019b3836-35bd-7032-b1d3-60862afc5118
Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?
| ID | Type | Status | Attempts | Heartbeat |
|---|---|---|---|---|
| 3473 | artifact.fetch | complete | 1 / 3 | 3 months ago |
| 3474 | tool.cast_disasm | complete | 1 / 3 | 3 months ago |
| 46468 | analysis.bundle | complete | 1 / 3 | 1 week ago |
| 46469 | capability.graph | complete | 1 / 3 | 1 week ago |
| 46470 | detector.run | complete | 1 / 3 | 1 week ago |
| 46471 | validation.fork | complete | 1 / 3 | 1 week ago |
| 113265 | report.consolidate | complete | 1 / 6 | 1 week ago |
No slither job recorded yet.
{"no_findings":false,"summary":"Bytecode matches an ERC20-like token with a publicly callable legacy-constructor path and non-standard allowance bookkeeping. Detector-reported CALLs appear dominated by approve-and-call behavior and helper/precompile-style memory copies, so the strongest issues are the exposed initializer/mint path and the broken allowance invariant.","findings":[{"severity":"critical","category":"access_control","title":"Legacy constructor-like initializer is still publicly callable and can mint balances","exploit_scenario":"Selector inference is best-effort, but `0x1d2bca17` exactly matches `MyToken(uint256,string,uint8,string)`, and its body is constructor-shaped: it writes a caller-keyed balance entry, token metadata (`JasonCoin` / `J`), and the packed low byte in slot 2 without any detected guard. Any attacker can call this entrypoint after deployment, assign themselves an arbitrary balance, then move those tokens via the normal `transfer` / `transferFrom` paths.","recommendation":"Remove or permanently disable the legacy initializer path. If this is meant to be one-time setup, gate it with a constructor-only deployment pattern or an `initialized` flag plus strict access control. Because this is bytecode-only and already deployed, assume unlimited minting is possible unless the entrypoint is blocked upstream.","evidence":"No auth guards were detected. Dispatcher exposes `selector:0x1d2bca17`. The function at `pc:0x00e8` decodes constructor-shaped arguments and stores to the caller-indexed mapping at `pc:0x018c` (`keccak(caller, slot 3)` pattern), then writes fixed metadata including `JasonCoin` / `J` and packed slot updates at `pc:0x01d1`, `pc:0x05d9`, and `pc:0x0632`. This is strongly consistent with a pre-0.4.22 renamed-constructor bug; if the selector name inference were wrong, it is still an unguarded initializer/mint path.","locations":["selector:0x1d2bca17","pc:0x00e8","pc:0x018c","pc:0x01d1","pc:0x05d9","pc:0x0632"]},{"severity":"medium","category":"other","title":"Allowance accounting is split across two mappings, so `allowance()` likely reports the approved cap, not remaining spendable amount","exploit_scenario":"Integrations that rely on ERC20 semantics can be misled. After approval, `allowance(owner,spender)` can still return the original approved amount even after some spending, while `transferFrom` enforces `spent + amount <= approved`. A dApp may observe a large allowance and attempt a pull that unexpectedly reverts, or users may be unable to 'top up' allowance cleanly because prior spent amount is tracked separately.","recommendation":"Use a single allowance mapping and decrement it on `transferFrom`, or have `allowance()` return the actual remaining amount (`approved - spent`) and reset the spent counter whenever approval is updated. If intentional, this contract should not be treated as ERC20-compatible by integrators.","evidence":"`approveAndCall` (`selector:0xcae9ca51`) stores into a nested mapping rooted at slot 4 (`pc:0x03a5`). Standard `allowance(address,address)` (`selector:0xdd62ed3e`) reads that same slot-4 mapping (`pc:0x04b8`). But `transferFrom` (`selector:0x23b872dd`) checks a second nested mapping rooted at slot 5, enforcing `slot5 + value <= slot4` at `pc:0x0731`-`pc:0x0734`, then increments slot 5 at `pc:0x078a`-`pc:0x078f` instead of decrementing slot 4. The separate getter `selector:0xdc3080f2` reads the slot-5 mapping at `pc:0x0494`, confirming two distinct allowance-related stores.","locations":["selector:0xcae9ca51","selector:0xdd62ed3e","selector:0xdc3080f2","selector:0x23b872dd","pc:0x03a5","pc:0x04b8","pc:0x0494","pc:0x0731","pc:0x078f"]}]}
OpenAI Codex v0.118.0 (research preview)
--------
workdir: /tmp/codex-dp1fw3oq
model: gpt-5.4
provider: openai
approval: never
sandbox: read-only
reasoning effort: high
reasoning summaries: none
session id: 019d5bd4-ee47-7663-90ed-5315f4c292e8
--------
user
You are a security auditor. You ONLY have runtime bytecode + analysis artifacts.
You MUST read `BYTECODE_BUNDLE.json` before concluding; it contains the bytecode summary,
evidence bundle, callsites, storage slots, and detector findings.
Special cases when reasoning from bytecode (be explicit about uncertainty):
- Selector inference is best-effort; missing selectors are common.
- Fallback/receive paths may be the only entrypoints.
- CALL vs DELEGATECALL semantics differ; DELEGATECALL executes in caller storage.
- Proxy patterns (EIP-1967, minimal proxies, beacon) change which storage is authoritative.
- Storage slots are raw; mappings/arrays appear via keccak patterns, names are unknown.
- Guard detection is heuristic; absence of guards does NOT mean unguarded.
- Returndata checking is unknown unless explicitly shown in evidence.
- Precompiles (0x1..0x9) and common ERC20 transfer selectors may appear; do not over-claim.
Output MUST be valid JSON matching the provided schema.
- If you find nothing meaningful: set no_findings=true and findings=[].
- Otherwise: set no_findings=false and include findings with severity/category/title.
- Locations can be pc references like "pc:0x123" or selectors like "selector:0xa9059cbb".
Focus on: reentrancy, access control, upgradeability/proxy issues, signature validation,
accounting/invariant breaks, dangerous delegatecall, and untrusted external calls.
Be conservative: if evidence is weak, mark severity low/medium and explain why.
warning: Codex could not find system bubblewrap on PATH. Please install bubblewrap with your package manager. Codex will use the vendored bubblewrap in the meantime.
exec
/bin/bash -lc pwd in /tmp/codex-dp1fw3oq
succeeded in 0ms:
/tmp/codex-dp1fw3oq
exec
/bin/bash -lc 'rg --files' in /tmp/codex-dp1fw3oq
succeeded in 0ms:
codex-output-schema.json
BYTECODE_BUNDLE.json
exec
/bin/bash -lc "sed -n '1,260p' BYTECODE_BUNDLE.json" in /tmp/codex-dp1fw3oq
succeeded in 0ms:
{
"analysis_artifact": {
"address": "0x080781e41bbd4402a8b9f07df187b7391d707de7",
"artifact_hash": "0x807faa94d8718a028bc5711ace35494859161bb62488cf773a5e1efef1242006",
"artifact_json": {
"auth": {
"guards": []
},
"basic_blocks": [
{
"end_pc": 10,
"hash": "0xea84cd9b520f9ac15ee69facebf0514d237ae3f350495e573c06816e7e3d08cf",
"opcodes": [
"PUSH1",
"PUSH1",
"MSTORE",
"CALLDATASIZE",
"ISZERO",
"PUSH2",
"JUMPI"
],
"start_pc": 0
},
{
"end_pc": 30,
"hash": "0x8351f5fd39e1769e53f7b93891e5bf598f6939b3ca7289b6c03bc34019c93201",
"opcodes": [
"PUSH1",
"PUSH1",
"EXP",
"PUSH1",
"CALLDATALOAD",
"DIV",
"PUSH4",
"OP_81",
"EQ",
"PUSH2",
"JUMPI"
],
"start_pc": 11
},
{
"end_pc": 41,
"hash": "0xc6fd74ad853f095f612f149f1918dd822cd863808f0ce7f2b76117fb4ea5344f",
"opcodes": [
"OP_80",
"PUSH4",
"EQ",
"PUSH2",
"JUMPI"
],
"start_pc": 31
},
{
"end_pc": 52,
"hash": "0x75662290e98707b838270e742f21c96eb52fa1c5cbccd48186a2d091c3df92c7",
"opcodes": [
"OP_80",
"PUSH4",
"EQ",
"PUSH2",
"JUMPI"
],
"start_pc": 42
},
{
"end_pc": 63,
"hash": "0x38c58035f8dabc8455632d78fcb7c3c8c2b91c1519a00f71b56d8a1708b968ca",
"opcodes": [
"OP_80",
"PUSH4",
"EQ",
"PUSH2",
"JUMPI"
],
"start_pc": 53
},
{
"end_pc": 74,
"hash": "0x59002cbcbd0359d6d85bc812ae0cfbe10c43ea95568db64ff370a11005b60eb1",
"opcodes": [
"OP_80",
"PUSH4",
"EQ",
"PUSH2",
"JUMPI"
],
"start_pc": 64
},
{
"end_pc": 85,
"hash": "0x6e8546aada0fd940f2ed15bd2e9ef5dab9a4ca7ba820035ee16b404772df9ef5",
"opcodes": [
"OP_80",
"PUSH4",
"EQ",
"PUSH2",
"JUMPI"
],
"start_pc": 75
},
{
"end_pc": 96,
"hash": "0x0f956ff6cb9040c3d64f49063aadd7e601854a7e4a1e3868f84c1fe7adc00bb7",
"opcodes": [
"OP_80",
"PUSH4",
"EQ",
"PUSH2",
"JUMPI"
],
"start_pc": 86
},
{
"end_pc": 107,
"hash": "0xfa2a811cdc5345c31bf935c152b928af23b32eb38d905421c0acdee8438e10c2",
"opcodes": [
"OP_80",
"PUSH4",
"EQ",
"PUSH2",
"JUMPI"
],
"start_pc": 97
},
{
"end_pc": 118,
"hash": "0x5076d1276bfacb2de6f232948e581f0f3c9fae59fef9d1dfaaa4825c9f64e727",
"opcodes": [
"OP_80",
"PUSH4",
"EQ",
"PUSH2",
"JUMPI"
],
"start_pc": 108
},
{
"end_pc": 129,
"hash": "0xa9bfa6cc27c13ab131feeed80dd1753369e9b2fa5709f05d0e0db0705d9007c1",
"opcodes": [
"OP_80",
"PUSH4",
"EQ",
"PUSH2",
"JUMPI"
],
"start_pc": 119
},
{
"end_pc": 137,
"hash": "0x6ad353864cd500f0df6322ded5995e0dc1b10ffbcd6752fde3f1e030322549b6",
"opcodes": [
"JUMPDEST",
"PUSH2",
"PUSH2",
"JUMP"
],
"start_pc": 130
},
{
"end_pc": 204,
"hash": "0x648a56246ee10fd71197c6989b88592cf90972cb5594de82ea3cb44ebcac7a91",
"opcodes": [
"JUMPDEST",
"PUSH2",
"PUSH1",
"OP_80",
"SLOAD",
"PUSH1",
"OP_80",
"MLOAD",
"PUSH1",
"PUSH1",
"PUSH1",
"OP_85",
"AND",
"ISZERO",
"PUSH2",
"MUL",
"PUSH1",
"NOT",
"ADD",
"OP_90",
"OP_94",
"AND",
"OP_93",
"OP_90",
"OP_93",
"DIV",
"PUSH1",
"OP_81",
"ADD",
"OP_84",
"OP_90",
"DIV",
"OP_84",
"MUL",
"OP_82",
"ADD",
"OP_84",
"ADD",
"OP_90",
"OP_92",
"MSTORE",
"OP_81",
"OP_81",
"MSTORE",
"OP_92",
"OP_91",
"OP_83",
"ADD",
"OP_82",
"OP_82",
"OP_80",
"ISZERO",
"PUSH2",
"JUMPI"
],
"start_pc": 138
},
{
"end_pc": 212,
"hash": "0x8c70d68ca5f7d985ae147684c2fa9fe452b52e374b5296fae8256e16f749e260",
"opcodes": [
"OP_80",
"PUSH1",
"LT",
"PUSH2",
"JUMPI"
],
"start_pc": 205
},
{
"end_pc": 231,
"hash": "0x0bc331c418a8a280a1e08b44ed388fd915679b8c401458dc4b9e804d0dfc4594",
"opcodes": [
"PUSH2",
"OP_80",
"OP_83",
"SLOAD",
"DIV",
"MUL",
"OP_83",
"MSTORE",
"OP_91",
"PUSH1",
"ADD",
"OP_91",
"PUSH2",
"JUMP"
],
"start_pc": 213
},
{
"end_pc": 539,
"hash": "0x517454c6b3e0d782e991f6a64e78a9a1dd02472852d0b290b0f34a4434ed0bed",
"opcodes": [
"JUMPDEST",
"PUSH1",
exec
/bin/bash -lc "sed -n '261,520p' BYTECODE_BUNDLE.json" in /tmp/codex-dp1fw3oq
succeeded in 0ms:
"OP_80",
"MLOAD",
"PUSH1",
"PUSH1",
"OP_80",
"CALLDATALOAD",
"PUSH1",
"OP_81",
"OP_81",
"ADD",
"CALLDATALOAD",
"PUSH1",
"OP_81",
"ADD",
"OP_85",
"OP_90",
"DIV",
"OP_85",
"MUL",
"OP_86",
"ADD",
"OP_85",
"ADD",
"OP_90",
"OP_96",
"MSTORE",
"OP_85",
"OP_85",
"MSTORE",
"PUSH2",
"OP_95",
"OP_81",
"CALLDATALOAD",
"OP_95",
"OP_91",
"OP_94",
"PUSH1",
"OP_94",
"OP_92",
"OP_93",
"OP_90",
"OP_92",
"ADD",
"OP_91",
"OP_81",
"OP_90",
"OP_84",
"ADD",
"OP_83",
"OP_82",
"OP_80",
"OP_82",
"OP_84",
"CALLDATACOPY",
"POP",
"POP",
"PUSH1",
"OP_80",
"MLOAD",
"PUSH1",
"PUSH1",
"CALLDATALOAD",
"OP_80",
"OP_8B",
"ADD",
"CALLDATALOAD",
"PUSH1",
"OP_81",
"ADD",
"OP_83",
"OP_90",
"DIV",
"OP_83",
"MUL",
"OP_84",
"ADD",
"OP_83",
"ADD",
"OP_90",
"OP_94",
"MSTORE",
"OP_83",
"OP_83",
"MSTORE",
"OP_97",
"OP_99",
"OP_98",
"CALLDATALOAD",
"OP_98",
"OP_97",
"PUSH1",
"OP_97",
"POP",
"OP_91",
"OP_95",
"POP",
"PUSH1",
"OP_91",
"OP_90",
"OP_91",
"ADD",
"OP_93",
"POP",
"OP_90",
"OP_91",
"POP",
"OP_81",
"OP_90",
"OP_84",
"ADD",
"OP_83",
"OP_82",
"OP_80",
"OP_82",
"OP_84",
"CALLDATACOPY",
"POP",
"POP",
"POP",
"PUSH1",
"PUSH1",
"PUSH1",
"EXP",
"SUB",
"CALLER",
"AND",
"PUSH1",
"OP_90",
"OP_81",
"MSTORE",
"PUSH1",
"PUSH1",
"OP_90",
"OP_81",
"MSTORE",
"PUSH1",
"OP_80",
"OP_83",
"SHA3",
"OP_8C",
"OP_90",
"SSTORE",
"OP_80",
"MLOAD",
"OP_80",
"OP_82",
"ADD",
"OP_90",
"OP_91",
"MSTORE",
"PUSH1",
"OP_81",
"MSTORE",
"PUSH32",
"OP_90",
"OP_82",
"ADD",
"OP_90",
"OP_81",
"MSTORE",
"OP_82",
"SLOAD",
"OP_83",
"OP_80",
"MSTORE",
"OP_90",
"MLOAD",
"PUSH1",
"PUSH1",
"NOT",
"OP_90",
"OP_91",
"AND",
"OR",
"OP_83",
"SSTORE",
"OP_95",
"OP_97",
"POP",
"OP_90",
"OP_95",
"POP",
"PUSH2",
"OP_94",
"PUSH1",
"PUSH1",
"OP_82",
"AND",
"ISZERO",
"PUSH2",
"MUL",
"PUSH1",
"NOT",
"ADD",
"OP_90",
"OP_91",
"AND",
"DIV",
"PUSH1",
"ADD",
"DIV",
"PUSH32",
"OP_90",
"OP_81",
"ADD",
"OP_93",
"POP",
"OP_91",
"POP",
"POP"
],
"start_pc": 232
},
{
"end_pc": 548,
"hash": "0x94de883bd29b0091606432b33421f3cadac7195477efefb36f1b26e4fe298c04",
"opcodes": [
"JUMPDEST",
"OP_80",
"OP_82",
"GT",
"ISZERO",
"PUSH2",
"JUMPI"
],
"start_pc": 540
},
{
"end_pc": 559,
"hash": "0x9fe6d0221668ff838259237c80d1ebeaf0bf05a16737755a052f3296a2a4d754",
"opcodes": [
"PUSH1",
"OP_81",
"SSTORE",
"PUSH1",
"ADD",
"PUSH2",
"JUMP"
],
"start_pc": 549
},
{
"end_pc": 605,
"hash": "0xbb88891303415f338e24f4a9ee1341afbdd500d6e498928088be321b3abd6501",
"opcodes": [
"JUMPDEST",
"PUSH2",
"PUSH1",
"CALLDATALOAD",
"PUSH1",
"CALLDATALOAD",
"PUSH1",
"CALLDATALOAD",
"PUSH1",
"PUSH1",
"PUSH1",
"EXP",
"SUB",
"OP_83",
"AND",
exec
/bin/bash -lc "sed -n '521,780p' BYTECODE_BUNDLE.json" in /tmp/codex-dp1fw3oq
succeeded in 0ms:
"PUSH1",
"OP_90",
"OP_81",
"MSTORE",
"PUSH1",
"PUSH1",
"MSTORE",
"PUSH1",
"OP_81",
"SHA3",
"SLOAD",
"OP_82",
"OP_90",
"LT",
"ISZERO",
"PUSH2",
"JUMPI"
],
"start_pc": 560
},
{
"end_pc": 609,
"hash": "0xd425254716ffb7107e60ba59079397b6c12b3b34f0fbd47671b314cecb2e0f36",
"opcodes": [
"PUSH2",
"JUMP"
],
"start_pc": 606
},
{
"end_pc": 621,
"hash": "0x93ff68615686e6320ef793b56a4ccfabb15958180985d5e5d19fc9de121a804f",
"opcodes": [
"JUMPDEST",
"PUSH2",
"PUSH1",
"SLOAD",
"PUSH1",
"AND",
"OP_81",
"JUMP"
],
"start_pc": 610
},
{
"end_pc": 645,
"hash": "0xffb236ed06cfbef2c0a94639511774bb6c5578a6b488fcc4b4efedb7fe44e6bf",
"opcodes": [
"JUMPDEST",
"PUSH2",
"PUSH1",
"CALLDATALOAD",
"PUSH1",
"PUSH1",
"MSTORE",
"PUSH1",
"OP_90",
"OP_81",
"MSTORE",
"PUSH1",
"OP_90",
"SHA3",
"SLOAD",
"OP_81",
"JUMP"
],
"start_pc": 622
},
{
"end_pc": 711,
"hash": "0xc0ad546b9f25fafd8a462c79fac211c65ae1107c2b8e51efee864a1b44a431e2",
"opcodes": [
