slither Reentrancy in UniswapV3Pool.collectProtocol(address,uint128,uint128) (contracts/UniswapV3Pool.sol#848-868): 0x0a0b2c28470bf68a6144df04b08360559fb4aaf1 $49,178.79 no 2 months ago 019be3d6-821c-70c7-aa01-5b6763b19611
medium slither Reentrancy in UniswapV3Pool.swap(address,bool,int256,uint160,bytes) (contracts/UniswapV3Pool.sol#596-788): 0x0a0b2c28470bf68a6144df04b08360559fb4aaf1 $49,178.79 no 2 months ago 019be3d6-821c-70c7-aa01-5b6763b19611
medium slither Reentrancy in UniswapV3Pool.swap(address,bool,int256,uint160,bytes) (contracts/UniswapV3Pool.sol#596-788): 0x95b2d1e30ca8241d320d36d4a84ddf454ee55435 $49,183.52 no 2 months ago 019be3d6-8213-707b-92a8-acba5f94526e
medium slither Reentrancy in UniswapV3Pool.collectProtocol(address,uint128,uint128) (contracts/UniswapV3Pool.sol#848-868): 0x95b2d1e30ca8241d320d36d4a84ddf454ee55435 $49,183.52 no 2 months ago 019be3d6-8213-707b-92a8-acba5f94526e
low codex External CALL target/value derived from storage (potential arbitrary call/ETH transfer if mutable) 0xfffe68c44264aa02020e30298f58f0004afc1527 $49,317.91 no 2 months ago 019be3d6-820a-733c-b1d0-1bc4856cd0cf
low codex ERC20 operations via low-level CALL without return-data validation 0xfffe68c44264aa02020e30298f58f0004afc1527 $49,317.91 no 2 months ago 019be3d6-820a-733c-b1d0-1bc4856cd0cf
high slither ExchangeProxy.transferAll(TokenInterface,uint256) (contracts/Contract.sol#775-788) sends eth to arbitrary user 0x3e66b66fd1d0b02fda6c811da9e0547970db2f21 $49,401.65 no 2 months ago 019be3d6-8201-73d9-b7fe-2f43c4915ca9
medium codex Unlimited approvals to user-supplied pools allow token drain 0x3e66b66fd1d0b02fda6c811da9e0547970db2f21 $49,401.65 no 2 months ago 019be3d6-8201-73d9-b7fe-2f43c4915ca9
low codex Public swap functions can sweep any ERC20 balance held by the proxy 0x3e66b66fd1d0b02fda6c811da9e0547970db2f21 $49,401.65 no 2 months ago 019be3d6-8201-73d9-b7fe-2f43c4915ca9
low codex Initializer retains ADMIN_ROLE even when not the owner 0x377f2fd104692e592a5259cf75756037ae180fcb $49,600.00 no 2 months ago 019be3d6-81f6-7356-8bab-3144a73c2765
critical detector Untrusted DELEGATECALL target reachable 0x387a294a2b92387cf46714faa537f1f81d50c210 $0.00 no no 2 months ago 019be3d6-c7d2-72ca-99c8-428dc13e465f
high detector ETH value transfer possible 0x387a294a2b92387cf46714faa537f1f81d50c210 $0.00 no no 2 months ago 019be3d6-c7d2-72ca-99c8-428dc13e465f
high detector Untrusted CALL target/value reachable 0x387a294a2b92387cf46714faa537f1f81d50c210 $0.00 no no 2 months ago 019be3d6-c7d2-72ca-99c8-428dc13e465f
medium detector CREATE/CREATE2 reachable 0x387a294a2b92387cf46714faa537f1f81d50c210 $0.00 no no 2 months ago 019be3d6-c7d2-72ca-99c8-428dc13e465f
medium cast DELEGATECALL present 0x387a294a2b92387cf46714faa537f1f81d50c210 $0.00 no 2 months ago 019be3d6-c7d2-72ca-99c8-428dc13e465f
low cast Contract creation opcode present 0x387a294a2b92387cf46714faa537f1f81d50c210 $0.00 no 2 months ago 019be3d6-c7d2-72ca-99c8-428dc13e465f
high slither Reentrancy in WOREPrivateSale.withdraw() (contracts/Contract.sol#435-456): 0xe617f1722955706bc487257439d9d61fd3a991a4 $49,600.00 no 2 months ago 019be3d6-81eb-73d7-8def-05c4bf0dd337
