TW
Tripwire
Find contracts. Test them. Review real vulns.
Confirmed Findings
2,205
crit 60 high 1157
All Findings
46,184
Across all runs
Chain
1
Mainnet focus
Signal Mix
24239
high severity in results
Findings
filter + triage
Reset
Quick filters: candidate lane confirmed only critical high detector codex
Severity Tool Title Address Value USD Validated Confirmed Found Run
medium codex `withdraw_admin_fees` can be reentered via token callback before state is updated 0x828b154032950c8ff7cf8085d841723db2696056 $54,741.24 no 3 months ago 019bb004-7b45-70c7-adb3-d1c5cb2846d2
low codex Admin fee withdrawal ignores ERC20 return values and can zero fees on failed transfer 0x828b154032950c8ff7cf8085d841723db2696056 $54,741.24 no 3 months ago 019bb004-7b45-70c7-adb3-d1c5cb2846d2
medium detector Untrusted CALL target/value reachable 0x24d937143d3f5cf04c72ba112735151a8cae2262 $0.00 no no 3 months ago 019bb005-2254-73e9-85d1-87e7597e1544
medium detector ETH value transfer possible 0x24d937143d3f5cf04c72ba112735151a8cae2262 $0.00 no no 3 months ago 019bb005-2254-73e9-85d1-87e7597e1544
info cast Heavy CALL-family usage 0x24d937143d3f5cf04c72ba112735151a8cae2262 $0.00 no 3 months ago 019bb005-2254-73e9-85d1-87e7597e1544
low codex Computed CALL targets/values may allow untrusted external calls with ETH 0x10fc064739ecef0a076ccce5de283b5a9e74faf6 $54,745.39 no 3 months ago 019bb004-7b3d-70c2-b93c-a100cd2b8bc6
medium detector ETH value transfer possible 0x86e3f7bd35bbd635bd41834c73356e1d9803e53b $0.00 no no 3 months ago 019bb005-1c17-7327-878c-60f8b94db434
medium detector Untrusted CALL target/value reachable 0x86e3f7bd35bbd635bd41834c73356e1d9803e53b $0.00 no no 3 months ago 019bb005-1c17-7327-878c-60f8b94db434
info cast Heavy EXTCODE*/BALANCE usage 0x86e3f7bd35bbd635bd41834c73356e1d9803e53b $0.00 no 3 months ago 019bb005-1c17-7327-878c-60f8b94db434
info cast Heavy CALL-family usage 0x86e3f7bd35bbd635bd41834c73356e1d9803e53b $0.00 no 3 months ago 019bb005-1c17-7327-878c-60f8b94db434
high slither BoringVault.enter(address,ERC20,uint256,address,uint256) (src/base/BoringVault.sol#74-85) uses arbitrary from in transferFrom: asset.safeTransferFrom(from,address(this),assetAmo... 0xca8711daf13d852ed2121e4be3894dae366039e4 $54,748.03 no 3 months ago 019bb004-7b35-70a1-8081-d112e32cc9e2
low codex External CALLs use computed target/value; untrusted-call and reentrancy risk depends on target control 0xd2fe354cfebaa06f2140f13b66d0b3e1fc3ceec0 $54,874.97 no 3 months ago 019bb004-7b2e-72f1-98f3-d97b5c502053
critical detector Untrusted DELEGATECALL target reachable 0x9cea88ee39b6cc09c478942bbf83bfa77d87b5f3 $0.00 no no 3 months ago 019bb005-067a-72f6-9cc1-461f0f1a0847
high detector ETH value transfer possible 0x9cea88ee39b6cc09c478942bbf83bfa77d87b5f3 $0.00 no no 3 months ago 019bb005-067a-72f6-9cc1-461f0f1a0847
high detector Untrusted CALL target/value reachable 0x9cea88ee39b6cc09c478942bbf83bfa77d87b5f3 $0.00 no no 3 months ago 019bb005-067a-72f6-9cc1-461f0f1a0847
medium cast DELEGATECALL present 0x9cea88ee39b6cc09c478942bbf83bfa77d87b5f3 $0.00 no 3 months ago 019bb005-067a-72f6-9cc1-461f0f1a0847
