019b3836-39fd-7343-8d00-88249f6d3014
Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?
| ID | Type | Status | Attempts | Heartbeat |
|---|---|---|---|---|
| 4171 | artifact.fetch | complete | 1 / 3 | 3 months ago |
| 4172 | tool.cast_disasm | complete | 1 / 3 | 3 months ago |
| 47712 | analysis.bundle | complete | 1 / 3 | 1 week ago |
| 47713 | capability.graph | complete | 1 / 3 | 1 week ago |
| 47714 | detector.run | complete | 1 / 3 | 1 week ago |
| 47715 | validation.fork | complete | 1 / 3 | 1 week ago |
| 113278 | report.consolidate | complete | 1 / 6 | 1 week ago |
No slither job recorded yet.
{"no_findings":false,"summary":"Bytecode-only review of `BYTECODE_BUNDLE.json` found one strong reentrancy issue in the payable/fallback payout path and multiple unchecked ETH-transfer paths that can break core accounting. Selector names and storage roles are inferred from bytecode patterns, so role labels below are best-effort.","findings":[{"severity":"high","category":"reentrancy","title":"Participant payout calls an untrusted recipient before advancing the payout cursor","exploit_scenario":"In the payable fallback path, the contract CALLs the current participant at pc 0x6a0 before updating the queue/accounting state. From the storage access pattern, slot 0x01 appears to be the current payout index and slot 0x03 the payout pool. A participant implemented as a contract can reenter during its payout by sending at least 1 finney back into the fallback, causing nested execution to observe the same unpaid queue head and trigger the same payout again before the outer frame increments the index or deducts the pool. This can duplicate payouts and drain ETH.","recommendation":"Apply checks-effects-interactions: advance the payout index and deduct the owed amount before any external transfer, or move to a pull-withdrawal model guarded by a reentrancy lock.","evidence":"The CALL at pc 0x6a0 is followed only afterward by storage writes at pc 0x6ac and pc 0x6b6. No guard is detected in the artifact (`auth.guards` is empty), and the callsite metadata reports no returndata/success handling.","locations":["pc:0x62b","pc:0x6a0","pc:0x6ac","pc:0x6b6"]},{"severity":"high","category":"other","title":"Ignored CALL results let failed transfers silently corrupt accounting","exploit_scenario":"Value-transferring CALLs are not checked for success. If a recipient reverts or runs out of gas, execution still continues. In the participant payout path, a failed transfer at pc 0x6a0 is still followed by reducing the payout pool and advancing the queue cursor, so a participant can be marked as paid without receiving ETH. In the fee-sweep path, slot 0x02 is zeroed after the unchecked transfer at pc 0x6f1, so accrued fees can be written off even when the recipient never received them. The refund paths at pc 0x5b and pc 0x400 are also unchecked, so under-minimum or over-cap refunds can silently fail and leave user ETH stranded in the contract.","recommendation":"Check the boolean result of each CALL and revert or preserve state when the transfer fails. Prefer pull-based withdrawals for participant and beneficiary payments.","evidence":"Artifacts mark `returndata_checked` as null for CALLs at pcs 0x5b, 0x400, 0x6a0, and 0x6f1. The bytecode POPs the CALL result and continues to SSTORE at pcs 0x6ac, 0x6b6, and 0x6f7 regardless of success.","locations":["pc:0x5b","pc:0x400","pc:0x6a0","pc:0x6ac","pc:0x6b6","pc:0x6f1","pc:0x6f7"]},{"severity":"medium","category":"reentrancy","title":"Inferred beneficiary fee sweep is reentrant until the fee balance is cleared","exploit_scenario":"The path starting at pc 0x6bf appears to sweep an accumulated fee balance from slot 0x02 to the address in slot 0x06 (best-effort role inference). The contract performs the CALL at pc 0x6f1 and only then clears slot 0x02 at pc 0x6f7. If that recipient is a contract under the beneficiary's control, it can reenter the payable fallback before the outer frame zeroes slot 0x02 and trigger the sweep again, allowing over-withdrawal of the accrued fee balance.","recommendation":"Zero the fee balance before transferring it, and/or protect the sweep with a reentrancy guard or a pull-only withdrawal function.","evidence":"The bytecode loads slot 0x02 as the CALL value and slot 0x06 as the recipient before pc 0x6f1, then executes `SSTORE` to slot 0x02 only at pc 0x6f7. No reentrancy guard is visible in the artifact. This finding is conditional on the inferred role of slot 0x06 being correct.","locations":["pc:0x6bf","pc:0x6d8","pc:0x6db","pc:0x6f1","pc:0x6f7"]}]}
OpenAI Codex v0.118.0 (research preview)
--------
workdir: /tmp/codex-gn1rnkew
model: gpt-5.4
provider: openai
approval: never
sandbox: read-only
reasoning effort: high
reasoning summaries: none
session id: 019d5c03-b512-76d2-bb09-15e2bbd1030c
--------
user
You are a security auditor. You ONLY have runtime bytecode + analysis artifacts.
You MUST read `BYTECODE_BUNDLE.json` before concluding; it contains the bytecode summary,
evidence bundle, callsites, storage slots, and detector findings.
Special cases when reasoning from bytecode (be explicit about uncertainty):
- Selector inference is best-effort; missing selectors are common.
- Fallback/receive paths may be the only entrypoints.
- CALL vs DELEGATECALL semantics differ; DELEGATECALL executes in caller storage.
- Proxy patterns (EIP-1967, minimal proxies, beacon) change which storage is authoritative.
- Storage slots are raw; mappings/arrays appear via keccak patterns, names are unknown.
- Guard detection is heuristic; absence of guards does NOT mean unguarded.
- Returndata checking is unknown unless explicitly shown in evidence.
- Precompiles (0x1..0x9) and common ERC20 transfer selectors may appear; do not over-claim.
Output MUST be valid JSON matching the provided schema.
- If you find nothing meaningful: set no_findings=true and findings=[].
- Otherwise: set no_findings=false and include findings with severity/category/title.
- Locations can be pc references like "pc:0x123" or selectors like "selector:0xa9059cbb".
Focus on: reentrancy, access control, upgradeability/proxy issues, signature validation,
accounting/invariant breaks, dangerous delegatecall, and untrusted external calls.
Be conservative: if evidence is weak, mark severity low/medium and explain why.
warning: Codex could not find system bubblewrap on PATH. Please install bubblewrap with your package manager. Codex will use the vendored bubblewrap in the meantime.
exec
/bin/bash -lc "wc -c BYTECODE_BUNDLE.json && sed -n '1,160p' BYTECODE_BUNDLE.json" in /tmp/codex-gn1rnkew
succeeded in 0ms:
92893 BYTECODE_BUNDLE.json
{
"analysis_artifact": {
"address": "0xbe46324018124b2d604c2f3eae91d3de9b388b09",
"artifact_hash": "0x696b475a5fe033fe80070ef09dd1535404a1102908a7b435a27ce47f3196dffd",
"artifact_json": {
"auth": {
"guards": []
},
"basic_blocks": [
{
"end_pc": 10,
"hash": "0xb458f96293a50d3a451ef54d27a43628fba410013c30627f2d00459b39becfcb",
"opcodes": [
"PUSH1",
"PUSH1",
"MSTORE",
"CALLDATASIZE",
"ISZERO",
"PUSH2",
"JUMPI"
],
"start_pc": 0
},
{
"end_pc": 30,
"hash": "0x39b229e7bc097a17e4ef6c3b10526e3ecf3386b8268f6a5ad84f6b1ba2f9203f",
"opcodes": [
"PUSH1",
"PUSH1",
"EXP",
"PUSH1",
"CALLDATALOAD",
"DIV",
"PUSH4",
"OP_81",
"EQ",
"PUSH2",
"JUMPI"
],
"start_pc": 11
},
{
"end_pc": 41,
"hash": "0x37c1aecf50829f3b9781106e291ee1271330d2218f1a422fb000d49cdefdafda",
"opcodes": [
"OP_80",
"PUSH4",
"EQ",
"PUSH2",
"JUMPI"
],
"start_pc": 31
},
{
"end_pc": 69,
"hash": "0xf882860a8c361d2bd7d0d07d4329a5cbc725e0ac5f478923a3a37c30f03abbd1",
"opcodes": [
"JUMPDEST",
"PUSH2",
"PUSH2",
"PUSH1",
"PUSH1",
"PUSH1",
"PUSH7",
"CALLVALUE",
"LT",
"ISZERO",
"PUSH2",
"JUMPI"
],
"start_pc": 42
},
{
"end_pc": 101,
"hash": "0xaea1c35dbc2593029af65cf0ea5c5de5725d129fef98543d273ad3611cd227dc",
"opcodes": [
"PUSH1",
"PUSH1",
"PUSH1",
"EXP",
"SUB",
"CALLER",
"AND",
"OP_81",
"CALLVALUE",
"PUSH1",
"OP_82",
"OP_81",
"OP_81",
"OP_81",
"OP_85",
"OP_88",
"OP_83",
"CALL",
"OP_93",
"POP",
"POP",
"POP",
"POP",
"POP",
"PUSH2",
"JUMP"
],
"start_pc": 70
},
{
"end_pc": 167,
"hash": "0xaa8d2f92aba74d17d0e0edb5afea99a5416b55d381c74c64d5f6b3498bd65b49",
"opcodes": [
"JUMPDEST",
"PUSH1",
"PUSH1",
"MSTORE",
"PUSH1",
"PUSH1",
"OP_81",
"OP_81",
"MSTORE",
"PUSH1",
"SLOAD",
"PUSH1",
"SLOAD",
"PUSH1",
"SLOAD",
"OP_84",
"SLOAD",
"PUSH2",
"OP_95",
"PUSH1",
"PUSH1",
"PUSH1",
"EXP",
"SUB",
"OP_94",
"OP_90",
"OP_94",
"AND",
"OP_94",
"PUSH7",
"OP_93",
"OP_84",
"OP_90",
"DIV",
"OP_94",
"OP_91",
"OP_93",
"OP_82",
"OP_84",
"OP_86",
"OP_81",
"LT",
"ISZERO",
"PUSH2",
"JUMPI"
],
"start_pc": 102
},
{
"end_pc": 291,
"hash": "0x3109dee8f42abdb11e2ad241909698d9a14f75e09ec8ce92d5e00b8f8b687894",
exec
/bin/bash -lc 'pwd && ls -la && rg --files' in /tmp/codex-gn1rnkew
succeeded in 0ms:
/tmp/codex-gn1rnkew
total 128
drwx------ 2 noahkuhn noahkuhn 4096 Apr 5 05:00 .
drwxrwxrwt 270 nobody nogroup 24576 Apr 5 05:00 ..
-rw-rw-r-- 1 noahkuhn noahkuhn 92893 Apr 5 05:00 BYTECODE_BUNDLE.json
-rw-rw-r-- 1 noahkuhn noahkuhn 815 Apr 5 05:00 codex-output-schema.json
codex-output-schema.json
BYTECODE_BUNDLE.json
exec
/bin/bash -lc "jq 'keys' BYTECODE_BUNDLE.json" in /tmp/codex-gn1rnkew
succeeded in 0ms:
[
"analysis_artifact",
"analysis_run",
"artifact",
"capability_graph",
"detector_findings",
"heuristics_summary"
]
exec
/bin/bash -lc "jq '.analysis_artifact.artifact_json | keys' BYTECODE_BUNDLE.json" in /tmp/codex-gn1rnkew
succeeded in 0ms:
[
"auth",
"basic_blocks",
"callsites",
"cfg_edges",
"cfg_hash",
"dispatcher_type",
"function_entries",
"functions",
"selectors",
"sinks",
"storage",
"version"
]
exec
/bin/bash -lc "jq '.analysis_artifact.artifact_json.detector_findings' BYTECODE_BUNDLE.json" in /tmp/codex-gn1rnkew
succeeded in 0ms:
null
exec
/bin/bash -lc "jq '.heuristics_summary' BYTECODE_BUNDLE.json" in /tmp/codex-gn1rnkew
succeeded in 0ms:
{
"create2_count": 0,
"delegatecall_count": 0,
"flags": [],
"selfdestruct_count": 0
}
exec
/bin/bash -lc "jq '.detector_findings' BYTECODE_BUNDLE.json" in /tmp/codex-gn1rnkew
succeeded in 0ms:
[
{
"confidence": 60,
"evidence_json": {
"call_count": 6,
"examples": [
{
"opcode": "CALL",
"pc": 91,
"returndata_checked": null,
"target_expression_category": "computed",
"value_expression_category": "computed"
},
{
"opcode": "CALL",
"pc": 779,
"returndata_checked": null,
"target_expression_category": "computed",
"value_expression_category": "computed"
},
{
"opcode": "CALL",
"pc": 914,
"returndata_checked": null,
"target_expression_category": "computed",
"value_expression_category": "computed"
}
],
"guards_detected": [],
"untrusted_call_count": 6
},
"normalized_json": {
"sink": "CALL"
},
"severity": "high",
"title": "Untrusted CALL target/value reachable",
"validated": true,
"validation_json": {
"attempts": 1,
"call_targets": [
"0x0000000000000000000000000000000000000004",
"0xbe46324018124b2d604c2f3eae91d3de9b388b09"
],
"classification": "target_varies",
"confirmed": true,
"errors": 0,
"matched_probe": null,
"sink": "CALL",
"status": "confirmed",
"target_varies": true,
"trace_id": "0xe4f4072f699d802b05ee48f4a8c4705020f6e6a6f9351e13ac91d05e166c53a1",
"trace_mode": "callTracer"
}
},
{
"confidence": 55,
"evidence_json": {
"eth_value_calls": 6,
"examples": [
{
"opcode": "CALL",
"pc": 91,
"returndata_checked": null,
"target_expression_category": "computed",
"value_expression_category": "computed"
},
{
"opcode": "CALL",
"pc": 779,
"returndata_checked": null,
"target_expression_category": "computed",
"value_expression_category": "computed"
},
{
"opcode": "CALL",
"pc": 914,
"returndata_checked": null,
"target_expression_category": "computed",
"value_expression_category": "computed"
}
],
"guards_detected": []
},
"normalized_json": {
"sink": "CALL",
"value": "nonzero"
},
"severity": "high",
"title": "ETH value transfer possible",
"validated": true,
"validation_json": {
"attempts": 1,
"call_targets": [
"0x0000000000000000000000000000000000000004",
"0xbe46324018124b2d604c2f3eae91d3de9b388b09"
],
"classification": "target_varies",
"confirmed": true,
"errors": 0,
"matched_probe": null,
"sink": "CALL",
"status": "confirmed",
"target_varies": true,
"trace_id": "0xe4f4072f699d802b05ee48f4a8c4705020f6e6a6f9351e13ac91d05e166c53a1",
"trace_mode": "callTracer"
}
}
]
exec
/bin/bash -lc "jq '.analysis_artifact.artifact_json.selectors' BYTECODE_BUNDLE.json" in /tmp/codex-gn1rnkew
succeeded in 0ms:
[
"0x9334ab61",
"0x9dbc4f9b"
]
exec
/bin/bash -lc "jq '.analysis_artifact.artifact_json.functions' BYTECODE_BUNDLE.json" in /tmp/codex-gn1rnkew
succeeded in 0ms:
[
{
"auth": {
"guards": []
},
"entry_pc": null,
"selector": "0x9334ab61",
"sinks": {
"call": 6,
"delegatecall": 0,
"selfdestruct": 0,
"staticcall": 0
},
"storage": {
"reads": 40,
"slots": [
{
"op": "SLOAD",
"pc": 117,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000006"
},
{
"op": "SLOAD",
"pc": 120,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000003"
},
{
"op": "SLOAD",
"pc": 123,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 355,
"slot": "0x4e2e412e00000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 374,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 525,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 607,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 1169,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 1232,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SSTORE",
"pc": 1288,
"slot": "0x000000000000000000000000000000000000000000000000000000000000012c"
},
{
"op": "SSTORE",
"pc": 1308,
"slot": "0x00000000000000000000000000000000000000000000000000000000000000c8"
},
{
"op": "SSTORE",
"pc": 1329,
"slot": "0x00000000000000000000000000000000000000000000000000000000000000b4"
},
{
"op": "SSTORE",
"pc": 1350,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000096"
},
{
"op": "SSTORE",
"pc": 1371,
"slot": "0x000000000000000000000000000000000000000000000000000000000000007d"
},
{
"op": "SSTORE",
"pc": 1393,
"slot": "0x000000000000000000000000000000000000000000000000000000000000006e"
},
{
"op": "SSTORE",
"pc": 1415,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000069"
},
{
"op": "SLOAD",
"pc": 1424,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000005"
},
{
"op": "SLOAD",
"pc": 1435,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 1477,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000004"
},
{
"op": "SLOAD",
"pc": 1489,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
},
{
"op": "SLOAD",
"pc": 1505,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000004"
},
{
"op": "SLOAD",
"pc": 1519,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000003"
},
{
"op": "SLOAD",
"pc": 1531,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 1535,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 1552,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000003"
},
{
"op": "SLOAD",
"pc": 1581,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 1585,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 1598,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 1676,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000040"
},
{
"op": "SLOAD",
"pc": 1702,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000003"
},
{
"op": "SLOAD",
"pc": 1714,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 1730,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
},
{
"op": "SLOAD",
"pc": 1752,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
},
{
"op": "SLOAD",
"pc": 1755,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000006"
}
],
"writes": 19
}
},
{
"auth": {
"guards": []
},
"entry_pc": 682,
"selector": "0x9dbc4f9b",
"sinks": {
"call": 6,
"delegatecall": 0,
"selfdestruct": 0,
"staticcall": 0
},
"storage": {
"reads": 40,
"slots": [
{
"op": "SLOAD",
"pc": 117,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000006"
},
{
"op": "SLOAD",
"pc": 120,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000003"
},
{
"op": "SLOAD",
"pc": 123,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 355,