"JUMPDEST",
"PUSH2",
"PUSH1",
"OP_80",
"SLOAD",
"PUSH1",
"OP_80",
"MLOAD",
"PUSH1",
"PUSH1",
"OP_84",
"OP_86",
"AND",
"ISZERO",
"PUSH2",
"MUL",
"PUSH1",
"NOT",
"ADD",
"OP_90",
"OP_94",
"AND",
"OP_93",
"OP_90",
"OP_93",
"DIV",
"PUSH1",
"OP_81",
"ADD",
"OP_84",
"OP_90",
"DIV",
"OP_84",
"MUL",
"OP_82",
"ADD",
"OP_84",
"ADD",
"OP_90",
"OP_92",
"MSTORE",
"OP_81",
"OP_81",
"MSTORE",
"OP_92",
"OP_91",
"OP_83",
"ADD",
"OP_82",
"OP_82",
"OP_80",
"ISZERO",
"PUSH2",
"JUMPI"
],
"start_pc": 646
},
{
"end_pc": 719,
"hash": "0xb2be5aa8ca93d7097d8a01fbc3ba68ab2c8270a2c8237aaf4be24a0cba49cf8d",
"opcodes": [
"OP_80",
"PUSH1",
"LT",
"PUSH2",
"JUMPI"
],
"start_pc": 712
},
{
"end_pc": 738,
"hash": "0x0f25a20536e20deaacde15d77cef87cdee795035d5a7817b7369b60f3139912d",
"opcodes": [
"PUSH2",
"OP_80",
"OP_83",
"SLOAD",
"DIV",
"MUL",
"OP_83",
"MSTORE",
"OP_91",
"PUSH1",
"ADD",
"OP_91",
"PUSH2",
"JUMP"
],
"start_pc": 720
},
{
"end_pc": 781,
"hash": "0x5831fb6284f08d69f111e853e6af6278b05c915daf684c99f972123100c39bb2",
"opcodes": [
"JUMPDEST",
"PUSH2",
"PUSH1",
"CALLDATALOAD",
"PUSH1",
"CALLDATALOAD",
"PUSH1",
"PUSH1",
"PUSH1",
"EXP",
"SUB",
"CALLER",
"AND",
"PUSH1",
"OP_90",
"OP_81",
"MSTORE",
"PUSH1",
"PUSH1",
"MSTORE",
"PUSH1",
"OP_90",
"SHA3",
"SLOAD",
"OP_81",
"OP_90",
"LT",
"ISZERO",
"PUSH2",
"JUMPI"
],
"start_pc": 739
},
{
"end_pc": 785,
"hash": "0x3e2a35474c4d8e1ed54154b1d33e61d3475dd235dc86ef9f5fc5beb143e718a8",
"opcodes": [
"PUSH2",
"JUMP"
],
"start_pc": 782
},
{
"end_pc": 1074,
"hash": "0x6bf390544c2a5d44a36e78bc2ade9f7986beaf0241eb5089536006e2594f882e",
"opcodes": [
"JUMPDEST",
"PUSH1",
"OP_80",
"MLOAD",
"PUSH1",
"PUSH1",
"CALLDATALOAD",
"PUSH1",
"OP_81",
"OP_81",
"ADD",
"CALLDATALOAD",
"PUSH1",
"OP_81",
"ADD",
"OP_84",
"OP_90",
"DIV",
"OP_84",
"MUL",
"OP_85",
"ADD",
"OP_84",
"ADD",
"OP_90",
"OP_95",
"MSTORE",
"OP_84",
"OP_84",
"MSTORE",
"PUSH2",
"OP_94",
"OP_81",
"CALLDATALOAD",
"OP_94",
"PUSH1",
"OP_80",
"CALLDATALOAD",
"OP_95",
"OP_93",
"OP_94",
"PUSH1",
"OP_94",
"OP_92",
"OP_93",
"OP_91",
"ADD",
"OP_91",
exec
/bin/bash -lc "sed -n '781,1040p' BYTECODE_BUNDLE.json" in /tmp/codex-dp1fw3oq
succeeded in 0ms:
"OP_81",
"OP_90",
"OP_84",
"ADD",
"OP_83",
"OP_82",
"OP_80",
"OP_82",
"OP_84",
"CALLDATACOPY",
"POP",
"OP_94",
"OP_96",
"POP",
"POP",
"POP",
"POP",
"POP",
"POP",
"POP",
"PUSH1",
"PUSH1",
"OP_83",
"PUSH1",
"PUSH1",
"POP",
"PUSH1",
"CALLER",
"PUSH1",
"PUSH1",
"PUSH1",
"EXP",
"SUB",
"AND",
"OP_81",
"MSTORE",
"PUSH1",
"ADD",
"OP_90",
"OP_81",
"MSTORE",
"PUSH1",
"ADD",
"PUSH1",
"SHA3",
"PUSH1",
"POP",
"PUSH1",
"OP_87",
"PUSH1",
"PUSH1",
"PUSH1",
"EXP",
"SUB",
"AND",
"OP_81",
"MSTORE",
"PUSH1",
"ADD",
"OP_90",
"OP_81",
"MSTORE",
"PUSH1",
"ADD",
"PUSH1",
"SHA3",
"PUSH1",
"POP",
"OP_81",
"OP_90",
"SSTORE",
"POP",
"OP_84",
"OP_90",
"POP",
"OP_80",
"PUSH1",
"PUSH1",
"PUSH1",
"EXP",
"SUB",
"AND",
"PUSH4",
"CALLER",
"OP_86",
"ADDRESS",
"OP_87",
"PUSH1",
"MLOAD",
"OP_85",
"PUSH1",
"PUSH1",
"EXP",
"MUL",
"OP_81",
"MSTORE",
"PUSH1",
"ADD",
"OP_80",
"OP_85",
"PUSH1",
"PUSH1",
"PUSH1",
"EXP",
"SUB",
"AND",
"OP_81",
"MSTORE",
"PUSH1",
"ADD",
"OP_84",
"OP_81",
"MSTORE",
"PUSH1",
"ADD",
"OP_83",
"PUSH1",
"PUSH1",
"PUSH1",
"EXP",
"SUB",
"AND",
"OP_81",
"MSTORE",
"PUSH1",
"ADD",
"OP_80",
"PUSH1",
"ADD",
"OP_82",
"OP_81",
"SUB",
"OP_82",
"MSTORE",
"OP_83",
"OP_81",
"OP_81",
"MLOAD",
"OP_81",
"MSTORE",
"PUSH1",
"ADD",
"OP_91",
"POP",
"OP_80",
"MLOAD",
"OP_90",
"PUSH1",
"ADD",
"OP_90",
"OP_80",
"OP_83",
"OP_83",
"OP_82",
"OP_90",
"PUSH1",
"PUSH1",
"PUSH1",
"OP_84",
"PUSH1",
"ADD",
"DIV",
"PUSH1",
"MUL",
"PUSH1",
"ADD",
"CALL",
"POP",
"OP_90",
"POP",
"OP_90",
"OP_81",
"ADD",
"OP_90",
"PUSH1",
"AND",
"OP_80",
"ISZERO",
"PUSH2",
"JUMPI"
],
"start_pc": 786
},
{
"end_pc": 1099,
"hash": "0x5636d2b9f5b3f4f7bf3a7bdbbb2f93a68d78d7b9db7ae3263c0f923b15ba29f5",
"opcodes": [
"OP_80",
"OP_82",
"SUB",
"OP_80",
"MLOAD",
"PUSH1",
"OP_83",
"PUSH1",
"SUB",
"PUSH2",
"EXP",
"SUB",
"NOT",
"AND",
"OP_81",
"MSTORE",
"PUSH1",
"ADD",
"OP_91",
"POP"
],
"start_pc": 1075
},
{
"end_pc": 1131,
"hash": "0x11fb0ab03a063d269314bd3743ad42e5bc664531ee9e0cb01b68fde50d08316a",
"opcodes": [
"JUMPDEST",
"POP",
"OP_95",
"POP",
"POP",
"POP",
"POP",
"POP",
"POP",
"PUSH1",
"PUSH1",
"MLOAD",
"OP_80",
"OP_83",
"SUB",
"OP_81",
"PUSH1",
"OP_87",
"PUSH2",
"GAS",
"SUB",
"CALL",
"ISZERO",
"PUSH2",
"JUMPI"
],
"start_pc": 1100
},
{
"end_pc": 1141,
"hash": "0x26095ca5eab6e64d9ead728af20beb20707f98c760a4e50959ddebcadc771ff3",
"opcodes": [
"POP",
"POP",
"POP",
"POP",
"OP_93",
"OP_92",
"POP",
"POP",
"POP",
"JUMP"
],
"start_pc": 1132
},
{
exec
/bin/bash -lc "sed -n '1041,1300p' BYTECODE_BUNDLE.json" in /tmp/codex-dp1fw3oq
succeeded in 0ms:
"end_pc": 1178,
"hash": "0xe2fc214f38014e468f7e1c040925c616ab6e87d135c41fc5bb3b9c4a5cadc76e",
"opcodes": [
"JUMPDEST",
"PUSH1",
"PUSH1",
"OP_90",
"OP_81",
"MSTORE",
"PUSH1",
"CALLDATALOAD",
"PUSH1",
"OP_90",
"OP_81",
"MSTORE",
"PUSH1",
"OP_80",
"OP_82",
"SHA3",
"OP_90",
"OP_92",
"MSTORE",
"PUSH1",
"CALLDATALOAD",
"OP_81",
"MSTORE",
"SHA3",
"SLOAD",
"PUSH2",
"OP_90",
"OP_81",
"JUMP"
],
"start_pc": 1142
},
{
"end_pc": 1214,
"hash": "0xc69081e9bcd921e95ff2211c5a44854e8677e0f8e699b88f2a2fe10f30742077",
"opcodes": [
"JUMPDEST",
"PUSH1",
"PUSH1",
"OP_81",
"OP_81",
"MSTORE",
"OP_90",
"CALLDATALOAD",
"PUSH1",
"OP_90",
"OP_81",
"MSTORE",
"PUSH1",
"OP_80",
"OP_82",
"SHA3",
"OP_90",
"OP_92",
"MSTORE",
"PUSH1",
"CALLDATALOAD",
"OP_81",
"MSTORE",
"SHA3",
"SLOAD",
"PUSH2",
"OP_90",
"OP_81",
"JUMP"
],
"start_pc": 1179
},
{
"end_pc": 1216,
"hash": "0xbaeebc1b40692d2442e0e7587d996a7290c79007772f94bba2038a32a27c1c34",
"opcodes": [
"JUMPDEST",
"STOP"
],
"start_pc": 1215
},
{
"end_pc": 1287,
"hash": "0xf7c7dfe323c120170f44e4f58bc18861cc6c804f07785236f5d64a8169e92c5b",
"opcodes": [
"JUMPDEST",
"PUSH1",
"MLOAD",
"OP_80",
"OP_80",
"PUSH1",
"ADD",
"OP_82",
"OP_81",
"SUB",
"OP_82",
"MSTORE",
"OP_83",
"OP_81",
"OP_81",
"MLOAD",
"OP_81",
"MSTORE",
"PUSH1",
"ADD",
"OP_91",
"POP",
"OP_80",
"MLOAD",
"OP_90",
"PUSH1",
"ADD",
"OP_90",
"OP_80",
"OP_83",
"OP_83",
"OP_82",
"OP_90",
"PUSH1",
"PUSH1",
"PUSH1",
"OP_84",
"PUSH1",
"ADD",
"DIV",
"PUSH1",
"MUL",
"PUSH1",
"ADD",
"CALL",
"POP",
"OP_90",
"POP",
"OP_90",
"OP_81",
"ADD",
"OP_90",
"PUSH1",
"AND",
"OP_80",
"ISZERO",
"PUSH2",
"JUMPI"
],
"start_pc": 1217
},
{
"end_pc": 1312,
"hash": "0xbede16323444488899c4fdec006e21a6a4a9d9b26a6f0ccc04e0084463e0652a",
"opcodes": [
"OP_80",
"OP_82",
"SUB",
"OP_80",
"MLOAD",
"PUSH1",
"OP_83",
"PUSH1",
"SUB",
"PUSH2",
"EXP",
"SUB",
"NOT",
"AND",
"OP_81",
"MSTORE",
"PUSH1",
"ADD",
"OP_91",
"POP"
],
"start_pc": 1288
},
{
"end_pc": 1326,
"hash": "0x40800a605f370e4d5f1181c539dec88b8355ab6dfe25421713be50ff2b9e1843",
"opcodes": [
"JUMPDEST",
"POP",
"OP_92",
"POP",
"POP",
"POP",
"PUSH1",
"MLOAD",
"OP_80",
"OP_91",
"SUB",
"OP_90",
"RETURN"
],
"start_pc": 1313
},
{
"end_pc": 1344,
"hash": "0x0d891347c934b487e2da7d1ff580f016ee8eb27a079540588b0bc23d1ffb500d",
"opcodes": [
"JUMPDEST",
"PUSH1",
"OP_80",
"MLOAD",
"OP_91",
"OP_82",
"MSTORE",
"MLOAD",
"OP_90",
"OP_81",
"OP_90",
"SUB",
"PUSH1",
"ADD",
"OP_90",
"RETURN"
],
"start_pc": 1327
},
{
"end_pc": 1367,
"hash": "0x0b3c819ffe50e054cda1eb1b02a47ed5533249b4e7525591b97fb104be98294e",
"opcodes": [
"JUMPDEST",
"PUSH1",
"OP_80",
"MLOAD",
"PUSH1",
"OP_92",
"OP_90",
"OP_92",
"AND",
"OP_82",
"MSTORE",
"MLOAD",
"OP_90",
"OP_81",
"OP_90",
"SUB",
"PUSH1",
"ADD",
"OP_90",
"RETURN"
],
"start_pc": 1345
},
{
"end_pc": 1381,
"hash": "0xded9edae2e3ff06e957ef7b6b397f5dd47cbef57eadf7b1aaef33ec736588c2f",
"opcodes": [
"JUMPDEST",
"OP_82",
"ADD",
"OP_91",
"OP_90",
"PUSH1",
"MSTORE",
"PUSH1",
"PUSH1",
"SHA3",
"OP_90"
],
"start_pc": 1368
},
exec
/bin/bash -lc "sed -n '1301,1560p' BYTECODE_BUNDLE.json" in /tmp/codex-dp1fw3oq
succeeded in 0ms:
{
"end_pc": 1401,
"hash": "0xcd98dbb2a035e770a45d85729ada26ab29fa8a4e6a693f65d1a3dccc91f14d13",
"opcodes": [
"JUMPDEST",
"OP_81",
"SLOAD",
"OP_81",
"MSTORE",
"OP_90",
"PUSH1",
"ADD",
"OP_90",
"PUSH1",
"ADD",
"OP_80",
"OP_83",
"GT",
"PUSH2",
"JUMPI"
],
"start_pc": 1382
},
{
"end_pc": 1410,
"hash": "0x61a300401ff4869add22613958c5994baaa71ada76b2414ce8307c758ec3c6ce",
"opcodes": [
"OP_82",
"OP_90",
"SUB",
"PUSH1",
"AND",
"OP_82",
"ADD",
"OP_91"
],
"start_pc": 1402
},
{
"end_pc": 1418,
"hash": "0x429de89d2db006cb931a76456a35d9006dcdcde899fd24769a6b481b367c7149",
"opcodes": [
"JUMPDEST",
"POP",
"POP",
"POP",
"POP",
"POP",
"OP_81",
"JUMP"
],
"start_pc": 1411
},
{
"end_pc": 1567,
"hash": "0xc6285fcfb57ec808dbf4e45ab6162177fbbf7509525f7ace75d1762e62034c4b",
"opcodes": [
"JUMPDEST",
"POP",
"POP",
"PUSH1",
"OP_80",
"MLOAD",
"OP_80",
"OP_82",
"ADD",
"OP_90",
"OP_91",
"MSTORE",
"PUSH1",
"OP_80",
"OP_82",
"MSTORE",
"PUSH32",
"PUSH1",
"OP_92",
"OP_83",
"ADD",
"OP_90",
"OP_81",
"MSTORE",
"OP_81",
"SLOAD",
"PUSH1",
"OP_83",
"OP_90",
"MSTORE",
"OP_90",
"MLOAD",
"PUSH1",
"NOT",
"AND",
"PUSH1",
"OP_90",
"OP_81",
"OR",
"OP_83",
"SSTORE",
"OP_91",
"OP_92",
"PUSH2",
"OP_92",
"OP_82",
"OP_85",
"AND",
"ISZERO",
"PUSH2",
"MUL",
"PUSH1",
"NOT",
"ADD",
"OP_90",
"OP_92",
"AND",
"OP_91",
"OP_90",
"OP_91",
"DIV",
"PUSH1",
"ADD",
"DIV",
"PUSH32",
"OP_90",
"OP_81",
"ADD",
"OP_90",
"PUSH2",
"JUMP"
],
"start_pc": 1419
},
{
"end_pc": 1571,
"hash": "0x789f9a8117a64cfaac49af7db8d857b1e73c9a2445b180171d18e9623cd6697e",
"opcodes": [
"JUMPDEST",
"POP",
"OP_90",
"JUMP"
],
"start_pc": 1568
},
{
"end_pc": 1591,
"hash": "0x235f69641b950e213dbdea808f04597893f54a3248d27826d924ddc97ac01fde",
"opcodes": [
"JUMPDEST",
"POP",
"POP",
"PUSH1",
"OP_80",
"SLOAD",
"PUSH1",
"NOT",
"AND",
"OP_83",
"OR",
"OP_90",
"SSTORE",
"POP",
"POP",
"POP",
"POP",
"JUMP"
],
"start_pc": 1572
},
{
"end_pc": 1626,
"hash": "0x91f2711fe8fbebc9436808814f195c64d1e0500d5fb35bce2dd779022d86a682",
"opcodes": [
"JUMPDEST",
"PUSH1",
"PUSH1",
"PUSH1",
"EXP",
"SUB",
"OP_82",
"AND",
"PUSH1",
"OP_90",
"OP_81",
"MSTORE",
"PUSH1",
"PUSH1",
"MSTORE",
"PUSH1",
"OP_90",
"SHA3",
"SLOAD",
"OP_81",
"OP_81",
"ADD",
"LT",
"ISZERO",
"PUSH2",
"JUMPI"
],
"start_pc": 1592
},
{
"end_pc": 1630,
"hash": "0x74c2e6c5b91eb8729268d6e2d9675afb90828ca8af9da7ac4b77da3fea9c047d",
"opcodes": [
"PUSH2",
"JUMP"
],
"start_pc": 1627
},
{
"end_pc": 1737,
"hash": "0xb485203f3efc922d2c1458327dd6c555de4b4966285e189519698766e180367f",
"opcodes": [
"JUMPDEST",
"PUSH1",
"PUSH1",
"PUSH1",
"EXP",
"SUB",
"CALLER",
"OP_81",
"AND",
"PUSH1",
"OP_81",
"OP_81",
"MSTORE",
"PUSH1",
"PUSH1",
"OP_90",
"OP_81",
"MSTORE",
"PUSH1",
"OP_80",
"OP_83",
"SHA3",
"OP_80",
"SLOAD",
"OP_87",
"OP_90",
"SUB",
"OP_90",
"SSTORE",
"OP_93",
"OP_86",
"AND",
"OP_80",
"OP_83",
"MSTORE",
"OP_91",
"OP_84",
"OP_90",
"SHA3",
"OP_80",
"SLOAD",
"OP_86",
"ADD",
"OP_90",
"SSTORE",
"OP_83",
"MLOAD",
exec
/bin/bash -lc "sed -n '1561,1820p' BYTECODE_BUNDLE.json" in /tmp/codex-dp1fw3oq
succeeded in 0ms:
"OP_85",
"OP_81",
"MSTORE",
"OP_93",
"MLOAD",
"OP_91",
"OP_93",
"PUSH32",
"OP_92",
"OP_90",
"OP_81",
"OP_90",
"SUB",
"OP_90",
"OP_91",
"ADD",
"OP_90",
"OP_A3",
"POP",
"POP",
"JUMP"
],
"start_pc": 1631
},
{
"end_pc": 1772,
"hash": "0x0d70c1f57fcc96c622b4fe5c80cfb904e52920193a0af98999345d937022f77a",
"opcodes": [
"JUMPDEST",
"PUSH1",
"PUSH1",
"PUSH1",
"EXP",
"SUB",
"OP_83",
"AND",
"PUSH1",
"OP_90",
"OP_81",
"MSTORE",
"PUSH1",
"PUSH1",
"MSTORE",
"PUSH1",
"OP_90",
"SHA3",
"SLOAD",
"OP_82",
"OP_81",
"ADD",
"LT",
"ISZERO",
"PUSH2",
"JUMPI"
],
"start_pc": 1738
},
{
"end_pc": 1776,
"hash": "0xfbebdec87c88123763962c5cea536cced3c421a6ecdbeee0a8f546b6a5816d29",
"opcodes": [
"PUSH2",
"JUMP"
],
"start_pc": 1773
},
{
"end_pc": 1849,
"hash": "0x603a76e6e27fe73cf38bf869e64b5757a350740ebbaa95faf14ecb76a3884367",
"opcodes": [
"JUMPDEST",
"PUSH1",
"PUSH1",
"PUSH1",
"EXP",
"SUB",
"OP_84",
"OP_81",
"AND",
"PUSH1",
"OP_81",
"OP_81",
"MSTORE",
"PUSH1",
"PUSH1",
"OP_90",
"OP_81",
"MSTORE",
"PUSH1",
"OP_80",
"OP_83",
"SHA3",
"CALLER",
"OP_95",
"OP_90",
"OP_95",
"AND",
"OP_80",
"OP_84",
"MSTORE",
"OP_94",
"OP_82",
"MSTORE",
"OP_80",
"OP_83",
"SHA3",
"SLOAD",
"OP_93",
"OP_83",
"MSTORE",
"PUSH1",
"OP_82",
"MSTORE",
"OP_80",
"OP_83",
"SHA3",
"OP_94",
"OP_83",
"MSTORE",
"OP_93",
"OP_90",
"MSTORE",
"OP_91",
"OP_90",
"OP_91",
"SHA3",
"SLOAD",
"OP_83",
"ADD",
"GT",
"ISZERO",
"PUSH2",
"JUMPI"
],
"start_pc": 1777
},
{
"end_pc": 1853,
"hash": "0x0fab287b650ca43f03fb4387da1f92d599c3718b0756540e1ebe29dbe9f28639",
"opcodes": [
"PUSH2",
"JUMP"
],
"start_pc": 1850
},
{
"end_pc": 1993,
"hash": "0x34326453d827083d48414101dce29b641d284fec2c1ce8fcb60a01c584bb5610",
"opcodes": [
"JUMPDEST",
"PUSH1",
"PUSH1",
"PUSH1",
"EXP",
"SUB",
"OP_84",
"OP_81",
"AND",
"PUSH1",
"OP_81",
"OP_81",
"MSTORE",
"PUSH1",
"PUSH1",
"OP_90",
"OP_81",
"MSTORE",
"PUSH1",
"OP_80",
"OP_83",
"SHA3",
"OP_80",
"SLOAD",
"OP_88",
"OP_90",
"SUB",
"OP_90",
"SSTORE",
"OP_87",
"OP_85",
"AND",
"OP_80",
"OP_84",
"MSTORE",
"OP_81",
"OP_84",
"SHA3",
"OP_80",
"SLOAD",
"OP_89",
"ADD",
"OP_90",
"SSTORE",
"OP_93",
"OP_83",
"MSTORE",
"PUSH1",
"OP_82",
"MSTORE",
"OP_80",
"OP_83",
"SHA3",
"CALLER",
"OP_95",
"OP_90",
"OP_95",
"AND",
"OP_80",
"OP_84",
"MSTORE",
"OP_94",
"OP_82",
"MSTORE",
"OP_91",
"OP_82",
"OP_90",
"SHA3",
"OP_80",
"SLOAD",
"OP_87",
"ADD",
"OP_90",
"SSTORE",
"OP_81",
"MLOAD",
"OP_86",
"OP_81",
"MSTORE",
"OP_91",
"MLOAD",
"OP_92",
"OP_93",
"OP_92",
"PUSH32",
"OP_92",
"OP_81",
"OP_90",
"SUB",
"OP_90",
"OP_91",
"ADD",
"OP_90",
"OP_A3",
"OP_93",
"OP_92",
"POP",
"POP",
"POP",
"JUMP"
],
"start_pc": 1854
}
],
"callsites": [
{
"opcode": "CALL",
"pc": 1058,
"returndata_checked": null,
"target_expression_category": "computed",
"value_expression_category": "computed"
exec
/bin/bash -lc "sed -n '1821,2080p' BYTECODE_BUNDLE.json" in /tmp/codex-dp1fw3oq
succeeded in 0ms:
},
{
"opcode": "CALL",
"pc": 1126,
"returndata_checked": null,
"target_expression_category": "computed",
"value_expression_category": "computed"
