TW
Tripwire
Find contracts. Test them. Review real vulns.

Analysis Run

019b3836-3b7f-70ee-95fb-1f110b4a09f5

complete
Chain ID
1
Address
0x8ea6c8077d6316b46e449aec8fb60a606cf50eea
Block Number
Created
Fri, Dec 19, 2025 8:03 PM
Review Summary

What survived the funnel

Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?

back to vulns open contract
Confirmed
0
Validated
0
Source
Bytecode only
Review Backing
Not yet
Best current signal
Untrusted CALL target/value reachable
crit 0 high 0 direct contract
Review Checklist
1. Read the findings table first. Ignore raw jobs until the result looks real.
2. Confirm attacker control, not just the existence of a sink.
3. Confirm money or privilege impact.
4. Keep it if the behavior is real. Kill it if this is normal proxy, admin, or upgrade plumbing.

Processing Jobs

Status & attempts
ID Type Status Attempts Heartbeat
4403 artifact.fetch complete 1 / 3 3 months ago
4404 tool.cast_disasm complete 1 / 3 3 months ago
47268 analysis.bundle complete 1 / 3 1 week ago
47269 capability.graph complete 1 / 3 1 week ago
47270 detector.run complete 1 / 3 1 week ago
47271 validation.fork complete 1 / 3 1 week ago

Artifact

Runtime bytecode: available
Creation TX:
Deployer:
Proxy: no
Implementation:
Verified Source: no

Slither

tool.slither

No slither job recorded yet.

Codex

report.consolidate

No codex job recorded yet.