"slot": "0x4e2e412e00000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 374,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 525,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 607,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 1169,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 1232,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SSTORE",
"pc": 1288,
"slot": "0x000000000000000000000000000000000000000000000000000000000000012c"
},
{
"op": "SSTORE",
"pc": 1308,
"slot": "0x00000000000000000000000000000000000000000000000000000000000000c8"
},
{
"op": "SSTORE",
"pc": 1329,
"slot": "0x00000000000000000000000000000000000000000000000000000000000000b4"
},
{
"op": "SSTORE",
"pc": 1350,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000096"
},
{
"op": "SSTORE",
"pc": 1371,
"slot": "0x000000000000000000000000000000000000000000000000000000000000007d"
},
{
"op": "SSTORE",
"pc": 1393,
"slot": "0x000000000000000000000000000000000000000000000000000000000000006e"
},
{
"op": "SSTORE",
"pc": 1415,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000069"
},
{
"op": "SLOAD",
"pc": 1424,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000005"
},
{
"op": "SLOAD",
"pc": 1435,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 1477,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000004"
},
{
"op": "SLOAD",
"pc": 1489,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
},
{
"op": "SLOAD",
"pc": 1505,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000004"
},
{
"op": "SLOAD",
"pc": 1519,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000003"
},
{
"op": "SLOAD",
"pc": 1531,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 1535,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 1552,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000003"
},
{
"op": "SLOAD",
"pc": 1581,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 1585,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000000"
},
{
"op": "SLOAD",
"pc": 1598,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 1676,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000040"
},
{
"op": "SLOAD",
"pc": 1702,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000003"
},
{
"op": "SLOAD",
"pc": 1714,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 1730,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
},
{
"op": "SLOAD",
"pc": 1752,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
},
{
"op": "SLOAD",
"pc": 1755,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000006"
}
],
"writes": 19
}
}
]
exec
/bin/bash -lc "jq '.analysis_artifact.artifact_json.function_entries' BYTECODE_BUNDLE.json" in /tmp/codex-gn1rnkew
succeeded in 0ms:
[
{
"entry_pc": null,
"selector": "0x9334ab61"
},
{
"entry_pc": 682,
"selector": "0x9dbc4f9b"
}
]
exec
/bin/bash -lc "jq '.analysis_artifact.artifact_json.callsites' BYTECODE_BUNDLE.json" in /tmp/codex-gn1rnkew
succeeded in 0ms:
[
{
"opcode": "CALL",
"pc": 91,
"returndata_checked": null,
"target_expression_category": "computed",
"value_expression_category": "computed"
},
{
"opcode": "CALL",
"pc": 779,
"returndata_checked": null,
"target_expression_category": "computed",
"value_expression_category": "computed"
},
{
"opcode": "CALL",
"pc": 914,
"returndata_checked": null,
"target_expression_category": "computed",
"value_expression_category": "computed"
},
{
"opcode": "CALL",
"pc": 1024,
"returndata_checked": null,
"target_expression_category": "computed",
"value_expression_category": "computed"
},
{
"opcode": "CALL",
"pc": 1696,
"returndata_checked": null,
"target_expression_category": "computed",
"value_expression_category": "computed"
},
{
"opcode": "CALL",
"pc": 1777,
"returndata_checked": null,
"target_expression_category": "computed",
"value_expression_category": "computed"
}
]
exec
/bin/bash -lc "jq '.analysis_artifact.artifact_json.sinks' BYTECODE_BUNDLE.json" in /tmp/codex-gn1rnkew
succeeded in 0ms:
{
"call": 6,
"create": 0,
"create2": 0,
"delegatecall": 0,
"selfdestruct": 0,
"staticcall": 0,
"upgrade_slot_write_suspected": false
}
exec
/bin/bash -lc "jq '.artifact | keys' BYTECODE_BUNDLE.json" in /tmp/codex-gn1rnkew
succeeded in 0ms:
[
"codehash",
"compiler_json",
"implementation_address",
"is_proxy",
"runtime_bytecode",
"verified_source"
]
exec
/bin/bash -lc "jq '.capability_graph | keys' BYTECODE_BUNDLE.json" in /tmp/codex-gn1rnkew
succeeded in 0ms:
[
"address",
"block_number",
"chain_id",
"codehash",
"created_at",
"graph_hash",
"graph_json",
"id",
"updated_at",
"version"
]
exec
/bin/bash -lc "jq '.analysis_run | keys' BYTECODE_BUNDLE.json" in /tmp/codex-gn1rnkew
succeeded in 0ms:
[
"address",
"block_number",
"chain_id",
"child_links",
"created_at",
"id",
"parent_links",
"status",
"updated_at"
]
exec
/bin/bash -lc "jq '.artifact.is_proxy, .artifact.implementation_address, .artifact.compiler_json, .artifact.verified_source' BYTECODE_BUNDLE.json" in /tmp/codex-gn1rnkew
succeeded in 0ms:
false
null
{
"etherscan": {
"skipped": true
}
}
false
exec
/bin/bash -lc "jq '.capability_graph.graph_json' BYTECODE_BUNDLE.json" in /tmp/codex-gn1rnkew
succeeded in 0ms:
{
"edges": [
{
"from": "bb:0",
"to": "bb:42",
"type": "control_flow"
},
{
"from": "bb:0",
"to": "bb:11",
"type": "control_flow_fallthrough"
},
{
"from": "bb:11",
"to": "bb:102",
"type": "control_flow"
},
{
"from": "bb:11",
"to": "bb:31",
"type": "control_flow_fallthrough"
},
{
"from": "bb:31",
"to": "bb:292",
"type": "control_flow"
},
{
"from": "bb:31",
"to": "bb:42",
"type": "control_flow_fallthrough"
},
{
"from": "bb:42",
"to": "bb:973",
"type": "control_flow"
},
{
"from": "bb:42",
"to": "bb:70",
"type": "control_flow_fallthrough"
},
{
"from": "bb:70",
"to": "bb:1785",
"type": "control_flow"
},
{
"from": "bb:102",
"to": "bb:168",
"type": "control_flow_fallthrough"
},
{
"from": "bb:292",
"to": "bb:675",
"type": "control_flow"
},
{
"from": "bb:292",
"to": "bb:367",
"type": "control_flow_fallthrough"
},
{
"from": "bb:367",
"to": "bb:382",
"type": "control_flow_fallthrough"
},
{
"from": "bb:382",
"to": "bb:456",
"type": "control_flow_fallthrough"
},
{
"from": "bb:456",
"to": "bb:533",
"type": "control_flow_fallthrough"
},
{
"from": "bb:533",
"to": "bb:675",
"type": "control_flow"
},
{
"from": "bb:533",
"to": "bb:623",
"type": "control_flow_fallthrough"
},
{
"from": "bb:623",
"to": "bb:675",
"type": "control_flow_fallthrough"
},
{
"from": "bb:833",
"to": "bb:956",
"type": "control_flow"
},
{
"from": "bb:833",
"to": "bb:931",
"type": "control_flow_fallthrough"
},
{
"from": "bb:931",
"to": "bb:956",
"type": "control_flow_fallthrough"
},
{
"from": "bb:973",
"to": "bb:1047",
"type": "control_flow"
},
{
"from": "bb:973",
"to": "bb:991",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1047",
"to": "bb:1051",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1051",
"to": "bb:1156",
"type": "control_flow"
},
{
"from": "bb:1051",
"to": "bb:1074",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1074",
"to": "bb:1100",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1100",
"to": "bb:1723",
"type": "control_flow"
},
{
"from": "bb:1100",
"to": "bb:1109",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1109",
"to": "bb:1100",
"type": "control_flow"
},
{
"from": "bb:1156",
"to": "bb:1177",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1177",
"to": "bb:1240",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1240",
"to": "bb:1289",
"type": "control_flow"
},
{
"from": "bb:1240",
"to": "bb:1283",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1283",
"to": "bb:1289",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1289",
"to": "bb:1309",
"type": "control_flow"
},
{
"from": "bb:1289",
"to": "bb:1304",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1304",
"to": "bb:1309",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1309",
"to": "bb:1330",
"type": "control_flow"
},
{
"from": "bb:1309",
"to": "bb:1325",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1325",
"to": "bb:1330",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1330",
"to": "bb:1351",
"type": "control_flow"
},
{
"from": "bb:1330",
"to": "bb:1346",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1346",
"to": "bb:1351",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1351",
"to": "bb:1372",
"type": "control_flow"
},
{
"from": "bb:1351",
"to": "bb:1367",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1367",
"to": "bb:1372",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1372",
"to": "bb:1394",
"type": "control_flow"
},
{
"from": "bb:1372",
"to": "bb:1389",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1389",
"to": "bb:1394",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1394",
"to": "bb:1416",
"type": "control_flow"
},
{
"from": "bb:1394",
"to": "bb:1411",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1411",
"to": "bb:1416",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1416",
"to": "bb:1443",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1443",
"to": "bb:1528",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1528",
"to": "bb:1546",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1546",
"to": "bb:1727",
"type": "control_flow"
},
{
"from": "bb:1546",
"to": "bb:1579",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1579",
"to": "bb:1596",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1596",
"to": "bb:1634",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1634",
"to": "bb:1528",
"type": "control_flow"
},
{
"from": "bb:1727",
"to": "bb:1785",
"type": "control_flow"
},
{
"from": "bb:1727",
"to": "bb:1747",
"type": "control_flow_fallthrough"
},
{
"from": "bb:1747",
"to": "bb:1785",
"type": "control_flow_fallthrough"
},
{
"from": "fn:0x9dbc4f9b",
"to": "bb:682",
"type": "entry"
},
{
"from": "bb:70",
"to": "call:91",
"type": "contains"
},
{
"from": "call:91",
"to": "sink:call",
"type": "capability"
},
{
"from": "bb:686",
"to": "call:779",
"type": "contains"
},
{
"from": "call:779",
"to": "sink:call",
"type": "capability"
},
{
"from": "bb:833",
"to": "call:914",
"type": "contains"
},
{
"from": "call:914",
"to": "sink:call",
"type": "capability"
},
{
"from": "bb:991",
"to": "call:1024",
"type": "contains"
},
{
"from": "call:1024",
"to": "sink:call",
"type": "capability"
},
{
"from": "bb:1634",
"to": "call:1696",
"type": "contains"
},
{
"from": "call:1696",
"to": "sink:call",
"type": "capability"
},
{
"from": "bb:1747",
"to": "call:1777",
"type": "contains"
},
{
"from": "call:1777",
"to": "sink:call",
"type": "capability"
}
],
"nodes": [
{
"end_pc": 10,
"hash": "0xb458f96293a50d3a451ef54d27a43628fba410013c30627f2d00459b39becfcb",
"id": "bb:0",
"start_pc": 0,
"type": "basic_block"
},
{
"end_pc": 30,
"hash": "0x39b229e7bc097a17e4ef6c3b10526e3ecf3386b8268f6a5ad84f6b1ba2f9203f",
"id": "bb:11",
"start_pc": 11,
"type": "basic_block"
},
{
"end_pc": 41,
"hash": "0x37c1aecf50829f3b9781106e291ee1271330d2218f1a422fb000d49cdefdafda",
"id": "bb:31",
"start_pc": 31,
"type": "basic_block"
},
{
"end_pc": 69,
"hash": "0xf882860a8c361d2bd7d0d07d4329a5cbc725e0ac5f478923a3a37c30f03abbd1",
"id": "bb:42",
"start_pc": 42,
"type": "basic_block"
},
{
"end_pc": 101,
"hash": "0xaea1c35dbc2593029af65cf0ea5c5de5725d129fef98543d273ad3611cd227dc",
"id": "bb:70",
"start_pc": 70,
"type": "basic_block"
},
{
"end_pc": 167,
"hash": "0xaa8d2f92aba74d17d0e0edb5afea99a5416b55d381c74c64d5f6b3498bd65b49",
"id": "bb:102",
"start_pc": 102,
"type": "basic_block"
},
{
"end_pc": 291,
"hash": "0x3109dee8f42abdb11e2ad241909698d9a14f75e09ec8ce92d5e00b8f8b687894",
"id": "bb:168",
"start_pc": 168,
"type": "basic_block"
},
{
"end_pc": 366,
"hash": "0xc553ae8f553d8052b64cc19ea5f25bde8b78ba52845df9927131864efd0b79e1",
"id": "bb:292",
"start_pc": 292,
"type": "basic_block"
},
{
"end_pc": 381,
"hash": "0xc61ddfe8539e8b5c001d176f42288f4cc26af6ffbb1b137d5c95d5cb2a6f2772",
"id": "bb:367",
"start_pc": 367,
"type": "basic_block"
},
{
"end_pc": 455,
"hash": "0x5e5a24ffd47d8e63675fa717134a5dbe310bf9eed5205be3f0005dbb3f5e4e16",
"id": "bb:382",
"start_pc": 382,
"type": "basic_block"
},
{
"end_pc": 532,
"hash": "0x2aa911a80b5109c56fad711524e02887e83a0e233e1da2b24536365d7975d0f7",
"id": "bb:456",
"start_pc": 456,
"type": "basic_block"
},
{
"end_pc": 622,
"hash": "0xa6700bac96d2f3b830bef1bb0c45c9f883b2345ed74c509ef306198cad7ad980",
"id": "bb:533",
"start_pc": 533,
"type": "basic_block"
},
{
"end_pc": 674,
"hash": "0x9508afb505938749e5e71673b06eb78f1b32ef50545e8d1658999669c7688495",
"id": "bb:623",
"start_pc": 623,
"type": "basic_block"
},
{
"end_pc": 681,
"hash": "0xbdeb130bc63c935d42d1163d137de14c2474f9cac7b82bba97b87343b728eb23",
"id": "bb:675",
"start_pc": 675,
"type": "basic_block"
},
{
"end_pc": 683,
"hash": "0x14725c4d033c25182b88ec6a9da909149d5e2985956f736b1f69a47b0e75517f",
"id": "bb:682",
"start_pc": 682,
"type": "basic_block"
},
{
"end_pc": 685,
"hash": "0x3f229f76985a3553ba6814ca5c204f7962d531745fe2ff053cdc2227812358e4",
"id": "bb:684",
"start_pc": 684,
"type": "basic_block"
},
{
"end_pc": 832,
"hash": "0x1afb147441b09df21bf496fdd30e648f83f547cbd4309adc56efcdbf18f9b033",
"id": "bb:686",
"start_pc": 686,
"type": "basic_block"
},
{
"end_pc": 930,
"hash": "0x24874e2e9bff34182d1974413b6efff043c7a2b0c21f1fc5c65a69e6bfdca0db",
"id": "bb:833",
"start_pc": 833,
"type": "basic_block"
},
{
"end_pc": 955,
"hash": "0x15bc4685886b0559e4ca82eebb6bd925cbc72f578f620b4bf5dd4da4917772d8",
"id": "bb:931",
"start_pc": 931,
"type": "basic_block"
},
{
"end_pc": 972,
"hash": "0x83901c951c0f1cd2eb17cb441b440255196f940da085617d1f27298252994064",
"id": "bb:956",
"start_pc": 956,
"type": "basic_block"
},
{
"end_pc": 990,
"hash": "0x8c8d61a34d48d58c64ef636c9ffe4b2432c5f0510ef3f213144f5289a0fd13ea",
"id": "bb:973",
"start_pc": 973,
"type": "basic_block"
},
{
"end_pc": 1046,
"hash": "0x8cc52b48fe70f2bf308ad2849043435b4148d63f80cdb4c9d8d5e8081421972e",
"id": "bb:991",
"start_pc": 991,
"type": "basic_block"
},
{
"end_pc": 1050,
"hash": "0x378f51d63cb7d34c58a4471c8220bd8ecc12ed64cb914f78595a39f2b011f183",
"id": "bb:1047",
"start_pc": 1047,
"type": "basic_block"
},
{
"end_pc": 1073,
"hash": "0xc9727efa0e0468219e7d5d0d8d730e7efe88de37b6d39660a5beda6169da0df5",
"id": "bb:1051",
"start_pc": 1051,
"type": "basic_block"
},
{
"end_pc": 1099,
"hash": "0xb619409c04d664b15297221fc74a163883ede7ffcf2e9414b378e33079eabb38",
"id": "bb:1074",
"start_pc": 1074,
"type": "basic_block"
},
{
"end_pc": 1108,
"hash": "0xf4cd9551e2b4c8b021422bdc5de0176ef9e7b7dc0c87a72ae89a4034c58a1411",
"id": "bb:1100",
"start_pc": 1100,
"type": "basic_block"
},
{
"end_pc": 1155,
"hash": "0x2cb7d9de8b1cb1486c7cb9781172eca225dc1d63456f853fddbfdecf4aa33e5e",
"id": "bb:1109",
"start_pc": 1109,
"type": "basic_block"
},
{
"end_pc": 1176,
"hash": "0xfb1bfac49d3cc3c5f4a9d41669eeca9f95c82059029fc6cb0a96cefd4845618a",
"id": "bb:1156",
"start_pc": 1156,
"type": "basic_block"
},
{
"end_pc": 1239,
"hash": "0x109fb1aa00af54fad5869cf8db9c10c301ffeeb533dd9606c2145079a09c997f",
"id": "bb:1177",
"start_pc": 1177,
"type": "basic_block"
},
{
"end_pc": 1282,
"hash": "0xa45a73dac6323aee1d0a225786129188376acb9944cfab1e4c4d73043f1c8abf",
"id": "bb:1240",
"start_pc": 1240,
"type": "basic_block"
},
{
"end_pc": 1288,
"hash": "0x22377d9b19e865f89857330d06603ad411f46620d6de331481dcd6cb6067ab39",
"id": "bb:1283",
"start_pc": 1283,
"type": "basic_block"
},
{
"end_pc": 1303,
"hash": "0x7fdeac249d0eefa41753113e93f6d70386f3df4314588698cc35ea559657b24f",
"id": "bb:1289",
"start_pc": 1289,
"type": "basic_block"
},
{
"end_pc": 1308,
"hash": "0xa67680523416870c6f3970368e35a1ac9985dd4625102dbece458b6eff36a144",
"id": "bb:1304",
"start_pc": 1304,
"type": "basic_block"
},
{
"end_pc": 1324,
"hash": "0x7c792b57d922651354157891d5098723ab0a1013dfce778216f97e04bfd35d24",
"id": "bb:1309",
"start_pc": 1309,
"type": "basic_block"
},
{
"end_pc": 1329,
"hash": "0x5a3aea02cbcff0fdcd0e2d537ea9c72f59fde49a69031836902dd02c5fcfb6b3",
"id": "bb:1325",
"start_pc": 1325,
"type": "basic_block"
},
{
"end_pc": 1345,
"hash": "0xec0892a18aab5e70dcc765607207ae7184abb1e8123f36defe8eea7f4b7923d1",
"id": "bb:1330",
"start_pc": 1330,
"type": "basic_block"
},
{
"end_pc": 1350,
"hash": "0xda2a6e55a850a9aa7f4aabc13ef490688e114c05c260512b012b0546b5160b50",
"id": "bb:1346",
"start_pc": 1346,
"type": "basic_block"
},
{
"end_pc": 1366,