},
{
"opcode": "CALL",
"pc": 1271,
"returndata_checked": null,
"target_expression_category": "computed",
"value_expression_category": "computed"
}
],
"cfg_edges": [
{
"from": "bb:0",
"to": "bb:130",
"type": "control_flow"
},
{
"from": "bb:0",
"to": "bb:11",
"type": "control_flow_fallthrough"
},
{
"from": "bb:11",
"to": "bb:138",
"type": "control_flow"
},
{
"from": "bb:11",
"to": "bb:31",
"type": "control_flow_fallthrough"
},
{
"from": "bb:31",
"to": "bb:232",
"type": "control_flow"
},
{
"from": "bb:31",
"to": "bb:42",
"type": "control_flow_fallthrough"
},
{
"from": "bb:42",
"to": "bb:560",
"type": "control_flow"
},
{
"from": "bb:42",
"to": "bb:53",
"type": "control_flow_fallthrough"
},
{
"from": "bb:53",
"to": "bb:610",
"type": "control_flow"
},
{
"from": "bb:53",
"to": "bb:64",
"type": "control_flow_fallthrough"
},
{
"from": "bb:64",
"to": "bb:622",
"type": "control_flow"
},
{
"from": "bb:64",
"to": "bb:75",
"type": "control_flow_fallthrough"
},
{
"from": "bb:75",
"to": "bb:646",
"type": "control_flow"
},
{
"from": "bb:75",
"to": "bb:86",
"type": "control_flow_fallthrough"
},
{
"from": "bb:86",
"to": "bb:739",
"type": "control_flow"
},
{
"from": "bb:86",
"to": "bb:97",
"type": "control_flow_fallthrough"
},
{
"from": "bb:97",
"to": "bb:786",
"type": "control_flow"
},
{
"from": "bb:97",
"to": "bb:108",
"type": "control_flow_fallthrough"
},
{
"from": "bb:108",
"to": "bb:1142",
"type": "control_flow"
},
{
"from": "bb:108",
"to": "bb:119",
"type": "control_flow_fallthrough"
},
{
"from": "bb:119",
"to": "bb:1179",
"type": "control_flow"
},
{
"from": "bb:119",
"to": "bb:130",
"type": "control_flow_fallthrough"
},
{
"from": "bb:138",
"to": "bb:1411",
"type": "control_flow"
},
{
"from": "bb:138",
"to": "bb:205",
"type": "control_flow_fallthrough"
},
{
"from": "bb:205",
"to": "bb:1368",
"type": "control_flow"
},
{
"from": "bb:205",
"to": "bb:213",
"type": "control_flow_fallthrough"
},
{
"from": "bb:213",
"to": "bb:1411",
"type": "control_flow"
},
{
"from": "bb:232",
"to": "bb:540",
"type": "control_flow_fallthrough"
},
{
"from": "bb:540",
"to": "bb:1568",
"type": "control_flow"
},
{
"from": "bb:540",
"to": "bb:549",
"type": "control_flow_fallthrough"
},
{
"from": "bb:549",
"to": "bb:540",
"type": "control_flow"
},
{
"from": "bb:560",
"to": "bb:1738",
"type": "control_flow"
},
{
"from": "bb:560",
"to": "bb:606",
"type": "control_flow_fallthrough"
},
{
"from": "bb:646",
"to": "bb:1411",
"type": "control_flow"
},
{
"from": "bb:646",
"to": "bb:712",
"type": "control_flow_fallthrough"
},
{
"from": "bb:712",
"to": "bb:1368",
"type": "control_flow"
},
{
"from": "bb:712",
"to": "bb:720",
"type": "control_flow_fallthrough"
},
{
"from": "bb:720",
"to": "bb:1411",
"type": "control_flow"
},
{
"from": "bb:739",
"to": "bb:1592",
"type": "control_flow"
},
{
"from": "bb:739",
"to": "bb:782",
"type": "control_flow_fallthrough"
},
{
"from": "bb:786",
"to": "bb:1100",
"type": "control_flow"
},
{
"from": "bb:786",
"to": "bb:1075",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1075",
"to": "bb:1100",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1100",
"to": "bb:1132",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1217",
"to": "bb:1313",
"type": "control_flow"
},
{
"from": "bb:1217",
"to": "bb:1288",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1288",
"to": "bb:1313",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1368",
"to": "bb:1382",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1382",
"to": "bb:1382",
exec
/bin/bash -lc "sed -n '2081,2340p' BYTECODE_BUNDLE.json" in /tmp/codex-dp1fw3oq
succeeded in 0ms:
"type": "control_flow"
},
{
"from": "bb:1382",
"to": "bb:1402",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1402",
"to": "bb:1411",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1419",
"to": "bb:540",
"type": "control_flow"
},
{
"from": "bb:1592",
"to": "bb:1631",
"type": "control_flow"
},
{
"from": "bb:1592",
"to": "bb:1627",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1738",
"to": "bb:1777",
"type": "control_flow"
},
{
"from": "bb:1738",
"to": "bb:1773",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1777",
"to": "bb:1854",
"type": "control_flow"
},
{
"from": "bb:1777",
"to": "bb:1850",
"type": "control_flow_fallthrough"
}
],
"cfg_hash": "0xbeea9b140fabb5b3837a3821f2aef644d74ffce6a478715a1e54be970e485cfe",
"dispatcher_type": "selector_jump_table",
"function_entries": [
{
"entry_pc": null,
"selector": "0x06fdde03"
},
{
"entry_pc": 599290589,
"selector": "0x1d2bca17"
},
{
"entry_pc": 826074471,
"selector": "0x23b872dd"
},
{
"entry_pc": 1889567281,
"selector": "0x313ce567"
},
{
"entry_pc": 2514000705,
"selector": "0x70a08231"
},
{
"entry_pc": 2835717307,
"selector": "0x95d89b41"
},
{
"entry_pc": 3404319313,
"selector": "0xa9059cbb"
},
{
"entry_pc": 3694166258,
"selector": "0xcae9ca51"
},
{
"entry_pc": 3714247998,
"selector": "0xdc3080f2"
},
{
"entry_pc": 1215,
"selector": "0xdd62ed3e"
}
],
"functions": [
{
"auth": {
"guards": []
},
"entry_pc": null,
"selector": "0x06fdde03",
"sinks": {
"call": 3,
"delegatecall": 0,
"selfdestruct": 0,
"staticcall": 0
},
"storage": {
"reads": 23,
"slots": [
{
"op": "SLOAD",
"pc": 145,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 218,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SLOAD",
"pc": 616,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
},
{
"op": "SLOAD",
"pc": 653,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 725,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SSTORE",
"pc": 933,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 1578,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
}
],
"writes": 11
}
},
{
"auth": {
"guards": []
},
"entry_pc": 599290589,
"selector": "0x1d2bca17",
"sinks": {
"call": 3,
"delegatecall": 0,
"selfdestruct": 0,
"staticcall": 0
},
"storage": {
"reads": 23,
"slots": [
{
"op": "SLOAD",
"pc": 145,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 218,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SLOAD",
"pc": 616,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
},
{
"op": "SLOAD",
"pc": 653,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 725,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SSTORE",
"pc": 933,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 1578,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
}
],
"writes": 11
}
},
{
"auth": {
"guards": []
},
"entry_pc": 826074471,
"selector": "0x23b872dd",
"sinks": {
"call": 3,
"delegatecall": 0,
"selfdestruct": 0,
"staticcall": 0
},
"storage": {
"reads": 23,
"slots": [
{
"op": "SLOAD",
"pc": 145,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 218,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SLOAD",
"pc": 616,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
},
{
"op": "SLOAD",
"pc": 653,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 725,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SSTORE",
"pc": 933,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 1578,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
}
],
"writes": 11
}
},
{
"auth": {
"guards": []
},
"entry_pc": 1889567281,
exec
/bin/bash -lc "sed -n '2341,2600p' BYTECODE_BUNDLE.json" in /tmp/codex-dp1fw3oq
succeeded in 0ms:
"selector": "0x313ce567",
"sinks": {
"call": 3,
"delegatecall": 0,
"selfdestruct": 0,
"staticcall": 0
},
"storage": {
"reads": 23,
"slots": [
{
"op": "SLOAD",
"pc": 145,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 218,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SLOAD",
"pc": 616,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
},
{
"op": "SLOAD",
"pc": 653,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 725,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SSTORE",
"pc": 933,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 1578,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
}
],
"writes": 11
}
},
{
"auth": {
"guards": []
},
"entry_pc": 2514000705,
"selector": "0x70a08231",
"sinks": {
"call": 3,
"delegatecall": 0,
"selfdestruct": 0,
"staticcall": 0
},
"storage": {
"reads": 23,
"slots": [
{
"op": "SLOAD",
"pc": 145,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 218,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SLOAD",
"pc": 616,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
},
{
"op": "SLOAD",
"pc": 653,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 725,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SSTORE",
"pc": 933,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 1578,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
}
],
"writes": 11
}
},
{
"auth": {
"guards": []
},
"entry_pc": 2835717307,
"selector": "0x95d89b41",
"sinks": {
"call": 3,
"delegatecall": 0,
"selfdestruct": 0,
"staticcall": 0
},
"storage": {
"reads": 23,
"slots": [
{
"op": "SLOAD",
"pc": 145,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 218,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SLOAD",
"pc": 616,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
},
{
"op": "SLOAD",
"pc": 653,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 725,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SSTORE",
"pc": 933,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 1578,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
}
],
"writes": 11
}
},
{
"auth": {
"guards": []
},
"entry_pc": 3404319313,
"selector": "0xa9059cbb",
"sinks": {
"call": 3,
"delegatecall": 0,
"selfdestruct": 0,
"staticcall": 0
},
"storage": {
"reads": 23,
"slots": [
{
"op": "SLOAD",
"pc": 145,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 218,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SLOAD",
"pc": 616,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
},
{
"op": "SLOAD",
"pc": 653,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 725,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SSTORE",
"pc": 933,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 1578,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
}
],
"writes": 11
}
},
{
"auth": {
"guards": []
},
"entry_pc": 3694166258,
"selector": "0xcae9ca51",
"sinks": {
"call": 3,
"delegatecall": 0,
"selfdestruct": 0,
"staticcall": 0
},
"storage": {
"reads": 23,
"slots": [
{
"op": "SLOAD",
"pc": 145,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 218,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SLOAD",
"pc": 616,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
},
{
"op": "SLOAD",
"pc": 653,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 725,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SSTORE",
"pc": 933,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 1578,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
exec
/bin/bash -lc "sed -n '2601,2860p' BYTECODE_BUNDLE.json" in /tmp/codex-dp1fw3oq
succeeded in 0ms:
}
],
"writes": 11
}
},
{
"auth": {
"guards": []
},
"entry_pc": 3714247998,
"selector": "0xdc3080f2",
"sinks": {
"call": 3,
"delegatecall": 0,
"selfdestruct": 0,
"staticcall": 0
},
"storage": {
"reads": 23,
"slots": [
{
"op": "SLOAD",
"pc": 145,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 218,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SLOAD",
"pc": 616,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
},
{
"op": "SLOAD",
"pc": 653,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 725,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SSTORE",
"pc": 933,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 1578,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
}
],
"writes": 11
}
},
{
"auth": {
"guards": []
},
"entry_pc": 1215,
"selector": "0xdd62ed3e",
"sinks": {
"call": 3,
"delegatecall": 0,
"selfdestruct": 0,
"staticcall": 0
},
"storage": {
"reads": 23,
"slots": [
{
"op": "SLOAD",
"pc": 145,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 218,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SLOAD",
"pc": 616,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
},
{
"op": "SLOAD",
"pc": 653,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 725,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SSTORE",
"pc": 933,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 1578,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
}
],
"writes": 11
}
}
],
"selectors": [
"0x06fdde03",
"0x1d2bca17",
"0x23b872dd",
"0x313ce567",
"0x70a08231",
"0x95d89b41",
"0xa9059cbb",
"0xcae9ca51",
"0xdc3080f2",
"0xdd62ed3e"
],
"sinks": {
"call": 3,
"create": 0,
"create2": 0,
"delegatecall": 0,
"selfdestruct": 0,
"staticcall": 0,
"upgrade_slot_write_suspected": false
},
"storage": {
"keccak_count": 23,
"reads": 23,
"slots": [
{
"op": "SLOAD",
"pc": 145,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 218,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SLOAD",
"pc": 616,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
},
{
"op": "SLOAD",
"pc": 653,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 725,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SSTORE",
"pc": 933,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 1578,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
}
],
"writes": 11
},
"version": "analysis_artifact_v1"
},
"block_number": null,
"chain_id": 1,
"codehash": "0xef46c335fdccc163c979b676f632b45514e9c0961706a507da1e96c4aa079a0f",
"created_at": "2026-04-04T19:55:36.000000Z",
"id": 2274,
"updated_at": "2026-04-04T19:55:36.000000Z",
"version": "analysis_artifact_v1"
},
"analysis_run": {
"address": "0x080781e41bbd4402a8b9f07df187b7391d707de7",
"block_number": null,
"chain_id": 1,
"child_links": [],
"created_at": "2025-12-19T20:03:55.000000Z",
"id": "019b3836-35bd-7032-b1d3-60862afc5118",
"parent_links": [],
"status": "running",
"updated_at": "2026-04-04T19:55:36.000000Z"
},
"artifact": {
