TW
Tripwire
Find contracts. Test them. Review real vulns.
Confirmed Findings
2,205
crit 60 high 1157
All Findings
46,184
Across all runs
Chain
1
Mainnet focus
Signal Mix
24239
high severity in results
Findings
filter + triage
Reset
Quick filters: candidate lane confirmed only critical high detector codex
Severity Tool Title Address Value USD Validated Confirmed Found Run
medium codex Computed DELEGATECALL target reachable (potentially untrusted) 0x3463c6572bf1ea4c719fc229bd0d4956b0585a2c $0.00 no 3 months ago 019bab3c-cabb-72fc-a916-554f86904ec9
high codex Unprotected initializer can be hijacked to take ownership 0xb0d6eed90f8e497b867f557c44a49c8c81fa0a5d $0.00 no 3 months ago 019bab3c-acf0-7088-b150-fa883a5349a3
medium codex Bridging fee‑on‑transfer/rebasing ERC20s can under‑collateralize 0xb0d6eed90f8e497b867f557c44a49c8c81fa0a5d $0.00 no 3 months ago 019bab3c-acf0-7088-b150-fa883a5349a3
medium codex BNFT cancel path refunds caller without local ownership checks 0x68fe80c6e97e0c8613e2fed344358c6635ba5366 $0.00 no 3 months ago 019bab3c-a6af-702e-81df-bc4bc14e96dc
medium codex Unchecked eETH.transferFrom can mint withdrawal requests without locking funds 0x68fe80c6e97e0c8613e2fed344358c6635ba5366 $0.00 no 3 months ago 019bab3c-a6af-702e-81df-bc4bc14e96dc
low codex Scheduling edge case lets index-0 BNFT holder bypass validator spin-up limits 0x68fe80c6e97e0c8613e2fed344358c6635ba5366 $0.00 no 3 months ago 019bab3c-a6af-702e-81df-bc4bc14e96dc
medium codex Potential authorization using tx.origin 0x4b14ddc1b1b4bb3a89d574c2708c609d4e192730 $0.00 no 3 months ago 019bab3c-509f-7157-9791-77edf365d19b
low codex CREATE2 opcode present and potentially reachable 0x4b14ddc1b1b4bb3a89d574c2708c609d4e192730 $0.00 no 3 months ago 019bab3c-509f-7157-9791-77edf365d19b
low codex CALLs with computed target/value; external-call risk unclear 0x4b14ddc1b1b4bb3a89d574c2708c609d4e192730 $0.00 no 3 months ago 019bab3c-509f-7157-9791-77edf365d19b
high codex Admin rescueAssets can withdraw unclaimed exit assets once vault is uncollateralized 0x927a83c679a5e1a6435d6bfaef7f20d4db23e2cc $0.00 no 3 months ago 019bab3c-4a33-7098-9325-ebfbff005bf9
medium codex Validators manager signatures are replayable in registerValidators (nonce not enforced) 0x927a83c679a5e1a6435d6bfaef7f20d4db23e2cc $0.00 no 3 months ago 019bab3c-4a33-7098-9325-ebfbff005bf9
medium slither Verifier.verify(Transaction) (contracts/logic/Verifier.sol#60-89) uses tx.origin for authorization: tx.origin == VERIFICATION_BYPASS (contracts/logic/Verifier.sol#84) 0xb157dc78c2815280906a6730984a5e0dca65e247 $0.00 no 3 months ago 019bab3c-03ac-7154-aa8e-81b80b4bfd3c
high codex SNARK verification can be bypassed via tx.origin backdoor 0xb157dc78c2815280906a6730984a5e0dca65e247 $0.00 no 3 months ago 019bab3c-03ac-7154-aa8e-81b80b4bfd3c
medium codex Merkle tree can be corrupted by oversized leaf batches 0xb157dc78c2815280906a6730984a5e0dca65e247 $0.00 no 3 months ago 019bab3c-03ac-7154-aa8e-81b80b4bfd3c
high slither Reentrancy in TimelockControllerUpgradeable.executeBatch(address[],uint256[],bytes[],bytes32,bytes32) (@openzeppelin/contracts-upgradeable/governance/TimelockControllerUpgradeab... 0x8d1fa828e0b99f2cd9bec6c51ff11e97b502db8a $0.00 no 3 months ago 019bab3b-fcd0-7290-bd8b-dd7b4bf015df