"hash": "0x87f2414ecc3e2c9e67466ef85a84b9edcbdfd5a00701c022db2834dfc17c857f",
"id": "bb:1351",
"start_pc": 1351,
"type": "basic_block"
},
{
"end_pc": 1371,
"hash": "0x3a921b9a616cf5b5b868193bc25f4d1fc6a03f484ebe8c65f20d04e404be8f1d",
"id": "bb:1367",
"start_pc": 1367,
"type": "basic_block"
},
{
"end_pc": 1388,
"hash": "0x1a95be697178823f77b9dd93431e239d96eb666b19c44d2ebf48e6ab41a12357",
"id": "bb:1372",
"start_pc": 1372,
"type": "basic_block"
},
{
"end_pc": 1393,
"hash": "0x453e5038f5730106155bb8ad2756f4bf1f5fe83787ae11373c66aea77792f631",
"id": "bb:1389",
"start_pc": 1389,
"type": "basic_block"
},
{
"end_pc": 1410,
"hash": "0xd86df10f712a3c3f4cc7d6a265d17341bbe9e1b21965f0d349143da69508dd23",
"id": "bb:1394",
"start_pc": 1394,
"type": "basic_block"
},
{
"end_pc": 1415,
"hash": "0x1504c623fc18cdb4489ecd15f8448b1592dfba13394605d48b5be7ac2a99a56d",
"id": "bb:1411",
"start_pc": 1411,
"type": "basic_block"
},
{
"end_pc": 1442,
"hash": "0xcbfdbee1332a013508013dee8d54e2828724be2bdbd27b71a3c582ef0c251f42",
"id": "bb:1416",
"start_pc": 1416,
"type": "basic_block"
},
{
"end_pc": 1527,
"hash": "0x79dbd953fc2e64652f29e14609fad11b3ebbbd1b623421a791ce28311da1fff2",
"id": "bb:1443",
"start_pc": 1443,
"type": "basic_block"
},
{
"end_pc": 1545,
"hash": "0xbb5553207a777a32675ec7f2337f9eb8e61fa68dc901b8791c2ed3f72fff37a6",
"id": "bb:1528",
"start_pc": 1528,
"type": "basic_block"
},
{
"end_pc": 1578,
"hash": "0x33965f2b7fed4beeb667631f4ae7a1f68e8c5cb718cd456ffeb7b9009b6a568f",
"id": "bb:1546",
"start_pc": 1546,
"type": "basic_block"
},
{
"end_pc": 1595,
"hash": "0xf7063f3fced1bcf080d47325f79a9302d173b818abf124bd9a9e8aadc3d201e8",
"id": "bb:1579",
"start_pc": 1579,
"type": "basic_block"
},
{
"end_pc": 1633,
"hash": "0x5517c314b2ffc388e2d48bc619d1791b0144ea5d2a45a0016d3a617922566199",
"id": "bb:1596",
"start_pc": 1596,
"type": "basic_block"
},
{
"end_pc": 1722,
"hash": "0xb10f1cef230a9b704546b13428a7c2b98c51978db8429de752848a9db9303753",
"id": "bb:1634",
"start_pc": 1634,
"type": "basic_block"
},
{
"end_pc": 1726,
"hash": "0x08afd77a1f41c1dd35b519e11d13c587dbc06de5f134c66e9481e4a6fb5f36a8",
"id": "bb:1723",
"start_pc": 1723,
"type": "basic_block"
},
{
"end_pc": 1746,
"hash": "0x061718be3e5cf9472bcae8f2215565e4a48b8e1177d4ed74a72417c7b5468995",
"id": "bb:1727",
"start_pc": 1727,
"type": "basic_block"
},
{
"end_pc": 1784,
"hash": "0xd00132339cf583d795d15d7ef823032e861b158ad2e6ea31ca7fc7e18ff7bac2",
"id": "bb:1747",
"start_pc": 1747,
"type": "basic_block"
},
{
"end_pc": 1789,
"hash": "0x7d079dc444232b8b171647b5f28f71478b9716a6cac1414c9da78fcf31de2637",
"id": "bb:1785",
"start_pc": 1785,
"type": "basic_block"
},
{
"end_pc": 1821,
"hash": "0x6a0407b3db4951bf528b9825a9101a9b14bae24c17c746291587a148af4f33b4",
"id": "bb:1790",
"start_pc": 1790,
"type": "basic_block"
},
{
"id": "call:91",
"opcode": "CALL",
"pc": 91,
"type": "callsite"
},
{
"id": "call:779",
"opcode": "CALL",
"pc": 779,
"type": "callsite"
},
{
"id": "call:914",
"opcode": "CALL",
"pc": 914,
"type": "callsite"
},
{
"id": "call:1024",
"opcode": "CALL",
"pc": 1024,
"type": "callsite"
},
{
"id": "call:1696",
"opcode": "CALL",
"pc": 1696,
"type": "callsite"
},
{
"id": "call:1777",
"opcode": "CALL",
"pc": 1777,
"type": "callsite"
},
{
"id": "sink:call",
"type": "sink"
},
{
"entry_pc": null,
"id": "fn:0x9334ab61",
"selector": "0x9334ab61",
"type": "function"
},
{
"entry_pc": 682,
"id": "fn:0x9dbc4f9b",
"selector": "0x9dbc4f9b",
"type": "function"
}
],
"version": "capability_graph_v1"
}
exec
/bin/bash -lc "jq -r '.artifact.runtime_bytecode' BYTECODE_BUNDLE.json | awk '{print length("'$0)}'"'" in /tmp/codex-gn1rnkew
succeeded in 0ms:
1
3659
15
17
15
20
1
exec
/bin/bash -lc "jq '.analysis_artifact.artifact_json.basic_blocks | length' BYTECODE_BUNDLE.json" in /tmp/codex-gn1rnkew
succeeded in 0ms:
55
exec
/bin/bash -lc "jq '.artifact.runtime_bytecode | type, .[0:120]' BYTECODE_BUNDLE.json" in /tmp/codex-gn1rnkew
exited 5 in 0ms:
"object"
jq: error (at BYTECODE_BUNDLE.json:3420): Cannot index object with object
exec
/bin/bash -lc "jq -r '.artifact.runtime_bytecode' BYTECODE_BUNDLE.json | sed -n '1,20p'" in /tmp/codex-gn1rnkew
succeeded in 0ms:
{
"full": "0x6060604052361561002a5760e060020a60003504639334ab6181146100665780639dbc4f9b14610124575b6102aa6102ac60006000600066038d7ea4c680003410156103cd57600160a060020a0333168134606082818181858883f19350505050506106f9565b60806040526000606081815260065460035460015484546102ae95600160a060020a03949094169466038d7ea4c680009384900494919382848681101561000257505091805250600382026000805160206106fe833981519152015460e0604052602d60809081527f416c6c20616d6f756e747320696e2046696e6e6579202831204574686572203d60a0527f20313030302046696e6e6579290000000000000000000000000000000000000060c052959694959394929391900491565b6103416004356000606081905260c0604052600460809081527f4e2e412e0000000000000000000000000000000000000000000000000000000060a0528154829182918510156102a35760006000508581548110156100025750508154828052600386027f290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e5630154600160a060020a03169466038d7ea4c68000918790811015610002575050600386027f290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e56301835060010160005054049250825066038d7ea4c680006000600050868154811015610002575050600386026000805160206106fe8339815191520154610100604052600260c09081527f6e6f00000000000000000000000000000000000000000000000000000000000060e05260015492909104935091508510156102a3575061014060405260036101009081527f7965730000000000000000000000000000000000000000000000000000000000610120525b9193509193565b005b565b6040518087600160a060020a03168152602001868152602001858152602001848152602001838152602001806020018281038252838181518152602001915080519060200190808383829060006004602084601f0104600f02600301f150506101e0805172ffffffffffffffffffffffffffffffffffffff19169052505060405161020081900398509650505050505050f35b6040518085600160a060020a03168152602001848152602001838152602001806020018281038252838181518152602001915080519060200190808383829060006004602084601f0104600f02600301f150905090810190601f1680156103bc5780820380516001836020036101000a031916815260200191505b509550505050505060405180910390f35b683635c9adc5dea0000034111561041757600160a060020a03331681683635c9adc5de9fffff193401606082818181858883f150683635c9adc5dea00000965061041b9350505050565b3492505b8054600181018083559092818480158290116104845760030281600302836000526020600020918201910161048491905b808211156106bb57805473ffffffffffffffffffffffffffffffffffffffff191681556001810185815560029190910185905561044c565b5050505033600060005083815481101561000257906000526020600020906003020160005060000160006101000a815481600160a060020a03021916908302179055508260006000508381548110156100025790600052602060002090600302016000506001016000508190555066038d7ea4c68000831015156105095761012c6005555b662386f26fc10000831061051d5760c86005555b67016345785d8a000083106105325760b46005555b670de0b6b3a764000083106105475760966005555b678ac7230489e80000831061055c57607d6005555b68056bc75e2d63100000831061057257606e6005555b681b1ae4d6e2ef50000083106105885760696005555b6064600560005054840204600060005083815481101561000257906000526020600020906003020160005060020160005081905550606460046000505484020460026000828282505401925050819055506064600460005054840204830360036000828282505401925050819055505b60015460008054909190811015610002579080526003805491026000805160206106fe83398151915201549011156106bf57600154600080549091908110156100025760015482546003929092026000805160206106fe8339815191520154935090811015610002576003027f290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e56301906040519154600160a060020a031691839082818181858883f1505060038054919091039055505060018054810190556105f8565b5090565b600254670de0b6b3a76400009011156106f957604051600254600654600160a060020a0316916000919082818181858883f1505050600255505b50505056290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e565",
"head": null,
"length": 3646,
"tail": null,
"truncated": false
}
exec
/bin/bash -lc 'command -v evm || command -v cast || command -v hevm || command -v python3 || command -v node' in /tmp/codex-gn1rnkew
succeeded in 0ms:
/home/noahkuhn/.foundry/bin/cast
exec
/bin/bash -lc "jq -r '.artifact.runtime_bytecode.full' BYTECODE_BUNDLE.json | cut -c1-120" in /tmp/codex-gn1rnkew
succeeded in 0ms:
0x6060604052361561002a5760e060020a60003504639334ab6181146100665780639dbc4f9b14610124575b6102aa6102ac60006000600066038d7e
exec
/bin/bash -lc "cast --help | sed -n '1,120p'" in /tmp/codex-gn1rnkew
succeeded in 0ms:
A Swiss Army knife for interacting with Ethereum applications from the command line
Usage: cast [OPTIONS] <COMMAND>
Commands:
4byte Get the function signatures for the given selector from
<https://openchain.xyz> [aliases: 4, 4b]
4byte-calldata Decode ABI-encoded calldata using <https://openchain.xyz> [aliases: 4c,
4bc]
4byte-event Get the event signature for a given topic 0 from <https://openchain.xyz>
[aliases: 4e, 4be, topic0-event, t0e]
abi-encode ABI encode the given function argument, excluding the selector [aliases:
ae]
abi-encode-event ABI encode an event and its arguments to generate topics and data [aliases:
aee]
access-list Create an access list for a transaction [aliases: ac, acl]
address-zero Prints the zero address [aliases: --address-zero, az]
admin Fetch the EIP-1967 admin account [aliases: adm]
age Get the timestamp of a block [aliases: a]
artifact Generate an artifact file, that can be used to deploy a contract locally
[aliases: ar]
b2e-payload Convert Beacon payload to execution payload [aliases: b2e]
balance Get the balance of an account in wei [aliases: b]
base-fee Get the basefee of a block [aliases: ba, fee, basefee]
bind Generate a rust binding from a given ABI [aliases: bi]
block Get information about a block [aliases: bl]
block-number Get the latest block number [aliases: bn]
call Perform a call on an account without publishing a transaction [aliases: c]
calldata ABI-encode a function with arguments [aliases: cd]
chain Get the symbolic name of the current chain
chain-id Get the Ethereum chain ID [aliases: ci, cid]
client Get the current client version [aliases: cl]
code Get the runtime bytecode of a contract [aliases: co]
codehash Get the codehash for an account
codesize Get the runtime bytecode size of a contract [aliases: cs]
completions Generate shell completions script [aliases: com]
compute-address Compute the contract address from a given nonce and deployer address
[aliases: ca]
concat-hex Concatenate hex strings [aliases: --concat-hex, ch]
constructor-args Display constructor arguments used for the contract initialization
[aliases: cra]
create2 Generate a deterministic contract address using CREATE2 [aliases: c2]
creation-code Download a contract creation code from Etherscan and RPC [aliases: cc]
da-estimate Estimates the data availability size of a given opstack block
decode-abi Decode ABI-encoded input or output data [aliases: abi-decode, --abi-decode,
ad]
decode-calldata Decode ABI-encoded input data [aliases: calldata-decode, --calldata-decode,
cdd]
decode-error Decode custom error data [aliases: error-decode, --error-decode, erd]
decode-event Decode event data [aliases: event-decode, --event-decode, ed]
decode-string Decode ABI-encoded string [aliases: string-decode, --string-decode, sd]
decode-transaction Decodes a raw signed EIP 2718 typed transaction [aliases: dt, decode-tx]
disassemble Disassembles a hex-encoded bytecode into a human-readable representation
[aliases: da]
erc20-token ERC20 token operations [aliases: erc20]
estimate Estimate the gas cost of a transaction [aliases: e]
find-block Get the block number closest to the provided timestamp [aliases: f]
format-bytes32-string Formats a string into bytes32 encoding [aliases: --format-bytes32-string]
format-units Format a number from smallest unit to decimal with arbitrary decimals
[aliases: --format-units, fun]
from-bin Convert binary data into hex data [aliases: --from-bin, from-binx, fb]
from-fixed-point Convert a fixed point number into an integer [aliases: --from-fix, ff]
from-rlp Decodes RLP hex-encoded data [aliases: --from-rlp]
from-utf8 Convert UTF8 text to hex [aliases: --from-ascii, --from-utf8, from-ascii,
fu, fa]
from-wei Convert wei into an ETH amount [aliases: --from-wei, fw]
gas-price Get the current gas price [aliases: g]
hash-message Hash a message according to EIP-191 [aliases: --hash-message, hm]
hash-zero Prints the zero hash [aliases: --hash-zero, hz]
help Print this message or the help of the given subcommand(s)
implementation Fetch the EIP-1967 implementation for a contract Can read from the
implementation slot or the beacon slot [aliases: impl]
index Compute the storage slot for an entry in a mapping [aliases: in]
index-erc7201 Compute storage slots as specified by `ERC-7201: Namespaced Storage Layout`
[aliases: index7201, in7201]
interface Generate a Solidity interface from a given ABI [aliases: i]
keccak Hash arbitrary data using Keccak-256 [aliases: k, keccak256]
logs Get logs by signature or topic [aliases: l]
lookup-address Perform an ENS reverse lookup [aliases: la]
max-int Prints the maximum value of the given integer type [aliases: --max-int,
maxi]
max-uint Prints the maximum value of the given integer type [aliases: --max-uint,
maxu]
min-int Prints the minimum value of the given integer type [aliases: --min-int,
mini]
mktx Build and sign a transaction [aliases: m]
namehash Calculate the ENS namehash of a name [aliases: na, nh]
nonce Get the nonce for an account [aliases: n]
pad Pads hex data to a specified length [aliases: pd]
parse-bytes32-address Parses a checksummed address from bytes32 encoding. [aliases:
--parse-bytes32-address]
parse-bytes32-string Parses a string from bytes32 encoding [aliases: --parse-bytes32-string]
parse-units Convert a number from decimal to smallest unit with arbitrary decimals
[aliases: --parse-units, pun]
pretty-calldata Pretty print calldata [aliases: pc]
proof Generate a storage proof for a given storage slot [aliases: pr]
publish Publish a raw transaction to the network [aliases: p]
receipt Get the transaction receipt for a transaction [aliases: re]
recover-authority Recovery an EIP-7702 authority from a Authorization JSON string [aliases:
decode-auth]
resolve-name Perform an ENS lookup [aliases: rn]
rpc Perform a raw JSON-RPC request [aliases: rp]
run Runs a published transaction in a local environment and prints the trace
[aliases: r]
selectors Extracts function selectors and arguments from bytecode [aliases: sel]
send Sign and publish a transaction [aliases: s]
shl Perform a left shifting operation
shr Perform a right shifting operation
sig Get the selector for a function [aliases: si]
sig-event Generate event signatures from event string [aliases: se]
source Get the source code of a contract from a block explorer [aliases: et, src]
storage Get the raw value of a contract's storage slot [aliases: st]
storage-root Get the storage root for an account [aliases: sr]
to-ascii Convert hex data to an ASCII string [aliases: --to-ascii, tas, 2as]
to-base Converts a number of one base to another [aliases: --to-base, --to-radix,
to-radix, tr, 2r]
to-bytes32 Right-pads hex data to 32 bytes [aliases: --to-bytes32, tb, 2b]
to-check-sum-address Convert an address to a checksummed format (EIP-55) [aliases:
--to-checksum-address, --to-checksum, to-checksum, ta, 2a]
to-dec Converts a number of one base to decimal [aliases: --to-dec, td, 2d]
exec
/bin/bash -lc "cast disassemble --help | sed -n '1,160p'" in /tmp/codex-gn1rnkew
succeeded in 0ms:
Disassembles a hex-encoded bytecode into a human-readable representation
Usage: cast disassemble [OPTIONS] [BYTECODE]
Arguments:
[BYTECODE]
The hex-encoded bytecode
Options:
-h, --help
Print help (see a summary with '-h')
-j, --threads <THREADS>
Number of threads to use. Specifying 0 defaults to the number of logical cores
[aliases: --jobs]
Display options:
--color <COLOR>
The color of the log messages
Possible values:
- auto: Intelligently guess whether to use color output (default)
- always: Force color output
- never: Force disable color output
--json
Format log messages as JSON
--md
Format log messages as Markdown
-q, --quiet
Do not print log messages
-v, --verbosity...
