019b3836-4235-7299-b1d6-19e16a426779
Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?
| ID | Type | Status | Attempts | Heartbeat |
|---|---|---|---|---|
| 5507 | artifact.fetch | complete | 1 / 3 | 3 months ago |
| 5508 | tool.cast_disasm | complete | 1 / 3 | 3 months ago |
| 97474 | analysis.bundle | complete | 1 / 3 | 1 week ago |
| 97475 | capability.graph | complete | 1 / 3 | 1 week ago |
| 97476 | detector.run | complete | 1 / 3 | 1 week ago |
| 97477 | validation.fork | complete | 1 / 3 | 1 week ago |
| 113827 | report.consolidate | complete | 1 / 6 | 1 week ago |
No slither job recorded yet.
OpenAI Codex v0.118.0 (research preview) -------- workdir: /tmp/codex-vm5s_5cz model: gpt-5.4 provider: openai approval: never sandbox: read-only reasoning effort: high reasoning summaries: none session id: 019d5c9f-df86-71a2-a4db-82339181cd3c -------- user You are a security auditor. You ONLY have runtime bytecode + analysis artifacts. You MUST read `BYTECODE_BUNDLE.json` before concluding; it contains the bytecode summary, evidence bundle, callsites, storage slots, and detector findings. Special cases when reasoning from bytecode (be explicit about uncertainty): - Selector inference is best-effort; missing selectors are common. - Fallback/receive paths may be the only entrypoints. - CALL vs DELEGATECALL semantics differ; DELEGATECALL executes in caller storage. - Proxy patterns (EIP-1967, minimal proxies, beacon) change which storage is authoritative. - Storage slots are raw; mappings/arrays appear via keccak patterns, names are unknown. - Guard detection is heuristic; absence of guards does NOT mean unguarded. - Returndata checking is unknown unless explicitly shown in evidence. - Precompiles (0x1..0x9) and common ERC20 transfer selectors may appear; do not over-claim. Output MUST be valid JSON matching the provided schema. - If you find nothing meaningful: set no_findings=true and findings=[]. - Otherwise: set no_findings=false and include findings with severity/category/title. - Locations can be pc references like "pc:0x123" or selectors like "selector:0xa9059cbb". Focus on: reentrancy, access control, upgradeability/proxy issues, signature validation, accounting/invariant breaks, dangerous delegatecall, and untrusted external calls. Be conservative: if evidence is weak, mark severity low/medium and explain why. warning: Codex could not find system bubblewrap on PATH. Please install bubblewrap with your package manager. Codex will use the vendored bubblewrap in the meantime. ERROR: You've hit your usage limit. Visit https://chatgpt.com/codex/settings/usage to purchase more credits or try again at Apr 8th, 2026 9:11 AM. ERROR: You've hit your usage limit. Visit https://chatgpt.com/codex/settings/usage to purchase more credits or try again at Apr 8th, 2026 9:11 AM.
{
"codex": {
"ran_at": "2026-04-05T07:51:16.118537+00:00",
"returncode": 1
},
"project": {
"mode": "bytecode",
"bytecode_length": 5642,
"bytecode_truncated": false,
"capability_graph_present": true,
"analysis_artifact_present": true
},
"summary": null,
"no_findings": null,
"schema_version": 1
}
