TW
Tripwire
Find contracts. Test them. Review real vulns.
Confirmed Findings
2,205
crit 60 high 1157
All Findings
46,184
Across all runs
Chain
1
Mainnet focus
Signal Mix
24239
high severity in results
Findings
filter + triage
Reset
Quick filters: candidate lane confirmed only critical high detector codex
Severity Tool Title Address Value USD Validated Confirmed Found Run
critical detector Untrusted DELEGATECALL target reachable 0xd21b6bc0a1434aef8cf468a20bf2daefcaf6eab9 $518,336.57 no no 3 months ago 019ba8a4-ffbb-7160-9ad5-a4d9d0608bd9
critical detector Untrusted DELEGATECALL target reachable 0x2ee8e8d7c113bb7c180f4755f06ed50be53bede5 $653,807.06 no no 3 months ago 019ba8a4-ffa9-70d4-939b-c5365e6d097a
critical detector Untrusted DELEGATECALL target reachable 0x85b78aca6deae198fbf201c82daf6ca21942acc6 $784,384.61 no no 3 months ago 019ba8a4-ff87-709d-be74-79283e2c8129
critical detector Untrusted DELEGATECALL target reachable 0xe1de9910fe71cc216490ac7fcf019e13a34481d7 $903,985.99 no no 3 months ago 019ba8a4-ff7e-7155-9809-4c3afb3119cb
critical detector Untrusted DELEGATECALL target reachable 0x3b2fdfdefe919dbcce0bc5ac426097d5523b8afa $0.00 yes yes 3 months ago 019ba604-f88d-7346-8af6-537c692a5993
critical detector Untrusted DELEGATECALL target reachable 0x3b2fdfdefe919dbcce0bc5ac426097d5523b8afa $0.00 yes yes 3 months ago 019ba602-f5e9-71d6-94bb-617cb6b46bd7
critical detector Untrusted DELEGATECALL target reachable 0x3b2fdfdefe919dbcce0bc5ac426097d5523b8afa $0.00 yes yes 3 months ago 019ba5ff-aa01-7146-9cf1-5d71dddac2dc
critical detector Untrusted DELEGATECALL target reachable 0x05de8ecffcdf28304bfe8f1bb418fbfe6da3fe67 $0.00 no no 3 months ago 019ba5fa-5b78-70ef-8155-d03115bc1822
critical detector Untrusted DELEGATECALL target reachable 0xde4d0329db2c046b8ba35180822aeeccf63d3294 $0.00 no no 3 months ago 019ba5fa-547c-72a6-8e94-01a46539c496
critical detector Untrusted DELEGATECALL target reachable 0xb53a6c402b0d4fb6c7aa59b7d8fbd2e884fbf3bc $0.00 no no 3 months ago 019ba5fa-1483-73fb-a532-005ff3cbc14c
critical detector Untrusted DELEGATECALL target reachable 0xdccb086f2d42ba92389154337ee28f7193f179f6 $0.00 no no 3 months ago 019ba5f9-f5c7-7030-b5c7-0aeef0ebf15f
critical detector Untrusted DELEGATECALL target reachable 0x3b2fdfdefe919dbcce0bc5ac426097d5523b8afa $0.00 yes yes 3 months ago 019ba5f9-e3c9-73f1-820e-290e26bec0f9
critical detector Untrusted DELEGATECALL target reachable 0x0d4784d7527769845be1007c61f990785a95f2a8 $998,901.00 no no 3 months ago 019ba5f9-b75e-7316-9e6d-1c5f8c9dc28c
critical detector Untrusted DELEGATECALL target reachable 0x77777777dcc4d5a8b6e418fd04d8997ef11000ee $999,938.70 no no 3 months ago 019ba5f9-b759-72d7-98bf-cd9623e00924
critical detector Untrusted DELEGATECALL target reachable 0x4aedc117527fd270d4d56aa32f2e4e532547c8dc $1,036,701.39 no no 3 months ago 019ba5f9-b753-732e-91d0-0b50d0b80aee
critical detector Untrusted DELEGATECALL target reachable 0xab3629ee871fa241fc39b514eebef0a23048709c $1,207,241.19 no no 3 months ago 019ba5f9-b73c-7293-9937-14ce1d37aa3e
critical detector Untrusted DELEGATECALL target reachable 0x5d6e53c42e3b37f82f693937bc508940769c5caf $1,490,885.65 no no 3 months ago 019ba5f9-b72d-7333-a07e-2bd8e4597b86