Verbosity level of the log messages.
Pass multiple times to increase the verbosity (e.g. -v, -vv, -vvv).
Depending on the context the verbosity levels have different meanings.
For example, the verbosity levels of the EVM are:
- 2 (-vv): Print logs for all tests.
- 3 (-vvv): Print execution traces for failing tests.
- 4 (-vvvv): Print execution traces for all tests, and setup traces for failing tests.
- 5 (-vvvvv): Print execution and setup traces for all tests, including storage changes
and
backtraces with line numbers.
exec
/bin/bash -lc 'BYTECODE=$(jq -r '"'.artifact.runtime_bytecode.full' BYTECODE_BUNDLE.json); cast disassemble \""'$BYTECODE" | nl -ba | sed -n '"'1,260p'" in /tmp/codex-gn1rnkew
succeeded in 0ms:
1 00000000: PUSH1 0x60
2 00000002: PUSH1 0x40
3 00000004: MSTORE
4 00000005: CALLDATASIZE
5 00000006: ISZERO
6 00000007: PUSH2 0x002a
7 0000000a: JUMPI
8 0000000b: PUSH1 0xe0
9 0000000d: PUSH1 0x02
10 0000000f: EXP
11 00000010: PUSH1 0x00
12 00000012: CALLDATALOAD
13 00000013: DIV
14 00000014: PUSH4 0x9334ab61
15 00000019: DUP2
16 0000001a: EQ
17 0000001b: PUSH2 0x0066
18 0000001e: JUMPI
19 0000001f: DUP1
20 00000020: PUSH4 0x9dbc4f9b
21 00000025: EQ
22 00000026: PUSH2 0x0124
23 00000029: JUMPI
24 0000002a: JUMPDEST
25 0000002b: PUSH2 0x02aa
26 0000002e: PUSH2 0x02ac
27 00000031: PUSH1 0x00
28 00000033: PUSH1 0x00
29 00000035: PUSH1 0x00
30 00000037: PUSH7 0x038d7ea4c68000
31 0000003f: CALLVALUE
32 00000040: LT
33 00000041: ISZERO
34 00000042: PUSH2 0x03cd
35 00000045: JUMPI
36 00000046: PUSH1 0x01
37 00000048: PUSH1 0xa0
38 0000004a: PUSH1 0x02
39 0000004c: EXP
40 0000004d: SUB
41 0000004e: CALLER
42 0000004f: AND
43 00000050: DUP2
44 00000051: CALLVALUE
45 00000052: PUSH1 0x60
46 00000054: DUP3
47 00000055: DUP2
48 00000056: DUP2
49 00000057: DUP2
50 00000058: DUP6
51 00000059: DUP9
52 0000005a: DUP4
53 0000005b: CALL
54 0000005c: SWAP4
55 0000005d: POP
56 0000005e: POP
57 0000005f: POP
58 00000060: POP
59 00000061: POP
60 00000062: PUSH2 0x06f9
61 00000065: JUMP
62 00000066: JUMPDEST
63 00000067: PUSH1 0x80
64 00000069: PUSH1 0x40
65 0000006b: MSTORE
66 0000006c: PUSH1 0x00
67 0000006e: PUSH1 0x60
68 00000070: DUP2
69 00000071: DUP2
70 00000072: MSTORE
71 00000073: PUSH1 0x06
72 00000075: SLOAD
73 00000076: PUSH1 0x03
74 00000078: SLOAD
75 00000079: PUSH1 0x01
76 0000007b: SLOAD
77 0000007c: DUP5
78 0000007d: SLOAD
79 0000007e: PUSH2 0x02ae
80 00000081: SWAP6
81 00000082: PUSH1 0x01
82 00000084: PUSH1 0xa0
83 00000086: PUSH1 0x02
84 00000088: EXP
85 00000089: SUB
86 0000008a: SWAP5
87 0000008b: SWAP1
88 0000008c: SWAP5
89 0000008d: AND
90 0000008e: SWAP5
91 0000008f: PUSH7 0x038d7ea4c68000
92 00000097: SWAP4
93 00000098: DUP5
94 00000099: SWAP1
95 0000009a: DIV
96 0000009b: SWAP5
97 0000009c: SWAP2
98 0000009d: SWAP4
99 0000009e: DUP3
100 0000009f: DUP5
101 000000a0: DUP7
102 000000a1: DUP2
103 000000a2: LT
104 000000a3: ISZERO
105 000000a4: PUSH2 0x0002
106 000000a7: JUMPI
107 000000a8: POP
108 000000a9: POP
109 000000aa: SWAP2
110 000000ab: DUP1
111 000000ac: MSTORE
112 000000ad: POP
113 000000ae: PUSH1 0x03
114 000000b0: DUP3
115 000000b1: MUL
116 000000b2: PUSH1 0x00
117 000000b4: DUP1
118 000000b5: MLOAD
119 000000b6: PUSH1 0x20
120 000000b8: PUSH2 0x06fe
121 000000bb: DUP4
122 000000bc: CODECOPY
123 000000bd: DUP2
124 000000be: MLOAD
125 000000bf: SWAP2
126 000000c0: MSTORE
127 000000c1: ADD
128 000000c2: SLOAD
129 000000c3: PUSH1 0xe0
130 000000c5: PUSH1 0x40
131 000000c7: MSTORE
132 000000c8: PUSH1 0x2d
133 000000ca: PUSH1 0x80
134 000000cc: SWAP1
135 000000cd: DUP2
136 000000ce: MSTORE
137 000000cf: PUSH32 0x416c6c20616d6f756e747320696e2046696e6e6579202831204574686572203d
138 000000f0: PUSH1 0xa0
139 000000f2: MSTORE
140 000000f3: PUSH32 0x20313030302046696e6e65792900000000000000000000000000000000000000
141 00000114: PUSH1 0xc0
142 00000116: MSTORE
143 00000117: SWAP6
144 00000118: SWAP7
145 00000119: SWAP5
146 0000011a: SWAP6
147 0000011b: SWAP4
148 0000011c: SWAP5
149 0000011d: SWAP3
150 0000011e: SWAP4
151 0000011f: SWAP2
152 00000120: SWAP1
153 00000121: DIV
154 00000122: SWAP2
155 00000123: JUMP
156 00000124: JUMPDEST
157 00000125: PUSH2 0x0341
158 00000128: PUSH1 0x04
159 0000012a: CALLDATALOAD
160 0000012b: PUSH1 0x00
161 0000012d: PUSH1 0x60
162 0000012f: DUP2
163 00000130: SWAP1
164 00000131: MSTORE
165 00000132: PUSH1 0xc0
166 00000134: PUSH1 0x40
167 00000136: MSTORE
168 00000137: PUSH1 0x04
169 00000139: PUSH1 0x80
170 0000013b: SWAP1
171 0000013c: DUP2
172 0000013d: MSTORE
173 0000013e: PUSH32 0x4e2e412e00000000000000000000000000000000000000000000000000000000
174 0000015f: PUSH1 0xa0
175 00000161: MSTORE
176 00000162: DUP2
177 00000163: SLOAD
178 00000164: DUP3
179 00000165: SWAP2
180 00000166: DUP3
181 00000167: SWAP2
182 00000168: DUP6
183 00000169: LT
184 0000016a: ISZERO
185 0000016b: PUSH2 0x02a3
186 0000016e: JUMPI
187 0000016f: PUSH1 0x00
188 00000171: PUSH1 0x00
189 00000173: POP
190 00000174: DUP6
191 00000175: DUP2
192 00000176: SLOAD
193 00000177: DUP2
194 00000178: LT
195 00000179: ISZERO
196 0000017a: PUSH2 0x0002
197 0000017d: JUMPI
198 0000017e: POP
199 0000017f: POP
200 00000180: DUP2
201 00000181: SLOAD
202 00000182: DUP3
203 00000183: DUP1
204 00000184: MSTORE
205 00000185: PUSH1 0x03
206 00000187: DUP7
207 00000188: MUL
208 00000189: PUSH32 0x290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e563
209 000001aa: ADD
210 000001ab: SLOAD
211 000001ac: PUSH1 0x01
212 000001ae: PUSH1 0xa0
213 000001b0: PUSH1 0x02
214 000001b2: EXP
215 000001b3: SUB
216 000001b4: AND
217 000001b5: SWAP5
218 000001b6: PUSH7 0x038d7ea4c68000
219 000001be: SWAP2
220 000001bf: DUP8
221 000001c0: SWAP1
222 000001c1: DUP2
223 000001c2: LT
224 000001c3: ISZERO
225 000001c4: PUSH2 0x0002
226 000001c7: JUMPI
227 000001c8: POP
228 000001c9: POP
229 000001ca: PUSH1 0x03
230 000001cc: DUP7
231 000001cd: MUL
232 000001ce: PUSH32 0x290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e563
233 000001ef: ADD
234 000001f0: DUP4
235 000001f1: POP
236 000001f2: PUSH1 0x01
237 000001f4: ADD
238 000001f5: PUSH1 0x00
239 000001f7: POP
240 000001f8: SLOAD
241 000001f9: DIV
242 000001fa: SWAP3
243 000001fb: POP
244 000001fc: DUP3
245 000001fd: POP
246 000001fe: PUSH7 0x038d7ea4c68000
247 00000206: PUSH1 0x00
248 00000208: PUSH1 0x00
249 0000020a: POP
250 0000020b: DUP7
251 0000020c: DUP2
252 0000020d: SLOAD
253 0000020e: DUP2
254 0000020f: LT
255 00000210: ISZERO
256 00000211: PUSH2 0x0002
257 00000214: JUMPI
258 00000215: POP
259 00000216: POP
260 00000217: PUSH1 0x03
exec
/bin/bash -lc 'BYTECODE=$(jq -r '"'.artifact.runtime_bytecode.full' BYTECODE_BUNDLE.json); cast disassemble \""'$BYTECODE" | nl -ba | sed -n '"'261,520p'" in /tmp/codex-gn1rnkew
succeeded in 0ms:
261 00000219: DUP7
262 0000021a: MUL
263 0000021b: PUSH1 0x00
264 0000021d: DUP1
265 0000021e: MLOAD
266 0000021f: PUSH1 0x20
267 00000221: PUSH2 0x06fe
268 00000224: DUP4
269 00000225: CODECOPY
270 00000226: DUP2
271 00000227: MLOAD
272 00000228: SWAP2
273 00000229: MSTORE
274 0000022a: ADD
275 0000022b: SLOAD
276 0000022c: PUSH2 0x0100
277 0000022f: PUSH1 0x40
278 00000231: MSTORE
279 00000232: PUSH1 0x02
280 00000234: PUSH1 0xc0
281 00000236: SWAP1
282 00000237: DUP2
283 00000238: MSTORE
284 00000239: PUSH32 0x6e6f000000000000000000000000000000000000000000000000000000000000
285 0000025a: PUSH1 0xe0
286 0000025c: MSTORE
287 0000025d: PUSH1 0x01
288 0000025f: SLOAD
289 00000260: SWAP3
290 00000261: SWAP1
291 00000262: SWAP2
292 00000263: DIV
293 00000264: SWAP4
294 00000265: POP
295 00000266: SWAP2
296 00000267: POP
297 00000268: DUP6
298 00000269: LT
299 0000026a: ISZERO
300 0000026b: PUSH2 0x02a3
301 0000026e: JUMPI
302 0000026f: POP
303 00000270: PUSH2 0x0140
304 00000273: PUSH1 0x40
305 00000275: MSTORE
306 00000276: PUSH1 0x03
307 00000278: PUSH2 0x0100
308 0000027b: SWAP1
309 0000027c: DUP2
310 0000027d: MSTORE
311 0000027e: PUSH32 0x7965730000000000000000000000000000000000000000000000000000000000
312 0000029f: PUSH2 0x0120
313 000002a2: MSTORE
314 000002a3: JUMPDEST
315 000002a4: SWAP2
316 000002a5: SWAP4
317 000002a6: POP
318 000002a7: SWAP2
319 000002a8: SWAP4
320 000002a9: JUMP
321 000002aa: JUMPDEST
322 000002ab: STOP
323 000002ac: JUMPDEST
324 000002ad: JUMP
325 000002ae: JUMPDEST
326 000002af: PUSH1 0x40
327 000002b1: MLOAD
328 000002b2: DUP1
329 000002b3: DUP8
330 000002b4: PUSH1 0x01
331 000002b6: PUSH1 0xa0
332 000002b8: PUSH1 0x02
333 000002ba: EXP
334 000002bb: SUB
335 000002bc: AND
336 000002bd: DUP2
337 000002be: MSTORE
338 000002bf: PUSH1 0x20
339 000002c1: ADD
340 000002c2: DUP7
341 000002c3: DUP2
342 000002c4: MSTORE
343 000002c5: PUSH1 0x20
344 000002c7: ADD
345 000002c8: DUP6
346 000002c9: DUP2
347 000002ca: MSTORE
348 000002cb: PUSH1 0x20
349 000002cd: ADD
350 000002ce: DUP5
351 000002cf: DUP2
352 000002d0: MSTORE
353 000002d1: PUSH1 0x20
354 000002d3: ADD
355 000002d4: DUP4
356 000002d5: DUP2
357 000002d6: MSTORE
358 000002d7: PUSH1 0x20
359 000002d9: ADD
360 000002da: DUP1
361 000002db: PUSH1 0x20
362 000002dd: ADD
363 000002de: DUP3
364 000002df: DUP2
365 000002e0: SUB
366 000002e1: DUP3
367 000002e2: MSTORE
368 000002e3: DUP4
369 000002e4: DUP2
370 000002e5: DUP2
371 000002e6: MLOAD
372 000002e7: DUP2
373 000002e8: MSTORE
374 000002e9: PUSH1 0x20
375 000002eb: ADD
376 000002ec: SWAP2
377 000002ed: POP
378 000002ee: DUP1
379 000002ef: MLOAD
380 000002f0: SWAP1
381 000002f1: PUSH1 0x20
382 000002f3: ADD
383 000002f4: SWAP1
384 000002f5: DUP1
385 000002f6: DUP4
386 000002f7: DUP4
387 000002f8: DUP3
388 000002f9: SWAP1
389 000002fa: PUSH1 0x00
390 000002fc: PUSH1 0x04
391 000002fe: PUSH1 0x20
392 00000300: DUP5
393 00000301: PUSH1 0x1f
394 00000303: ADD
395 00000304: DIV
396 00000305: PUSH1 0x0f
397 00000307: MUL
398 00000308: PUSH1 0x03
399 0000030a: ADD
400 0000030b: CALL
401 0000030c: POP
402 0000030d: POP
403 0000030e: PUSH2 0x01e0
404 00000311: DUP1
405 00000312: MLOAD
406 00000313: PUSH19 0xffffffffffffffffffffffffffffffffffffff
407 00000327: NOT
408 00000328: AND
409 00000329: SWAP1
410 0000032a: MSTORE
411 0000032b: POP
412 0000032c: POP
413 0000032d: PUSH1 0x40
414 0000032f: MLOAD
415 00000330: PUSH2 0x0200
416 00000333: DUP2
417 00000334: SWAP1
418 00000335: SUB
419 00000336: SWAP9
420 00000337: POP
421 00000338: SWAP7
422 00000339: POP
423 0000033a: POP
424 0000033b: POP
425 0000033c: POP
426 0000033d: POP
427 0000033e: POP
428 0000033f: POP
429 00000340: RETURN
430 00000341: JUMPDEST
431 00000342: PUSH1 0x40
432 00000344: MLOAD
433 00000345: DUP1
434 00000346: DUP6
435 00000347: PUSH1 0x01
436 00000349: PUSH1 0xa0
437 0000034b: PUSH1 0x02
438 0000034d: EXP
439 0000034e: SUB
440 0000034f: AND
441 00000350: DUP2
442 00000351: MSTORE
443 00000352: PUSH1 0x20
444 00000354: ADD
445 00000355: DUP5
446 00000356: DUP2
447 00000357: MSTORE
448 00000358: PUSH1 0x20
449 0000035a: ADD
450 0000035b: DUP4
451 0000035c: DUP2
452 0000035d: MSTORE
453 0000035e: PUSH1 0x20
454 00000360: ADD
455 00000361: DUP1
456 00000362: PUSH1 0x20
457 00000364: ADD
458 00000365: DUP3
459 00000366: DUP2
460 00000367: SUB
461 00000368: DUP3
462 00000369: MSTORE
463 0000036a: DUP4
464 0000036b: DUP2
465 0000036c: DUP2
466 0000036d: MLOAD