"codehash": "0xef46c335fdccc163c979b676f632b45514e9c0961706a507da1e96c4aa079a0f",
"compiler_json": {
"etherscan": {
"skipped": true
}
},
"implementation_address": null,
"is_proxy": false,
"runtime_bytecode": {
"full": "0x606060405236156100825760e060020a600035046306fdde03811461008a5780631d2bca17146100e857806323b872dd14610230578063313ce5671461026257806370a082311461026e57806395d89b4114610286578063a9059cbb146102e3578063cae9ca5114610312578063dc3080f214610476578063dd62ed3e1461049b575b6104bf610002565b6104c16000805460408051602060026001851615610100026000190190941693909304601f810184900484028201840190925281815292918301828280156105835780601f1061055857610100808354040283529160200191610583565b60408051602060248035600481810135601f81018590048502860185019096528585526104bf958135959194604494929390920191819084018382808284375050604080516020606435808b0135601f810183900483028401830190945283835297999835989760849750919550602491909101935090915081908401838280828437505050600160a060020a03331660009081526003602090815260408083208c90558051808201909152600981527f4a61736f6e436f696e000000000000000000000000000000000000000000000090820190815282548380529051601260ff1990911617835595975090955061058b9460026001821615610100026000190190911604601f01047f290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e56390810193509150505b80821115610620576000815560010161021c565b61052f600435602435604435600160a060020a038316600090815260036020526040812054829010156106ca57610002565b61054160025460ff1681565b61052f60043560036020526000908152604090205481565b6104c160018054604080516020600284861615610100026000190190941693909304601f810184900484028201840190925281815292918301828280156105835780601f1061055857610100808354040283529160200191610583565b6104bf600435602435600160a060020a0333166000908152600360205260409020548190101561063857610002565b604080516020604435600481810135601f810184900484028501840190955284845261052f94813594602480359593946064949293910191819084018382808284375094965050505050505060006000836004600050600033600160a060020a03168152602001908152602001600020600050600087600160a060020a031681526020019081526020016000206000508190555084905080600160a060020a0316638f4ffcb1338630876040518560e060020a0281526004018085600160a060020a0316815260200184815260200183600160a060020a03168152602001806020018281038252838181518152602001915080519060200190808383829060006004602084601f0104600f02600301f150905090810190601f16801561044c5780820380516001836020036101000a031916815260200191505b50955050505050506000604051808303816000876161da5a03f11561000257505050509392505050565b60056020908152600435600090815260408082209092526024358152205461052f9081565b600460208181529035600090815260408082209092526024358152205461052f9081565b005b60405180806020018281038252838181518152602001915080519060200190808383829060006004602084601f0104600f02600301f150905090810190601f1680156105215780820380516001836020036101000a031916815260200191505b509250505060405180910390f35b60408051918252519081900360200190f35b6040805160ff929092168252519081900360200190f35b820191906000526020600020905b81548152906001019060200180831161056657829003601f168201915b505050505081565b50506040805180820190915260018082527f4a00000000000000000000000000000000000000000000000000000000000000602092830190815281546000839052905160ff19166002908117835591926106249282851615610100026000190190921691909104601f01047fb10e2d527612073b26eecdfd717e6a320cf44b4afac2b0732d9fcbe2b7fa0cf69081019061021c565b5090565b50506002805460ff19168317905550505050565b600160a060020a038216600090815260036020526040902054818101101561065f57610002565b600160a060020a03338116600081815260036020908152604080832080548790039055938616808352918490208054860190558351858152935191937fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef929081900390910190a35050565b600160a060020a03831660009081526003602052604090205482810110156106f157610002565b600160a060020a0384811660008181526004602090815260408083203395909516808452948252808320549383526005825280832094835293905291909120548301111561073e57610002565b600160a060020a0384811660008181526003602090815260408083208054889003905587851680845281842080548901905593835260058252808320339590951680845294825291829020805487019055815186815291519293927fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef9281900390910190a3939250505056",
"head": null,
"length": 3990,
"tail": null,
"truncated": false
},
"verified_source": false
},
"capability_graph": {
"address": "0x080781e41bbd4402a8b9f07df187b7391d707de7",
"block_number": null,
"chain_id": 1,
"codehash": "0xef46c335fdccc163c979b676f632b45514e9c0961706a507da1e96c4aa079a0f",
"created_at": "2026-04-04T19:55:36.000000Z",
"graph_hash": "0x5affaba3b2fbff805a99962aeb717c16260febf99f43e06e479407cd575b995e",
"graph_json": {
"edges": [
{
"from": "bb:0",
"to": "bb:130",
"type": "control_flow"
},
{
"from": "bb:0",
"to": "bb:11",
"type": "control_flow_fallthrough"
},
{
"from": "bb:11",
"to": "bb:138",
"type": "control_flow"
},
{
"from": "bb:11",
"to": "bb:31",
"type": "control_flow_fallthrough"
},
{
"from": "bb:31",
"to": "bb:232",
"type": "control_flow"
},
{
"from": "bb:31",
"to": "bb:42",
"type": "control_flow_fallthrough"
},
{
"from": "bb:42",
"to": "bb:560",
"type": "control_flow"
},
exec
/bin/bash -lc "rg -n 'detector|evidence|finding|callsites|storage_slots|summary|selector' BYTECODE_BUNDLE.json" in /tmp/codex-dp1fw3oq
succeeded in 0ms:
1814: "callsites": [
2130: "dispatcher_type": "selector_jump_table",
2134: "selector": "0x06fdde03"
2138: "selector": "0x1d2bca17"
2142: "selector": "0x23b872dd"
2146: "selector": "0x313ce567"
2150: "selector": "0x70a08231"
2154: "selector": "0x95d89b41"
2158: "selector": "0xa9059cbb"
2162: "selector": "0xcae9ca51"
2166: "selector": "0xdc3080f2"
2170: "selector": "0xdd62ed3e"
2179: "selector": "0x06fdde03",
2233: "selector": "0x1d2bca17",
2287: "selector": "0x23b872dd",
2341: "selector": "0x313ce567",
2395: "selector": "0x70a08231",
2449: "selector": "0x95d89b41",
2503: "selector": "0xa9059cbb",
2557: "selector": "0xcae9ca51",
2611: "selector": "0xdc3080f2",
2665: "selector": "0xdd62ed3e",
2715: "selectors": [
3596: "selector": "0x06fdde03",
3602: "selector": "0x1d2bca17",
3608: "selector": "0x23b872dd",
3614: "selector": "0x313ce567",
3620: "selector": "0x70a08231",
3626: "selector": "0x95d89b41",
3632: "selector": "0xa9059cbb",
3638: "selector": "0xcae9ca51",
3644: "selector": "0xdc3080f2",
3650: "selector": "0xdd62ed3e",
3660: "detector_findings": [
3663: "evidence_json": {
3716: "evidence_json": {
3768: "heuristics_summary": {
exec
/bin/bash -lc "sed -n '3648,3815p' BYTECODE_BUNDLE.json" in /tmp/codex-dp1fw3oq
succeeded in 0ms:
"entry_pc": 1215,
"id": "fn:0xdd62ed3e",
"selector": "0xdd62ed3e",
"type": "function"
}
],
"version": "capability_graph_v1"
},
"id": 2274,
"updated_at": "2026-04-04T19:55:36.000000Z",
"version": "capability_graph_v1"
},
"detector_findings": [
{
"confidence": 60,
"evidence_json": {
"call_count": 3,
"examples": [
{
"opcode": "CALL",
"pc": 1058,
"returndata_checked": null,
"target_expression_category": "computed",
"value_expression_category": "computed"
},
{
"opcode": "CALL",
"pc": 1126,
"returndata_checked": null,
"target_expression_category": "computed",
"value_expression_category": "computed"
},
{
"opcode": "CALL",
"pc": 1271,
"returndata_checked": null,
"target_expression_category": "computed",
"value_expression_category": "computed"
}
],
"guards_detected": [],
"untrusted_call_count": 3
},
"normalized_json": {
"sink": "CALL"
},
"severity": "high",
"title": "Untrusted CALL target/value reachable",
"validated": true,
"validation_json": {
"attempts": 1,
"call_targets": [
"0x0000000000000000000000000000000000000004",
"0x080781e41bbd4402a8b9f07df187b7391d707de7"
],
"classification": "target_varies",
"confirmed": true,
"errors": 0,
"matched_probe": null,
"sink": "CALL",
"status": "confirmed",
"target_varies": true,
"trace_id": "0xb87b4a788ca4fe26e766b3c2b0c08a0058f836b413e2321f222fa2f732a10a1b",
"trace_mode": "callTracer"
}
},
{
"confidence": 55,
"evidence_json": {
"eth_value_calls": 3,
"examples": [
{
"opcode": "CALL",
"pc": 1058,
"returndata_checked": null,
"target_expression_category": "computed",
"value_expression_category": "computed"
},
{
"opcode": "CALL",
"pc": 1126,
"returndata_checked": null,
"target_expression_category": "computed",
"value_expression_category": "computed"
},
{
"opcode": "CALL",
"pc": 1271,
"returndata_checked": null,
"target_expression_category": "computed",
"value_expression_category": "computed"
}
],
"guards_detected": []
},
"normalized_json": {
"sink": "CALL",
"value": "nonzero"
},
"severity": "high",
"title": "ETH value transfer possible",
"validated": true,
"validation_json": {
"attempts": 1,
"call_targets": [
"0x0000000000000000000000000000000000000004",
"0x080781e41bbd4402a8b9f07df187b7391d707de7"
],
"classification": "target_varies",
"confirmed": true,
"errors": 0,
"matched_probe": null,
"sink": "CALL",
"status": "confirmed",
"target_varies": true,
"trace_id": "0xb87b4a788ca4fe26e766b3c2b0c08a0058f836b413e2321f222fa2f732a10a1b",
"trace_mode": "callTracer"
}
}
],
"heuristics_summary": {
"create2_count": 0,
"delegatecall_count": 0,
"flags": [],
"selfdestruct_count": 0
}
}
exec
/bin/bash -lc "node -e \"try{const {id}=require('ethers'); console.log(id('JasonCoin(uint256,string,string)').slice(0,10)); console.log(id('JasonCoin(uint256,string,string,string)').slice(0,10)); console.log(id('approveAndCall(address,uint256,bytes)').slice(0,10)); console.log(id('receiveApproval(address,uint256,address,bytes)').slice(0,10));}catch(e){console.error(e.message); process.exit(1)}\"" in /tmp/codex-dp1fw3oq
exited 1 in 0ms:
Cannot find module 'ethers'
Require stack:
- /tmp/codex-dp1fw3oq/[eval]
exec
/bin/bash -lc "python - <<'PY'
import importlib
mods=['sha3','eth_utils','eth_hash.auto']
for m in mods:
try:
mod=importlib.import_module(m)
print('ok',m,mod)
except Exception as e:
print('no',m,e)
PY" in /tmp/codex-dp1fw3oq
succeeded in 177ms:
no sha3 No module named 'sha3'
ok eth_utils <module 'eth_utils' from '/var/www/tripwire/.venv/lib/python3.13/site-packages/eth_utils/__init__.py'>
ok eth_hash.auto <module 'eth_hash.auto' from '/var/www/tripwire/.venv/lib/python3.13/site-packages/eth_hash/auto.py'>
exec
/bin/bash -lc "python - <<'PY'
from eth_utils import keccak
sigs=['JasonCoin(uint256,string,string)','JasonCoin(uint256,string)','JasonCoin(string,string)','approveAndCall(address,uint256,bytes)','receiveApproval(address,uint256,address,bytes)','approve(address,uint256)','mintToken(address,uint256)','burn(uint256)','burnFrom(address,uint256)']
for s in sigs:
print(s, keccak(text=s)[:4].hex())
PY" in /tmp/codex-dp1fw3oq
succeeded in 203ms:
JasonCoin(uint256,string,string) f22db5ac
JasonCoin(uint256,string) 07a76c9f
JasonCoin(string,string) bc57204c
approveAndCall(address,uint256,bytes) cae9ca51
receiveApproval(address,uint256,address,bytes) 8f4ffcb1
approve(address,uint256) 095ea7b3
mintToken(address,uint256) 79c65068
burn(uint256) 42966c68
burnFrom(address,uint256) 79cc6790
exec
/bin/bash -lc "python - <<'PY'
from textwrap import wrap
import json
with open('BYTECODE_BUNDLE.json') as f:
data=json.load(f)
code=data['artifact']['runtime_bytecode']['full'][2:]
ops={i:None for i in range(256)}
# basic opcode table
names={0x00:'STOP',0x01:'ADD',0x02:'MUL',0x03:'SUB',0x04:'DIV',0x05:'SDIV',0x06:'MOD',0x07:'SMOD',0x08:'ADDMOD',0x09:'MULMOD',0x0a:'EXP',0x0b:'SIGNEXTEND',0x10:'LT',0x11:'GT',0x12:'SLT',0x13:'SGT',0x14:'EQ',0x15:'ISZERO',0x16:'AND',0x17:'OR',0x18:'XOR',0x19:'NOT',0x1a:'BYTE',0x20:'SHA3',0x30:'ADDRESS',0x31:'BALANCE',0x32:'ORIGIN',0x33:'CALLER',0x34:'CALLVALUE',0x35:'CALLDATALOAD',0x36:'CALLDATASIZE',0x37:'CALLDATACOPY',0x38:'CODESIZE',0x39:'CODECOPY',0x3a:'GASPRICE',0x3b:'EXTCODESIZE',0x3c:'EXTCODECOPY',0x3d:'RETURNDATASIZE',0x3e:'RETURNDATACOPY',0x40:'BLOCKHASH',0x41:'COINBASE',0x42:'TIMESTAMP',0x43:'NUMBER',0x44:'DIFFICULTY',0x45:'GASLIMIT',0x46:'CHAINID',0x47:'SELFBALANCE',0x48:'BASEFEE',0x50:'POP',0x51:'MLOAD',0x52:'MSTORE',0x53:'MSTORE8',0x54:'SLOAD',0x55:'SSTORE',0x56:'JUMP',0x57:'JUMPI',0x58:'PC',0x59:'MSIZE',0x5a:'GAS',0x5b:'JUMPDEST',0xf0:'CREATE',0xf1:'CALL',0xf2:'CALLCODE',0xf3:'RETURN',0xf4:'DELEGATECALL',0xf5:'CREATE2',0xfa:'STATICCALL',0xfd:'REVERT',0xfe:'INVALID',0xff:'SELFDESTRUCT'}
for i in range(1,33): names[0x5f+i]=f'PUSH{i}'
for i in range(1,17): names[0x7f+i]=f'DUP{i}'
for i in range(1,17): names[0x8f+i]=f'SWAP{i}'
for i in range(0,5): names[0xa0+i]=f'LOG{i}'
bs=bytes.fromhex(code)
pc=0
out=[]
while pc < len(bs):
op=bs[pc]
nm=names.get(op,f'OP_{op:02x}')
if 0x60<=op<=0x7f:
n=op-0x5f
imm=bs[pc+1:pc+1+n].hex()
out.append((pc,nm,imm))
pc+=1+n
else:
out.append((pc,nm,''))
pc+=1
for start,end in [(232,559),(739,1131),(1142,1216),(1592,1993)]:
print('\\nRANGE',start,end)
for pc,nm,imm in out:
if start<=pc<=end:
print(f'{pc:04x}: {nm} {imm}')
PY" in /tmp/codex-dp1fw3oq
succeeded in 0ms:
RANGE 232 559
00e8: JUMPDEST
00e9: PUSH1 40
00eb: DUP1
00ec: MLOAD
00ed: PUSH1 20
00ef: PUSH1 24
00f1: DUP1
00f2: CALLDATALOAD
00f3: PUSH1 04
00f5: DUP2
00f6: DUP2
00f7: ADD
00f8: CALLDATALOAD
00f9: PUSH1 1f
00fb: DUP2
00fc: ADD
00fd: DUP6
00fe: SWAP1
00ff: DIV
0100: DUP6
0101: MUL
0102: DUP7
0103: ADD
0104: DUP6
0105: ADD
0106: SWAP1
0107: SWAP7
0108: MSTORE
0109: DUP6
010a: DUP6
010b: MSTORE
010c: PUSH2 04bf
010f: SWAP6
0110: DUP2
0111: CALLDATALOAD
0112: SWAP6
0113: SWAP2
0114: SWAP5
0115: PUSH1 44
0117: SWAP5
0118: SWAP3
0119: SWAP4
011a: SWAP1
011b: SWAP3
011c: ADD
011d: SWAP2
011e: DUP2
011f: SWAP1
0120: DUP5
0121: ADD
0122: DUP4
0123: DUP3
0124: DUP1
0125: DUP3
0126: DUP5
0127: CALLDATACOPY
0128: POP
0129: POP
012a: PUSH1 40
012c: DUP1
012d: MLOAD
012e: PUSH1 20
0130: PUSH1 64
0132: CALLDATALOAD
0133: DUP1
0134: DUP12
0135: ADD
0136: CALLDATALOAD
0137: PUSH1 1f
0139: DUP2
013a: ADD
013b: DUP4
013c: SWAP1
013d: DIV