critical detector Untrusted DELEGATECALL target reachable 0x163907a71f55c2d29cdc4e36cadd0f09847d4fe1 $2,185,365.44 no no 3 months ago 019ba5f9-b727-73db-9580-ac316ee6fc2b
critical detector Untrusted DELEGATECALL target reachable 0x729970a33b1680b763f941aa2da9fa46c5dbdf5a $2,293,858.24 no no 3 months ago 019ba5f9-b721-70b2-a2e5-08855a62110a
critical detector Untrusted DELEGATECALL target reachable 0x34f64b5e7fbc9c04fe8f361bd73b5cde5afe28b7 $2,835,304.72 no no 3 months ago 019ba5f9-b708-71c5-b45a-80456610b70c
critical detector Untrusted DELEGATECALL target reachable 0xa1ce84069e5ac305075b0d54ebc12389bf674d18 $3,204,237.26 no no 3 months ago 019ba5f9-b701-7303-b153-607110ef1c3b
critical detector Untrusted DELEGATECALL target reachable 0xd9a442856c234a39a81a089c06451ebaa4306a72 $5,004,450.26 no no 3 months ago 019ba5f9-b6f2-73cc-88bb-9d9c944f01e5
critical detector Untrusted DELEGATECALL target reachable 0xd8a791fe2be73eb6e6cf1eb0cb3f36adc9b3f8f9 $9,174,634.16 no no 3 months ago 019ba5f9-b6e4-7254-bc5a-29c8bb1f7b7e
critical detector Untrusted DELEGATECALL target reachable 0x4c21b7577c8fe8b0b0669165ee7c8f67fa1454cf $9,549,093.92 no no 3 months ago 019ba5f9-b6df-7139-8f45-dabd43077c6f
critical detector Untrusted DELEGATECALL target reachable 0xf56eb5350306233247aa7d477e1a1116dd2c29ca $14,303,288.16 no no 3 months ago 019ba5f9-b6d3-71f7-bc02-e70d180340b6
critical detector Untrusted DELEGATECALL target reachable 0xf2d4766ad705e3a5c9ba5b0436b473085f82f82f $15,451,957.77 no no 3 months ago 019ba5f9-b6c5-71b1-91e7-5cc62b5367ce
critical detector Untrusted DELEGATECALL target reachable 0xdbe46a02322e636b92296954637e1d7db9d5ed26 $25,000,245.21 no no 3 months ago 019ba5f6-42bf-719f-8d46-bc18622e1800
critical detector Untrusted DELEGATECALL target reachable 0x4121217c238db06e942f3d87371106d30d0f8c84 $30,975,769.01 no no 3 months ago 019ba5f5-e082-7271-bb36-09bd13c00fec
critical detector Untrusted DELEGATECALL target reachable 0x0edd5b0de0fe748be331186bf0aa878f47f601db $31,659,754.43 no no 3 months ago 019ba5f5-1b07-7199-be48-703419dbd112
critical detector Untrusted DELEGATECALL target reachable 0xaab0039de2a8dba8696ee4d42c0d1aa30d7e1059 $50,000,223.00 no no 3 months ago 019ba5f4-354e-73b5-8e3f-e956181dd271
critical detector Untrusted DELEGATECALL target reachable 0xe3cbd06d7dadb3f4e6557bab7edd924cd1489e8f $51,130,652.31 no no 3 months ago 019ba5ca-c41d-73c2-8d74-6b616da61ddb
critical detector Untrusted DELEGATECALL target reachable 0xf207b2f9f9417fc73cad069f7aa5ae1c6a5b428d $55,216,062.40 yes 3 months ago 019ba5b8-1c4c-7169-aef9-a25066552b6e
critical detector Untrusted DELEGATECALL target reachable 0xf207b2f9f9417fc73cad069f7aa5ae1c6a5b428d $55,216,062.40 yes 3 months ago 019ba598-8769-7224-ad4c-1fe3fed93f25
critical detector Untrusted DELEGATECALL target reachable 0xf207b2f9f9417fc73cad069f7aa5ae1c6a5b428d $55,216,062.40 yes 3 months ago 019ba594-4d38-726a-8e88-34cf736dcac0
critical codex Unprotected genesis/commit address initialization enables delegatecall takeover and fund drain 0xf2c351f22b148a9ff583a0f81701471a74e7338e $0.00 no 3 months ago 64fdfe11-456e-45f6-8615-c93b752c18eb
