019b3836-3912-7100-8d9c-1978c8dc38fa
Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?
| ID | Type | Status | Attempts | Heartbeat |
|---|---|---|---|---|
| 4023 | artifact.fetch | complete | 1 / 3 | 4 months ago |
| 4024 | tool.cast_disasm | complete | 1 / 3 | 4 months ago |
| 80327 | analysis.bundle | complete | 1 / 3 | 2 weeks ago |
| 80328 | capability.graph | complete | 1 / 3 | 2 weeks ago |
| 80329 | detector.run | complete | 1 / 3 | 2 weeks ago |
| 80330 | validation.fork | complete | 1 / 3 | 2 weeks ago |
No slither job recorded yet.
No codex job recorded yet.
00000000: PUSH1 0x60 00000002: PUSH1 0x40 00000004: MSTORE 00000005: CALLDATASIZE 00000006: ISZERO 00000007: PUSH2 0x0040 0000000a: JUMPI 0000000b: PUSH1 0xe0 0000000d: PUSH1 0x02 0000000f: EXP 00000010: PUSH1 0x00 00000012: CALLDATALOAD 00000013: DIV 00000014: PUSH4 0xa0bc572b 00000019: DUP2 0000001a: EQ 0000001b: PUSH2 0x004b 0000001e: JUMPI 0000001f: DUP1 00000020: PUSH4 0xad7a672f 00000025: EQ 00000026: PUSH2 0x00be 00000029: JUMPI 0000002a: DUP1 0000002b: PUSH4 0xb69ef8a8 00000030: EQ 00000031: PUSH2 0x00c7 00000034: JUMPI 00000035: DUP1 00000036: PUSH4 0xe97dcb62 0000003b: EQ 0000003c: PUSH2 0x00d0 0000003f: JUMPI 00000040: JUMPDEST 00000041: PUSH2 0x010c 00000044: PUSH2 0x010e 00000047: PUSH2 0x00d4 0000004a: JUMP 0000004b: JUMPDEST 0000004c: PUSH2 0x0110 0000004f: PUSH1 0x04 00000051: CALLDATALOAD 00000052: PUSH1 0x00 00000054: DUP1 00000055: SLOAD 00000056: DUP3 00000057: SWAP1 00000058: DUP2 00000059: LT 0000005a: ISZERO 0000005b: PUSH2 0x0002 0000005e: JUMPI 0000005f: POP 00000060: DUP1 00000061: MSTORE 00000062: PUSH1 0x02 00000064: MUL 00000065: PUSH32 0x290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e563 00000086: DUP2 00000087: ADD 00000088: SLOAD 00000089: PUSH32 0x290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e564 000000aa: SWAP2 000000ab: SWAP1 000000ac: SWAP2 000000ad: ADD 000000ae: SLOAD 000000af: PUSH1 0x01 000000b1: PUSH1 0xa0 000000b3: PUSH1 0x02 000000b5: EXP 000000b6: SUB 000000b7: SWAP2 000000b8: SWAP1 000000b9: SWAP2 000000ba: AND 000000bb: SWAP1 000000bc: DUP3 000000bd: JUMP 000000be: JUMPDEST 000000bf: PUSH2 0x0136 000000c2: PUSH1 0x02 000000c4: SLOAD 000000c5: DUP2 000000c6: JUMP 000000c7: JUMPDEST 000000c8: PUSH2 0x0136 000000cb: PUSH1 0x01 000000cd: SLOAD 000000ce: DUP2 000000cf: JUMP 000000d0: JUMPDEST 000000d1: PUSH2 0x010c 000000d4: JUMPDEST 000000d5: PUSH1 0x00 000000d7: DUP1 000000d8: DUP1 000000d9: PUSH8 0x0de0b6b3a7640000 000000e2: CALLVALUE 000000e3: EQ 000000e4: PUSH2 0x0156 000000e7: JUMPI 000000e8: PUSH1 0x40 000000ea: MLOAD 000000eb: PUSH1 0x01 000000ed: PUSH1 0xa0 000000ef: PUSH1 0x02 000000f1: EXP 000000f2: SUB 000000f3: CALLER 000000f4: AND 000000f5: SWAP1 000000f6: DUP3 000000f7: SWAP1 000000f8: CALLVALUE 000000f9: SWAP1 000000fa: DUP3 000000fb: DUP2 000000fc: DUP2 000000fd: DUP2 000000fe: DUP6 000000ff: DUP9 00000100: DUP4 00000101: CALL 00000102: SWAP4 00000103: POP 00000104: POP 00000105: POP 00000106: POP 00000107: POP 00000108: PUSH2 0x0151 0000010b: JUMP 0000010c: JUMPDEST 0000010d: STOP 0000010e: JUMPDEST 0000010f: JUMP 00000110: JUMPDEST 00000111: PUSH1 0x40 00000113: MLOAD 00000114: DUP1 00000115: DUP4 00000116: PUSH1 0x01 00000118: PUSH1 0xa0 0000011a: PUSH1 0x02 0000011c: EXP 0000011d: SUB 0000011e: AND 0000011f: DUP2 00000120: MSTORE 00000121: PUSH1 0x20 00000123: ADD 00000124: DUP3 00000125: DUP2 00000126: MSTORE 00000127: PUSH1 0x20 00000129: ADD 0000012a: SWAP3 0000012b: POP 0000012c: POP 0000012d: POP 0000012e: PUSH1 0x40 00000130: MLOAD 00000131: DUP1 00000132: SWAP2 00000133: SUB 00000134: SWAP1 00000135: RETURN 00000136: JUMPDEST 00000137: PUSH1 0x40 00000139: DUP1 0000013a: MLOAD 0000013b: SWAP2 0000013c: DUP3 0000013d: MSTORE 0000013e: MLOAD 0000013f: SWAP1 00000140: DUP2 00000141: SWAP1 00000142: SUB 00000143: PUSH1 0x20 00000145: ADD 00000146: SWAP1 00000147: RETURN 00000148: JUMPDEST 00000149: PUSH1 0x02 0000014b: DUP1 0000014c: SLOAD 0000014d: CALLVALUE 0000014e: ADD 0000014f: SWAP1 00000150: SSTORE 00000151: JUMPDEST 00000152: POP 00000153: POP 00000154: POP 00000155: JUMP 00000156: JUMPDEST 00000157: POP 00000158: POP 00000159: PUSH1 0x00 0000015b: DUP1 0000015c: SLOAD 0000015d: PUSH1 0x01 0000015f: DUP2 00000160: ADD 00000161: DUP1 00000162: DUP4 00000163: SSTORE 00000164: DUP3 00000165: DUP2 00000166: DUP4 00000167: DUP1 00000168: ISZERO 00000169: DUP3 0000016a: SWAP1 0000016b: GT 0000016c: PUSH2 0x01bd 0000016f: JUMPI 00000170: PUSH1 0x02 00000172: MUL 00000173: DUP2 00000174: PUSH1 0x02 00000176: MUL 00000177: DUP4 00000178: PUSH1 0x00 0000017a: MSTORE 0000017b: PUSH1 0x20 0000017d: PUSH1 0x00 0000017f: KECCAK256 00000180: SWAP2 00000181: DUP3 00000182: ADD 00000183: SWAP2 00000184: ADD 00000185: PUSH2 0x01bd 00000188: SWAP2 00000189: SWAP1 0000018a: JUMPDEST 0000018b: DUP1 0000018c: DUP3 0000018d: GT 0000018e: ISZERO 0000018f: PUSH2 0x030b 00000192: JUMPI 00000193: DUP1 00000194: SLOAD 00000195: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 000001aa: NOT 000001ab: AND 000001ac: DUP2 000001ad: SSTORE 000001ae: PUSH1 0x00 000001b0: PUSH1 0x01 000001b2: SWAP2 000001b3: SWAP1 000001b4: SWAP2 000001b5: ADD 000001b6: SWAP1 000001b7: DUP2 000001b8: SSTORE 000001b9: PUSH2 0x018a 000001bc: JUMP 000001bd: JUMPDEST 000001be: POP 000001bf: POP 000001c0: POP 000001c1: POP 000001c2: CALLER 000001c3: PUSH1 0x00 000001c5: PUSH1 0x00 000001c7: POP 000001c8: DUP3 000001c9: DUP2 000001ca: SLOAD 000001cb: DUP2 000001cc: LT 000001cd: ISZERO 000001ce: PUSH2 0x0002 000001d1: JUMPI 000001d2: DUP2 000001d3: DUP1 000001d4: MSTORE 000001d5: PUSH1 0x02 000001d7: MUL 000001d8: PUSH32 0x290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e563 000001f9: ADD 000001fa: DUP1 000001fb: SLOAD 000001fc: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 00000211: NOT 00000212: AND 00000213: SWAP1 00000214: SWAP3 00000215: OR 00000216: SWAP1 00000217: SWAP2 00000218: SSTORE 00000219: DUP1 0000021a: SLOAD 0000021b: CALLVALUE 0000021c: SWAP2 0000021d: SWAP1 0000021e: DUP4 0000021f: SWAP1 00000220: DUP2 00000221: LT 00000222: ISZERO 00000223: PUSH2 0x0002 00000226: JUMPI 00000227: PUSH1 0x02 00000229: MUL 0000022a: PUSH32 0x290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e564 0000024b: ADD 0000024c: DUP3 0000024d: SWAP1 0000024e: SSTORE 0000024f: POP 00000250: PUSH1 0x01 00000252: DUP1 00000253: SLOAD 00000254: SWAP1 00000255: SWAP2 00000256: ADD 00000257: SWAP1 00000258: SSTORE 00000259: JUMPDEST 0000025a: DUP1 0000025b: DUP3 0000025c: LT 0000025d: ISZERO 0000025e: PUSH2 0x0148 00000261: JUMPI 00000262: PUSH1 0x02 00000264: SLOAD 00000265: PUSH1 0x00 00000267: DUP1 00000268: SLOAD 00000269: DUP5 0000026a: SWAP1 0000026b: DUP2 0000026c: LT 0000026d: ISZERO 0000026e: PUSH2 0x0002 00000271: JUMPI 00000272: DUP2 00000273: DUP1 00000274: MSTORE 00000275: DUP2 00000276: SLOAD 00000277: PUSH1 0x02 00000279: SWAP2 0000027a: SWAP1 0000027b: SWAP2 0000027c: MUL 0000027d: PUSH32 0x290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e564 0000029e: ADD 0000029f: SLOAD 000002a0: CALLVALUE 000002a1: MUL 000002a2: SWAP3 000002a3: SWAP1 000002a4: SWAP3 000002a5: DIV 000002a6: SWAP5 000002a7: POP 000002a8: SWAP1 000002a9: DUP4 000002aa: SWAP1 000002ab: DUP2 000002ac: LT 000002ad: ISZERO 000002ae: PUSH2 0x0002 000002b1: JUMPI 000002b2: PUSH1 0x40 000002b4: MLOAD 000002b5: PUSH1 0x02 000002b7: SWAP2 000002b8: SWAP1 000002b9: SWAP2 000002ba: MUL 000002bb: PUSH32 0x290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e563 000002dc: ADD 000002dd: SLOAD 000002de: PUSH1 0x01 000002e0: PUSH1 0xa0 000002e2: PUSH1 0x02 000002e4: EXP 000002e5: SUB 000002e6: AND 000002e7: SWAP2 000002e8: SWAP1 000002e9: DUP6 000002ea: SWAP1 000002eb: DUP3 000002ec: DUP2 000002ed: DUP2 000002ee: DUP2 000002ef: DUP6 000002f0: DUP9 000002f1: DUP4 000002f2: CALL 000002f3: POP 000002f4: POP 000002f5: PUSH1 0x01 000002f7: DUP1 000002f8: SLOAD 000002f9: SWAP2 000002fa: SWAP1 000002fb: SWAP2 000002fc: SUB 000002fd: DUP2 000002fe: SSTORE 000002ff: SWAP4 00000300: SWAP1 00000301: SWAP4 00000302: ADD 00000303: SWAP3 00000304: POP 00000305: PUSH2 0x0259 00000308: SWAP1 00000309: POP 0000030a: JUMP 0000030b: JUMPDEST 0000030c: POP 0000030d: SWAP1 0000030e: JUMP
Warning: This is a nightly build of Foundry. It is recommended to use the latest stable version. To mute this warning set `FOUNDRY_DISABLE_NIGHTLY_WARNING` in your environment.