high slither TimelockControllerUpgradeable._execute(address,uint256,bytes) (@openzeppelin/contracts-upgradeable/governance/TimelockControllerUpgradeable.sol#348-355) sends eth to arbitrary user 0x8d1fa828e0b99f2cd9bec6c51ff11e97b502db8a $0.00 no 3 months ago 019bab3b-fcd0-7290-bd8b-dd7b4bf015df
high codex Unprotected initializer allows timelock takeover if proxy not initialized 0x8d1fa828e0b99f2cd9bec6c51ff11e97b502db8a $0.00 no 3 months ago 019bab3b-fcd0-7290-bd8b-dd7b4bf015df
high detector ETH value transfer possible 0xb468ab08385c42b086cf487ad4f1821a18ee714f $0.00 no no 3 months ago 019bab3e-9728-735c-874d-13bc5911ad95
high detector Untrusted CALL target/value reachable 0xb468ab08385c42b086cf487ad4f1821a18ee714f $0.00 no no 3 months ago 019bab3e-9728-735c-874d-13bc5911ad95
info cast Heavy EXTCODE*/BALANCE usage 0xb468ab08385c42b086cf487ad4f1821a18ee714f $0.00 no 3 months ago 019bab3e-9728-735c-874d-13bc5911ad95
info cast Heavy CALL-family usage 0xb468ab08385c42b086cf487ad4f1821a18ee714f $0.00 no 3 months ago 019bab3e-9728-735c-874d-13bc5911ad95
medium slither Reentrancy in UniswapV3Pool.swap(address,bool,int256,uint160,bytes) (contracts/UniswapV3Pool.sol#596-788): 0x2a943e0432b22a3c3cd65b8c9045259b791f96b8 $55,666.45 no 3 months ago 019bab3b-acfe-71a5-a16d-5fed3f762c34
medium slither Reentrancy in UniswapV3Pool.collectProtocol(address,uint128,uint128) (contracts/UniswapV3Pool.sol#848-868): 0x2a943e0432b22a3c3cd65b8c9045259b791f96b8 $55,666.45 no 3 months ago 019bab3b-acfe-71a5-a16d-5fed3f762c34
medium slither Reentrancy in UniswapV3Pool.collectProtocol(address,uint128,uint128) (contracts/UniswapV3Pool.sol#848-868): 0xb986a32f468edad2f2f890094ea39ae484fbcaf4 $55,703.69 no 3 months ago 019bab3b-acf8-7080-9616-487ba7f2480f
medium slither Reentrancy in UniswapV3Pool.swap(address,bool,int256,uint160,bytes) (contracts/UniswapV3Pool.sol#596-788): 0xb986a32f468edad2f2f890094ea39ae484fbcaf4 $55,703.69 no 3 months ago 019bab3b-acf8-7080-9616-487ba7f2480f
medium slither Reentrancy in UniswapV3Pool.collectProtocol(address,uint128,uint128) (contracts/UniswapV3Pool.sol#848-868): 0xfececebf44d38858a0c478c2c4afa2601f5352fb $55,734.56 no 3 months ago 019bab3b-acf2-7174-8d21-0915bb1a7ac8
medium slither Reentrancy in UniswapV3Pool.swap(address,bool,int256,uint160,bytes) (contracts/UniswapV3Pool.sol#596-788): 0xfececebf44d38858a0c478c2c4afa2601f5352fb $55,734.56 no 3 months ago 019bab3b-acf2-7174-8d21-0915bb1a7ac8
medium codex Potential arbitrary external CALL with ETH value if execution path is ungated 0xc8d2509dee0335ad8dd45667a60cb73e2cc3a7c7 $55,744.20 no 3 months ago 019bab3b-aceb-73bd-bc34-6a5988516fdf
medium slither Reentrancy in UniswapV3Pool.collectProtocol(address,uint128,uint128) (contracts/UniswapV3Pool.sol#848-868): 0xc2a8f4fc2aa6cddb18ae19df1783f9f33ac2e33b $55,821.86 no 3 months ago 019bab3b-ace4-739d-8ae7-4a280235f4a5
medium slither Reentrancy in UniswapV3Pool.swap(address,bool,int256,uint160,bytes) (contracts/UniswapV3Pool.sol#596-788): 0xc2a8f4fc2aa6cddb18ae19df1783f9f33ac2e33b $55,821.86 no 3 months ago 019bab3b-ace4-739d-8ae7-4a280235f4a5
medium codex Zero totalSupply weeks cause division-by-zero and permanently block claims 0x951f99350d816c0e160a2c71defe828bdfc17f12 $55,827.39 no 3 months ago 019bab3b-acdd-73a3-9188-eb035b52b55e
medium codex Token checkpointing stops after 20 weeks, leaving undistributed tokens permanently unclaimable 0x951f99350d816c0e160a2c71defe828bdfc17f12 $55,827.39 no 3 months ago 019bab3b-acdd-73a3-9188-eb035b52b55e