high slither WOREPrivateSale.withdraw() (contracts/Contract.sol#435-456) sends eth to arbitrary user 0xe617f1722955706bc487257439d9d61fd3a991a4 $49,600.00 no 2 months ago 019be3d6-81eb-73d7-8def-05c4bf0dd337
high codex LAST_SUPPLY is reset instead of incremented, enabling repeated withdrawals of the same tranche 0xe617f1722955706bc487257439d9d61fd3a991a4 $49,600.00 no 2 months ago 019be3d6-81eb-73d7-8def-05c4bf0dd337
medium codex Delegatecall to fixed external target makes logic mutable if the target is upgradeable or replaceable 0xc728a64af23f8e14edf7aa138c8650b3c6d31d57 $49,600.00 no 2 months ago 019be3d6-81e1-73bd-9b15-a6f6a2c49776
medium codex ERC20 transfer return values are ignored, allowing silent claim/withdraw failures 0x0e9d8e14293dd069690c1addbf51b61b4dca2f96 $49,683.22 no 2 months ago 019be3d6-81d7-72e0-84fc-df4ccf623604
low codex Whitelist signatures lack domain separation, enabling cross‑contract/chain replay 0x0e9d8e14293dd069690c1addbf51b61b4dca2f96 $49,683.22 no 2 months ago 019be3d6-81d7-72e0-84fc-df4ccf623604
high detector Untrusted CALL target/value reachable 0x6097a40e38fa1aeea072babfaadea1f513e970a8 $0.00 no no 2 months ago 019be3d6-b2a2-72f8-8ed2-aa2958ed78a5
high detector ETH value transfer possible 0x6097a40e38fa1aeea072babfaadea1f513e970a8 $0.00 no no 2 months ago 019be3d6-b2a2-72f8-8ed2-aa2958ed78a5
medium slither Reentrancy in UniswapV3Pool.swap(address,bool,int256,uint160,bytes) (contracts/UniswapV3Pool.sol#596-788): 0x31c0ba10e4e12be6cdceb612e5e829d977532bfc $49,703.41 no 2 months ago 019be3d6-81ce-71e5-8540-828ca497aae9
medium slither Reentrancy in UniswapV3Pool.collectProtocol(address,uint128,uint128) (contracts/UniswapV3Pool.sol#848-868): 0x31c0ba10e4e12be6cdceb612e5e829d977532bfc $49,703.41 no 2 months ago 019be3d6-81ce-71e5-8540-828ca497aae9
medium codex Liquidity deploys at attacker-controlled ratio if a pair already exists (no slippage / reserve checks) 0x15d94ec1c8e98812dac23bf6a341bd6c83e4cb11 $49,717.80 no 2 months ago 019be3d6-81c4-7091-b835-57b1fa52d217
medium codex Liquidity deployment can be DoS’d by forcing ETH refunds to a contract with no receive() 0x15d94ec1c8e98812dac23bf6a341bd6c83e4cb11 $49,717.80 no 2 months ago 019be3d6-81c4-7091-b835-57b1fa52d217
high detector Authorization based on tx.origin 0xe3fef783783f97c7647c1f108d1c561e5ec13f92 $46,280.85 no 2 months ago 019be3d6-8551-7286-84a9-a94929610231
medium detector ETH value transfer possible 0xe3fef783783f97c7647c1f108d1c561e5ec13f92 $46,280.85 no no 2 months ago 019be3d6-8551-7286-84a9-a94929610231
medium detector Untrusted CALL target/value reachable 0xe3fef783783f97c7647c1f108d1c561e5ec13f92 $46,280.85 no no 2 months ago 019be3d6-8551-7286-84a9-a94929610231
info cast Heavy EXTCODE*/BALANCE usage 0xe3fef783783f97c7647c1f108d1c561e5ec13f92 $46,280.85 no 2 months ago 019be3d6-8551-7286-84a9-a94929610231
info cast Heavy CALL-family usage 0xe3fef783783f97c7647c1f108d1c561e5ec13f92 $46,280.85 no 2 months ago 019be3d6-8551-7286-84a9-a94929610231