| Severity | Category | Tool | Title | Confidence | Validated | Confirmed | Details |
|---|---|---|---|---|---|---|---|
| high | other | detector | ETH value transfer possible | 55 | no | no |
viewtrace_id: 0x358997fe44c99ef5cce57989248fd3bed1725c7a39ddfd93c03bb2eaf429ab08
call_targets:
0x3325439082ff8ba7371dfdaa1af297bbfcac21b2
target_varies:
no
classification:
constant_target
validation_json{
"sink": "CALL",
"errors": 0,
"status": "sink_reached",
"attempts": 1,
"trace_id": "0x358997fe44c99ef5cce57989248fd3bed1725c7a39ddfd93c03bb2eaf429ab08",
"confirmed": false,
"trace_mode": "callTracer",
"call_targets": [
"0x3325439082ff8ba7371dfdaa1af297bbfcac21b2"
],
"matched_probe": null,
"target_varies": false,
"classification": "constant_target"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0xa0bc572b",
"selector": "0xa0bc572b",
"calldata_variants": [
"0xa0bc572b",
"0xa0bc572b0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xad7a672f",
"selector": "0xad7a672f",
"calldata_variants": [
"0xad7a672f",
"0xad7a672f0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xb69ef8a8",
"selector": "0xb69ef8a8",
"calldata_variants": [
"0xb69ef8a8",
"0xb69ef8a80000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xe97dcb62",
"selector": "0xe97dcb62",
"calldata_variants": [
"0xe97dcb62",
"0xe97dcb620000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 257,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 754,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
}
],
"eth_value_calls": 2,
"guards_detected": []
}
|
| high | other | detector | Untrusted CALL target/value reachable | 60 | no | no |
viewtrace_id: 0x358997fe44c99ef5cce57989248fd3bed1725c7a39ddfd93c03bb2eaf429ab08
call_targets:
0x3325439082ff8ba7371dfdaa1af297bbfcac21b2
target_varies:
no
classification:
constant_target
validation_json{
"sink": "CALL",
"errors": 0,
"status": "sink_reached",
"attempts": 1,
"trace_id": "0x358997fe44c99ef5cce57989248fd3bed1725c7a39ddfd93c03bb2eaf429ab08",
"confirmed": false,
"trace_mode": "callTracer",
"call_targets": [
"0x3325439082ff8ba7371dfdaa1af297bbfcac21b2"
],
"matched_probe": null,
"target_varies": false,
"classification": "constant_target"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0xa0bc572b",
"selector": "0xa0bc572b",
"calldata_variants": [
"0xa0bc572b",
"0xa0bc572b0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xad7a672f",
"selector": "0xad7a672f",
"calldata_variants": [
"0xad7a672f",
"0xad7a672f0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xb69ef8a8",
"selector": "0xb69ef8a8",
"calldata_variants": [
"0xb69ef8a8",
"0xb69ef8a80000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xe97dcb62",
"selector": "0xe97dcb62",
"calldata_variants": [
"0xe97dcb62",
"0xe97dcb620000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 257,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 754,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
}
],
"call_count": 2,
"guards_detected": [],
"untrusted_call_count": 2
}
|