467 0000036e: DUP2
468 0000036f: MSTORE
469 00000370: PUSH1 0x20
470 00000372: ADD
471 00000373: SWAP2
472 00000374: POP
473 00000375: DUP1
474 00000376: MLOAD
475 00000377: SWAP1
476 00000378: PUSH1 0x20
477 0000037a: ADD
478 0000037b: SWAP1
479 0000037c: DUP1
480 0000037d: DUP4
481 0000037e: DUP4
482 0000037f: DUP3
483 00000380: SWAP1
484 00000381: PUSH1 0x00
485 00000383: PUSH1 0x04
486 00000385: PUSH1 0x20
487 00000387: DUP5
488 00000388: PUSH1 0x1f
489 0000038a: ADD
490 0000038b: DIV
491 0000038c: PUSH1 0x0f
492 0000038e: MUL
493 0000038f: PUSH1 0x03
494 00000391: ADD
495 00000392: CALL
496 00000393: POP
497 00000394: SWAP1
498 00000395: POP
499 00000396: SWAP1
500 00000397: DUP2
501 00000398: ADD
502 00000399: SWAP1
503 0000039a: PUSH1 0x1f
504 0000039c: AND
505 0000039d: DUP1
506 0000039e: ISZERO
507 0000039f: PUSH2 0x03bc
508 000003a2: JUMPI
509 000003a3: DUP1
510 000003a4: DUP3
511 000003a5: SUB
512 000003a6: DUP1
513 000003a7: MLOAD
514 000003a8: PUSH1 0x01
515 000003aa: DUP4
516 000003ab: PUSH1 0x20
517 000003ad: SUB
518 000003ae: PUSH2 0x0100
519 000003b1: EXP
520 000003b2: SUB
exec
/bin/bash -lc 'BYTECODE=$(jq -r '"'.artifact.runtime_bytecode.full' BYTECODE_BUNDLE.json); cast disassemble \""'$BYTECODE" | nl -ba | sed -n '"'521,820p'" in /tmp/codex-gn1rnkew
succeeded in 0ms:
521 000003b3: NOT
522 000003b4: AND
523 000003b5: DUP2
524 000003b6: MSTORE
525 000003b7: PUSH1 0x20
526 000003b9: ADD
527 000003ba: SWAP2
528 000003bb: POP
529 000003bc: JUMPDEST
530 000003bd: POP
531 000003be: SWAP6
532 000003bf: POP
533 000003c0: POP
534 000003c1: POP
535 000003c2: POP
536 000003c3: POP
537 000003c4: POP
538 000003c5: PUSH1 0x40
539 000003c7: MLOAD
540 000003c8: DUP1
541 000003c9: SWAP2
542 000003ca: SUB
543 000003cb: SWAP1
544 000003cc: RETURN
545 000003cd: JUMPDEST
546 000003ce: PUSH9 0x3635c9adc5dea00000
547 000003d8: CALLVALUE
548 000003d9: GT
549 000003da: ISZERO
550 000003db: PUSH2 0x0417
551 000003de: JUMPI
552 000003df: PUSH1 0x01
553 000003e1: PUSH1 0xa0
554 000003e3: PUSH1 0x02
555 000003e5: EXP
556 000003e6: SUB
557 000003e7: CALLER
558 000003e8: AND
559 000003e9: DUP2
560 000003ea: PUSH9 0x3635c9adc5de9fffff
561 000003f4: NOT
562 000003f5: CALLVALUE
563 000003f6: ADD
564 000003f7: PUSH1 0x60
565 000003f9: DUP3
566 000003fa: DUP2
567 000003fb: DUP2
568 000003fc: DUP2
569 000003fd: DUP6
570 000003fe: DUP9
571 000003ff: DUP4
572 00000400: CALL
573 00000401: POP
574 00000402: PUSH9 0x3635c9adc5dea00000
575 0000040c: SWAP7
576 0000040d: POP
577 0000040e: PUSH2 0x041b
578 00000411: SWAP4
579 00000412: POP
580 00000413: POP
581 00000414: POP
582 00000415: POP
583 00000416: JUMP
584 00000417: JUMPDEST
585 00000418: CALLVALUE
586 00000419: SWAP3
587 0000041a: POP
588 0000041b: JUMPDEST
589 0000041c: DUP1
590 0000041d: SLOAD
591 0000041e: PUSH1 0x01
592 00000420: DUP2
593 00000421: ADD
594 00000422: DUP1
595 00000423: DUP4
596 00000424: SSTORE
597 00000425: SWAP1
598 00000426: SWAP3
599 00000427: DUP2
600 00000428: DUP5
601 00000429: DUP1
602 0000042a: ISZERO
603 0000042b: DUP3
604 0000042c: SWAP1
605 0000042d: GT
606 0000042e: PUSH2 0x0484
607 00000431: JUMPI
608 00000432: PUSH1 0x03
609 00000434: MUL
610 00000435: DUP2
611 00000436: PUSH1 0x03
612 00000438: MUL
613 00000439: DUP4
614 0000043a: PUSH1 0x00
615 0000043c: MSTORE
616 0000043d: PUSH1 0x20
617 0000043f: PUSH1 0x00
618 00000441: KECCAK256
619 00000442: SWAP2
620 00000443: DUP3
621 00000444: ADD
622 00000445: SWAP2
623 00000446: ADD
624 00000447: PUSH2 0x0484
625 0000044a: SWAP2
626 0000044b: SWAP1
627 0000044c: JUMPDEST
628 0000044d: DUP1
629 0000044e: DUP3
630 0000044f: GT
631 00000450: ISZERO
632 00000451: PUSH2 0x06bb
633 00000454: JUMPI
634 00000455: DUP1
635 00000456: SLOAD
636 00000457: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
637 0000046c: NOT
638 0000046d: AND
639 0000046e: DUP2
640 0000046f: SSTORE
641 00000470: PUSH1 0x01
642 00000472: DUP2
643 00000473: ADD
644 00000474: DUP6
645 00000475: DUP2
646 00000476: SSTORE
647 00000477: PUSH1 0x02
648 00000479: SWAP2
649 0000047a: SWAP1
650 0000047b: SWAP2
651 0000047c: ADD
652 0000047d: DUP6
653 0000047e: SWAP1
654 0000047f: SSTORE
655 00000480: PUSH2 0x044c
656 00000483: JUMP
657 00000484: JUMPDEST
658 00000485: POP
659 00000486: POP
660 00000487: POP
661 00000488: POP
662 00000489: CALLER
663 0000048a: PUSH1 0x00
664 0000048c: PUSH1 0x00
665 0000048e: POP
666 0000048f: DUP4
667 00000490: DUP2
668 00000491: SLOAD
669 00000492: DUP2
670 00000493: LT
671 00000494: ISZERO
672 00000495: PUSH2 0x0002
673 00000498: JUMPI
674 00000499: SWAP1
675 0000049a: PUSH1 0x00
676 0000049c: MSTORE
677 0000049d: PUSH1 0x20
678 0000049f: PUSH1 0x00
679 000004a1: KECCAK256
680 000004a2: SWAP1
681 000004a3: PUSH1 0x03
682 000004a5: MUL
683 000004a6: ADD
684 000004a7: PUSH1 0x00
685 000004a9: POP
686 000004aa: PUSH1 0x00
687 000004ac: ADD
688 000004ad: PUSH1 0x00
689 000004af: PUSH2 0x0100
690 000004b2: EXP
691 000004b3: DUP2
692 000004b4: SLOAD
693 000004b5: DUP2
694 000004b6: PUSH1 0x01
695 000004b8: PUSH1 0xa0
696 000004ba: PUSH1 0x02
697 000004bc: EXP
698 000004bd: SUB
699 000004be: MUL
700 000004bf: NOT
701 000004c0: AND
702 000004c1: SWAP1
703 000004c2: DUP4
704 000004c3: MUL
705 000004c4: OR
706 000004c5: SWAP1
707 000004c6: SSTORE
708 000004c7: POP
709 000004c8: DUP3
710 000004c9: PUSH1 0x00
711 000004cb: PUSH1 0x00
712 000004cd: POP
713 000004ce: DUP4
714 000004cf: DUP2
715 000004d0: SLOAD
716 000004d1: DUP2
717 000004d2: LT
718 000004d3: ISZERO
719 000004d4: PUSH2 0x0002
720 000004d7: JUMPI
721 000004d8: SWAP1
722 000004d9: PUSH1 0x00
723 000004db: MSTORE
724 000004dc: PUSH1 0x20
725 000004de: PUSH1 0x00
726 000004e0: KECCAK256
727 000004e1: SWAP1
728 000004e2: PUSH1 0x03
729 000004e4: MUL
730 000004e5: ADD
731 000004e6: PUSH1 0x00
732 000004e8: POP
733 000004e9: PUSH1 0x01
734 000004eb: ADD
735 000004ec: PUSH1 0x00
736 000004ee: POP
737 000004ef: DUP2
738 000004f0: SWAP1
739 000004f1: SSTORE
740 000004f2: POP
741 000004f3: PUSH7 0x038d7ea4c68000
742 000004fb: DUP4
743 000004fc: LT
744 000004fd: ISZERO
745 000004fe: ISZERO
746 000004ff: PUSH2 0x0509
747 00000502: JUMPI
748 00000503: PUSH2 0x012c
749 00000506: PUSH1 0x05
750 00000508: SSTORE
751 00000509: JUMPDEST
752 0000050a: PUSH7 0x2386f26fc10000
753 00000512: DUP4
754 00000513: LT
755 00000514: PUSH2 0x051d
756 00000517: JUMPI
757 00000518: PUSH1 0xc8
758 0000051a: PUSH1 0x05
759 0000051c: SSTORE
760 0000051d: JUMPDEST
761 0000051e: PUSH8 0x016345785d8a0000
762 00000527: DUP4
763 00000528: LT
764 00000529: PUSH2 0x0532
765 0000052c: JUMPI
766 0000052d: PUSH1 0xb4
767 0000052f: PUSH1 0x05
768 00000531: SSTORE
769 00000532: JUMPDEST
770 00000533: PUSH8 0x0de0b6b3a7640000
771 0000053c: DUP4
772 0000053d: LT
773 0000053e: PUSH2 0x0547
774 00000541: JUMPI
775 00000542: PUSH1 0x96
776 00000544: PUSH1 0x05
777 00000546: SSTORE
778 00000547: JUMPDEST
779 00000548: PUSH8 0x8ac7230489e80000
780 00000551: DUP4
781 00000552: LT
782 00000553: PUSH2 0x055c
783 00000556: JUMPI
784 00000557: PUSH1 0x7d
785 00000559: PUSH1 0x05
786 0000055b: SSTORE
787 0000055c: JUMPDEST
788 0000055d: PUSH9 0x056bc75e2d63100000
789 00000567: DUP4
790 00000568: LT
791 00000569: PUSH2 0x0572
792 0000056c: JUMPI
793 0000056d: PUSH1 0x6e
794 0000056f: PUSH1 0x05
795 00000571: SSTORE
796 00000572: JUMPDEST
797 00000573: PUSH9 0x1b1ae4d6e2ef500000
798 0000057d: DUP4
799 0000057e: LT
800 0000057f: PUSH2 0x0588
801 00000582: JUMPI
802 00000583: PUSH1 0x69
803 00000585: PUSH1 0x05
804 00000587: SSTORE
805 00000588: JUMPDEST
806 00000589: PUSH1 0x64
807 0000058b: PUSH1 0x05
808 0000058d: PUSH1 0x00
809 0000058f: POP
810 00000590: SLOAD
811 00000591: DUP5
812 00000592: MUL
813 00000593: DIV
814 00000594: PUSH1 0x00
815 00000596: PUSH1 0x00
816 00000598: POP
817 00000599: DUP4
818 0000059a: DUP2
819 0000059b: SLOAD
820 0000059c: DUP2
exec
/bin/bash -lc 'BYTECODE=$(jq -r '"'.artifact.runtime_bytecode.full' BYTECODE_BUNDLE.json); cast disassemble \""'$BYTECODE" | nl -ba | sed -n '"'821,1120p'" in /tmp/codex-gn1rnkew
succeeded in 0ms:
821 0000059d: LT
822 0000059e: ISZERO
823 0000059f: PUSH2 0x0002
824 000005a2: JUMPI
825 000005a3: SWAP1
826 000005a4: PUSH1 0x00
827 000005a6: MSTORE
828 000005a7: PUSH1 0x20
829 000005a9: PUSH1 0x00
830 000005ab: KECCAK256
831 000005ac: SWAP1
832 000005ad: PUSH1 0x03
833 000005af: MUL
834 000005b0: ADD
835 000005b1: PUSH1 0x00
836 000005b3: POP
837 000005b4: PUSH1 0x02
838 000005b6: ADD
839 000005b7: PUSH1 0x00
840 000005b9: POP
841 000005ba: DUP2
842 000005bb: SWAP1
843 000005bc: SSTORE
844 000005bd: POP
845 000005be: PUSH1 0x64
846 000005c0: PUSH1 0x04
847 000005c2: PUSH1 0x00
848 000005c4: POP
849 000005c5: SLOAD
850 000005c6: DUP5
851 000005c7: MUL
852 000005c8: DIV
853 000005c9: PUSH1 0x02
854 000005cb: PUSH1 0x00
855 000005cd: DUP3
856 000005ce: DUP3
857 000005cf: DUP3
858 000005d0: POP
859 000005d1: SLOAD
860 000005d2: ADD
861 000005d3: SWAP3
862 000005d4: POP
863 000005d5: POP
864 000005d6: DUP2
865 000005d7: SWAP1
866 000005d8: SSTORE
867 000005d9: POP
868 000005da: PUSH1 0x64
869 000005dc: PUSH1 0x04
870 000005de: PUSH1 0x00
871 000005e0: POP
872 000005e1: SLOAD
873 000005e2: DUP5
874 000005e3: MUL
875 000005e4: DIV
876 000005e5: DUP4
877 000005e6: SUB
878 000005e7: PUSH1 0x03
879 000005e9: PUSH1 0x00
880 000005eb: DUP3
881 000005ec: DUP3
882 000005ed: DUP3
883 000005ee: POP
884 000005ef: SLOAD
885 000005f0: ADD
886 000005f1: SWAP3
887 000005f2: POP
888 000005f3: POP
889 000005f4: DUP2
890 000005f5: SWAP1
891 000005f6: SSTORE
892 000005f7: POP
893 000005f8: JUMPDEST
894 000005f9: PUSH1 0x01
895 000005fb: SLOAD
896 000005fc: PUSH1 0x00
897 000005fe: DUP1
898 000005ff: SLOAD
899 00000600: SWAP1
900 00000601: SWAP2
901 00000602: SWAP1
902 00000603: DUP2
903 00000604: LT
904 00000605: ISZERO
905 00000606: PUSH2 0x0002
906 00000609: JUMPI
907 0000060a: SWAP1
908 0000060b: DUP1
909 0000060c: MSTORE
910 0000060d: PUSH1 0x03
911 0000060f: DUP1
912 00000610: SLOAD
913 00000611: SWAP2
914 00000612: MUL
915 00000613: PUSH1 0x00
916 00000615: DUP1
917 00000616: MLOAD
918 00000617: PUSH1 0x20
919 00000619: PUSH2 0x06fe
920 0000061c: DUP4
921 0000061d: CODECOPY
922 0000061e: DUP2
923 0000061f: MLOAD
924 00000620: SWAP2
925 00000621: MSTORE
926 00000622: ADD
927 00000623: SLOAD
928 00000624: SWAP1
929 00000625: GT
930 00000626: ISZERO
931 00000627: PUSH2 0x06bf
932 0000062a: JUMPI
933 0000062b: PUSH1 0x01
934 0000062d: SLOAD
935 0000062e: PUSH1 0x00
936 00000630: DUP1
937 00000631: SLOAD
938 00000632: SWAP1
939 00000633: SWAP2
940 00000634: SWAP1
941 00000635: DUP2
942 00000636: LT
943 00000637: ISZERO
944 00000638: PUSH2 0x0002
945 0000063b: JUMPI
946 0000063c: PUSH1 0x01
947 0000063e: SLOAD
948 0000063f: DUP3
949 00000640: SLOAD
950 00000641: PUSH1 0x03
951 00000643: SWAP3
952 00000644: SWAP1
953 00000645: SWAP3
954 00000646: MUL
955 00000647: PUSH1 0x00
956 00000649: DUP1
957 0000064a: MLOAD
958 0000064b: PUSH1 0x20
959 0000064d: PUSH2 0x06fe
960 00000650: DUP4
961 00000651: CODECOPY
962 00000652: DUP2
963 00000653: MLOAD
964 00000654: SWAP2
965 00000655: MSTORE
966 00000656: ADD
967 00000657: SLOAD
968 00000658: SWAP4
969 00000659: POP
970 0000065a: SWAP1
971 0000065b: DUP2