Opcode Heuristics

tool.cast_disasm
Delegatecall
0
Selfdestruct
0
CREATE2
0
CALL-family (heavy)
1
EXT*/BALANCE
1
Total opcodes
512
Flags
No heuristic flags raised.
View cast disassembly output 
00000000: PUSH1 0x60
00000002: PUSH1 0x40
00000004: MSTORE
00000005: CALLDATASIZE
00000006: ISZERO
00000007: PUSH2 0x0035
0000000a: JUMPI
0000000b: PUSH1 0xe0
0000000d: PUSH1 0x02
0000000f: EXP
00000010: PUSH1 0x00
00000012: CALLDATALOAD
00000013: DIV
00000014: PUSH4 0x3c889fe1
00000019: DUP2
0000001a: EQ
0000001b: PUSH2 0x0187
0000001e: JUMPI
0000001f: DUP1
00000020: PUSH4 0x5fee63c3
00000025: EQ
00000026: PUSH2 0x0218
00000029: JUMPI
0000002a: DUP1
0000002b: PUSH4 0x677342ce
00000030: EQ
00000031: PUSH2 0x0221
00000034: JUMPI
00000035: JUMPDEST
00000036: PUSH2 0x023a
00000039: PUSH1 0x00
0000003b: PUSH1 0x00
0000003d: CALLVALUE
0000003e: PUSH7 0x038d7ea4c68000
00000046: EQ
00000047: ISZERO
00000048: PUSH2 0x032b
0000004b: JUMPI
0000004c: PUSH7 0x071afd498d0000
00000054: ADDRESS
00000055: PUSH1 0x01
00000057: PUSH1 0xa0
00000059: PUSH1 0x02
0000005b: EXP
0000005c: SUB
0000005d: AND
0000005e: BALANCE
0000005f: GT
00000060: ISZERO
00000061: PUSH2 0x032b
00000064: JUMPI
00000065: DUP1
00000066: SLOAD
00000067: PUSH1 0x01
00000069: DUP2
0000006a: ADD
0000006b: SWAP3
0000006c: CALLER
0000006d: SWAP2
0000006e: DUP5
0000006f: SWAP1
00000070: DUP2
00000071: LT
00000072: ISZERO
00000073: PUSH2 0x0002
00000076: JUMPI
00000077: DUP2
00000078: DUP1
00000079: MSTORE
0000007a: PUSH1 0x03
0000007c: DUP2
0000007d: MUL
0000007e: PUSH32 0x290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e563
0000009f: ADD
000000a0: DUP1
000000a1: SLOAD
000000a2: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
000000b7: NOT
000000b8: AND
000000b9: SWAP1
000000ba: SWAP4
000000bb: OR
000000bc: SWAP1
000000bd: SWAP3
000000be: SSTORE
000000bf: PUSH1 0xa0
000000c1: PUSH1 0x40
000000c3: MSTORE
000000c4: PUSH1 0x15
000000c6: PUSH1 0x60
000000c8: SWAP1
000000c9: DUP2
000000ca: MSTORE
000000cb: PUSH32 0x6d61737465726c792063616c63756c617465643a200000000000000000000000
000000ec: PUSH1 0x80
000000ee: MSTORE
000000ef: DUP2
000000f0: SLOAD
000000f1: SWAP1
000000f2: SWAP3
000000f3: POP
000000f4: DUP5
000000f5: SWAP1
000000f6: DUP2
000000f7: LT
000000f8: ISZERO
000000f9: PUSH2 0x0002
000000fc: JUMPI
000000fd: POP
000000fe: POP
000000ff: POP
00000100: PUSH32 0x290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e564
00000121: PUSH1 0x03
00000123: DUP4
00000124: MUL
00000125: ADD
00000126: DUP1
00000127: SLOAD
00000128: DUP2
00000129: DUP4
0000012a: MSTORE
0000012b: PUSH1 0x20
0000012d: DUP1
0000012e: DUP5
0000012f: KECCAK256
00000130: PUSH32 0x6d61737465726c792063616c63756c617465643a20000000000000000000002a
00000151: DUP5
00000152: SSTORE
00000153: PUSH2 0x023c
00000156: SWAP3
00000157: PUSH1 0x02
00000159: PUSH2 0x0100
0000015c: PUSH1 0x01
0000015e: DUP4
0000015f: AND
00000160: ISZERO
00000161: MUL
00000162: PUSH1 0x00
00000164: NOT
00000165: ADD
00000166: SWAP1
00000167: SWAP2
00000168: AND
00000169: DIV
0000016a: PUSH1 0x1f
0000016c: ADD
0000016d: SWAP2
0000016e: SWAP1
0000016f: SWAP2
00000170: DIV
00000171: DUP2
00000172: ADD
00000173: SWAP1
00000174: JUMPDEST
00000175: DUP1
00000176: DUP3
00000177: GT
00000178: ISZERO
00000179: PUSH2 0x0281