critical codex Unrestricted batch transfer allows draining ETH/ERC20 balances 0x30e3da29d03702ef45d2765feaa6e98b89195241 $0.00 no 3 months ago 73577ec6-1e74-4f61-9fee-a5ebf7f88ac0
critical codex Unprotected initializer allows ownership takeover if the contract is uninitialized 0xcd0eb8b89c43c3654b4f8d83eb38149327c1107c $0.00 no 3 months ago f517204f-a968-4a9f-8960-e187c975c3b2
critical codex Unprotected initialize allows ownership takeover and forged message withdrawals 0x341786048479f9f6ab7555e08ca2cdc4005ddec9 $0.00 no 3 months ago c39ceeb7-70db-44e9-8e1f-07ef0170dbac
critical codex Signature threshold can round down to zero, allowing proofs with no signatures on small validator sets 0x76bac85e1e82cd677faa2b3f00c4a2626c4c6e32 $131,004.64 no 3 months ago 61b6e8d3-1c26-43a5-ac80-2116ec147eeb
critical codex Unprotected external initializer enables ownership takeover and ETH drain if uninitialized 0x28083d8bce883aa7b70130c915cd4308448a6f1e $0.00 no 3 months ago 2763da7f-91ba-434d-8942-6b9a4e4ee8c5
critical codex Reentrant reward payout lets attackers claim the same rewards multiple times 0x60510caf94f3001651e3e83f5e0ebdd303758aae $139,150.78 no 3 months ago aaad28a3-b6c9-4817-a4d8-9f7fbf189252
critical codex Unprotected `setGenesisRootAndAddresses` lets attacker install malicious `zkSeaAddress` facet and drain funds via delegatecall 0x467a2b91f231d930f5eeb6b982c7666e81da8626 $0.00 no 3 months ago 95d6fcb3-dc31-4ad0-aad7-6796cf5b54e9
critical codex Reentrant splitDAO via withdrawRewardFor drains the main DAO balance 0xbb9bc244d798123fde783fcc1c72d3bb8c189413 $142,099.48 no 3 months ago 839a0dce-7e4a-416f-a10e-f6ca70c4e5cb
critical codex Uninitialized Bridge allows empty-signature withdrawals and/or initializer takeover 0x3f2e4e5a70f2a424d7c4e4e0323c878c77c20537 $0.00 no 3 months ago eca47d9b-d28d-4264-9f5c-73a33983661b
critical codex Unprotected initialize allows first caller to become sole signer and drain funds 0x43ffaa65fe273d2ef9edd78418091d41b1aa40e8 $0.00 no 3 months ago ce2e5a9a-c215-43ce-a3dd-14690402b335
critical codex Unprotected init() lets attacker become admin/executor and drain bridge funds 0x1bda1227875f0f8bb27625dd720f386b40003e14 $0.00 no 3 months ago 66199f28-d28d-4899-b8fd-5a726218d9b3
critical codex Unrestricted TokenGrant.receiveApproval lets anyone drain approved holders by creating grants to themselves 0xdf708431162ba247ddae362d2c919e0fbafcf9de $184,295.42 no 3 months ago 255dad02-bda3-4c93-9044-1ca2dfacc23f
critical codex Staking token can be selected as reward token, letting attacker withdraw all staked principal as rewards 0xa383c8390adbcd387db93babdf3f30308391bd57 $184,984.11 no 3 months ago e413baba-c804-4c21-b0e4-6aac90a2379e
critical codex Unprotected initialize enables attacker-controlled messenger and bridge takeover 0xa037b01bf218e87144446e9e87dd9dc58033fb57 $0.00 no 3 months ago 3fa32ee3-f6ed-4978-87cd-d4efcb7979e3
critical codex Refund logic never consumes PANDA or enforces refundMap, enabling unlimited ETH redemptions 0x229cc0a81a1d6b4a2fc1452b3bd166462216e3f3 $216,476.99 no 3 months ago 50bc5866-a202-48b6-a7cd-e3e4d18a6a4c