972 0000065c: LT
973 0000065d: ISZERO
974 0000065e: PUSH2 0x0002
975 00000661: JUMPI
976 00000662: PUSH1 0x03
977 00000664: MUL
978 00000665: PUSH32 0x290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e563
979 00000686: ADD
980 00000687: SWAP1
981 00000688: PUSH1 0x40
982 0000068a: MLOAD
983 0000068b: SWAP2
984 0000068c: SLOAD
985 0000068d: PUSH1 0x01
986 0000068f: PUSH1 0xa0
987 00000691: PUSH1 0x02
988 00000693: EXP
989 00000694: SUB
990 00000695: AND
991 00000696: SWAP2
992 00000697: DUP4
993 00000698: SWAP1
994 00000699: DUP3
995 0000069a: DUP2
996 0000069b: DUP2
997 0000069c: DUP2
998 0000069d: DUP6
999 0000069e: DUP9
1000 0000069f: DUP4
1001 000006a0: CALL
1002 000006a1: POP
1003 000006a2: POP
1004 000006a3: PUSH1 0x03
1005 000006a5: DUP1
1006 000006a6: SLOAD
1007 000006a7: SWAP2
1008 000006a8: SWAP1
1009 000006a9: SWAP2
1010 000006aa: SUB
1011 000006ab: SWAP1
1012 000006ac: SSTORE
1013 000006ad: POP
1014 000006ae: POP
1015 000006af: PUSH1 0x01
1016 000006b1: DUP1
1017 000006b2: SLOAD
1018 000006b3: DUP2
1019 000006b4: ADD
1020 000006b5: SWAP1
1021 000006b6: SSTORE
1022 000006b7: PUSH2 0x05f8
1023 000006ba: JUMP
1024 000006bb: JUMPDEST
1025 000006bc: POP
1026 000006bd: SWAP1
1027 000006be: JUMP
1028 000006bf: JUMPDEST
1029 000006c0: PUSH1 0x02
1030 000006c2: SLOAD
1031 000006c3: PUSH8 0x0de0b6b3a7640000
1032 000006cc: SWAP1
1033 000006cd: GT
1034 000006ce: ISZERO
1035 000006cf: PUSH2 0x06f9
1036 000006d2: JUMPI
1037 000006d3: PUSH1 0x40
1038 000006d5: MLOAD
1039 000006d6: PUSH1 0x02
1040 000006d8: SLOAD
1041 000006d9: PUSH1 0x06
1042 000006db: SLOAD
1043 000006dc: PUSH1 0x01
1044 000006de: PUSH1 0xa0
1045 000006e0: PUSH1 0x02
1046 000006e2: EXP
1047 000006e3: SUB
1048 000006e4: AND
1049 000006e5: SWAP2
1050 000006e6: PUSH1 0x00
1051 000006e8: SWAP2
1052 000006e9: SWAP1
1053 000006ea: DUP3
1054 000006eb: DUP2
1055 000006ec: DUP2
1056 000006ed: DUP2
1057 000006ee: DUP6
1058 000006ef: DUP9
1059 000006f0: DUP4
1060 000006f1: CALL
1061 000006f2: POP
1062 000006f3: POP
1063 000006f4: POP
1064 000006f5: PUSH1 0x02
1065 000006f7: SSTORE
1066 000006f8: POP
1067 000006f9: JUMPDEST
1068 000006fa: POP
1069 000006fb: POP
1070 000006fc: POP
1071 000006fd: JUMP
1072 000006fe: UNKNOWN(0x29)
1073 000006ff: UNKNOWN(0x0D)
1074 00000700: UNKNOWN(0xEC)
1075 00000701: UNKNOWN(0xD9)
1076 00000702: SLOAD
1077 00000703: DUP12
1078 00000704: PUSH3 0xa8d603
1079 00000708: GASLIMIT
1080 00000709: UNKNOWN(0xA9)
1081 0000070a: DUP9
1082 0000070b: CODESIZE
1083 0000070c: PUSH16 0xc84ba6bc95484008f6362f93160ef3e5
1084 0000071d: PUSH6
1085
codex
{"no_findings":false,"summary":"Bytecode-only review of `BYTECODE_BUNDLE.json` found one strong reentrancy issue in the payable/fallback payout path and multiple unchecked ETH-transfer paths that can break core accounting. Selector names and storage roles are inferred from bytecode patterns, so role labels below are best-effort.","findings":[{"severity":"high","category":"reentrancy","title":"Participant payout calls an untrusted recipient before advancing the payout cursor","exploit_scenario":"In the payable fallback path, the contract CALLs the current participant at pc 0x6a0 before updating the queue/accounting state. From the storage access pattern, slot 0x01 appears to be the current payout index and slot 0x03 the payout pool. A participant implemented as a contract can reenter during its payout by sending at least 1 finney back into the fallback, causing nested execution to observe the same unpaid queue head and trigger the same payout again before the outer frame increments the index or deducts the pool. This can duplicate payouts and drain ETH.","recommendation":"Apply checks-effects-interactions: advance the payout index and deduct the owed amount before any external transfer, or move to a pull-withdrawal model guarded by a reentrancy lock.","evidence":"The CALL at pc 0x6a0 is followed only afterward by storage writes at pc 0x6ac and pc 0x6b6. No guard is detected in the artifact (`auth.guards` is empty), and the callsite metadata reports no returndata/success handling.","locations":["pc:0x62b","pc:0x6a0","pc:0x6ac","pc:0x6b6"]},{"severity":"high","category":"other","title":"Ignored CALL results let failed transfers silently corrupt accounting","exploit_scenario":"Value-transferring CALLs are not checked for success. If a recipient reverts or runs out of gas, execution still continues. In the participant payout path, a failed transfer at pc 0x6a0 is still followed by reducing the payout pool and advancing the queue cursor, so a participant can be marked as paid without receiving ETH. In the fee-sweep path, slot 0x02 is zeroed after the unchecked transfer at pc 0x6f1, so accrued fees can be written off even when the recipient never received them. The refund paths at pc 0x5b and pc 0x400 are also unchecked, so under-minimum or over-cap refunds can silently fail and leave user ETH stranded in the contract.","recommendation":"Check the boolean result of each CALL and revert or preserve state when the transfer fails. Prefer pull-based withdrawals for participant and beneficiary payments.","evidence":"Artifacts mark `returndata_checked` as null for CALLs at pcs 0x5b, 0x400, 0x6a0, and 0x6f1. The bytecode POPs the CALL result and continues to SSTORE at pcs 0x6ac, 0x6b6, and 0x6f7 regardless of success.","locations":["pc:0x5b","pc:0x400","pc:0x6a0","pc:0x6ac","pc:0x6b6","pc:0x6f1","pc:0x6f7"]},{"severity":"medium","category":"reentrancy","title":"Inferred beneficiary fee sweep is reentrant until the fee balance is cleared","exploit_scenario":"The path starting at pc 0x6bf appears to sweep an accumulated fee balance from slot 0x02 to the address in slot 0x06 (best-effort role inference). The contract performs the CALL at pc 0x6f1 and only then clears slot 0x02 at pc 0x6f7. If that recipient is a contract under the beneficiary's control, it can reenter the payable fallback before the outer frame zeroes slot 0x02 and trigger the sweep again, allowing over-withdrawal of the accrued fee balance.","recommendation":"Zero the fee balance before transferring it, and/or protect the sweep with a reentrancy guard or a pull-only withdrawal function.","evidence":"The bytecode loads slot 0x02 as the CALL value and slot 0x06 as the recipient before pc 0x6f1, then executes `SSTORE` to slot 0x02 only at pc 0x6f7. No reentrancy guard is visible in the artifact. This finding is conditional on the inferred role of slot 0x06 being correct.","locations":["pc:0x6bf","pc:0x6d8","pc:0x6db","pc:0x6f1","pc:0x6f7"]}]}
tokens used
63,078
{
"codex": {
"ran_at": "2026-04-05T05:03:25.670616+00:00",
"returncode": 0
},
"project": {
"mode": "bytecode",
"bytecode_length": 3646,
"bytecode_truncated": false,
"capability_graph_present": true,
"analysis_artifact_present": true
},
"summary": "Bytecode-only review of `BYTECODE_BUNDLE.json` found one strong reentrancy issue in the payable/fallback payout path and multiple unchecked ETH-transfer paths that can break core accounting. Selector names and storage roles are inferred from bytecode patterns, so role labels below are best-effort.",
"raw_final": {
"summary": "Bytecode-only review of `BYTECODE_BUNDLE.json` found one strong reentrancy issue in the payable/fallback payout path and multiple unchecked ETH-transfer paths that can break core accounting. Selector names and storage roles are inferred from bytecode patterns, so role labels below are best-effort.",
"findings": [
{
"title": "Participant payout calls an untrusted recipient before advancing the payout cursor",
"category": "reentrancy",
"evidence": "The CALL at pc 0x6a0 is followed only afterward by storage writes at pc 0x6ac and pc 0x6b6. No guard is detected in the artifact (`auth.guards` is empty), and the callsite metadata reports no returndata/success handling.",
"severity": "high",
"locations": [
"pc:0x62b",
"pc:0x6a0",
"pc:0x6ac",
"pc:0x6b6"
],
"recommendation": "Apply checks-effects-interactions: advance the payout index and deduct the owed amount before any external transfer, or move to a pull-withdrawal model guarded by a reentrancy lock.",
"exploit_scenario": "In the payable fallback path, the contract CALLs the current participant at pc 0x6a0 before updating the queue/accounting state. From the storage access pattern, slot 0x01 appears to be the current payout index and slot 0x03 the payout pool. A participant implemented as a contract can reenter during its payout by sending at least 1 finney back into the fallback, causing nested execution to observe the same unpaid queue head and trigger the same payout again before the outer frame increments the index or deducts the pool. This can duplicate payouts and drain ETH."
},
{
"title": "Ignored CALL results let failed transfers silently corrupt accounting",
"category": "other",
"evidence": "Artifacts mark `returndata_checked` as null for CALLs at pcs 0x5b, 0x400, 0x6a0, and 0x6f1. The bytecode POPs the CALL result and continues to SSTORE at pcs 0x6ac, 0x6b6, and 0x6f7 regardless of success.",
"severity": "high",
"locations": [
"pc:0x5b",
"pc:0x400",
"pc:0x6a0",
"pc:0x6ac",
"pc:0x6b6",
"pc:0x6f1",
"pc:0x6f7"
],
"recommendation": "Check the boolean result of each CALL and revert or preserve state when the transfer fails. Prefer pull-based withdrawals for participant and beneficiary payments.",
"exploit_scenario": "Value-transferring CALLs are not checked for success. If a recipient reverts or runs out of gas, execution still continues. In the participant payout path, a failed transfer at pc 0x6a0 is still followed by reducing the payout pool and advancing the queue cursor, so a participant can be marked as paid without receiving ETH. In the fee-sweep path, slot 0x02 is zeroed after the unchecked transfer at pc 0x6f1, so accrued fees can be written off even when the recipient never received them. The refund paths at pc 0x5b and pc 0x400 are also unchecked, so under-minimum or over-cap refunds can silently fail and leave user ETH stranded in the contract."
},
{
"title": "Inferred beneficiary fee sweep is reentrant until the fee balance is cleared",
"category": "reentrancy",
"evidence": "The bytecode loads slot 0x02 as the CALL value and slot 0x06 as the recipient before pc 0x6f1, then executes `SSTORE` to slot 0x02 only at pc 0x6f7. No reentrancy guard is visible in the artifact. This finding is conditional on the inferred role of slot 0x06 being correct.",
"severity": "medium",
"locations": [
"pc:0x6bf",
"pc:0x6d8",
"pc:0x6db",
"pc:0x6f1",
"pc:0x6f7"
],
"recommendation": "Zero the fee balance before transferring it, and/or protect the sweep with a reentrancy guard or a pull-only withdrawal function.",
"exploit_scenario": "The path starting at pc 0x6bf appears to sweep an accumulated fee balance from slot 0x02 to the address in slot 0x06 (best-effort role inference). The contract performs the CALL at pc 0x6f1 and only then clears slot 0x02 at pc 0x6f7. If that recipient is a contract under the beneficiary's control, it can reenter the payable fallback before the outer frame zeroes slot 0x02 and trigger the sweep again, allowing over-withdrawal of the accrued fee balance."