high codex Computed DELEGATECALL target controlled by storage slot0 0x05ff2b0db69458a0750badebc4f9e13add608c7f $55,111.44 no 3 months ago 019bb004-7b0f-73a8-8090-aaa6e87c7325
medium codex Implementation stored in slot0 risks storage collision with delegated logic 0x05ff2b0db69458a0750badebc4f9e13add608c7f $55,111.44 no 3 months ago 019bb004-7b0f-73a8-8090-aaa6e87c7325
medium slither Reentrancy in LAO.submitProposal(address,uint256,uint256,uint256,address,uint256,address,string) (contracts/Contract.sol#407-441): 0x43310bd1c8f261ee7b9025662207ed95329aa193 $55,329.66 no 3 months ago 019bb004-7aff-72f2-bcd4-a71e38bd99e2
medium codex Authorization appears to rely on tx.origin 0x5d42bc90d11538c91606c31f3cd00711a94f31c3 $55,344.29 no 3 months ago 019bb004-7af8-72e8-b6c4-6b17a2944eaa
high codex Offerer can never claim listing tokens after successful buyout 0xc6cc57767ac16c1ad20f507e11db1e5265034b09 $55,355.50 no 3 months ago 019bb004-7af0-71cd-ab6e-35bf05fc077a
high detector ETH value transfer possible 0x90b6047da43a370a402fb1f88f4313faa34a923b $0.00 no no 3 months ago 019bb004-d430-731f-a526-9f72bf0d193b
high detector Untrusted CALL target/value reachable 0x90b6047da43a370a402fb1f88f4313faa34a923b $0.00 no no 3 months ago 019bb004-d430-731f-a526-9f72bf0d193b
medium slither Reentrancy in UniswapV3Pool.swap(address,bool,int256,uint160,bytes) (contracts/UniswapV3Pool.sol#596-788): 0x4c83a7f819a5c37d64b4c5a2f8238ea082fa1f4e $55,371.06 no 3 months ago 019bb004-7ae8-7286-9ca1-5456b0d67a79
medium slither Reentrancy in UniswapV3Pool.collectProtocol(address,uint128,uint128) (contracts/UniswapV3Pool.sol#848-868): 0x4c83a7f819a5c37d64b4c5a2f8238ea082fa1f4e $55,371.06 no 3 months ago 019bb004-7ae8-7286-9ca1-5456b0d67a79
medium codex Attack success overwrites transfer-fee deduction, inflating energy pool 0x3a275655586a049fe860be867d10cdae2ffc0f33 $55,415.97 no 3 months ago 019bb004-7ae2-7278-b7d7-39475615538c
medium codex Predictable randomness for births and combat outcomes 0x3a275655586a049fe860be867d10cdae2ffc0f33 $55,415.97 no 3 months ago 019bb004-7ae2-7278-b7d7-39475615538c
low codex 2300-gas ETH transfers can lock withdrawals for contract owners 0x3a275655586a049fe860be867d10cdae2ffc0f33 $55,415.97 no 3 months ago 019bb004-7ae2-7278-b7d7-39475615538c
medium codex DELEGATECALL target is computed from storage without visible access controls 0xad2b801944acb63eb31fdbc6315d2a3842615e0a $55,425.45 no 3 months ago 019bb004-7ad9-72bc-bd34-1a7bbbd54b88
medium codex Owner can withdraw any ETH, breaking LP solvency and claims 0x38930aae699c4cd99d1d794df9db41111b13092b $55,426.14 no 3 months ago 019bb004-7ad2-70e7-af5b-3dd55be971b6
low codex Buying the last LP token reverts due to division by zero 0x38930aae699c4cd99d1d794df9db41111b13092b $55,426.14 no 3 months ago 019bb004-7ad2-70e7-af5b-3dd55be971b6
low codex feeSplit can be set to 0 or tiny, causing division by zero/overflow DoS 0x38930aae699c4cd99d1d794df9db41111b13092b $55,426.14 no 3 months ago 019bb004-7ad2-70e7-af5b-3dd55be971b6