0000017c: JUMPI
0000017d: DUP5
0000017e: DUP2
0000017f: SSTORE
00000180: PUSH1 0x01
00000182: ADD
00000183: PUSH2 0x0174
00000186: JUMP
00000187: JUMPDEST
00000188: PUSH2 0x032f
0000018b: PUSH1 0x04
0000018d: CALLDATALOAD
0000018e: PUSH1 0x00
00000190: DUP1
00000191: SLOAD
00000192: DUP3
00000193: SWAP1
00000194: DUP2
00000195: LT
00000196: ISZERO
00000197: PUSH2 0x0002
0000019a: JUMPI
0000019b: POP
0000019c: DUP1
0000019d: MSTORE
0000019e: PUSH1 0x03
000001a0: MUL
000001a1: PUSH32 0x290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e565
000001c2: DUP2
000001c3: ADD
000001c4: SLOAD
000001c5: PUSH32 0x290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e563
000001e6: DUP3
000001e7: ADD
000001e8: SLOAD
000001e9: PUSH1 0x01
000001eb: PUSH1 0xa0
000001ed: PUSH1 0x02
000001ef: EXP
000001f0: SUB
000001f1: AND
000001f2: SWAP2
000001f3: PUSH32 0x290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e564
00000214: ADD
00000215: SWAP1
00000216: DUP4
00000217: JUMP
00000218: JUMPDEST
00000219: PUSH2 0x03bb
0000021c: PUSH1 0x01
0000021e: SLOAD
0000021f: DUP2
00000220: JUMP
00000221: JUMPDEST
00000222: PUSH2 0x03bb
00000225: PUSH1 0x04
00000227: CALLDATALOAD
00000228: PUSH1 0x00
0000022a: DUP1
0000022b: SLOAD
0000022c: PUSH1 0x01
0000022e: ADD
0000022f: DUP3
00000230: GT
00000231: ISZERO
00000232: PUSH2 0x03cb
00000235: JUMPI
00000236: PUSH2 0x0406
00000239: JUMP
0000023a: JUMPDEST
0000023b: STOP
0000023c: JUMPDEST
0000023d: POP
0000023e: POP
0000023f: PUSH1 0x01
00000241: DUP1
00000242: SLOAD
00000243: PUSH9 0x056bc75e2d63100000
0000024d: DUP2
0000024e: ADD
0000024f: SWAP2
00000250: DUP3
00000251: SWAP1
00000252: SSTORE
00000253: PUSH2 0x0285
00000256: SWAP2
00000257: SWAP1
00000258: DUP2
00000259: SWAP1
0000025a: PUSH1 0x02
0000025c: PUSH9 0x056bc75e2d63100001
00000266: SWAP1
00000267: SWAP2
00000268: ADD
00000269: DIV
0000026a: JUMPDEST
0000026b: DUP2
0000026c: DUP2
0000026d: LT
0000026e: ISZERO
0000026f: PUSH2 0x03c5
00000272: JUMPI
00000273: SWAP1
00000274: POP
00000275: PUSH1 0x02
00000277: DUP2
00000278: DUP4
00000279: DIV
0000027a: DUP3
0000027b: ADD
0000027c: DIV
0000027d: PUSH2 0x026a
00000280: JUMP
00000281: JUMPDEST
00000282: POP
00000283: SWAP1
00000284: JUMP
00000285: JUMPDEST
00000286: PUSH1 0x00
00000288: PUSH1 0x00
0000028a: POP
0000028b: DUP4
0000028c: DUP2
0000028d: SLOAD
0000028e: DUP2
0000028f: LT
00000290: ISZERO
00000291: PUSH2 0x0002
00000294: JUMPI
00000295: POP
00000296: POP
00000297: DUP2
00000298: DUP1
00000299: MSTORE
0000029a: PUSH32 0x290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e565
000002bb: PUSH1 0x03
000002bd: DUP1
000002be: DUP6
000002bf: MUL
000002c0: SWAP2
000002c1: SWAP1
000002c2: SWAP2
000002c3: ADD
000002c4: SWAP2
000002c5: SWAP1
000002c6: SWAP2
000002c7: SSTORE
000002c8: DUP2
000002c9: SLOAD
000002ca: GT
000002cb: ISZERO
000002cc: PUSH2 0x032b
000002cf: JUMPI
000002d0: DUP1
000002d1: SLOAD
000002d2: PUSH1 0x02
000002d4: NOT
000002d5: DUP2
000002d6: ADD
000002d7: SWAP2
000002d8: SWAP1
000002d9: DUP3
000002da: SWAP1
000002db: DUP2
000002dc: LT
000002dd: ISZERO
000002de: PUSH2 0x0002
000002e1: JUMPI
000002e2: POP
000002e3: PUSH1 0x03
000002e5: DUP3
000002e6: MUL
000002e7: PUSH32 0x290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e563