}
],
"no_findings": false
},
"no_findings": false,
"schema_version": 1
}
00000000: PUSH1 0x60 00000002: PUSH1 0x40 00000004: MSTORE 00000005: CALLDATASIZE 00000006: ISZERO 00000007: PUSH2 0x002a 0000000a: JUMPI 0000000b: PUSH1 0xe0 0000000d: PUSH1 0x02 0000000f: EXP 00000010: PUSH1 0x00 00000012: CALLDATALOAD 00000013: DIV 00000014: PUSH4 0x9334ab61 00000019: DUP2 0000001a: EQ 0000001b: PUSH2 0x0066 0000001e: JUMPI 0000001f: DUP1 00000020: PUSH4 0x9dbc4f9b 00000025: EQ 00000026: PUSH2 0x0124 00000029: JUMPI 0000002a: JUMPDEST 0000002b: PUSH2 0x02aa 0000002e: PUSH2 0x02ac 00000031: PUSH1 0x00 00000033: PUSH1 0x00 00000035: PUSH1 0x00 00000037: PUSH7 0x038d7ea4c68000 0000003f: CALLVALUE 00000040: LT 00000041: ISZERO 00000042: PUSH2 0x03cd 00000045: JUMPI 00000046: PUSH1 0x01 00000048: PUSH1 0xa0 0000004a: PUSH1 0x02 0000004c: EXP 0000004d: SUB 0000004e: CALLER 0000004f: AND 00000050: DUP2 00000051: CALLVALUE 00000052: PUSH1 0x60 00000054: DUP3 00000055: DUP2 00000056: DUP2 00000057: DUP2 00000058: DUP6 00000059: DUP9 0000005a: DUP4 0000005b: CALL 0000005c: SWAP4 0000005d: POP 0000005e: POP 0000005f: POP 00000060: POP 00000061: POP 00000062: PUSH2 0x06f9 00000065: JUMP 00000066: JUMPDEST 00000067: PUSH1 0x80 00000069: PUSH1 0x40 0000006b: MSTORE 0000006c: PUSH1 0x00 0000006e: PUSH1 0x60 00000070: DUP2 00000071: DUP2 00000072: MSTORE 00000073: PUSH1 0x06 00000075: SLOAD 00000076: PUSH1 0x03 00000078: SLOAD 00000079: PUSH1 0x01 0000007b: SLOAD 0000007c: DUP5 0000007d: SLOAD 0000007e: PUSH2 0x02ae 00000081: SWAP6 00000082: PUSH1 0x01 00000084: PUSH1 0xa0 00000086: PUSH1 0x02 00000088: EXP 00000089: SUB 0000008a: SWAP5 0000008b: SWAP1 0000008c: SWAP5 0000008d: AND 0000008e: SWAP5 0000008f: PUSH7 0x038d7ea4c68000 00000097: SWAP4 00000098: DUP5 00000099: SWAP1 0000009a: DIV 0000009b: SWAP5 0000009c: SWAP2 0000009d: SWAP4 0000009e: DUP3 0000009f: DUP5 000000a0: DUP7 000000a1: DUP2 000000a2: LT 000000a3: ISZERO 000000a4: PUSH2 0x0002 000000a7: JUMPI 000000a8: POP 000000a9: POP 000000aa: SWAP2 000000ab: DUP1 000000ac: MSTORE 000000ad: POP 000000ae: PUSH1 0x03 000000b0: DUP3 000000b1: MUL 000000b2: PUSH1 0x00 000000b4: DUP1 000000b5: MLOAD 000000b6: PUSH1 0x20 000000b8: PUSH2 0x06fe 000000bb: DUP4 000000bc: CODECOPY 000000bd: DUP2 000000be: MLOAD 000000bf: SWAP2 000000c0: MSTORE 000000c1: ADD 000000c2: SLOAD 000000c3: PUSH1 0xe0 000000c5: PUSH1 0x40 000000c7: MSTORE 000000c8: PUSH1 0x2d 000000ca: PUSH1 0x80 000000cc: SWAP1 000000cd: DUP2 000000ce: MSTORE 000000cf: PUSH32 0x416c6c20616d6f756e747320696e2046696e6e6579202831204574686572203d 000000f0: PUSH1 0xa0 000000f2: MSTORE 000000f3: PUSH32 0x20313030302046696e6e65792900000000000000000000000000000000000000 00000114: PUSH1 0xc0 00000116: MSTORE 00000117: SWAP6 00000118: SWAP7 00000119: SWAP5 0000011a: SWAP6 0000011b: SWAP4 0000011c: SWAP5 0000011d: SWAP3 0000011e: SWAP4 0000011f: SWAP2 00000120: SWAP1 00000121: DIV 00000122: SWAP2 00000123: JUMP 00000124: JUMPDEST 00000125: PUSH2 0x0341 00000128: PUSH1 0x04 0000012a: CALLDATALOAD 0000012b: PUSH1 0x00 0000012d: PUSH1 0x60 0000012f: DUP2 00000130: SWAP1 00000131: MSTORE 00000132: PUSH1 0xc0 00000134: PUSH1 0x40 00000136: MSTORE 00000137: PUSH1 0x04 00000139: PUSH1 0x80 0000013b: SWAP1 0000013c: DUP2 0000013d: MSTORE 0000013e: PUSH32 0x4e2e412e00000000000000000000000000000000000000000000000000000000 0000015f: PUSH1 0xa0 00000161: MSTORE 00000162: DUP2 00000163: SLOAD 00000164: DUP3 00000165: SWAP2 00000166: DUP3 00000167: SWAP2 00000168: DUP6 00000169: LT 0000016a: ISZERO 0000016b: PUSH2 0x02a3 0000016e: JUMPI 0000016f: PUSH1 0x00 00000171: PUSH1 0x00 00000173: POP 00000174: DUP6 00000175: DUP2 00000176: SLOAD 00000177: DUP2 00000178: LT 00000179: ISZERO 0000017a: PUSH2 0x0002 0000017d: JUMPI 0000017e: POP 0000017f: POP 00000180: DUP2 00000181: SLOAD 00000182: DUP3 00000183: DUP1 00000184: MSTORE 00000185: PUSH1 0x03 00000187: DUP7 00000188: MUL 00000189: PUSH32 0x290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e563 000001aa: ADD 000001ab: SLOAD 000001ac: PUSH1 0x01 000001ae: PUSH1 0xa0 000001b0: PUSH1 0x02 000001b2: EXP 000001b3: SUB 000001b4: AND 000001b5: SWAP5 000001b6: PUSH7 0x038d7ea4c68000 000001be: SWAP2 000001bf: DUP8 000001c0: SWAP1 000001c1: DUP2 000001c2: LT 000001c3: ISZERO 000001c4: PUSH2 0x0002 000001c7: JUMPI 000001c8: POP 000001c9: POP 000001ca: PUSH1 0x03 000001cc: DUP7 000001cd: MUL 000001ce: PUSH32 0x290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e563 000001ef: ADD 000001f0: DUP4 000001f1: POP 000001f2: PUSH1 0x01 000001f4: ADD 000001f5: PUSH1 0x00 000001f7: POP 000001f8: SLOAD 000001f9: DIV 000001fa: SWAP3 000001fb: POP 000001fc: DUP3 000001fd: POP 000001fe: PUSH7 0x038d7ea4c68000 00000206: PUSH1 0x00 00000208: PUSH1 0x00 0000020a: POP 0000020b: DUP7 0000020c: DUP2 0000020d: SLOAD 0000020e: DUP2 0000020f: LT 00000210: ISZERO 00000211: PUSH2 0x0002 00000214: JUMPI 00000215: POP 00000216: POP 00000217: PUSH1 0x03 00000219: DUP7 0000021a: MUL 0000021b: PUSH1 0x00 0000021d: DUP1 0000021e: MLOAD 0000021f: PUSH1 0x20 00000221: PUSH2 0x06fe 00000224: DUP4 00000225: CODECOPY 00000226: DUP2 00000227: MLOAD 00000228: SWAP2 00000229: MSTORE 0000022a: ADD 0000022b: SLOAD 0000022c: PUSH2 0x0100 0000022f: PUSH1 0x40 00000231: MSTORE 00000232: PUSH1 0x02 00000234: PUSH1 0xc0 00000236: SWAP1 00000237: DUP2 00000238: MSTORE 00000239: PUSH32 0x6e6f000000000000000000000000000000000000000000000000000000000000 0000025a: PUSH1 0xe0 0000025c: MSTORE 0000025d: PUSH1 0x01 0000025f: SLOAD 00000260: SWAP3 00000261: SWAP1 00000262: SWAP2 00000263: DIV 00000264: SWAP4 00000265: POP 00000266: SWAP2 00000267: POP 00000268: DUP6 00000269: LT 0000026a: ISZERO 0000026b: PUSH2 0x02a3 0000026e: JUMPI 0000026f: POP 00000270: PUSH2 0x0140 00000273: PUSH1 0x40 00000275: MSTORE 00000276: PUSH1 0x03 00000278: PUSH2 0x0100 0000027b: SWAP1 0000027c: DUP2 0000027d: MSTORE 0000027e: PUSH32 0x7965730000000000000000000000000000000000000000000000000000000000 0000029f: PUSH2 0x0120 000002a2: MSTORE 000002a3: JUMPDEST 000002a4: SWAP2 000002a5: SWAP4 000002a6: POP 000002a7: SWAP2 000002a8: SWAP4 000002a9: JUMP 000002aa: JUMPDEST 000002ab: STOP 000002ac: JUMPDEST 000002ad: JUMP 000002ae: JUMPDEST 000002af: PUSH1 0x40 000002b1: MLOAD 000002b2: DUP1 000002b3: DUP8 000002b4: PUSH1 0x01 000002b6: PUSH1 0xa0 000002b8: PUSH1 0x02 000002ba: EXP 000002bb: SUB 000002bc: AND 000002bd: DUP2 000002be: MSTORE 000002bf: PUSH1 0x20 000002c1: ADD 000002c2: DUP7 000002c3: DUP2 000002c4: MSTORE 000002c5: PUSH1 0x20 000002c7: ADD 000002c8: DUP6 000002c9: DUP2 000002ca: MSTORE 000002cb: PUSH1 0x20 000002cd: ADD 000002ce: DUP5 000002cf: DUP2 000002d0: MSTORE 000002d1: PUSH1 0x20 000002d3: ADD 000002d4: DUP4 000002d5: DUP2 000002d6: MSTORE 000002d7: PUSH1 0x20 000002d9: ADD 000002da: DUP1 000002db: PUSH1 0x20 000002dd: ADD 000002de: DUP3 000002df: DUP2 000002e0: SUB 000002e1: DUP3 000002e2: MSTORE 000002e3: DUP4 000002e4: DUP2 000002e5: DUP2 000002e6: MLOAD 000002e7: DUP2 000002e8: MSTORE 000002e9: PUSH1 0x20 000002eb: ADD 000002ec: SWAP2 000002ed: POP 000002ee: DUP1 000002ef: MLOAD 000002f0: SWAP1 000002f1: PUSH1 0x20 000002f3: ADD 000002f4: SWAP1 000002f5: DUP1 000002f6: DUP4 000002f7: DUP4 000002f8: DUP3 000002f9: SWAP1 000002fa: PUSH1 0x00 000002fc: PUSH1 0x04 000002fe: PUSH1 0x20 00000300: DUP5 00000301: PUSH1 0x1f 00000303: ADD 00000304: DIV 00000305: PUSH1 0x0f 00000307: MUL 00000308: PUSH1 0x03 0000030a: ADD 0000030b: CALL 0000030c: POP 0000030d: POP 0000030e: PUSH2 0x01e0 00000311: DUP1 00000312: MLOAD 00000313: PUSH19 0xffffffffffffffffffffffffffffffffffffff 00000327: NOT 00000328: AND 00000329: SWAP1 0000032a: MSTORE 0000032b: POP 0000032c: POP 0000032d: PUSH1 0x40 0000032f: MLOAD 00000330: PUSH2 0x0200 00000333: DUP2 00000334: SWAP1 00000335: SUB 00000336: SWAP9 00000337: POP 00000338: SWAP7 00000339: POP 0000033a: POP 0000033b: POP 0000033c: POP 0000033d: POP 0000033e: POP 0000033f: POP 00000340: RETURN 00000341: JUMPDEST 00000342: PUSH1 0x40 00000344: MLOAD 00000345: DUP1 00000346: DUP6 00000347: PUSH1 0x01 00000349: PUSH1 0xa0 0000034b: PUSH1 0x02 0000034d: EXP 0000034e: SUB 0000034f: AND 00000350: DUP2 00000351: MSTORE 00000352: PUSH1 0x20 00000354: ADD 00000355: DUP5 00000356: DUP2 00000357: MSTORE 00000358: PUSH1 0x20 0000035a: ADD 0000035b: DUP4 0000035c: DUP2 0000035d: MSTORE 0000035e: PUSH1 0x20 00000360: ADD 00000361: DUP1 00000362: PUSH1 0x20 00000364: ADD 00000365: DUP3 00000366: DUP2 00000367: SUB 00000368: DUP3 00000369: MSTORE 0000036a: DUP4 0000036b: DUP2 0000036c: DUP2 0000036d: MLOAD 0000036e: DUP2 0000036f: MSTORE 00000370: PUSH1 0x20 00000372: ADD 00000373: SWAP2 00000374: POP 00000375: DUP1 00000376: MLOAD 00000377: SWAP1 00000378: PUSH1 0x20 0000037a: ADD 0000037b: SWAP1 0000037c: DUP1 0000037d: DUP4 0000037e: DUP4 0000037f: DUP3 00000380: SWAP1 00000381: PUSH1 0x00 00000383: PUSH1 0x04 00000385: PUSH1 0x20 00000387: DUP5 00000388: PUSH1 0x1f 0000038a: ADD 0000038b: DIV 0000038c: PUSH1 0x0f 0000038e: MUL 0000038f: PUSH1 0x03 00000391: ADD 00000392: CALL 00000393: POP 00000394: SWAP1 00000395: POP 00000396: SWAP1 00000397: DUP2 00000398: ADD 00000399: SWAP1 0000039a: PUSH1 0x1f 0000039c: AND 0000039d: DUP1 0000039e: ISZERO 0000039f: PUSH2 0x03bc 000003a2: JUMPI 000003a3: DUP1 000003a4: DUP3 000003a5: SUB 000003a6: DUP1 000003a7: MLOAD 000003a8: PUSH1 0x01 000003aa: DUP4 000003ab: PUSH1 0x20 000003ad: SUB 000003ae: PUSH2 0x0100 000003b1: EXP 000003b2: SUB 000003b3: NOT 000003b4: AND 000003b5: DUP2 000003b6: MSTORE 000003b7: PUSH1 0x20 000003b9: ADD 000003ba: SWAP2 000003bb: POP 000003bc: JUMPDEST 000003bd: POP 000003be: SWAP6 000003bf: POP 000003c0: POP 000003c1: POP 000003c2: POP 000003c3: POP 000003c4: POP 000003c5: PUSH1 0x40 000003c7: MLOAD 000003c8: DUP1 000003c9: SWAP2 000003ca: SUB 000003cb: SWAP1 000003cc: RETURN 000003cd: JUMPDEST 000003ce: PUSH9 0x3635c9adc5dea00000 000003d8: CALLVALUE 000003d9: GT 000003da: ISZERO 000003db: PUSH2 0x0417 000003de: JUMPI 000003df: PUSH1 0x01 000003e1: PUSH1 0xa0 000003e3: PUSH1 0x02 000003e5: EXP 000003e6: SUB 000003e7: CALLER 000003e8: AND 000003e9: DUP2 000003ea: PUSH9 0x3635c9adc5de9fffff 000003f4: NOT 000003f5: CALLVALUE 000003f6: ADD 000003f7: PUSH1 0x60 000003f9: DUP3 000003fa: DUP2 000003fb: DUP2 000003fc: DUP2 000003fd: DUP6 000003fe: DUP9 000003ff: DUP4 00000400: CALL 00000401: POP 00000402: PUSH9 0x3635c9adc5dea00000 0000040c: SWAP7 0000040d: POP 0000040e: PUSH2 0x041b 00000411: SWAP4 00000412: POP 00000413: POP 00000414: POP 00000415: POP 00000416: JUMP 00000417: JUMPDEST 00000418: CALLVALUE 00000419: SWAP3 0000041a: POP 0000041b: JUMPDEST 0000041c: DUP1 0000041d: SLOAD 0000041e: PUSH1 0x01 00000420: DUP2 00000421: ADD 00000422: DUP1 00000423: DUP4 00000424: SSTORE 00000425: SWAP1 00000426: SWAP3 00000427: DUP2 00000428: DUP5 00000429: DUP1 0000042a: ISZERO 0000042b: DUP3 0000042c: SWAP1 0000042d: GT 0000042e: PUSH2 0x0484 00000431: JUMPI 00000432: PUSH1 0x03 00000434: MUL 00000435: DUP2 00000436: PUSH1 0x03 00000438: MUL 00000439: DUP4 0000043a: PUSH1 0x00 0000043c: MSTORE 0000043d: PUSH1 0x20 0000043f: PUSH1 0x00 00000441: KECCAK256 00000442: SWAP2 00000443: DUP3 00000444: ADD 00000445: SWAP2 00000446: ADD 00000447: PUSH2 0x0484 0000044a: SWAP2 0000044b: SWAP1 0000044c: JUMPDEST 0000044d: DUP1 0000044e: DUP3 0000044f: GT 00000450: ISZERO 00000451: PUSH2 0x06bb 00000454: JUMPI 00000455: DUP1 00000456: SLOAD 00000457: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 0000046c: NOT 0000046d: AND 0000046e: DUP2 0000046f: SSTORE 00000470: PUSH1 0x01 00000472: DUP2 00000473: ADD 00000474: DUP6 00000475: DUP2 00000476: SSTORE 00000477: PUSH1 0x02 00000479: SWAP2 0000047a: SWAP1 0000047b: SWAP2 0000047c: ADD 0000047d: DUP6 0000047e: SWAP1 0000047f: SSTORE 00000480: PUSH2 0x044c 00000483: JUMP 00000484: JUMPDEST 00000485: POP 00000486: POP 00000487: POP 00000488: POP 00000489: CALLER 0000048a: PUSH1 0x00 0000048c: PUSH1 0x00 0000048e: POP 0000048f: DUP4 00000490: DUP2 00000491: SLOAD 00000492: DUP2 00000493: LT 00000494: ISZERO 00000495: PUSH2 0x0002 00000498: JUMPI 00000499: SWAP1 0000049a: PUSH1 0x00 0000049c: MSTORE 0000049d: PUSH1 0x20 0000049f: PUSH1 0x00 000004a1: KECCAK256 000004a2: SWAP1 000004a3: PUSH1 0x03 000004a5: MUL 000004a6: ADD 000004a7: PUSH1 0x00 000004a9: POP 000004aa: PUSH1 0x00 000004ac: ADD 000004ad: PUSH1 0x00 000004af: PUSH2 0x0100 000004b2: EXP 000004b3: DUP2 000004b4: SLOAD 000004b5: DUP2 000004b6: PUSH1 0x01 000004b8: PUSH1 0xa0 000004ba: PUSH1 0x02 000004bc: EXP 000004bd: SUB 000004be: MUL 000004bf: NOT 000004c0: AND 000004c1: SWAP1 000004c2: DUP4 000004c3: MUL 000004c4: OR 000004c5: SWAP1 000004c6: SSTORE 000004c7: POP 000004c8: DUP3 000004c9: PUSH1 0x00 000004cb: PUSH1 0x00 000004cd: POP 000004ce: DUP4 000004cf: DUP2 000004d0: SLOAD 000004d1: DUP2 000004d2: LT 000004d3: ISZERO 000004d4: PUSH2 0x0002 000004d7: JUMPI 000004d8: SWAP1 000004d9: PUSH1 0x00 000004db: MSTORE 000004dc: PUSH1 0x20 000004de: PUSH1 0x00 000004e0: KECCAK256 000004e1: SWAP1 000004e2: PUSH1 0x03 000004e4: MUL 000004e5: ADD 000004e6: PUSH1 0x00 000004e8: POP 000004e9: PUSH1 0x01 000004eb: ADD 000004ec: PUSH1 0x00 000004ee: POP 000004ef: DUP2 000004f0: SWAP1 000004f1: SSTORE 000004f2: POP 000004f3: PUSH7 0x038d7ea4c68000 000004fb: DUP4 000004fc: LT 000004fd: ISZERO 000004fe: ISZERO 000004ff: PUSH2 0x0509 00000502: JUMPI 00000503: PUSH2 0x012c 00000506: PUSH1 0x05 00000508: SSTORE 00000509: JUMPDEST 0000050a: PUSH7 0x2386f26fc10000 00000512: DUP4 00000513: LT 00000514: PUSH2 0x051d 00000517: JUMPI 00000518: PUSH1 0xc8 0000051a: PUSH1 0x05 0000051c: SSTORE 0000051d: JUMPDEST 0000051e: PUSH8 0x016345785d8a0000 00000527: DUP4 00000528: LT 00000529: PUSH2 0x0532 0000052c: JUMPI 0000052d: PUSH1 0xb4 0000052f: PUSH1 0x05 00000531: SSTORE 00000532: JUMPDEST 00000533: PUSH8 0x0de0b6b3a7640000 0000053c: DUP4 0000053d: LT 0000053e: PUSH2 0x0547 00000541: JUMPI 00000542: PUSH1 0x96 00000544: PUSH1 0x05 00000546: SSTORE 00000547: JUMPDEST 00000548: PUSH8 0x8ac7230489e80000 00000551: DUP4 00000552: LT 00000553: PUSH2 0x055c 00000556: JUMPI 00000557: PUSH1 0x7d 00000559: PUSH1 0x05 0000055b: SSTORE 0000055c: JUMPDEST 0000055d: PUSH9 0x056bc75e2d63100000 00000567: DUP4 00000568: LT 00000569: PUSH2 0x0572 0000056c: JUMPI 0000056d: PUSH1 0x6e 0000056f: PUSH1 0x05 00000571: SSTORE 00000572: JUMPDEST 00000573: PUSH9 0x1b1ae4d6e2ef500000 0000057d: DUP4 0000057e: LT 0000057f: PUSH2 0x0588 00000582: JUMPI 00000583: PUSH1 0x69 00000585: PUSH1 0x05 00000587: SSTORE 00000588: JUMPDEST 00000589: PUSH1 0x64 0000058b: PUSH1 0x05 0000058d: PUSH1 0x00 0000058f: POP 00000590: SLOAD 00000591: DUP5 00000592: MUL 00000593: DIV 00000594: PUSH1 0x00 00000596: PUSH1 0x00 00000598: POP 00000599: DUP4 0000059a: DUP2 0000059b: SLOAD 0000059c: DUP2 0000059d: LT 0000059e: ISZERO 0000059f: PUSH2 0x0002 000005a2: JUMPI 000005a3: SWAP1 000005a4: PUSH1 0x00 000005a6: MSTORE 000005a7: PUSH1 0x20 000005a9: PUSH1 0x00 000005ab: KECCAK256 000005ac: SWAP1 000005ad: PUSH1 0x03 000005af: MUL 000005b0: ADD 000005b1: PUSH1 0x00 000005b3: POP 000005b4: PUSH1 0x02 000005b6: ADD 000005b7: PUSH1 0x00 000005b9: POP 000005ba: DUP2 000005bb: SWAP1 000005bc: SSTORE 000005bd: POP 000005be: PUSH1 0x64 000005c0: PUSH1 0x04 000005c2: PUSH1 0x00 000005c4: POP 000005c5: SLOAD 000005c6: DUP5 000005c7: MUL 000005c8: DIV 000005c9: PUSH1 0x02 000005cb: PUSH1 0x00 000005cd: DUP3 000005ce: DUP3 000005cf: DUP3 000005d0: POP 000005d1: SLOAD 000005d2: ADD 000005d3: SWAP3 000005d4: POP 000005d5: POP 000005d6: DUP2 000005d7: SWAP1 000005d8: SSTORE 000005d9: POP 000005da: PUSH1 0x64 000005dc: PUSH1 0x04 000005de: PUSH1 0x00 000005e0: POP 000005e1: SLOAD 000005e2: DUP5 000005e3: MUL 000005e4: DIV 000005e5: DUP4 000005e6: SUB 000005e7: PUSH1 0x03 000005e9: PUSH1 0x00 000005eb: DUP3 000005ec: DUP3 000005ed: DUP3 000005ee: POP 000005ef: SLOAD 000005f0: ADD 000005f1: SWAP3 000005f2: POP 000005f3: POP 000005f4: DUP2 000005f5: SWAP1 000005f6: SSTORE 000005f7: POP 000005f8: JUMPDEST 000005f9: PUSH1 0x01 000005fb: SLOAD 000005fc: PUSH1 0x00 000005fe: DUP1 000005ff: SLOAD 00000600: SWAP1 00000601: SWAP2 00000602: SWAP1 00000603: DUP2 00000604: LT 00000605: ISZERO 00000606: PUSH2 0x0002 00000609: JUMPI 0000060a: SWAP1 0000060b: DUP1 0000060c: MSTORE 0000060d: PUSH1 0x03 0000060f: DUP1 00000610: SLOAD 00000611: SWAP2 00000612: MUL 00000613: PUSH1 0x00 00000615: DUP1 00000616: MLOAD 00000617: PUSH1 0x20 00000619: PUSH2 0x06fe 0000061c: DUP4 0000061d: CODECOPY 0000061e: DUP2 0000061f: MLOAD 00000620: SWAP2 00000621: MSTORE 00000622: ADD 00000623: SLOAD 00000624: SWAP1 00000625: GT 00000626: ISZERO 00000627: PUSH2 0x06bf 0000062a: JUMPI 0000062b: PUSH1 0x01 0000062d: SLOAD 0000062e: PUSH1 0x00 00000630: DUP1 00000631: SLOAD 00000632: SWAP1 00000633: SWAP2 00000634: SWAP1 00000635: DUP2 00000636: LT 00000637: ISZERO 00000638: PUSH2 0x0002 0000063b: JUMPI 0000063c: PUSH1 0x01 0000063e: SLOAD 0000063f: DUP3 00000640: SLOAD 00000641: PUSH1 0x03 00000643: SWAP3 00000644: SWAP1 00000645: SWAP3 00000646: MUL 00000647: PUSH1 0x00 00000649: DUP1 0000064a: MLOAD 0000064b: PUSH1 0x20 0000064d: PUSH2 0x06fe 00000650: DUP4 00000651: CODECOPY 00000652: DUP2 00000653: MLOAD 00000654: SWAP2 00000655: MSTORE 00000656: ADD 00000657: SLOAD 00000658: SWAP4 00000659: POP 0000065a: SWAP1 0000065b: DUP2 0000065c: LT 0000065d: ISZERO 0000065e: PUSH2 0x0002 00000661: JUMPI 00000662: PUSH1 0x03 00000664: MUL 00000665: PUSH32 0x290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e563 00000686: ADD 00000687: SWAP1 00000688: PUSH1 0x40 0000068a: MLOAD 0000068b: SWAP2 0000068c: SLOAD 0000068d: PUSH1 0x01 0000068f: PUSH1 0xa0 00000691: PUSH1 0x02 00000693: EXP 00000694: SUB 00000695: AND 00000696: SWAP2 00000697: DUP4 00000698: SWAP1 00000699: DUP3 0000069a: DUP2 0000069b: DUP2 0000069c: DUP2 0000069d: DUP6 0000069e: DUP9 0000069f: DUP4 000006a0: CALL 000006a1: POP 000006a2: POP 000006a3: PUSH1 0x03 000006a5: DUP1 000006a6: SLOAD 000006a7: SWAP2 000006a8: SWAP1 000006a9: SWAP2 000006aa: SUB 000006ab: SWAP1 000006ac: SSTORE 000006ad: POP 000006ae: POP 000006af: PUSH1 0x01 000006b1: DUP1 000006b2: SLOAD 000006b3: DUP2 000006b4: ADD 000006b5: SWAP1 000006b6: SSTORE 000006b7: PUSH2 0x05f8 000006ba: JUMP 000006bb: JUMPDEST 000006bc: POP 000006bd: SWAP1 000006be: JUMP 000006bf: JUMPDEST 000006c0: PUSH1 0x02 000006c2: SLOAD 000006c3: PUSH8 0x0de0b6b3a7640000 000006cc: SWAP1 000006cd: GT 000006ce: ISZERO 000006cf: PUSH2 0x06f9 000006d2: JUMPI 000006d3: PUSH1 0x40 000006d5: MLOAD 000006d6: PUSH1 0x02 000006d8: SLOAD 000006d9: PUSH1 0x06 000006db: SLOAD 000006dc: PUSH1 0x01 000006de: PUSH1 0xa0 000006e0: PUSH1 0x02 000006e2: EXP 000006e3: SUB 000006e4: AND 000006e5: SWAP2 000006e6: PUSH1 0x00 000006e8: SWAP2 000006e9: SWAP1 000006ea: DUP3 000006eb: DUP2 000006ec: DUP2 000006ed: DUP2 000006ee: DUP6 000006ef: DUP9 000006f0: DUP4 000006f1: CALL 000006f2: POP 000006f3: POP 000006f4: POP 000006f5: PUSH1 0x02 000006f7: SSTORE 000006f8: POP 000006f9: JUMPDEST 000006fa: POP 000006fb: POP 000006fc: POP 000006fd: JUMP 000006fe: UNKNOWN(0x29) 000006ff: UNKNOWN(0x0D) 00000700: UNKNOWN(0xEC) 00000701: UNKNOWN(0xD9) 00000702: SLOAD 00000703: DUP12 00000704: PUSH3 0xa8d603 00000708: GASLIMIT 00000709: UNKNOWN(0xA9) 0000070a: DUP9 0000070b: CODESIZE 0000070c: PUSH16 0xc84ba6bc95484008f6362f93160ef3e5 0000071d: PUSH6
Warning: This is a nightly build of Foundry. It is recommended to use the latest stable version. To mute this warning set `FOUNDRY_DISABLE_NIGHTLY_WARNING` in your environment.
| Severity | Category | Tool | Title | Confidence | Validated | Confirmed | Details |
|---|---|---|---|---|---|---|---|
| high | other | detector | Untrusted CALL target/value reachable | 60 | yes | yes |
viewtrace_id: 0xe4f4072f699d802b05ee48f4a8c4705020f6e6a6f9351e13ac91d05e166c53a1
call_targets:
0x0000000000000000000000000000000000000004, 0xbe46324018124b2d604c2f3eae91d3de9b388b09
target_varies:
yes
classification:
target_varies
validation_json{
"sink": "CALL",
"errors": 0,
"status": "confirmed",
"attempts": 1,
"trace_id": "0xe4f4072f699d802b05ee48f4a8c4705020f6e6a6f9351e13ac91d05e166c53a1",
"confirmed": true,
"trace_mode": "callTracer",
"call_targets": [
"0x0000000000000000000000000000000000000004",
"0xbe46324018124b2d604c2f3eae91d3de9b388b09"
],
"matched_probe": null,
"target_varies": true,
"classification": "target_varies"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0x9334ab61",
"selector": "0x9334ab61",
"calldata_variants": [
"0x9334ab61",
"0x9334ab610000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x9dbc4f9b",
"selector": "0x9dbc4f9b",
"calldata_variants": [
"0x9dbc4f9b",
"0x9dbc4f9b0000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 91,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 779,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 914,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
}
],
"call_count": 6,
"guards_detected": [],
"untrusted_call_count": 6
}
|
| high | other | detector | ETH value transfer possible | 55 | yes | yes |
viewtrace_id: 0xe4f4072f699d802b05ee48f4a8c4705020f6e6a6f9351e13ac91d05e166c53a1
call_targets:
0x0000000000000000000000000000000000000004, 0xbe46324018124b2d604c2f3eae91d3de9b388b09
target_varies:
yes
classification:
target_varies
validation_json{
"sink": "CALL",
"errors": 0,
"status": "confirmed",
"attempts": 1,
"trace_id": "0xe4f4072f699d802b05ee48f4a8c4705020f6e6a6f9351e13ac91d05e166c53a1",
"confirmed": true,
"trace_mode": "callTracer",
"call_targets": [
"0x0000000000000000000000000000000000000004",
"0xbe46324018124b2d604c2f3eae91d3de9b388b09"
],
"matched_probe": null,
"target_varies": true,
"classification": "target_varies"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0x9334ab61",
"selector": "0x9334ab61",
"calldata_variants": [
"0x9334ab61",
"0x9334ab610000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x9dbc4f9b",
"selector": "0x9dbc4f9b",
"calldata_variants": [
"0x9dbc4f9b",
"0x9dbc4f9b0000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 91,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 779,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 914,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
}
],
"eth_value_calls": 6,
"guards_detected": []
}
|
| high | reentrancy | codex | Participant payout calls an untrusted recipient before advancing the payout cursor | 85 | no | — |
viewevidence_json{
"evidence": "The CALL at pc 0x6a0 is followed only afterward by storage writes at pc 0x6ac and pc 0x6b6. No guard is detected in the artifact (`auth.guards` is empty), and the callsite metadata reports no returndata/success handling.",
"locations": [
"pc:0x62b",
"pc:0x6a0",
"pc:0x6ac",
"pc:0x6b6"
],
"recommendation": "Apply checks-effects-interactions: advance the payout index and deduct the owed amount before any external transfer, or move to a pull-withdrawal model guarded by a reentrancy lock.",
"exploit_scenario": "In the payable fallback path, the contract CALLs the current participant at pc 0x6a0 before updating the queue/accounting state. From the storage access pattern, slot 0x01 appears to be the current payout index and slot 0x03 the payout pool. A participant implemented as a contract can reenter during its payout by sending at least 1 finney back into the fallback, causing nested execution to observe the same unpaid queue head and trigger the same payout again before the outer frame increments the index or deducts the pool. This can duplicate payouts and drain ETH."
}
|
| high | other | codex | Ignored CALL results let failed transfers silently corrupt accounting | 85 | no | — |
viewevidence_json{
"evidence": "Artifacts mark `returndata_checked` as null for CALLs at pcs 0x5b, 0x400, 0x6a0, and 0x6f1. The bytecode POPs the CALL result and continues to SSTORE at pcs 0x6ac, 0x6b6, and 0x6f7 regardless of success.",
"locations": [
"pc:0x5b",
"pc:0x400",
"pc:0x6a0",
"pc:0x6ac",
"pc:0x6b6",
"pc:0x6f1",
"pc:0x6f7"
],
"recommendation": "Check the boolean result of each CALL and revert or preserve state when the transfer fails. Prefer pull-based withdrawals for participant and beneficiary payments.",
"exploit_scenario": "Value-transferring CALLs are not checked for success. If a recipient reverts or runs out of gas, execution still continues. In the participant payout path, a failed transfer at pc 0x6a0 is still followed by reducing the payout pool and advancing the queue cursor, so a participant can be marked as paid without receiving ETH. In the fee-sweep path, slot 0x02 is zeroed after the unchecked transfer at pc 0x6f1, so accrued fees can be written off even when the recipient never received them. The refund paths at pc 0x5b and pc 0x400 are also unchecked, so under-minimum or over-cap refunds can silently fail and leave user ETH stranded in the contract."
}
|
| medium | reentrancy | codex | Inferred beneficiary fee sweep is reentrant until the fee balance is cleared | 75 | no | — |
viewevidence_json{
"evidence": "The bytecode loads slot 0x02 as the CALL value and slot 0x06 as the recipient before pc 0x6f1, then executes `SSTORE` to slot 0x02 only at pc 0x6f7. No reentrancy guard is visible in the artifact. This finding is conditional on the inferred role of slot 0x06 being correct.",
"locations": [
"pc:0x6bf",
"pc:0x6d8",
"pc:0x6db",
"pc:0x6f1",
"pc:0x6f7"
],
"recommendation": "Zero the fee balance before transferring it, and/or protect the sweep with a reentrancy guard or a pull-only withdrawal function.",
"exploit_scenario": "The path starting at pc 0x6bf appears to sweep an accumulated fee balance from slot 0x02 to the address in slot 0x06 (best-effort role inference). The contract performs the CALL at pc 0x6f1 and only then clears slot 0x02 at pc 0x6f7. If that recipient is a contract under the beneficiary's control, it can reenter the payable fallback before the outer frame zeroes slot 0x02 and trigger the sweep again, allowing over-withdrawal of the accrued fee balance."
}
|