info codex Trait randomness is miner-influenced via blockhash 0x38930aae699c4cd99d1d794df9db41111b13092b $55,426.14 no 3 months ago 019bb004-7ad2-70e7-af5b-3dd55be971b6
high detector Authorization based on tx.origin 0x544e62df13d6273e64b06ac1afd925c8dcbc6569 $0.00 no 3 months ago 019bb004-ada8-702d-bcbd-170d7291368c
medium detector ETH value transfer possible 0x544e62df13d6273e64b06ac1afd925c8dcbc6569 $0.00 no no 3 months ago 019bb004-ada8-702d-bcbd-170d7291368c
medium detector Untrusted CALL target/value reachable 0x544e62df13d6273e64b06ac1afd925c8dcbc6569 $0.00 no no 3 months ago 019bb004-ada8-702d-bcbd-170d7291368c
info cast Heavy CALL-family usage 0x544e62df13d6273e64b06ac1afd925c8dcbc6569 $0.00 no 3 months ago 019bb004-ada8-702d-bcbd-170d7291368c
medium codex Unbounded month iteration can make transfers/withdrawals run out of gas 0x6b249a94182219cb1af58a197573dccd9ab94144 $55,473.89 no 3 months ago 019bb004-7ac1-71ec-a3df-76571e731ff7
medium codex Mid‑month mint/burn retroactively changes the profit denominator for the entire month 0x6b249a94182219cb1af58a197573dccd9ab94144 $55,473.89 no 3 months ago 019bb004-7ac1-71ec-a3df-76571e731ff7
low codex Month boundaries rely on `now`, allowing miner influence around cutoff times 0x6b249a94182219cb1af58a197573dccd9ab94144 $55,473.89 no 3 months ago 019bb004-7ac1-71ec-a3df-76571e731ff7
medium codex ERC20.initialize reverts when called via proxy, preventing proxy initialization 0x1b7d237406f51978d48bfcec2211c5eb97a344aa $55,522.08 no 3 months ago 019bb004-7ab1-705e-a818-96d48a80f311
medium codex Unrestricted withdraw allows premature drain during FUNDING 0x1b7d237406f51978d48bfcec2211c5eb97a344aa $55,522.08 no 3 months ago 019bb004-7ab1-705e-a818-96d48a80f311
high detector Untrusted CALL target/value reachable 0x0e41862deeca185f784b96a0bc44de21f0436306 $0.00 no no 3 months ago 019bb004-9839-71fb-bf53-cdb271c42b17
high detector ETH value transfer possible 0x0e41862deeca185f784b96a0bc44de21f0436306 $0.00 no no 3 months ago 019bb004-9839-71fb-bf53-cdb271c42b17
info cast Heavy EXTCODE*/BALANCE usage 0x0e41862deeca185f784b96a0bc44de21f0436306 $0.00 no 3 months ago 019bb004-9839-71fb-bf53-cdb271c42b17
high codex Referral fee causes over-distribution, leading to payout DoS or cross-audit fund drain 0xa1559cb92445cd39e3f8f16c3574e99850bc7b7d $55,529.41 no 3 months ago 019bb004-7aaa-7101-90e3-70d09190c5dd
low codex Unchecked ERC20 transfer in `acceptAuditor` can silently fail and desync accounting 0xa1559cb92445cd39e3f8f16c3574e99850bc7b7d $55,529.41 no 3 months ago 019bb004-7aaa-7101-90e3-70d09190c5dd
low codex `tx.origin`-based registration allows contract squatting/impersonation 0xa1559cb92445cd39e3f8f16c3574e99850bc7b7d $55,529.41 no 3 months ago 019bb004-7aaa-7101-90e3-70d09190c5dd
low codex Untrusted external CALL(s) reachable; potential reentrancy surface 0xb29c98c950a9134568e370b9507cf3a6bddceb49 $55,577.12 no 3 months ago 019bb004-7aa1-70d2-9db6-bc20a1f90f02
medium codex Low-level CALL to computed target/value without clear success handling 0xecb55b39adb7c166ccab4ccb77463ded1d201de4 $55,577.52 no 3 months ago 019bb004-7a88-71a8-a984-b890b5639b62