00000308: ADD
00000309: SLOAD
0000030a: PUSH1 0x01
0000030c: PUSH1 0xa0
0000030e: PUSH1 0x02
00000310: EXP
00000311: SUB
00000312: AND
00000313: SWAP1
00000314: PUSH7 0x071afd498d0000
0000031c: PUSH1 0xa0
0000031e: DUP3
0000031f: DUP2
00000320: DUP2
00000321: DUP2
00000322: DUP6
00000323: DUP9
00000324: DUP4
00000325: CALL
00000326: POP
00000327: POP
00000328: POP
00000329: POP
0000032a: POP
0000032b: JUMPDEST
0000032c: POP
0000032d: POP
0000032e: JUMP
0000032f: JUMPDEST
00000330: PUSH1 0x60
00000332: DUP4
00000333: DUP2
00000334: MSTORE
00000335: PUSH1 0xa0
00000337: DUP3
00000338: SWAP1
00000339: MSTORE
0000033a: PUSH1 0x80
0000033c: DUP2
0000033d: DUP2
0000033e: MSTORE
0000033f: DUP4
00000340: SLOAD
00000341: PUSH1 0x02
00000343: PUSH1 0x01
00000345: DUP3
00000346: AND
00000347: ISZERO
00000348: PUSH2 0x0100
0000034b: MUL
0000034c: PUSH1 0x00
0000034e: NOT
0000034f: ADD
00000350: SWAP1
00000351: SWAP2
00000352: AND
00000353: DIV
00000354: PUSH1 0xc0
00000356: DUP2
00000357: SWAP1
00000358: MSTORE
00000359: PUSH1 0xe0
0000035b: SWAP1
0000035c: DUP6
0000035d: SWAP1
0000035e: DUP1
0000035f: ISZERO
00000360: PUSH2 0x03aa
00000363: JUMPI
00000364: DUP1
00000365: PUSH1 0x1f
00000367: LT
00000368: PUSH2 0x037f
0000036b: JUMPI
0000036c: PUSH2 0x0100
0000036f: DUP1
00000370: DUP4
00000371: SLOAD
00000372: DIV
00000373: MUL
00000374: DUP4
00000375: MSTORE
00000376: SWAP2
00000377: PUSH1 0x20
00000379: ADD
0000037a: SWAP2
0000037b: PUSH2 0x03aa
0000037e: JUMP
0000037f: JUMPDEST
00000380: DUP3
00000381: ADD
00000382: SWAP2
00000383: SWAP1
00000384: PUSH1 0x00
00000386: MSTORE
00000387: PUSH1 0x20
00000389: PUSH1 0x00
0000038b: KECCAK256
0000038c: SWAP1
0000038d: JUMPDEST
0000038e: DUP2
0000038f: SLOAD
00000390: DUP2
00000391: MSTORE
00000392: SWAP1
00000393: PUSH1 0x01
00000395: ADD
00000396: SWAP1
00000397: PUSH1 0x20
00000399: ADD
0000039a: DUP1
0000039b: DUP4
0000039c: GT
0000039d: PUSH2 0x038d
000003a0: JUMPI
000003a1: DUP3
000003a2: SWAP1
000003a3: SUB
000003a4: PUSH1 0x1f
000003a6: AND
000003a7: DUP3
000003a8: ADD
000003a9: SWAP2
000003aa: JUMPDEST
000003ab: POP
000003ac: POP
000003ad: SWAP5
000003ae: POP
000003af: POP
000003b0: POP
000003b1: POP
000003b2: POP
000003b3: PUSH1 0x40
000003b5: MLOAD
000003b6: DUP1
000003b7: SWAP2
000003b8: SUB
000003b9: SWAP1
000003ba: RETURN
000003bb: JUMPDEST
000003bc: PUSH1 0x60
000003be: SWAP1
000003bf: DUP2
000003c0: MSTORE
000003c1: PUSH1 0x20
000003c3: SWAP1
000003c4: RETURN
000003c5: JUMPDEST
000003c6: POP
000003c7: SWAP2
000003c8: SWAP1
000003c9: POP
000003ca: JUMP
000003cb: JUMPDEST
000003cc: PUSH1 0x00
000003ce: PUSH1 0x00
000003d0: POP
000003d1: DUP3
000003d2: DUP2
000003d3: SLOAD
000003d4: DUP2
000003d5: LT
000003d6: ISZERO
000003d7: PUSH2 0x0002
000003da: JUMPI
000003db: POP
000003dc: POP
000003dd: DUP1
000003de: MSTORE
000003df: PUSH1 0x03
000003e1: DUP2
000003e2: MUL
000003e3: PUSH32 0x290decd9548b62a8d60345a988386fc84ba6bc95484008f6362f93160ef3e565
00000404: ADD
00000405: SLOAD
00000406: JUMPDEST
00000407: SWAP2
00000408: SWAP1
00000409: POP
0000040a: JUMP
View stderr 
Warning: This is a nightly build of Foundry. It is recommended to use the latest stable version. To mute this warning set `FOUNDRY_DISABLE_NIGHTLY_WARNING` in your environment.