013e: DUP4
013f: MUL
0140: DUP5
0141: ADD
0142: DUP4
0143: ADD
0144: SWAP1
0145: SWAP5
0146: MSTORE
0147: DUP4
0148: DUP4
0149: MSTORE
014a: SWAP8
014b: SWAP10
014c: SWAP9
014d: CALLDATALOAD
014e: SWAP9
014f: SWAP8
0150: PUSH1 84
0152: SWAP8
0153: POP
0154: SWAP2
0155: SWAP6
0156: POP
0157: PUSH1 24
0159: SWAP2
015a: SWAP1
015b: SWAP2
015c: ADD
015d: SWAP4
015e: POP
015f: SWAP1
0160: SWAP2
0161: POP
0162: DUP2
0163: SWAP1
0164: DUP5
0165: ADD
0166: DUP4
0167: DUP3
0168: DUP1
0169: DUP3
016a: DUP5
016b: CALLDATACOPY
016c: POP
016d: POP
016e: POP
016f: PUSH1 01
0171: PUSH1 a0
0173: PUSH1 02
0175: EXP
0176: SUB
0177: CALLER
0178: AND
0179: PUSH1 00
017b: SWAP1
017c: DUP2
017d: MSTORE
017e: PUSH1 03
0180: PUSH1 20
0182: SWAP1
0183: DUP2
0184: MSTORE
0185: PUSH1 40
0187: DUP1
0188: DUP4
0189: SHA3
018a: DUP13
018b: SWAP1
018c: SSTORE
018d: DUP1
018e: MLOAD
018f: DUP1
0190: DUP3
0191: ADD
0192: SWAP1
0193: SWAP2
0194: MSTORE
0195: PUSH1 09
0197: DUP2
0198: MSTORE
0199: PUSH32 4a61736f6e436f696e0000000000000000000000000000000000000000000000
01ba: SWAP1
01bb: DUP3
01bc: ADD
01bd: SWAP1
01be: DUP2
01bf: MSTORE
01c0: DUP3
01c1: SLOAD
01c2: DUP4
01c3: DUP1
01c4: MSTORE
01c5: SWAP1
01c6: MLOAD
01c7: PUSH1 12
01c9: PUSH1 ff
01cb: NOT
01cc: SWAP1
01cd: SWAP2
01ce: AND
01cf: OR
01d0: DUP4
01d1: SSTORE
01d2: SWAP6
01d3: SWAP8
01d4: POP
01d5: SWAP1
01d6: SWAP6
01d7: POP
01d8: PUSH2 058b
01db: SWAP5
01dc: PUSH1 02
01de: PUSH1 01
01e0: DUP3
01e1: AND
01e2: ISZERO
01e3: PUSH2 0100
01e6: MUL
01e7: PUSH1 00
01e9: NOT
01ea: ADD
01eb: SWAP1
01ec: SWAP2
01ed: AND
01ee: DIV
01ef: PUSH1 1f
01f1: ADD
01f2: DIV
01f3: PUSH32 290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e563
0214: SWAP1
0215: DUP2
0216: ADD
0217: SWAP4
0218: POP
0219: SWAP2
021a: POP
021b: POP
021c: JUMPDEST
021d: DUP1
021e: DUP3
021f: GT
0220: ISZERO
0221: PUSH2 0620
0224: JUMPI
0225: PUSH1 00
0227: DUP2
0228: SSTORE
0229: PUSH1 01
022b: ADD
022c: PUSH2 021c
022f: JUMP
RANGE 739 1131
02e3: JUMPDEST
02e4: PUSH2 04bf
02e7: PUSH1 04
02e9: CALLDATALOAD
02ea: PUSH1 24
02ec: CALLDATALOAD
02ed: PUSH1 01
02ef: PUSH1 a0
02f1: PUSH1 02
02f3: EXP
02f4: SUB
02f5: CALLER
02f6: AND
02f7: PUSH1 00
02f9: SWAP1
02fa: DUP2
02fb: MSTORE
02fc: PUSH1 03
02fe: PUSH1 20
0300: MSTORE
0301: PUSH1 40
0303: SWAP1
0304: SHA3
0305: SLOAD
0306: DUP2
0307: SWAP1
0308: LT
0309: ISZERO
030a: PUSH2 0638
030d: JUMPI
030e: PUSH2 0002
0311: JUMP
0312: JUMPDEST
0313: PUSH1 40
0315: DUP1
0316: MLOAD
0317: PUSH1 20
0319: PUSH1 44
031b: CALLDATALOAD
031c: PUSH1 04
031e: DUP2
031f: DUP2
0320: ADD
0321: CALLDATALOAD
0322: PUSH1 1f
0324: DUP2
0325: ADD
0326: DUP5
0327: SWAP1
0328: DIV
0329: DUP5
032a: MUL
032b: DUP6
032c: ADD
032d: DUP5
032e: ADD
032f: SWAP1
0330: SWAP6
0331: MSTORE
0332: DUP5
0333: DUP5
0334: MSTORE
0335: PUSH2 052f
0338: SWAP5
0339: DUP2
033a: CALLDATALOAD
033b: SWAP5
033c: PUSH1 24
033e: DUP1
033f: CALLDATALOAD
0340: SWAP6
0341: SWAP4
0342: SWAP5
0343: PUSH1 64
0345: SWAP5
0346: SWAP3
0347: SWAP4
0348: SWAP2
0349: ADD
034a: SWAP2
034b: DUP2
034c: SWAP1
034d: DUP5
034e: ADD
034f: DUP4
0350: DUP3
0351: DUP1
0352: DUP3
0353: DUP5
0354: CALLDATACOPY
0355: POP
0356: SWAP5
0357: SWAP7
0358: POP
0359: POP
035a: POP
035b: POP
035c: POP
035d: POP
035e: POP
035f: PUSH1 00
0361: PUSH1 00
0363: DUP4
0364: PUSH1 04
0366: PUSH1 00
0368: POP
0369: PUSH1 00
036b: CALLER
036c: PUSH1 01
036e: PUSH1 a0
0370: PUSH1 02
0372: EXP
0373: SUB
0374: AND
0375: DUP2
0376: MSTORE
0377: PUSH1 20
0379: ADD
037a: SWAP1
037b: DUP2
037c: MSTORE
037d: PUSH1 20
037f: ADD
0380: PUSH1 00
0382: SHA3
0383: PUSH1 00
0385: POP
0386: PUSH1 00
0388: DUP8
0389: PUSH1 01
038b: PUSH1 a0
038d: PUSH1 02
038f: EXP
0390: SUB
0391: AND
0392: DUP2
0393: MSTORE
0394: PUSH1 20
0396: ADD
0397: SWAP1
0398: DUP2
0399: MSTORE
039a: PUSH1 20
039c: ADD
039d: PUSH1 00
039f: SHA3
03a0: PUSH1 00
03a2: POP
03a3: DUP2
03a4: SWAP1
03a5: SSTORE
03a6: POP
03a7: DUP5
03a8: SWAP1
03a9: POP
03aa: DUP1
03ab: PUSH1 01
03ad: PUSH1 a0
03af: PUSH1 02
03b1: EXP
03b2: SUB
03b3: AND
03b4: PUSH4 8f4ffcb1
03b9: CALLER
03ba: DUP7
03bb: ADDRESS
03bc: DUP8
03bd: PUSH1 40
03bf: MLOAD
03c0: DUP6
03c1: PUSH1 e0
03c3: PUSH1 02
03c5: EXP
03c6: MUL
03c7: DUP2
03c8: MSTORE
03c9: PUSH1 04
03cb: ADD
03cc: DUP1
03cd: DUP6
03ce: PUSH1 01
03d0: PUSH1 a0
03d2: PUSH1 02
03d4: EXP
03d5: SUB
03d6: AND
03d7: DUP2
03d8: MSTORE
03d9: PUSH1 20
03db: ADD
03dc: DUP5
03dd: DUP2
03de: MSTORE
03df: PUSH1 20
03e1: ADD
03e2: DUP4
03e3: PUSH1 01
03e5: PUSH1 a0
03e7: PUSH1 02
03e9: EXP
03ea: SUB
03eb: AND
03ec: DUP2
03ed: MSTORE
03ee: PUSH1 20
03f0: ADD
03f1: DUP1
03f2: PUSH1 20
03f4: ADD
03f5: DUP3
03f6: DUP2
03f7: SUB
03f8: DUP3
03f9: MSTORE
03fa: DUP4
03fb: DUP2
03fc: DUP2
03fd: MLOAD
03fe: DUP2
03ff: MSTORE
0400: PUSH1 20
0402: ADD
0403: SWAP2
0404: POP
0405: DUP1
0406: MLOAD
0407: SWAP1
0408: PUSH1 20
040a: ADD
040b: SWAP1
040c: DUP1
040d: DUP4
040e: DUP4
040f: DUP3
0410: SWAP1
0411: PUSH1 00
0413: PUSH1 04
0415: PUSH1 20
0417: DUP5
0418: PUSH1 1f
041a: ADD
041b: DIV
041c: PUSH1 0f
041e: MUL
041f: PUSH1 03
0421: ADD
0422: CALL
0423: POP
0424: SWAP1
0425: POP
0426: SWAP1
0427: DUP2
0428: ADD
0429: SWAP1
042a: PUSH1 1f
042c: AND
042d: DUP1
042e: ISZERO
042f: PUSH2 044c
0432: JUMPI
0433: DUP1
0434: DUP3
0435: SUB
0436: DUP1
0437: MLOAD
0438: PUSH1 01
043a: DUP4
043b: PUSH1 20
043d: SUB
043e: PUSH2 0100
0441: EXP
0442: SUB
0443: NOT
0444: AND
0445: DUP2
0446: MSTORE
0447: PUSH1 20
0449: ADD
044a: SWAP2
044b: POP
044c: JUMPDEST
044d: POP
044e: SWAP6
044f: POP
0450: POP
0451: POP
0452: POP
0453: POP
0454: POP
0455: PUSH1 00
0457: PUSH1 40
0459: MLOAD
045a: DUP1
045b: DUP4
045c: SUB
045d: DUP2
045e: PUSH1 00
0460: DUP8
0461: PUSH2 61da
0464: GAS
0465: SUB
0466: CALL
0467: ISZERO
0468: PUSH2 0002
046b: JUMPI
RANGE 1142 1216
0476: JUMPDEST
0477: PUSH1 05
0479: PUSH1 20
047b: SWAP1
047c: DUP2
047d: MSTORE
047e: PUSH1 04
0480: CALLDATALOAD
0481: PUSH1 00
0483: SWAP1
0484: DUP2
0485: MSTORE
0486: PUSH1 40
0488: DUP1
0489: DUP3
048a: SHA3
048b: SWAP1
048c: SWAP3
048d: MSTORE
048e: PUSH1 24
0490: CALLDATALOAD
0491: DUP2
0492: MSTORE
0493: SHA3
0494: SLOAD
0495: PUSH2 052f
0498: SWAP1
0499: DUP2
049a: JUMP
049b: JUMPDEST
049c: PUSH1 04
049e: PUSH1 20
04a0: DUP2
04a1: DUP2
04a2: MSTORE
04a3: SWAP1
04a4: CALLDATALOAD
04a5: PUSH1 00
04a7: SWAP1
04a8: DUP2
04a9: MSTORE
04aa: PUSH1 40
04ac: DUP1
04ad: DUP3
04ae: SHA3
04af: SWAP1
04b0: SWAP3
04b1: MSTORE
04b2: PUSH1 24
04b4: CALLDATALOAD
04b5: DUP2
04b6: MSTORE
04b7: SHA3
04b8: SLOAD
04b9: PUSH2 052f
04bc: SWAP1
04bd: DUP2
04be: JUMP
04bf: JUMPDEST
04c0: STOP
RANGE 1592 1993
0638: JUMPDEST
0639: PUSH1 01
063b: PUSH1 a0
063d: PUSH1 02
063f: EXP
0640: SUB
0641: DUP3
0642: AND
0643: PUSH1 00
0645: SWAP1
0646: DUP2
0647: MSTORE
0648: PUSH1 03
064a: PUSH1 20
064c: MSTORE
064d: PUSH1 40
064f: SWAP1
0650: SHA3
0651: SLOAD
0652: DUP2
0653: DUP2
0654: ADD
0655: LT
0656: ISZERO
0657: PUSH2 065f
065a: JUMPI
065b: PUSH2 0002
065e: JUMP
065f: JUMPDEST
0660: PUSH1 01
0662: PUSH1 a0
0664: PUSH1 02
0666: EXP
0667: SUB
0668: CALLER
0669: DUP2
066a: AND
066b: PUSH1 00
066d: DUP2
066e: DUP2
066f: MSTORE
0670: PUSH1 03
0672: PUSH1 20
0674: SWAP1
0675: DUP2
0676: MSTORE
0677: PUSH1 40
0679: DUP1
067a: DUP4
067b: SHA3
067c: DUP1
067d: SLOAD
067e: DUP8
067f: SWAP1
0680: SUB
0681: SWAP1
0682: SSTORE
0683: SWAP4
0684: DUP7
0685: AND
0686: DUP1
0687: DUP4
0688: MSTORE
0689: SWAP2
068a: DUP5
068b: SWAP1
068c: SHA3
068d: DUP1
068e: SLOAD
068f: DUP7
0690: ADD
0691: SWAP1
0692: SSTORE
0693: DUP4
0694: MLOAD
0695: DUP6
0696: DUP2
0697: MSTORE
0698: SWAP4
0699: MLOAD
069a: SWAP2
069b: SWAP4
069c: PUSH32 ddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef
06bd: SWAP3
06be: SWAP1
06bf: DUP2
06c0: SWAP1
06c1: SUB
06c2: SWAP1
06c3: SWAP2
06c4: ADD
06c5: SWAP1
06c6: LOG3
06c7: POP
06c8: POP
06c9: JUMP
06ca: JUMPDEST
06cb: PUSH1 01
06cd: PUSH1 a0
06cf: PUSH1 02
06d1: EXP
06d2: SUB
06d3: DUP4
06d4: AND
06d5: PUSH1 00
06d7: SWAP1
06d8: DUP2
06d9: MSTORE
06da: PUSH1 03
06dc: PUSH1 20
06de: MSTORE
06df: PUSH1 40
06e1: SWAP1
06e2: SHA3
06e3: SLOAD
06e4: DUP3
06e5: DUP2
06e6: ADD
06e7: LT
06e8: ISZERO
06e9: PUSH2 06f1
06ec: JUMPI
06ed: PUSH2 0002
06f0: JUMP
06f1: JUMPDEST
06f2: PUSH1 01
06f4: PUSH1 a0
06f6: PUSH1 02
06f8: EXP
06f9: SUB
06fa: DUP5
06fb: DUP2
06fc: AND
06fd: PUSH1 00
06ff: DUP2
0700: DUP2
0701: MSTORE
0702: PUSH1 04
0704: PUSH1 20
0706: SWAP1
0707: DUP2
0708: MSTORE
0709: PUSH1 40
070b: DUP1
070c: DUP4
070d: SHA3
070e: CALLER
070f: SWAP6
0710: SWAP1
0711: SWAP6
0712: AND
0713: DUP1
0714: DUP5
0715: MSTORE
0716: SWAP5
0717: DUP3
0718: MSTORE
0719: DUP1
071a: DUP4
071b: SHA3
071c: SLOAD
071d: SWAP4
071e: DUP4
071f: MSTORE
0720: PUSH1 05
0722: DUP3
0723: MSTORE
0724: DUP1
0725: DUP4
0726: SHA3
0727: SWAP5
0728: DUP4
0729: MSTORE
072a: SWAP4
072b: SWAP1
072c: MSTORE
072d: SWAP2
072e: SWAP1
072f: SWAP2
0730: SHA3
0731: SLOAD
0732: DUP4
0733: ADD
0734: GT
0735: ISZERO
0736: PUSH2 073e
0739: JUMPI
073a: PUSH2 0002
073d: JUMP
073e: JUMPDEST
073f: PUSH1 01
0741: PUSH1 a0
0743: PUSH1 02
0745: EXP
0746: SUB
0747: DUP5
0748: DUP2
0749: AND
074a: PUSH1 00
074c: DUP2
074d: DUP2
074e: MSTORE
074f: PUSH1 03
0751: PUSH1 20
0753: SWAP1
0754: DUP2
0755: MSTORE
0756: PUSH1 40
0758: DUP1
0759: DUP4
075a: SHA3
075b: DUP1
075c: SLOAD
075d: DUP9
075e: SWAP1
075f: SUB
0760: SWAP1
0761: SSTORE
0762: DUP8
0763: DUP6
0764: AND
0765: DUP1
0766: DUP5
0767: MSTORE
0768: DUP2
0769: DUP5
076a: SHA3
076b: DUP1
076c: SLOAD
076d: DUP10
076e: ADD
076f: SWAP1
0770: SSTORE
0771: SWAP4
0772: DUP4
0773: MSTORE
0774: PUSH1 05
0776: DUP3
0777: MSTORE
0778: DUP1
0779: DUP4
077a: SHA3
077b: CALLER
077c: SWAP6
077d: SWAP1
077e: SWAP6
077f: AND
0780: DUP1
0781: DUP5
0782: MSTORE
0783: SWAP5
0784: DUP3
0785: MSTORE
0786: SWAP2
0787: DUP3
0788: SWAP1
0789: SHA3
078a: DUP1
078b: SLOAD
078c: DUP8
078d: ADD
078e: SWAP1
078f: SSTORE
0790: DUP2
0791: MLOAD
0792: DUP7
0793: DUP2
0794: MSTORE
0795: SWAP2
0796: MLOAD
0797: SWAP3
0798: SWAP4
0799: SWAP3
079a: PUSH32 ddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef
07bb: SWAP3
07bc: DUP2
07bd: SWAP1
07be: SUB
07bf: SWAP1
07c0: SWAP2
07c1: ADD
07c2: SWAP1
07c3: LOG3
07c4: SWAP4
07c5: SWAP3
07c6: POP
07c7: POP
07c8: POP
07c9: JUMP
exec
/bin/bash -lc "python - <<'PY'
import json
with open('BYTECODE_BUNDLE.json') as f:data=json.load(f)
code=bytes.fromhex(data['artifact']['runtime_bytecode']['full'][2:])
names={0x00:'STOP',0x01:'ADD',0x02:'MUL',0x03:'SUB',0x04:'DIV',0x0a:'EXP',0x10:'LT',0x11:'GT',0x14:'EQ',0x15:'ISZERO',0x16:'AND',0x17:'OR',0x19:'NOT',0x20:'SHA3',0x30:'ADDRESS',0x33:'CALLER',0x35:'CALLDATALOAD',0x36:'CALLDATASIZE',0x37:'CALLDATACOPY',0x50:'POP',0x51:'MLOAD',0x52:'MSTORE',0x54:'SLOAD',0x55:'SSTORE',0x56:'JUMP',0x57:'JUMPI',0x5a:'GAS',0x5b:'JUMPDEST',0xf1:'CALL',0xf3:'RETURN',0xa3:'LOG3'}
for i in range(1,33): names[0x5f+i]=f'PUSH{i}'
for i in range(1,17): names[0x7f+i]=f'DUP{i}'
for i in range(1,17): names[0x8f+i]=f'SWAP{i}'
bs=code
pc=0
out=[]
while pc<len(bs):
op=bs[pc];nm=names.get(op,f'OP_{op:02x}')
if 0x60<=op<=0x7f:
n=op-0x5f;imm=bs[pc+1:pc+1+n].hex();out.append((pc,nm,imm));pc+=1+n
else:
out.append((pc,nm,''));pc+=1
for start,end in [(1419,1591),(1327,1418)]:
print('\\nRANGE',start,end)
for pc,nm,imm in out:
if start<=pc<=end: print(f'{pc:04x}: {nm} {imm}')
PY" in /tmp/codex-dp1fw3oq
succeeded in 0ms:
RANGE 1419 1591
058b: JUMPDEST
058c: POP
058d: POP
058e: PUSH1 40
0590: DUP1
0591: MLOAD
0592: DUP1
0593: DUP3
0594: ADD
0595: SWAP1
0596: SWAP2
0597: MSTORE
0598: PUSH1 01
059a: DUP1
059b: DUP3
059c: MSTORE
059d: PUSH32 4a00000000000000000000000000000000000000000000000000000000000000
05be: PUSH1 20
05c0: SWAP3
05c1: DUP4
05c2: ADD
05c3: SWAP1
05c4: DUP2
05c5: MSTORE
05c6: DUP2
05c7: SLOAD
05c8: PUSH1 00
05ca: DUP4
05cb: SWAP1
05cc: MSTORE
05cd: SWAP1
05ce: MLOAD
05cf: PUSH1 ff
05d1: NOT
05d2: AND
05d3: PUSH1 02
05d5: SWAP1
05d6: DUP2
05d7: OR
05d8: DUP4
05d9: SSTORE
05da: SWAP2
05db: SWAP3
05dc: PUSH2 0624
05df: SWAP3
05e0: DUP3
05e1: DUP6
05e2: AND
05e3: ISZERO
05e4: PUSH2 0100
05e7: MUL
05e8: PUSH1 00
05ea: NOT
05eb: ADD
05ec: SWAP1
05ed: SWAP3
05ee: AND
05ef: SWAP2
05f0: SWAP1
05f1: SWAP2
05f2: DIV
05f3: PUSH1 1f
05f5: ADD
05f6: DIV
05f7: PUSH32 b10e2d527612073b26eecdfd717e6a320cf44b4afac2b0732d9fcbe2b7fa0cf6
0618: SWAP1
0619: DUP2
061a: ADD
061b: SWAP1
061c: PUSH2 021c
061f: JUMP
0620: JUMPDEST
0621: POP
0622: SWAP1
0623: JUMP
0624: JUMPDEST
0625: POP
0626: POP
0627: PUSH1 02
0629: DUP1
062a: SLOAD
062b: PUSH1 ff
062d: NOT
062e: AND
062f: DUP4
0630: OR
0631: SWAP1
0632: SSTORE
0633: POP
0634: POP
0635: POP
0636: POP
0637: JUMP
RANGE 1327 1418
052f: JUMPDEST
0530: PUSH1 40
0532: DUP1
0533: MLOAD
0534: SWAP2
0535: DUP3
0536: MSTORE
0537: MLOAD
0538: SWAP1
0539: DUP2
053a: SWAP1
053b: SUB
053c: PUSH1 20
053e: ADD
053f: SWAP1
0540: RETURN
0541: JUMPDEST
0542: PUSH1 40
0544: DUP1
0545: MLOAD
0546: PUSH1 ff
0548: SWAP3
0549: SWAP1
054a: SWAP3
054b: AND
054c: DUP3
054d: MSTORE
054e: MLOAD
054f: SWAP1
0550: DUP2
0551: SWAP1
0552: SUB
0553: PUSH1 20
0555: ADD
0556: SWAP1
0557: RETURN
0558: JUMPDEST
0559: DUP3
055a: ADD
055b: SWAP2
055c: SWAP1
055d: PUSH1 00
055f: MSTORE
0560: PUSH1 20
0562: PUSH1 00
0564: SHA3
0565: SWAP1
0566: JUMPDEST
0567: DUP2
0568: SLOAD
0569: DUP2
056a: MSTORE
056b: SWAP1
056c: PUSH1 01
056e: ADD
056f: SWAP1
0570: PUSH1 20
0572: ADD
0573: DUP1
0574: DUP4
0575: GT
0576: PUSH2 0566
0579: JUMPI
057a: DUP3
057b: SWAP1
057c: SUB
057d: PUSH1 1f
057f: AND
0580: DUP3
0581: ADD
0582: SWAP2
0583: JUMPDEST
0584: POP
0585: POP
0586: POP
0587: POP
0588: POP
0589: DUP2
058a: JUMP
exec
/bin/bash -lc "python - <<'PY'
from eth_utils import keccak
for s in [
'JasonCoin(uint256,string,uint8,string)',
'TokenERC20(uint256,string,uint8,string)',
