019b3836-2c34-72de-ac27-ba925728fcf4
Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?
| ID | Type | Status | Attempts | Heartbeat |
|---|---|---|---|---|
| 1889 | artifact.fetch | complete | 1 / 3 | 3 months ago |
| 1890 | tool.cast_disasm | complete | 1 / 3 | 3 months ago |
| 96958 | analysis.bundle | complete | 1 / 3 | 1 week ago |
| 96959 | capability.graph | complete | 1 / 3 | 1 week ago |
| 96960 | detector.run | complete | 1 / 3 | 1 week ago |
| 96961 | validation.fork | complete | 1 / 3 | 1 week ago |
No slither job recorded yet.
No codex job recorded yet.
00000000: PUSH1 0x60 00000002: PUSH1 0x40 00000004: MSTORE 00000005: PUSH1 0xe0 00000007: PUSH1 0x02 00000009: EXP 0000000a: PUSH1 0x00 0000000c: CALLDATALOAD 0000000d: DIV 0000000e: PUSH4 0x73f44395 00000013: DUP2 00000014: EQ 00000015: PUSH2 0x0031 00000018: JUMPI 00000019: DUP1 0000001a: PUSH4 0x956e2ec9 0000001f: EQ 00000020: PUSH2 0x0064 00000023: JUMPI 00000024: DUP1 00000025: PUSH4 0xa69beaba 0000002a: EQ 0000002b: PUSH2 0x010f 0000002e: JUMPI 0000002f: JUMPDEST 00000030: STOP 00000031: JUMPDEST 00000032: PUSH2 0x0144 00000035: PUSH1 0x04 00000037: CALLDATALOAD 00000038: PUSH1 0x04 0000003a: PUSH1 0x20 0000003c: MSTORE 0000003d: PUSH1 0x00 0000003f: SWAP1 00000040: DUP2 00000041: MSTORE 00000042: PUSH1 0x40 00000044: SWAP1 00000045: KECCAK256 00000046: DUP1 00000047: SLOAD 00000048: PUSH1 0x01 0000004a: DUP3 0000004b: ADD 0000004c: SLOAD 0000004d: PUSH1 0x02 0000004f: SWAP3 00000050: SWAP1 00000051: SWAP3 00000052: ADD 00000053: SLOAD 00000054: PUSH1 0x01 00000056: PUSH1 0xa0 00000058: PUSH1 0x02 0000005a: EXP 0000005b: SUB 0000005c: SWAP2 0000005d: SWAP1 0000005e: SWAP2 0000005f: AND 00000060: SWAP2 00000061: SWAP1 00000062: DUP4 00000063: JUMP 00000064: JUMPDEST 00000065: PUSH2 0x0155 00000068: PUSH1 0x80 0000006a: PUSH1 0x40 0000006c: MSTORE 0000006d: PUSH1 0x00 0000006f: PUSH1 0x60 00000071: SWAP1 00000072: DUP2 00000073: MSTORE 00000074: PUSH1 0x02 00000076: SLOAD 00000077: CALLVALUE 00000078: GT 00000079: ISZERO 0000007a: PUSH2 0x01c3 0000007d: JUMPI 0000007e: POP 0000007f: PUSH1 0x01 00000081: DUP1 00000082: SLOAD 00000083: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 00000098: NOT 00000099: SWAP1 0000009a: DUP2 0000009b: AND 0000009c: CALLER 0000009d: OR 0000009e: DUP1 0000009f: DUP4 000000a0: SSTORE 000000a1: CALLVALUE 000000a2: PUSH1 0x02 000000a4: SWAP1 000000a5: DUP2 000000a6: SSTORE 000000a7: PUSH1 0x01 000000a9: PUSH1 0xa0 000000ab: PUSH1 0x02 000000ad: EXP 000000ae: SUB 000000af: SWAP2 000000b0: SWAP1 000000b1: SWAP2 000000b2: AND 000000b3: PUSH1 0x00 000000b5: DUP2 000000b6: DUP2 000000b7: MSTORE 000000b8: PUSH1 0x04 000000ba: PUSH1 0x20 000000bc: MSTORE 000000bd: PUSH1 0x40 000000bf: SWAP1 000000c0: DUP2 000000c1: SWAP1 000000c2: KECCAK256 000000c3: DUP1 000000c4: SLOAD 000000c5: SWAP1 000000c6: SWAP5 000000c7: AND 000000c8: SWAP1 000000c9: SWAP2 000000ca: OR 000000cb: DUP4 000000cc: SSTORE 000000cd: DUP2 000000ce: SLOAD 000000cf: SWAP4 000000d0: DUP4 000000d1: ADD 000000d2: SWAP4 000000d3: SWAP1 000000d4: SWAP4 000000d5: SSTORE 000000d6: PUSH1 0x03 000000d8: SLOAD 000000d9: SWAP2 000000da: ADD 000000db: SSTORE 000000dc: PUSH1 0xc0 