Findings

validated = confirmed for call sinks; sink observed for others
Severity Category Tool Title Confidence Validated Confirmed Details
high other detector Untrusted CALL target/value reachable 60 no no
view
trace_id: 0xbf30fc81e1055522c8291e0de6d3c8d411272fe724aa3f214c0e94c106c8d965
call_targets: 0x8ea6c8077d6316b46e449aec8fb60a606cf50eea
target_varies: no
classification: constant_target
validation_json 
{
    "sink": "CALL",
    "errors": 0,
    "status": "sink_reached",
    "attempts": 1,
    "trace_id": "0xbf30fc81e1055522c8291e0de6d3c8d411272fe724aa3f214c0e94c106c8d965",
    "confirmed": false,
    "trace_mode": "callTracer",
    "call_targets": [
        "0x8ea6c8077d6316b46e449aec8fb60a606cf50eea"
    ],
    "matched_probe": null,
    "target_varies": false,
    "classification": "constant_target"
}
witness_json 
{
    "notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
    "constraints": [],
    "entrypoints": [
        {
            "calldata": "0x3c889fe1",
            "selector": "0x3c889fe1",
            "calldata_variants": [
                "0x3c889fe1",
                "0x3c889fe10000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0x5fee63c3",
            "selector": "0x5fee63c3",
            "calldata_variants": [
                "0x5fee63c3",
                "0x5fee63c30000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0x677342ce",
            "selector": "0x677342ce",
            "calldata_variants": [
                "0x677342ce",
                "0x677342ce0000000000000000000000000000000000000000000000000000000000000000"
            ]
        }
    ]
}
evidence_json 
{
    "examples": [
        {
            "pc": 805,
            "opcode": "CALL",
            "returndata_checked": null,
            "value_expression_category": "computed",
            "target_expression_category": "computed"
        }
    ],
    "call_count": 1,
    "guards_detected": [],
    "untrusted_call_count": 1
}
high other detector ETH value transfer possible 55 no no
view
trace_id: 0xbf30fc81e1055522c8291e0de6d3c8d411272fe724aa3f214c0e94c106c8d965
call_targets: 0x8ea6c8077d6316b46e449aec8fb60a606cf50eea
target_varies: no
classification: constant_target
validation_json 
{
    "sink": "CALL",
    "errors": 0,
    "status": "sink_reached",
    "attempts": 1,
    "trace_id": "0xbf30fc81e1055522c8291e0de6d3c8d411272fe724aa3f214c0e94c106c8d965",
    "confirmed": false,
    "trace_mode": "callTracer",
    "call_targets": [
        "0x8ea6c8077d6316b46e449aec8fb60a606cf50eea"
    ],
    "matched_probe": null,
    "target_varies": false,
    "classification": "constant_target"
}
witness_json 
{
    "notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
    "constraints": [],
    "entrypoints": [
        {
            "calldata": "0x3c889fe1",
            "selector": "0x3c889fe1",
            "calldata_variants": [
                "0x3c889fe1",
                "0x3c889fe10000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0x5fee63c3",
            "selector": "0x5fee63c3",
            "calldata_variants": [
                "0x5fee63c3",
                "0x5fee63c30000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0x677342ce",
            "selector": "0x677342ce",
            "calldata_variants": [
                "0x677342ce",
                "0x677342ce0000000000000000000000000000000000000000000000000000000000000000"
            ]
        }
    ]
}
evidence_json 
{
    "examples": [
        {
            "pc": 805,
            "opcode": "CALL",
            "returndata_checked": null,
            "value_expression_category": "computed",
            "target_expression_category": "computed"
        }
    ],
    "eth_value_calls": 1,
    "guards_detected": []
}