'MyToken(uint256,string,uint8,string)',
'OwnedToken(uint256,string,uint8,string)',
'Coin(uint256,string,uint8,string)',
'JasonCoin(uint256,string,string,uint8)',
'JasonCoin(uint256,uint8,string,string)'
]:
print(s, keccak(text=s)[:4].hex())
PY" in /tmp/codex-dp1fw3oq
succeeded in 186ms:
JasonCoin(uint256,string,uint8,string) c5bbea68
TokenERC20(uint256,string,uint8,string) 2fe69430
MyToken(uint256,string,uint8,string) 1d2bca17
OwnedToken(uint256,string,uint8,string) 26377fe9
Coin(uint256,string,uint8,string) 8f409b85
JasonCoin(uint256,string,string,uint8) 05c6fc91
JasonCoin(uint256,uint8,string,string) 78d84743
codex
{"no_findings":false,"summary":"Bytecode matches an ERC20-like token with a publicly callable legacy-constructor path and non-standard allowance bookkeeping. Detector-reported CALLs appear dominated by approve-and-call behavior and helper/precompile-style memory copies, so the strongest issues are the exposed initializer/mint path and the broken allowance invariant.","findings":[{"severity":"critical","category":"access_control","title":"Legacy constructor-like initializer is still publicly callable and can mint balances","exploit_scenario":"Selector inference is best-effort, but `0x1d2bca17` exactly matches `MyToken(uint256,string,uint8,string)`, and its body is constructor-shaped: it writes a caller-keyed balance entry, token metadata (`JasonCoin` / `J`), and the packed low byte in slot 2 without any detected guard. Any attacker can call this entrypoint after deployment, assign themselves an arbitrary balance, then move those tokens via the normal `transfer` / `transferFrom` paths.","recommendation":"Remove or permanently disable the legacy initializer path. If this is meant to be one-time setup, gate it with a constructor-only deployment pattern or an `initialized` flag plus strict access control. Because this is bytecode-only and already deployed, assume unlimited minting is possible unless the entrypoint is blocked upstream.","evidence":"No auth guards were detected. Dispatcher exposes `selector:0x1d2bca17`. The function at `pc:0x00e8` decodes constructor-shaped arguments and stores to the caller-indexed mapping at `pc:0x018c` (`keccak(caller, slot 3)` pattern), then writes fixed metadata including `JasonCoin` / `J` and packed slot updates at `pc:0x01d1`, `pc:0x05d9`, and `pc:0x0632`. This is strongly consistent with a pre-0.4.22 renamed-constructor bug; if the selector name inference were wrong, it is still an unguarded initializer/mint path.","locations":["selector:0x1d2bca17","pc:0x00e8","pc:0x018c","pc:0x01d1","pc:0x05d9","pc:0x0632"]},{"severity":"medium","category":"other","title":"Allowance accounting is split across two mappings, so `allowance()` likely reports the approved cap, not remaining spendable amount","exploit_scenario":"Integrations that rely on ERC20 semantics can be misled. After approval, `allowance(owner,spender)` can still return the original approved amount even after some spending, while `transferFrom` enforces `spent + amount <= approved`. A dApp may observe a large allowance and attempt a pull that unexpectedly reverts, or users may be unable to 'top up' allowance cleanly because prior spent amount is tracked separately.","recommendation":"Use a single allowance mapping and decrement it on `transferFrom`, or have `allowance()` return the actual remaining amount (`approved - spent`) and reset the spent counter whenever approval is updated. If intentional, this contract should not be treated as ERC20-compatible by integrators.","evidence":"`approveAndCall` (`selector:0xcae9ca51`) stores into a nested mapping rooted at slot 4 (`pc:0x03a5`). Standard `allowance(address,address)` (`selector:0xdd62ed3e`) reads that same slot-4 mapping (`pc:0x04b8`). But `transferFrom` (`selector:0x23b872dd`) checks a second nested mapping rooted at slot 5, enforcing `slot5 + value <= slot4` at `pc:0x0731`-`pc:0x0734`, then increments slot 5 at `pc:0x078a`-`pc:0x078f` instead of decrementing slot 4. The separate getter `selector:0xdc3080f2` reads the slot-5 mapping at `pc:0x0494`, confirming two distinct allowance-related stores.","locations":["selector:0xcae9ca51","selector:0xdd62ed3e","selector:0xdc3080f2","selector:0x23b872dd","pc:0x03a5","pc:0x04b8","pc:0x0494","pc:0x0731","pc:0x078f"]}]}
tokens used
76,797
{
"codex": {
"ran_at": "2026-04-05T04:14:33.067098+00:00",
"returncode": 0
},
"project": {
"mode": "bytecode",
"bytecode_length": 3990,
"bytecode_truncated": false,
"capability_graph_present": true,
"analysis_artifact_present": true
},
"summary": "Bytecode matches an ERC20-like token with a publicly callable legacy-constructor path and non-standard allowance bookkeeping. Detector-reported CALLs appear dominated by approve-and-call behavior and helper/precompile-style memory copies, so the strongest issues are the exposed initializer/mint path and the broken allowance invariant.",
"raw_final": {
"summary": "Bytecode matches an ERC20-like token with a publicly callable legacy-constructor path and non-standard allowance bookkeeping. Detector-reported CALLs appear dominated by approve-and-call behavior and helper/precompile-style memory copies, so the strongest issues are the exposed initializer/mint path and the broken allowance invariant.",
"findings": [
{
"title": "Legacy constructor-like initializer is still publicly callable and can mint balances",
"category": "access_control",
"evidence": "No auth guards were detected. Dispatcher exposes `selector:0x1d2bca17`. The function at `pc:0x00e8` decodes constructor-shaped arguments and stores to the caller-indexed mapping at `pc:0x018c` (`keccak(caller, slot 3)` pattern), then writes fixed metadata including `JasonCoin` / `J` and packed slot updates at `pc:0x01d1`, `pc:0x05d9`, and `pc:0x0632`. This is strongly consistent with a pre-0.4.22 renamed-constructor bug; if the selector name inference were wrong, it is still an unguarded initializer/mint path.",
"severity": "critical",
"locations": [
"selector:0x1d2bca17",
"pc:0x00e8",
"pc:0x018c",
"pc:0x01d1",
"pc:0x05d9",
"pc:0x0632"
],
"recommendation": "Remove or permanently disable the legacy initializer path. If this is meant to be one-time setup, gate it with a constructor-only deployment pattern or an `initialized` flag plus strict access control. Because this is bytecode-only and already deployed, assume unlimited minting is possible unless the entrypoint is blocked upstream.",
"exploit_scenario": "Selector inference is best-effort, but `0x1d2bca17` exactly matches `MyToken(uint256,string,uint8,string)`, and its body is constructor-shaped: it writes a caller-keyed balance entry, token metadata (`JasonCoin` / `J`), and the packed low byte in slot 2 without any detected guard. Any attacker can call this entrypoint after deployment, assign themselves an arbitrary balance, then move those tokens via the normal `transfer` / `transferFrom` paths."
},
{
"title": "Allowance accounting is split across two mappings, so `allowance()` likely reports the approved cap, not remaining spendable amount",
"category": "other",
"evidence": "`approveAndCall` (`selector:0xcae9ca51`) stores into a nested mapping rooted at slot 4 (`pc:0x03a5`). Standard `allowance(address,address)` (`selector:0xdd62ed3e`) reads that same slot-4 mapping (`pc:0x04b8`). But `transferFrom` (`selector:0x23b872dd`) checks a second nested mapping rooted at slot 5, enforcing `slot5 + value <= slot4` at `pc:0x0731`-`pc:0x0734`, then increments slot 5 at `pc:0x078a`-`pc:0x078f` instead of decrementing slot 4. The separate getter `selector:0xdc3080f2` reads the slot-5 mapping at `pc:0x0494`, confirming two distinct allowance-related stores.",
"severity": "medium",
"locations": [
"selector:0xcae9ca51",
"selector:0xdd62ed3e",
"selector:0xdc3080f2",
"selector:0x23b872dd",
"pc:0x03a5",
"pc:0x04b8",
"pc:0x0494",
"pc:0x0731",
"pc:0x078f"
],
"recommendation": "Use a single allowance mapping and decrement it on `transferFrom`, or have `allowance()` return the actual remaining amount (`approved - spent`) and reset the spent counter whenever approval is updated. If intentional, this contract should not be treated as ERC20-compatible by integrators.",
"exploit_scenario": "Integrations that rely on ERC20 semantics can be misled. After approval, `allowance(owner,spender)` can still return the original approved amount even after some spending, while `transferFrom` enforces `spent + amount <= approved`. A dApp may observe a large allowance and attempt a pull that unexpectedly reverts, or users may be unable to 'top up' allowance cleanly because prior spent amount is tracked separately."
}
],
"no_findings": false
},
"no_findings": false,
"schema_version": 1
}
00000000: PUSH1 0x60 00000002: PUSH1 0x40 00000004: MSTORE 00000005: CALLDATASIZE 00000006: ISZERO 00000007: PUSH2 0x0082 0000000a: JUMPI 0000000b: PUSH1 0xe0 0000000d: PUSH1 0x02 0000000f: EXP 00000010: PUSH1 0x00 00000012: CALLDATALOAD 00000013: DIV 00000014: PUSH4 0x06fdde03 00000019: DUP2 0000001a: EQ 0000001b: PUSH2 0x008a 0000001e: JUMPI 0000001f: DUP1 00000020: PUSH4 0x1d2bca17 00000025: EQ 00000026: PUSH2 0x00e8 00000029: JUMPI 0000002a: DUP1 0000002b: PUSH4 0x23b872dd 00000030: EQ 00000031: PUSH2 0x0230 00000034: JUMPI 00000035: DUP1 00000036: PUSH4 0x313ce567 0000003b: EQ 0000003c: PUSH2 0x0262 0000003f: JUMPI 00000040: DUP1 00000041: PUSH4 0x70a08231 00000046: EQ 00000047: PUSH2 0x026e 0000004a: JUMPI 0000004b: DUP1 0000004c: PUSH4 0x95d89b41 00000051: EQ 00000052: PUSH2 0x0286 00000055: JUMPI 00000056: DUP1 00000057: PUSH4 0xa9059cbb 0000005c: EQ 0000005d: PUSH2 0x02e3 00000060: JUMPI 00000061: DUP1 00000062: PUSH4 0xcae9ca51 00000067: EQ 00000068: PUSH2 0x0312 0000006b: JUMPI 0000006c: DUP1 0000006d: PUSH4 0xdc3080f2 00000072: EQ 00000073: PUSH2 0x0476 00000076: JUMPI 00000077: DUP1 00000078: PUSH4 0xdd62ed3e 0000007d: EQ 0000007e: PUSH2 0x049b 00000081: JUMPI 00000082: JUMPDEST 00000083: PUSH2 0x04bf 00000086: PUSH2 0x0002 00000089: JUMP 0000008a: JUMPDEST 0000008b: PUSH2 0x04c1 0000008e: PUSH1 0x00 00000090: DUP1 00000091: SLOAD 00000092: PUSH1 0x40 00000094: DUP1 00000095: MLOAD 00000096: PUSH1 0x20 00000098: PUSH1 0x02 0000009a: PUSH1 0x01 0000009c: DUP6 0000009d: AND 0000009e: ISZERO 0000009f: PUSH2 0x0100 000000a2: MUL 000000a3: PUSH1 0x00 000000a5: NOT 000000a6: ADD 000000a7: SWAP1 000000a8: SWAP5 000000a9: AND 000000aa: SWAP4 000000ab: SWAP1 000000ac: SWAP4 000000ad: DIV 000000ae: PUSH1 0x1f 000000b0: DUP2 000000b1: ADD 000000b2: DUP5 000000b3: SWAP1 000000b4: DIV 000000b5: DUP5 000000b6: MUL 000000b7: DUP3 000000b8: ADD 000000b9: DUP5 000000ba: ADD 000000bb: SWAP1 000000bc: SWAP3 000000bd: MSTORE 000000be: DUP2 000000bf: DUP2 000000c0: MSTORE 000000c1: SWAP3 000000c2: SWAP2 000000c3: DUP4 000000c4: ADD 000000c5: DUP3 000000c6: DUP3 000000c7: DUP1 000000c8: ISZERO 000000c9: PUSH2 0x0583 000000cc: JUMPI 000000cd: DUP1 000000ce: PUSH1 0x1f 000000d0: LT 000000d1: PUSH2 0x0558 000000d4: JUMPI 000000d5: PUSH2 0x0100 000000d8: DUP1 000000d9: DUP4 000000da: SLOAD 000000db: DIV 000000dc: MUL 000000dd: DUP4 000000de: MSTORE 000000df: SWAP2 000000e0: PUSH1 0x20 000000e2: ADD 000000e3: SWAP2 000000e4: PUSH2 0x0583 000000e7: JUMP 000000e8: JUMPDEST 000000e9: PUSH1 0x40 000000eb: DUP1 000000ec: MLOAD 000000ed: PUSH1 0x20 000000ef: PUSH1 0x24 000000f1: DUP1 000000f2: CALLDATALOAD 000000f3: PUSH1 0x04 000000f5: DUP2 000000f6: DUP2 000000f7: ADD 000000f8: CALLDATALOAD 000000f9: PUSH1 0x1f 000000fb: DUP2 000000fc: ADD 000000fd: DUP6 000000fe: SWAP1 000000ff: DIV 00000100: DUP6 00000101: MUL 00000102: DUP7 00000103: ADD 00000104: DUP6 00000105: ADD 00000106: SWAP1 00000107: SWAP7 00000108: MSTORE 00000109: DUP6 0000010a: DUP6 0000010b: MSTORE 0000010c: PUSH2 0x04bf 0000010f: SWAP6 00000110: DUP2 00000111: CALLDATALOAD 00000112: SWAP6 00000113: SWAP2 00000114: SWAP5 00000115: PUSH1 0x44 00000117: SWAP5 00000118: SWAP3 00000119: SWAP4 0000011a: SWAP1 0000011b: SWAP3 0000011c: ADD 0000011d: SWAP2 0000011e: DUP2 0000011f: SWAP1 00000120: DUP5 00000121: ADD 00000122: DUP4 00000123: DUP3 00000124: DUP1 00000125: DUP3 00000126: DUP5 00000127: CALLDATACOPY 00000128: POP 00000129: POP 0000012a: PUSH1 0x40 0000012c: DUP1 0000012d: MLOAD 0000012e: PUSH1 0x20 00000130: PUSH1 0x64 00000132: CALLDATALOAD 00000133: DUP1 00000134: DUP12 00000135: ADD 00000136: CALLDATALOAD 00000137: PUSH1 0x1f 00000139: DUP2 0000013a: ADD 0000013b: DUP4 0000013c: SWAP1 0000013d: DIV 0000013e: DUP4 0000013f: MUL 00000140: DUP5 00000141: ADD 00000142: DUP4 00000143: ADD 00000144: SWAP1 00000145: SWAP5 00000146: MSTORE 00000147: DUP4 00000148: DUP4 00000149: MSTORE 0000014a: SWAP8 0000014b: SWAP10 0000014c: SWAP9 0000014d: CALLDATALOAD 0000014e: SWAP9 0000014f: SWAP8 00000150: PUSH1 0x84 00000152: SWAP8 00000153: POP 00000154: SWAP2 00000155: SWAP6 00000156: POP 00000157: PUSH1 0x24 00000159: SWAP2 0000015a: SWAP1 0000015b: SWAP2 0000015c: ADD 0000015d: SWAP4 0000015e: POP 0000015f: SWAP1 00000160: SWAP2 00000161: POP 00000162: DUP2 00000163: SWAP1 00000164: DUP5 00000165: ADD 00000166: DUP4 00000167: DUP3 00000168: DUP1 00000169: DUP3 0000016a: DUP5 0000016b: CALLDATACOPY 0000016c: POP 0000016d: POP 0000016e: POP 0000016f: PUSH1 0x01 00000171: PUSH1 0xa0 00000173: PUSH1 0x02 00000175: EXP 00000176: SUB 00000177: CALLER 00000178: AND 00000179: PUSH1 0x00 0000017b: SWAP1 0000017c: DUP2 0000017d: MSTORE 0000017e: PUSH1 0x03 00000180: PUSH1 0x20 00000182: SWAP1 00000183: DUP2 00000184: MSTORE 00000185: PUSH1 0x40 00000187: DUP1 00000188: DUP4 00000189: KECCAK256 0000018a: DUP13 0000018b: SWAP1 0000018c: SSTORE 0000018d: DUP1 0000018e: MLOAD 0000018f: DUP1 00000190: DUP3 00000191: ADD 00000192: SWAP1 00000193: SWAP2 00000194: MSTORE 00000195: PUSH1 0x09 00000197: DUP2 00000198: MSTORE 00000199: PUSH32 0x4a61736f6e436f696e0000000000000000000000000000000000000000000000 000001ba: SWAP1 000001bb: DUP3 000001bc: ADD 000001bd: SWAP1 000001be: DUP2 000001bf: MSTORE 000001c0: DUP3 000001c1: SLOAD 000001c2: DUP4 000001c3: DUP1 000001c4: MSTORE 000001c5: SWAP1 000001c6: MLOAD 000001c7: PUSH1 0x12 000001c9: PUSH1 0xff 000001cb: NOT 000001cc: SWAP1 000001cd: SWAP2 000001ce: AND 000001cf: OR 000001d0: DUP4 000001d1: SSTORE 000001d2: SWAP6 000001d3: SWAP8 000001d4: POP 000001d5: SWAP1 000001d6: SWAP6 000001d7: POP 000001d8: PUSH2 0x058b 000001db: SWAP5 000001dc: PUSH1 0x02 000001de: PUSH1 0x01 000001e0: DUP3 000001e1: AND 000001e2: ISZERO 000001e3: PUSH2 0x0100 000001e6: MUL 000001e7: PUSH1 0x00 000001e9: NOT 000001ea: ADD 000001eb: SWAP1 000001ec: SWAP2 000001ed: AND 000001ee: DIV 000001ef: PUSH1 0x1f 000001f1: ADD 000001f2: DIV 000001f3: PUSH32 0x290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e563 00000214: SWAP1 00000215: DUP2 00000216: ADD 00000217: SWAP4 00000218: POP 00000219: SWAP2 0000021a: POP 0000021b: POP 0000021c: JUMPDEST 0000021d: DUP1 0000021e: DUP3 0000021f: GT 00000220: ISZERO 00000221: PUSH2 0x0620 00000224: JUMPI 00000225: PUSH1 0x00 00000227: DUP2 00000228: SSTORE 00000229: PUSH1 0x01 0000022b: ADD 0000022c: PUSH2 0x021c 0000022f: JUMP 00000230: JUMPDEST 00000231: PUSH2 0x052f 00000234: PUSH1 0x04 00000236: CALLDATALOAD 00000237: PUSH1 0x24 00000239: CALLDATALOAD 0000023a: PUSH1 0x44 0000023c: CALLDATALOAD 0000023d: PUSH1 0x01 0000023f: PUSH1 0xa0 00000241: PUSH1 0x02 00000243: EXP 00000244: SUB 00000245: DUP4 00000246: AND 00000247: PUSH1 0x00 00000249: SWAP1 0000024a: DUP2 0000024b: MSTORE 0000024c: PUSH1 0x03 0000024e: PUSH1 0x20 00000250: MSTORE 00000251: PUSH1 0x40 00000253: DUP2 00000254: KECCAK256 00000255: SLOAD 00000256: DUP3 00000257: SWAP1 00000258: LT 00000259: ISZERO 0000025a: PUSH2 0x06ca 0000025d: JUMPI 0000025e: PUSH2 0x0002 00000261: JUMP 00000262: JUMPDEST 00000263: PUSH2 0x0541 00000266: PUSH1 0x02 00000268: SLOAD 00000269: PUSH1 0xff 0000026b: AND 0000026c: DUP2 0000026d: JUMP 0000026e: JUMPDEST 0000026f: PUSH2 0x052f 00000272: PUSH1 0x04 00000274: CALLDATALOAD 00000275: PUSH1 0x03 00000277: PUSH1 0x20 00000279: MSTORE 0000027a: PUSH1 0x00 0000027c: SWAP1 0000027d: DUP2 0000027e: MSTORE 0000027f: PUSH1 0x40 00000281: SWAP1 00000282: KECCAK256 00000283: SLOAD 00000284: DUP2 00000285: JUMP 00000286: JUMPDEST 00000287: PUSH2 0x04c1 0000028a: PUSH1 0x01 0000028c: DUP1 0000028d: SLOAD 0000028e: PUSH1 0x40 00000290: DUP1 00000291: MLOAD 00000292: PUSH1 0x20 00000294: PUSH1 0x02 00000296: DUP5 00000297: DUP7 00000298: AND 00000299: ISZERO 0000029a: PUSH2 0x0100 0000029d: MUL 0000029e: PUSH1 0x00 000002a0: NOT 000002a1: ADD 000002a2: SWAP1 000002a3: SWAP5 000002a4: AND 000002a5: SWAP4 000002a6: SWAP1 000002a7: SWAP4 000002a8: DIV 000002a9: PUSH1 0x1f 000002ab: DUP2 000002ac: ADD 000002ad: DUP5 000002ae: SWAP1 000002af: DIV 000002b0: DUP5 000002b1: MUL 000002b2: DUP3 000002b3: ADD 000002b4: DUP5 000002b5: ADD 000002b6: SWAP1 000002b7: SWAP3 000002b8: MSTORE 000002b9: DUP2 000002ba: DUP2 000002bb: MSTORE 000002bc: SWAP3 000002bd: SWAP2 000002be: DUP4 000002bf: ADD 000002c0: DUP3 000002c1: DUP3 000002c2: DUP1 000002c3: ISZERO 000002c4: PUSH2 0x0583 000002c7: JUMPI 000002c8: DUP1 000002c9: PUSH1 0x1f 000002cb: LT 000002cc: PUSH2 0x0558 000002cf: JUMPI 000002d0: PUSH2 0x0100 000002d3: DUP1 000002d4: DUP4 000002d5: SLOAD 000002d6: DIV 000002d7: MUL 000002d8: DUP4 000002d9: MSTORE 000002da: SWAP2 000002db: PUSH1 0x20 000002dd: ADD 000002de: SWAP2 000002df: PUSH2 0x0583 000002e2: JUMP 000002e3: JUMPDEST 000002e4: PUSH2 0x04bf 000002e7: PUSH1 0x04 000002e9: CALLDATALOAD 000002ea: PUSH1 0x24 000002ec: CALLDATALOAD 000002ed: PUSH1 0x01 000002ef: PUSH1 0xa0 000002f1: PUSH1 0x02 000002f3: EXP 000002f4: SUB 000002f5: CALLER 000002f6: AND 000002f7: PUSH1 0x00 000002f9: SWAP1 000002fa: DUP2 000002fb: MSTORE 000002fc: PUSH1 0x03 000002fe: PUSH1 0x20 00000300: MSTORE 00000301: PUSH1 0x40 00000303: SWAP1 00000304: KECCAK256 00000305: SLOAD 00000306: DUP2 00000307: SWAP1 00000308: LT 00000309: ISZERO 0000030a: PUSH2 0x0638 0000030d: JUMPI 0000030e: PUSH2 0x0002 00000311: JUMP 00000312: JUMPDEST 00000313: PUSH1 0x40 00000315: DUP1 00000316: MLOAD 00000317: PUSH1 0x20 00000319: PUSH1 0x44 0000031b: CALLDATALOAD 0000031c: PUSH1 0x04 0000031e: DUP2 0000031f: DUP2 00000320: ADD 00000321: CALLDATALOAD 00000322: PUSH1 0x1f 00000324: DUP2 00000325: ADD 00000326: DUP5 00000327: SWAP1 00000328: DIV 00000329: DUP5 0000032a: MUL 0000032b: DUP6 0000032c: ADD 0000032d: DUP5 0000032e: ADD 0000032f: SWAP1 00000330: SWAP6 00000331: MSTORE 00000332: DUP5 00000333: DUP5 00000334: MSTORE 00000335: PUSH2 0x052f 00000338: SWAP5 00000339: DUP2 0000033a: CALLDATALOAD 0000033b: SWAP5 0000033c: PUSH1 0x24 0000033e: DUP1 0000033f: CALLDATALOAD 00000340: SWAP6 00000341: SWAP4 00000342: SWAP5 00000343: PUSH1 0x64 00000345: SWAP5 00000346: SWAP3 00000347: SWAP4 00000348: SWAP2 00000349: ADD 0000034a: SWAP2 0000034b: DUP2 0000034c: SWAP1 0000034d: DUP5 0000034e: ADD 0000034f: DUP4 00000350: DUP3 00000351: DUP1 00000352: DUP3 00000353: DUP5 00000354: CALLDATACOPY 00000355: POP 00000356: SWAP5 00000357: SWAP7 00000358: POP 00000359: POP 0000035a: POP 0000035b: POP 0000035c: POP 0000035d: POP 0000035e: POP 0000035f: PUSH1 0x00 00000361: PUSH1 0x00 00000363: DUP4 00000364: PUSH1 0x04 00000366: PUSH1 0x00 00000368: POP 00000369: PUSH1 0x00 0000036b: CALLER 0000036c: PUSH1 0x01 0000036e: PUSH1 0xa0 00000370: PUSH1 0x02 00000372: EXP 00000373: SUB 00000374: AND 00000375: DUP2 00000376: MSTORE 00000377: PUSH1 0x20 00000379: ADD 0000037a: SWAP1 0000037b: DUP2 0000037c: MSTORE 0000037d: PUSH1 0x20 0000037f: ADD 00000380: PUSH1 0x00 00000382: KECCAK256 00000383: PUSH1 0x00 00000385: POP 00000386: PUSH1 0x00 00000388: DUP8 00000389: PUSH1 0x01 0000038b: PUSH1 0xa0 0000038d: PUSH1 0x02 0000038f: EXP 00000390: SUB 00000391: AND 00000392: DUP2 00000393: MSTORE 00000394: PUSH1 0x20 00000396: ADD 00000397: SWAP1 00000398: DUP2 00000399: MSTORE 0000039a: PUSH1 0x20 0000039c: ADD 0000039d: PUSH1 0x00 0000039f: KECCAK256 000003a0: PUSH1 0x00 000003a2: POP 000003a3: DUP2 000003a4: SWAP1 000003a5: SSTORE 000003a6: POP 000003a7: DUP5 000003a8: SWAP1 000003a9: POP 000003aa: DUP1 000003ab: PUSH1 0x01 000003ad: PUSH1 0xa0 000003af: PUSH1 0x02 000003b1: EXP 000003b2: SUB 000003b3: AND 000003b4: PUSH4 0x8f4ffcb1 000003b9: CALLER 000003ba: DUP7 000003bb: ADDRESS 000003bc: DUP8 000003bd: PUSH1 0x40 000003bf: MLOAD 000003c0: DUP6 000003c1: PUSH1 0xe0 000003c3: PUSH1 0x02 000003c5: EXP 000003c6: MUL 000003c7: DUP2 000003c8: MSTORE 000003c9: PUSH1 0x04 000003cb: ADD 000003cc: DUP1 000003cd: DUP6 000003ce: PUSH1 0x01 000003d0: PUSH1 0xa0 000003d2: PUSH1 0x02 000003d4: EXP 000003d5: SUB 000003d6: AND 000003d7: DUP2 000003d8: MSTORE 000003d9: PUSH1 0x20 000003db: ADD 000003dc: DUP5 000003dd: DUP2 000003de: MSTORE 000003df: PUSH1 0x20 000003e1: ADD 000003e2: DUP4 000003e3: PUSH1 0x01 000003e5: PUSH1 0xa0 000003e7: PUSH1 0x02 000003e9: EXP 000003ea: SUB 000003eb: AND 000003ec: DUP2 000003ed: MSTORE 000003ee: PUSH1 0x20 000003f0: ADD 000003f1: DUP1 000003f2: PUSH1 0x20 000003f4: ADD 000003f5: DUP3 000003f6: DUP2 000003f7: SUB 000003f8: DUP3 000003f9: MSTORE 000003fa: DUP4 000003fb: DUP2 000003fc: DUP2 000003fd: MLOAD 000003fe: DUP2 000003ff: MSTORE 00000400: PUSH1 0x20 00000402: ADD 00000403: SWAP2 00000404: POP 00000405: DUP1 00000406: MLOAD 00000407: SWAP1 00000408: PUSH1 0x20 0000040a: ADD 0000040b: SWAP1 0000040c: DUP1 0000040d: DUP4 0000040e: DUP4 0000040f: DUP3 00000410: SWAP1 00000411: PUSH1 0x00 00000413: PUSH1 0x04 00000415: PUSH1 0x20 00000417: DUP5 00000418: PUSH1 0x1f 0000041a: ADD 0000041b: DIV 0000041c: PUSH1 0x0f 0000041e: MUL 0000041f: PUSH1 0x03 00000421: ADD 00000422: CALL 00000423: POP 00000424: SWAP1 00000425: POP 00000426: SWAP1 00000427: DUP2 00000428: ADD 00000429: SWAP1 0000042a: PUSH1 0x1f 0000042c: AND 0000042d: DUP1 0000042e: ISZERO 0000042f: PUSH2 0x044c 00000432: JUMPI 00000433: DUP1 00000434: DUP3 00000435: SUB 00000436: DUP1 00000437: MLOAD 00000438: PUSH1 0x01 0000043a: DUP4 0000043b: PUSH1 0x20 0000043d: SUB 0000043e: PUSH2 0x0100 00000441: EXP 00000442: SUB 00000443: NOT 00000444: AND 00000445: DUP2 00000446: MSTORE 00000447: PUSH1 0x20 00000449: ADD 0000044a: SWAP2 0000044b: POP 0000044c: JUMPDEST 0000044d: POP 0000044e: SWAP6 0000044f: POP 00000450: POP 00000451: POP 00000452: POP 00000453: POP 00000454: POP 00000455: PUSH1 0x00 00000457: PUSH1 0x40 00000459: MLOAD 0000045a: DUP1 0000045b: DUP4 0000045c: SUB 0000045d: DUP2 0000045e: PUSH1 0x00 00000460: DUP8 00000461: PUSH2 0x61da 00000464: GAS 00000465: SUB 00000466: CALL 00000467: ISZERO 00000468: PUSH2 0x0002 0000046b: JUMPI 0000046c: POP 0000046d: POP 0000046e: POP 0000046f: POP 00000470: SWAP4 00000471: SWAP3 00000472: POP 00000473: POP 00000474: POP 00000475: JUMP 00000476: JUMPDEST 00000477: PUSH1 0x05 00000479: PUSH1 0x20 0000047b: SWAP1 0000047c: DUP2 0000047d: MSTORE 0000047e: PUSH1 0x04 00000480: CALLDATALOAD 00000481: PUSH1 0x00 00000483: SWAP1 00000484: DUP2 00000485: MSTORE 00000486: PUSH1 0x40 00000488: DUP1 00000489: DUP3 0000048a: KECCAK256 0000048b: SWAP1 0000048c: SWAP3 0000048d: MSTORE 0000048e: PUSH1 0x24 00000490: CALLDATALOAD 00000491: DUP2 00000492: MSTORE 00000493: KECCAK256 00000494: SLOAD 00000495: PUSH2 0x052f 00000498: SWAP1 00000499: DUP2 0000049a: JUMP 0000049b: JUMPDEST 0000049c: PUSH1 0x04 0000049e: PUSH1 0x20 000004a0: DUP2 000004a1: DUP2 000004a2: MSTORE 000004a3: SWAP1 000004a4: CALLDATALOAD 000004a5: PUSH1 0x00 000004a7: SWAP1 000004a8: DUP2 000004a9: MSTORE 000004aa: PUSH1 0x40 000004ac: DUP1 000004ad: DUP3 000004ae: KECCAK256 000004af: SWAP1 000004b0: SWAP3 000004b1: MSTORE 000004b2: PUSH1 0x24 000004b4: CALLDATALOAD 000004b5: DUP2 000004b6: MSTORE 000004b7: KECCAK256 000004b8: SLOAD 000004b9: PUSH2 0x052f 000004bc: SWAP1 000004bd: DUP2 000004be: JUMP 000004bf: JUMPDEST 000004c0: STOP 000004c1: JUMPDEST 000004c2: PUSH1 0x40 000004c4: MLOAD 000004c5: DUP1 000004c6: DUP1 000004c7: PUSH1 0x20 000004c9: ADD 000004ca: DUP3 000004cb: DUP2 000004cc: SUB 000004cd: DUP3 000004ce: MSTORE 000004cf: DUP4 000004d0: DUP2 000004d1: DUP2 000004d2: MLOAD 000004d3: DUP2 000004d4: MSTORE 000004d5: PUSH1 0x20 000004d7: ADD 000004d8: SWAP2 000004d9: POP 000004da: DUP1 000004db: MLOAD 000004dc: SWAP1 000004dd: PUSH1 0x20 000004df: ADD 000004e0: SWAP1 000004e1: DUP1 000004e2: DUP4 000004e3: DUP4 000004e4: DUP3 000004e5: SWAP1 000004e6: PUSH1 0x00 000004e8: PUSH1 0x04 000004ea: PUSH1 0x20 000004ec: DUP5 000004ed: PUSH1 0x1f 000004ef: ADD 000004f0: DIV 000004f1: PUSH1 0x0f 000004f3: MUL 000004f4: PUSH1 0x03 000004f6: ADD 000004f7: CALL 000004f8: POP 000004f9: SWAP1 000004fa: POP 000004fb: SWAP1 000004fc: DUP2 000004fd: ADD 000004fe: SWAP1 000004ff: PUSH1 0x1f 00000501: AND 00000502: DUP1 00000503: ISZERO 00000504: PUSH2 0x0521 00000507: JUMPI 00000508: DUP1 00000509: DUP3 0000050a: SUB 0000050b: DUP1 0000050c: MLOAD 0000050d: PUSH1 0x01 0000050f: DUP4 00000510: PUSH1 0x20 00000512: SUB 00000513: PUSH2 0x0100 00000516: EXP 00000517: SUB 00000518: NOT 00000519: AND 0000051a: DUP2 0000051b: MSTORE 0000051c: PUSH1 0x20 0000051e: ADD 0000051f: SWAP2 00000520: POP 00000521: JUMPDEST 00000522: POP 00000523: SWAP3 00000524: POP 00000525: POP 00000526: POP 00000527: PUSH1 0x40 00000529: MLOAD 0000052a: DUP1 0000052b: SWAP2 0000052c: SUB 0000052d: SWAP1 0000052e: RETURN 0000052f: JUMPDEST 00000530: PUSH1 0x40 00000532: DUP1 00000533: MLOAD 00000534: SWAP2 00000535: DUP3 00000536: MSTORE 00000537: MLOAD 00000538: SWAP1 00000539: DUP2 0000053a: SWAP1 0000053b: SUB 0000053c: PUSH1 0x20 0000053e: ADD 0000053f: SWAP1 00000540: RETURN 00000541: JUMPDEST 00000542: PUSH1 0x40 00000544: DUP1 00000545: MLOAD 00000546: PUSH1 0xff 00000548: SWAP3 00000549: SWAP1 0000054a: SWAP3 0000054b: AND 0000054c: DUP3 0000054d: MSTORE 0000054e: MLOAD 0000054f: SWAP1 00000550: DUP2 00000551: SWAP1 00000552: SUB 00000553: PUSH1 0x20 00000555: ADD 00000556: SWAP1 00000557: RETURN 00000558: JUMPDEST 00000559: DUP3 0000055a: ADD 0000055b: SWAP2 0000055c: SWAP1 0000055d: PUSH1 0x00 0000055f: MSTORE 00000560: PUSH1 0x20 00000562: PUSH1 0x00 00000564: KECCAK256 00000565: SWAP1 00000566: JUMPDEST 00000567: DUP2 00000568: SLOAD 00000569: DUP2 0000056a: MSTORE 0000056b: SWAP1 0000056c: PUSH1 0x01 0000056e: ADD 0000056f: SWAP1 00000570: PUSH1 0x20 00000572: ADD 00000573: DUP1 00000574: DUP4 00000575: GT 00000576: PUSH2 0x0566 00000579: JUMPI 0000057a: DUP3 0000057b: SWAP1 0000057c: SUB 0000057d: PUSH1 0x1f 0000057f: AND 00000580: DUP3 00000581: ADD 00000582: SWAP2 00000583: JUMPDEST 00000584: POP 00000585: POP 00000586: POP 00000587: POP 00000588: POP 00000589: DUP2 0000058a: JUMP 0000058b: JUMPDEST 0000058c: POP 0000058d: POP 0000058e: PUSH1 0x40 00000590: DUP1 00000591: MLOAD 00000592: DUP1 00000593: DUP3 00000594: ADD 00000595: SWAP1 00000596: SWAP2 00000597: MSTORE 00000598: PUSH1 0x01 0000059a: DUP1 0000059b: DUP3 0000059c: MSTORE 0000059d: PUSH32 0x4a00000000000000000000000000000000000000000000000000000000000000 000005be: PUSH1 0x20 000005c0: SWAP3 000005c1: DUP4 000005c2: ADD 000005c3: SWAP1 000005c4: DUP2 000005c5: MSTORE 000005c6: DUP2 000005c7: SLOAD 000005c8: PUSH1 0x00 000005ca: DUP4 000005cb: SWAP1 000005cc: MSTORE 000005cd: SWAP1 000005ce: MLOAD 000005cf: PUSH1 0xff 000005d1: NOT 000005d2: AND 000005d3: PUSH1 0x02 000005d5: SWAP1 000005d6: DUP2 000005d7: OR 000005d8: DUP4 000005d9: SSTORE 000005da: SWAP2 000005db: SWAP3 000005dc: PUSH2 0x0624 000005df: SWAP3 000005e0: DUP3 000005e1: DUP6 000005e2: AND 000005e3: ISZERO 000005e4: PUSH2 0x0100 000005e7: MUL 000005e8: PUSH1 0x00 000005ea: NOT 000005eb: ADD 000005ec: SWAP1 000005ed: SWAP3 000005ee: AND 000005ef: SWAP2 000005f0: SWAP1 000005f1: SWAP2 000005f2: DIV 000005f3: PUSH1 0x1f 000005f5: ADD 000005f6: DIV 000005f7: PUSH32 0xb10e2d527612073b26eecdfd717e6a320cf44b4afac2b0732d9fcbe2b7fa0cf6 00000618: SWAP1 00000619: DUP2 0000061a: ADD 0000061b: SWAP1 0000061c: PUSH2 0x021c 0000061f: JUMP 00000620: JUMPDEST 00000621: POP 00000622: SWAP1 00000623: JUMP 00000624: JUMPDEST 00000625: POP 00000626: POP 00000627: PUSH1 0x02 00000629: DUP1 0000062a: SLOAD 0000062b: PUSH1 0xff 0000062d: NOT 0000062e: AND 0000062f: DUP4 00000630: OR 00000631: SWAP1 00000632: SSTORE 00000633: POP 00000634: POP 00000635: POP 00000636: POP 00000637: JUMP 00000638: JUMPDEST 00000639: PUSH1 0x01 0000063b: PUSH1 0xa0 0000063d: PUSH1 0x02 0000063f: EXP 00000640: SUB 00000641: DUP3 00000642: AND 00000643: PUSH1 0x00 00000645: SWAP1 00000646: DUP2 00000647: MSTORE 00000648: PUSH1 0x03 0000064a: PUSH1 0x20 0000064c: MSTORE 0000064d: PUSH1 0x40 0000064f: SWAP1 00000650: KECCAK256 00000651: SLOAD 00000652: DUP2 00000653: DUP2 00000654: ADD 00000655: LT 00000656: ISZERO 00000657: PUSH2 0x065f 0000065a: JUMPI 0000065b: PUSH2 0x0002 0000065e: JUMP 0000065f: JUMPDEST 00000660: PUSH1 0x01 00000662: PUSH1 0xa0 00000664: PUSH1 0x02 00000666: EXP 00000667: SUB 00000668: CALLER 00000669: DUP2 0000066a: AND 0000066b: PUSH1 0x00 0000066d: DUP2 0000066e: DUP2 0000066f: MSTORE 00000670: PUSH1 0x03 00000672: PUSH1 0x20 00000674: SWAP1 00000675: DUP2 00000676: MSTORE 00000677: PUSH1 0x40 00000679: DUP1 0000067a: DUP4 0000067b: KECCAK256 0000067c: DUP1 0000067d: SLOAD 0000067e: DUP8 0000067f: SWAP1 00000680: SUB 00000681: SWAP1 00000682: SSTORE 00000683: SWAP4 00000684: DUP7 00000685: AND 00000686: DUP1 00000687: DUP4 00000688: MSTORE 00000689: SWAP2 0000068a: DUP5 0000068b: SWAP1 0000068c: KECCAK256 0000068d: DUP1 0000068e: SLOAD 0000068f: DUP7 00000690: ADD 00000691: SWAP1 00000692: SSTORE 00000693: DUP4 00000694: MLOAD 00000695: DUP6 00000696: DUP2 00000697: MSTORE 00000698: SWAP4 00000699: MLOAD 0000069a: SWAP2 0000069b: SWAP4 0000069c: PUSH32 0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef 000006bd: SWAP3 000006be: SWAP1 000006bf: DUP2 000006c0: SWAP1 000006c1: SUB 000006c2: SWAP1 000006c3: SWAP2 000006c4: ADD 000006c5: SWAP1 000006c6: LOG3 000006c7: POP 000006c8: POP 000006c9: JUMP 000006ca: JUMPDEST 000006cb: PUSH1 0x01 000006cd: PUSH1 0xa0 000006cf: PUSH1 0x02 000006d1: EXP 000006d2: SUB 000006d3: DUP4 000006d4: AND 000006d5: PUSH1 0x00 000006d7: SWAP1 000006d8: DUP2 000006d9: MSTORE 000006da: PUSH1 0x03 000006dc: PUSH1 0x20 000006de: MSTORE 000006df: PUSH1 0x40 000006e1: SWAP1 000006e2: KECCAK256 000006e3: SLOAD 000006e4: DUP3 000006e5: DUP2 000006e6: ADD 000006e7: LT 000006e8: ISZERO 000006e9: PUSH2 0x06f1 000006ec: JUMPI 000006ed: PUSH2 0x0002 000006f0: JUMP 000006f1: JUMPDEST 000006f2: PUSH1 0x01 000006f4: PUSH1 0xa0 000006f6: PUSH1 0x02 000006f8: EXP 000006f9: SUB 000006fa: DUP5 000006fb: DUP2 000006fc: AND 000006fd: PUSH1 0x00 000006ff: DUP2 00000700: DUP2 00000701: MSTORE 00000702: PUSH1 0x04 00000704: PUSH1 0x20 00000706: SWAP1 00000707: DUP2 00000708: MSTORE 00000709: PUSH1 0x40 0000070b: DUP1 0000070c: DUP4 0000070d: KECCAK256 0000070e: CALLER 0000070f: SWAP6 00000710: SWAP1 00000711: SWAP6 00000712: AND 00000713: DUP1 00000714: DUP5 00000715: MSTORE 00000716: SWAP5 00000717: DUP3 00000718: MSTORE 00000719: DUP1 0000071a: DUP4 0000071b: KECCAK256 0000071c: SLOAD 0000071d: SWAP4 0000071e: DUP4 0000071f: MSTORE 00000720: PUSH1 0x05 00000722: DUP3 00000723: MSTORE 00000724: DUP1 00000725: DUP4 00000726: KECCAK256 00000727: SWAP5 00000728: DUP4 00000729: MSTORE 0000072a: SWAP4 0000072b: SWAP1 0000072c: MSTORE 0000072d: SWAP2 0000072e: SWAP1 0000072f: SWAP2 00000730: KECCAK256 00000731: SLOAD 00000732: DUP4 00000733: ADD 00000734: GT 00000735: ISZERO 00000736: PUSH2 0x073e 00000739: JUMPI 0000073a: PUSH2 0x0002 0000073d: JUMP 0000073e: JUMPDEST 0000073f: PUSH1 0x01 00000741: PUSH1 0xa0 00000743: PUSH1 0x02 00000745: EXP 00000746: SUB 00000747: DUP5 00000748: DUP2 00000749: AND 0000074a: PUSH1 0x00 0000074c: DUP2 0000074d: DUP2 0000074e: MSTORE 0000074f: PUSH1 0x03 00000751: PUSH1 0x20 00000753: SWAP1 00000754: DUP2 00000755: MSTORE 00000756: PUSH1 0x40 00000758: DUP1 00000759: DUP4 0000075a: KECCAK256 0000075b: DUP1 0000075c: SLOAD 0000075d: DUP9 0000075e: SWAP1 0000075f: SUB 00000760: SWAP1 00000761: SSTORE 00000762: DUP8 00000763: DUP6 00000764: AND 00000765: DUP1 00000766: DUP5 00000767: MSTORE 00000768: DUP2 00000769: DUP5 0000076a: KECCAK256 0000076b: DUP1 0000076c: SLOAD 0000076d: DUP10 0000076e: ADD 0000076f: SWAP1 00000770: SSTORE 00000771: SWAP4 00000772: DUP4 00000773: MSTORE 00000774: PUSH1 0x05 00000776: DUP3 00000777: MSTORE 00000778: DUP1 00000779: DUP4 0000077a: KECCAK256 0000077b: CALLER 0000077c: SWAP6 0000077d: SWAP1 0000077e: SWAP6 0000077f: AND 00000780: DUP1 00000781: DUP5 00000782: MSTORE 00000783: SWAP5 00000784: DUP3 00000785: MSTORE 00000786: SWAP2 00000787: DUP3 00000788: SWAP1 00000789: KECCAK256 0000078a: DUP1 0000078b: SLOAD 0000078c: DUP8 0000078d: ADD 0000078e: SWAP1 0000078f: SSTORE 00000790: DUP2 00000791: MLOAD 00000792: DUP7 00000793: DUP2 00000794: MSTORE 00000795: SWAP2 00000796: MLOAD 00000797: SWAP3 00000798: SWAP4 00000799: SWAP3 0000079a: PUSH32 0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef 000007bb: SWAP3 000007bc: DUP2 000007bd: SWAP1 000007be: SUB 000007bf: SWAP1 000007c0: SWAP2 000007c1: ADD 000007c2: SWAP1 000007c3: LOG3 000007c4: SWAP4 000007c5: SWAP3 000007c6: POP 000007c7: POP 000007c8: POP 000007c9: JUMP
Warning: This is a nightly build of Foundry. It is recommended to use the latest stable version. To mute this warning set `FOUNDRY_DISABLE_NIGHTLY_WARNING` in your environment.
| Severity | Category | Tool | Title | Confidence | Validated | Confirmed | Details |
|---|---|---|---|---|---|---|---|
| critical | access_control | codex | Legacy constructor-like initializer is still publicly callable and can mint balances | 90 | no | — |
viewevidence_json{
"evidence": "No auth guards were detected. Dispatcher exposes `selector:0x1d2bca17`. The function at `pc:0x00e8` decodes constructor-shaped arguments and stores to the caller-indexed mapping at `pc:0x018c` (`keccak(caller, slot 3)` pattern), then writes fixed metadata including `JasonCoin` / `J` and packed slot updates at `pc:0x01d1`, `pc:0x05d9`, and `pc:0x0632`. This is strongly consistent with a pre-0.4.22 renamed-constructor bug; if the selector name inference were wrong, it is still an unguarded initializer/mint path.",
"locations": [
"selector:0x1d2bca17",
"pc:0x00e8",
"pc:0x018c",
"pc:0x01d1",
"pc:0x05d9",
"pc:0x0632"
],
"recommendation": "Remove or permanently disable the legacy initializer path. If this is meant to be one-time setup, gate it with a constructor-only deployment pattern or an `initialized` flag plus strict access control. Because this is bytecode-only and already deployed, assume unlimited minting is possible unless the entrypoint is blocked upstream.",
"exploit_scenario": "Selector inference is best-effort, but `0x1d2bca17` exactly matches `MyToken(uint256,string,uint8,string)`, and its body is constructor-shaped: it writes a caller-keyed balance entry, token metadata (`JasonCoin` / `J`), and the packed low byte in slot 2 without any detected guard. Any attacker can call this entrypoint after deployment, assign themselves an arbitrary balance, then move those tokens via the normal `transfer` / `transferFrom` paths."
}
|
| high | other | detector | Untrusted CALL target/value reachable | 60 | yes | yes |
viewtrace_id: 0xb87b4a788ca4fe26e766b3c2b0c08a0058f836b413e2321f222fa2f732a10a1b
call_targets:
0x0000000000000000000000000000000000000004, 0x080781e41bbd4402a8b9f07df187b7391d707de7
target_varies:
yes
classification:
target_varies
validation_json{
"sink": "CALL",
"errors": 0,
"status": "confirmed",
"attempts": 1,
"trace_id": "0xb87b4a788ca4fe26e766b3c2b0c08a0058f836b413e2321f222fa2f732a10a1b",
"confirmed": true,
"trace_mode": "callTracer",
"call_targets": [
"0x0000000000000000000000000000000000000004",
"0x080781e41bbd4402a8b9f07df187b7391d707de7"
],
"matched_probe": null,
"target_varies": true,
"classification": "target_varies"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0x06fdde03",
"selector": "0x06fdde03",
"calldata_variants": [
"0x06fdde03",
"0x06fdde030000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x1d2bca17",
"selector": "0x1d2bca17",
"calldata_variants": [
"0x1d2bca17",
"0x1d2bca170000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x23b872dd",
"selector": "0x23b872dd",
"calldata_variants": [
"0x23b872dd",
"0x23b872dd0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x313ce567",
"selector": "0x313ce567",
"calldata_variants": [
"0x313ce567",
"0x313ce5670000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x70a08231",
"selector": "0x70a08231",
"calldata_variants": [
"0x70a08231",
"0x70a082310000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x95d89b41",
"selector": "0x95d89b41",
"calldata_variants": [
"0x95d89b41",
"0x95d89b410000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xa9059cbb",
"selector": "0xa9059cbb",
"calldata_variants": [
"0xa9059cbb",
"0xa9059cbb0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xcae9ca51",
"selector": "0xcae9ca51",
"calldata_variants": [
"0xcae9ca51",
"0xcae9ca510000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 1058,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 1126,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 1271,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
}
],
"call_count": 3,
"guards_detected": [],
"untrusted_call_count": 3
}
|
| high | other | detector | ETH value transfer possible | 55 | yes | yes |
viewtrace_id: 0xb87b4a788ca4fe26e766b3c2b0c08a0058f836b413e2321f222fa2f732a10a1b
call_targets:
0x0000000000000000000000000000000000000004, 0x080781e41bbd4402a8b9f07df187b7391d707de7
target_varies:
yes
classification:
target_varies
validation_json{
"sink": "CALL",
"errors": 0,
"status": "confirmed",
"attempts": 1,
"trace_id": "0xb87b4a788ca4fe26e766b3c2b0c08a0058f836b413e2321f222fa2f732a10a1b",
"confirmed": true,
"trace_mode": "callTracer",
"call_targets": [
"0x0000000000000000000000000000000000000004",
"0x080781e41bbd4402a8b9f07df187b7391d707de7"
],
"matched_probe": null,
"target_varies": true,
"classification": "target_varies"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0x06fdde03",
"selector": "0x06fdde03",
"calldata_variants": [
"0x06fdde03",
"0x06fdde030000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x1d2bca17",
"selector": "0x1d2bca17",
"calldata_variants": [
"0x1d2bca17",
"0x1d2bca170000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x23b872dd",
"selector": "0x23b872dd",
"calldata_variants": [
"0x23b872dd",
"0x23b872dd0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x313ce567",
"selector": "0x313ce567",
"calldata_variants": [
"0x313ce567",
"0x313ce5670000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x70a08231",
"selector": "0x70a08231",
"calldata_variants": [
"0x70a08231",
"0x70a082310000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x95d89b41",
"selector": "0x95d89b41",
"calldata_variants": [
"0x95d89b41",
"0x95d89b410000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xa9059cbb",
"selector": "0xa9059cbb",
"calldata_variants": [
"0xa9059cbb",
"0xa9059cbb0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xcae9ca51",
"selector": "0xcae9ca51",
"calldata_variants": [
"0xcae9ca51",
"0xcae9ca510000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 1058,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 1126,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 1271,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
}
],
"eth_value_calls": 3,
"guards_detected": []
}
|
| medium | other | codex | Allowance accounting is split across two mappings, so `allowance()` likely reports the approved cap, not remaining spendable amount | 75 | no | — |
viewevidence_json{
"evidence": "`approveAndCall` (`selector:0xcae9ca51`) stores into a nested mapping rooted at slot 4 (`pc:0x03a5`). Standard `allowance(address,address)` (`selector:0xdd62ed3e`) reads that same slot-4 mapping (`pc:0x04b8`). But `transferFrom` (`selector:0x23b872dd`) checks a second nested mapping rooted at slot 5, enforcing `slot5 + value <= slot4` at `pc:0x0731`-`pc:0x0734`, then increments slot 5 at `pc:0x078a`-`pc:0x078f` instead of decrementing slot 4. The separate getter `selector:0xdc3080f2` reads the slot-5 mapping at `pc:0x0494`, confirming two distinct allowance-related stores.",
"locations": [
"selector:0xcae9ca51",
"selector:0xdd62ed3e",
"selector:0xdc3080f2",
"selector:0x23b872dd",
"pc:0x03a5",
"pc:0x04b8",
"pc:0x0494",
"pc:0x0731",
"pc:0x078f"
],
"recommendation": "Use a single allowance mapping and decrement it on `transferFrom`, or have `allowance()` return the actual remaining amount (`approved - spent`) and reset the spent counter whenever approval is updated. If intentional, this contract should not be treated as ERC20-compatible by integrators.",
"exploit_scenario": "Integrations that rely on ERC20 semantics can be misled. After approval, `allowance(owner,spender)` can still return the original approved amount even after some spending, while `transferFrom` enforces `spent + amount <= approved`. A dApp may observe a large allowance and attempt a pull that unexpectedly reverts, or users may be unable to 'top up' allowance cleanly because prior spent amount is tracked separately."
}
|