000000de: SWAP1 000000df: MSTORE 000000e0: PUSH1 0x15 000000e2: PUSH1 0x80 000000e4: SWAP1 000000e5: DUP2 000000e6: MSTORE 000000e7: PUSH32 0x596f7520617265206e6f772074686520766f7465720000000000000000000000 00000108: PUSH1 0xa0 0000010a: MSTORE 0000010b: PUSH2 0x0219 0000010e: JUMP 0000010f: JUMPDEST 00000110: PUSH2 0x0155 00000113: PUSH1 0x04 00000115: CALLDATALOAD 00000116: PUSH1 0x80 00000118: PUSH1 0x40 0000011a: MSTORE 0000011b: PUSH1 0x00 0000011d: PUSH1 0x60 0000011f: SWAP1 00000120: DUP2 00000121: MSTORE 00000122: PUSH1 0x01 00000124: SLOAD 00000125: PUSH1 0x01 00000127: PUSH1 0xa0 00000129: PUSH1 0x02 0000012b: EXP 0000012c: SUB 0000012d: SWAP1 0000012e: DUP2 0000012f: AND 00000130: CALLER 00000131: SWAP2 00000132: SWAP1 00000133: SWAP2 00000134: AND 00000135: EQ 00000136: ISZERO 00000137: PUSH2 0x021c 0000013a: JUMPI 0000013b: PUSH1 0x00 0000013d: DUP3 0000013e: SWAP1 0000013f: SSTORE 00000140: PUSH2 0x0002 00000143: JUMP 00000144: JUMPDEST 00000145: PUSH1 0x60 00000147: SWAP3 00000148: DUP4 00000149: MSTORE 0000014a: PUSH1 0x80 0000014c: SWAP2 0000014d: SWAP1 0000014e: SWAP2 0000014f: MSTORE 00000150: PUSH1 0xa0 00000152: MSTORE 00000153: DUP1 00000154: RETURN 00000155: JUMPDEST 00000156: PUSH1 0x40 00000158: MLOAD 00000159: DUP1 0000015a: DUP1 0000015b: PUSH1 0x20 0000015d: ADD 0000015e: DUP3 0000015f: DUP2 00000160: SUB 00000161: DUP3 00000162: MSTORE 00000163: DUP4 00000164: DUP2 00000165: DUP2 00000166: MLOAD 00000167: DUP2 00000168: MSTORE 00000169: PUSH1 0x20 0000016b: ADD 0000016c: SWAP2 0000016d: POP 0000016e: DUP1 0000016f: MLOAD 00000170: SWAP1 00000171: PUSH1 0x20 00000173: ADD 00000174: SWAP1 00000175: DUP1 00000176: DUP4 00000177: DUP4 00000178: DUP3 00000179: SWAP1 0000017a: PUSH1 0x00 0000017c: PUSH1 0x04 0000017e: PUSH1 0x20 00000180: DUP5 00000181: PUSH1 0x1f 00000183: ADD 00000184: DIV 00000185: PUSH1 0x0f 00000187: MUL 00000188: PUSH1 0x03 0000018a: ADD 0000018b: CALL 0000018c: POP 0000018d: SWAP1 0000018e: POP 0000018f: SWAP1 00000190: DUP2 00000191: ADD 00000192: SWAP1 00000193: PUSH1 0x1f 00000195: AND 00000196: DUP1 00000197: ISZERO 00000198: PUSH2 0x01b5 0000019b: JUMPI 0000019c: DUP1 0000019d: DUP3 0000019e: SUB 0000019f: DUP1 000001a0: MLOAD 000001a1: PUSH1 0x01 000001a3: DUP4 000001a4: PUSH1 0x20 000001a6: SUB 000001a7: PUSH2 0x0100 000001aa: EXP 000001ab: SUB 000001ac: NOT 000001ad: AND 000001ae: DUP2 000001af: MSTORE 000001b0: PUSH1 0x20 000001b2: ADD 000001b3: SWAP2 000001b4: POP 000001b5: JUMPDEST 000001b6: POP 000001b7: SWAP3 000001b8: POP 000001b9: POP 000001ba: POP 000001bb: PUSH1 0x40 000001bd: MLOAD 000001be: DUP1 000001bf: SWAP2 000001c0: SUB 000001c1: SWAP1 000001c2: RETURN 000001c3: JUMPDEST 000001c4: POP 000001c5: PUSH1 0xe0 000001c7: PUSH1 0x40 000001c9: MSTORE 000001ca: PUSH1 0x2f 000001cc: PUSH1 0x80 000001ce: SWAP1 000001cf: DUP2 000001d0: MSTORE 000001d1: PUSH32 0x596f75206e65656420746f20626967206869676865722c207468652068696768 000001f2: PUSH1 0xa0 000001f4: MSTORE 000001f5: PUSH32 0x65737420626964206973206e6f772e0000000000000000000000000000000000 00000216: PUSH1 0xc0 00000218: MSTORE 00000219: JUMPDEST 0000021a: SWAP1 0000021b: JUMP 0000021c: JUMPDEST 0000021d: POP 0000021e: POP 0000021f: PUSH1 0xe0 00000221: PUSH1 0x40 00000223: MSTORE 00000224: PUSH1 0x22 00000226: PUSH1 0x80 00000228: SWAP1 00000229: DUP2 0000022a: MSTORE 0000022b: PUSH32 0x596f7520646f206e6f742068617665207468652072696768747320746f20766f 0000024c: PUSH1 0xa0 0000024e: MSTORE 0000024f: PUSH32 0x7465000000000000000000000000000000000000000000000000000000000000 00000270: PUSH1 0xc0 00000272: MSTORE 00000273: SWAP1 00000274: JUMP