low codex Gallery art assignment uses miner/validator-manipulable block data 0x7183209867489e1047f3a7c23ea1aed9c4e236e8 $55,856.61 no 3 months ago 019bab3b-acd5-731f-9ee9-3cb2fb20d89e
low codex External ETH refund during `_beforeTokenTransfers` enables reentrancy during transfers 0x7183209867489e1047f3a7c23ea1aed9c4e236e8 $55,856.61 no 3 months ago 019bab3b-acd5-731f-9ee9-3cb2fb20d89e
medium codex DELEGATECALL into external contract address allows code execution in implementation storage 0x9719d81c506c95f92caf970851b22afc88aee574 $55,875.21 no 3 months ago 019bab3b-acce-7254-a517-d035d555f853
low codex External CALLs with computed target and value may allow value transfer or reentrancy if not tightly gated 0x9719d81c506c95f92caf970851b22afc88aee574 $55,875.21 no 3 months ago 019bab3b-acce-7254-a517-d035d555f853
high detector Untrusted DELEGATECALL target reachable 0x6c6210232654a5b57a576f9b4434f36e0b5d3768 $0.00 no no 3 months ago 019bab3e-55f8-7003-b95c-b596b34c2a96
medium detector Untrusted CALL target/value reachable 0x6c6210232654a5b57a576f9b4434f36e0b5d3768 $0.00 no no 3 months ago 019bab3e-55f8-7003-b95c-b596b34c2a96
medium detector ETH value transfer possible 0x6c6210232654a5b57a576f9b4434f36e0b5d3768 $0.00 no no 3 months ago 019bab3e-55f8-7003-b95c-b596b34c2a96
medium cast DELEGATECALL present 0x6c6210232654a5b57a576f9b4434f36e0b5d3768 $0.00 no 3 months ago 019bab3e-55f8-7003-b95c-b596b34c2a96
info cast Heavy EXTCODE*/BALANCE usage 0x6c6210232654a5b57a576f9b4434f36e0b5d3768 $0.00 no 3 months ago 019bab3e-55f8-7003-b95c-b596b34c2a96
info cast Heavy CALL-family usage 0x6c6210232654a5b57a576f9b4434f36e0b5d3768 $0.00 no 3 months ago 019bab3e-55f8-7003-b95c-b596b34c2a96
medium codex Collected fee is excluded from swap/join/exit math and slippage checks 0xb8098e1cb8645da67238e340558ec1c8625b10db $55,939.90 no 3 months ago 019bab3b-acbc-72d4-be96-d51f69884b9a
high detector ETH value transfer possible 0x7e1240ae716041f6440303c7b1909f3704650f1b $0.00 no no 3 months ago 019bab3e-3e2c-716e-9047-9267e7c0387f
high detector Untrusted CALL target/value reachable 0x7e1240ae716041f6440303c7b1909f3704650f1b $0.00 no no 3 months ago 019bab3e-3e2c-716e-9047-9267e7c0387f
medium slither Reentrancy in UniswapV3Pool.swap(address,bool,int256,uint160,bytes) (contracts/UniswapV3Pool.sol#596-788): 0xefe4a010ad0fad70154116cb0c43cf47a1062b3b $55,991.54 no 3 months ago 019bab3b-aca9-71f5-9a53-f97562b973db
medium slither Reentrancy in UniswapV3Pool.collectProtocol(address,uint128,uint128) (contracts/UniswapV3Pool.sol#848-868): 0xefe4a010ad0fad70154116cb0c43cf47a1062b3b $55,991.54 no 3 months ago 019bab3b-aca9-71f5-9a53-f97562b973db
medium slither Reentrancy in UniswapV3Pool.collectProtocol(address,uint128,uint128) (contracts/UniswapV3Pool.sol#848-868): 0xf260d15e8ebe54d210ef53f5b61cb46bd9aa29ee $56,142.03 no 3 months ago 019bab3b-ac9f-7074-8dec-a6f36875fc88
medium slither Reentrancy in UniswapV3Pool.swap(address,bool,int256,uint160,bytes) (contracts/UniswapV3Pool.sol#596-788): 0xf260d15e8ebe54d210ef53f5b61cb46bd9aa29ee $56,142.03 no 3 months ago 019bab3b-ac9f-7074-8dec-a6f36875fc88
medium slither Reentrancy in UniswapV2Pair.burn(address) (contracts/Contract.sol#569-598): 0xb3558f47fa914f7ec1da1a6f52ab41ee63e81301 $56,152.33 no 3 months ago 019bab3b-ac96-72a6-859a-d5ad1b767509