Warning: This is a nightly build of Foundry. It is recommended to use the latest stable version. To mute this warning set `FOUNDRY_DISABLE_NIGHTLY_WARNING` in your environment.
| Severity | Category | Tool | Title | Confidence | Validated | Confirmed | Details |
|---|---|---|---|---|---|---|---|
| high | other | detector | Untrusted CALL target/value reachable | 60 | no | no |
viewtrace_id: 0xcf2038fa4eb239dd5ad38e25d1882a517a29f2f06bbf4746dd334df6714a20f5
call_targets:
0x2c1fb3fae344310e8289f14628f14ee076fa1be9
target_varies:
no
classification:
constant_target
validation_json{
"sink": "CALL",
"errors": 0,
"status": "sink_reached",
"attempts": 1,
"trace_id": "0xcf2038fa4eb239dd5ad38e25d1882a517a29f2f06bbf4746dd334df6714a20f5",
"confirmed": false,
"trace_mode": "callTracer",
"call_targets": [
"0x2c1fb3fae344310e8289f14628f14ee076fa1be9"
],
"matched_probe": null,
"target_varies": false,
"classification": "constant_target"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0x73f44395",
"selector": "0x73f44395",
"calldata_variants": [
"0x73f44395",
"0x73f443950000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x956e2ec9",
"selector": "0x956e2ec9",
"calldata_variants": [
"0x956e2ec9",
"0x956e2ec90000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xa69beaba",
"selector": "0xa69beaba",
"calldata_variants": [
"0xa69beaba",
"0xa69beaba0000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 395,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
}
],
"call_count": 1,
"guards_detected": [],
"untrusted_call_count": 1
}
|
| high | other | detector | ETH value transfer possible | 55 | no | no |
viewtrace_id: 0xcf2038fa4eb239dd5ad38e25d1882a517a29f2f06bbf4746dd334df6714a20f5
call_targets:
0x2c1fb3fae344310e8289f14628f14ee076fa1be9
target_varies:
no
classification:
constant_target
validation_json{
"sink": "CALL",
"errors": 0,
"status": "sink_reached",
"attempts": 1,
"trace_id": "0xcf2038fa4eb239dd5ad38e25d1882a517a29f2f06bbf4746dd334df6714a20f5",
"confirmed": false,
"trace_mode": "callTracer",
"call_targets": [
"0x2c1fb3fae344310e8289f14628f14ee076fa1be9"
],
"matched_probe": null,
"target_varies": false,
"classification": "constant_target"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0x73f44395",
"selector": "0x73f44395",
"calldata_variants": [
"0x73f44395",
"0x73f443950000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x956e2ec9",
"selector": "0x956e2ec9",
"calldata_variants": [
"0x956e2ec9",
"0x956e2ec90000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xa69beaba",
"selector": "0xa69beaba",
"calldata_variants": [
"0xa69beaba",
"0xa69beaba0000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 395,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
}
],
"eth_value_calls": 1,
"guards_detected": []
}
|