00000000: PUSH1 0x60 00000002: PUSH1 0x40 00000004: MSTORE 00000005: PUSH1 0x00 00000007: CALLDATALOAD 00000008: PUSH29 0x0100000000000000000000000000000000000000000000000000000000 00000026: SWAP1 00000027: DIV 00000028: DUP1 00000029: PUSH4 0x27dc297e 0000002e: EQ 0000002f: PUSH2 0x004f 00000032: JUMPI 00000033: DUP1 00000034: PUSH4 0x73d4a13a 00000039: EQ 0000003a: PUSH2 0x00ae 0000003d: JUMPI 0000003e: DUP1 0000003f: PUSH4 0xc879b404 00000044: EQ 00000045: PUSH2 0x0129 00000048: JUMPI 00000049: PUSH2 0x004d 0000004c: JUMP 0000004d: JUMPDEST 0000004e: STOP 0000004f: JUMPDEST 00000050: PUSH2 0x00ac 00000053: PUSH1 0x04 00000055: DUP1 00000056: DUP1 00000057: CALLDATALOAD 00000058: SWAP1 00000059: PUSH1 0x20 0000005b: ADD 0000005c: SWAP1 0000005d: SWAP2 0000005e: SWAP1 0000005f: DUP1 00000060: CALLDATALOAD 00000061: SWAP1 00000062: PUSH1 0x20 00000064: ADD 00000065: SWAP1 00000066: DUP3 00000067: ADD 00000068: DUP1 00000069: CALLDATALOAD 0000006a: SWAP1 0000006b: PUSH1 0x20 0000006d: ADD 0000006e: SWAP2 0000006f: SWAP2 00000070: SWAP1 00000071: DUP1 00000072: DUP1 00000073: PUSH1 0x1f 00000075: ADD 00000076: PUSH1 0x20 00000078: DUP1 00000079: SWAP2 0000007a: DIV 0000007b: MUL 0000007c: PUSH1 0x20 0000007e: ADD 0000007f: PUSH1 0x40 00000081: MLOAD 00000082: SWAP1 00000083: DUP2 00000084: ADD 00000085: PUSH1 0x40 00000087: MSTORE 00000088: DUP1 00000089: SWAP4 0000008a: SWAP3 0000008b: SWAP2 0000008c: SWAP1 0000008d: DUP2 0000008e: DUP2 0000008f: MSTORE 00000090: PUSH1 0x20 00000092: ADD 00000093: DUP4 00000094: DUP4 00000095: DUP1 00000096: DUP3 00000097: DUP5 00000098: CALLDATACOPY 00000099: DUP3 0000009a: ADD 0000009b: SWAP2 0000009c: POP 0000009d: POP 0000009e: POP 0000009f: POP 000000a0: POP 000000a1: POP 000000a2: SWAP1 000000a3: SWAP1 000000a4: SWAP2 000000a5: SWAP1 000000a6: POP 000000a7: POP 000000a8: PUSH2 0x0138 000000ab: JUMP 000000ac: JUMPDEST 000000ad: STOP 000000ae: JUMPDEST 000000af: PUSH2 0x00bb 000000b2: PUSH1 0x04 000000b4: DUP1 000000b5: POP 000000b6: POP 000000b7: PUSH2 0x022b 000000ba: JUMP 000000bb: JUMPDEST 000000bc: PUSH1 0x40 000000be: MLOAD 000000bf: DUP1 000000c0: DUP1 000000c1: PUSH1 0x20 000000c3: ADD 000000c4: DUP3 000000c5: DUP2 000000c6: SUB 000000c7: DUP3 000000c8: MSTORE 000000c9: DUP4 000000ca: DUP2 000000cb: DUP2 000000cc: MLOAD 000000cd: DUP2 000000ce: MSTORE 000000cf: PUSH1 0x20 000000d1: ADD 000000d2: SWAP2 000000d3: POP 000000d4: DUP1 000000d5: MLOAD 000000d6: SWAP1 000000d7: PUSH1 0x20 000000d9: ADD 000000da: SWAP1 000000db: DUP1 000000dc: DUP4 000000dd: DUP4 000000de: DUP3 000000df: SWAP1 000000e0: PUSH1 0x00 000000e2: PUSH1 0x04 000000e4: PUSH1 0x20 000000e6: DUP5 000000e7: PUSH1 0x1f 000000e9: ADD 000000ea: DIV 000000eb: PUSH1 0x0f 000000ed: MUL 000000ee: PUSH1 0x03 000000f0: ADD 000000f1: CALL 000000f2: POP 000000f3: SWAP1 000000f4: POP 000000f5: SWAP1 000000f6: DUP2 000000f7: ADD 000000f8: SWAP1 000000f9: PUSH1 0x1f 000000fb: AND 000000fc: DUP1 000000fd: ISZERO 000000fe: PUSH2 0x011b 00000101: JUMPI 00000102: DUP1 00000103: DUP3 00000104: SUB 00000105: DUP1 00000106: MLOAD 00000107: PUSH1 0x01 00000109: DUP4 0000010a: PUSH1 0x20 0000010c: SUB 0000010d: PUSH2 0x0100 00000110: EXP 00000111: SUB 00000112: NOT 00000113: AND 00000114: DUP2 00000115: MSTORE 00000116: PUSH1 0x20 00000118: ADD 00000119: SWAP2 0000011a: POP 0000011b: JUMPDEST 0000011c: POP 0000011d: SWAP3 0000011e: POP 0000011f: POP 00000120: POP 00000121: PUSH1 0x40 00000123: MLOAD 00000124: DUP1 00000125: SWAP2 00000126: SUB 00000127: SWAP1 00000128: RETURN 00000129: JUMPDEST 0000012a: PUSH2 0x0136 0000012d: PUSH1 0x04 0000012f: DUP1 00000130: POP 00000131: POP 00000132: PUSH2 0x02cc 00000135: JUMP 00000136: JUMPDEST 00000137: STOP 00000138: JUMPDEST 00000139: PUSH2 0x0140 0000013c: PUSH2 0x0398 0000013f: JUMP 00000140: JUMPDEST 00000141: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 00000156: AND 00000157: CALLER 00000158: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 0000016d: AND 0000016e: EQ 0000016f: ISZERO 00000170: ISZERO 00000171: PUSH2 0x0179 00000174: JUMPI 00000175: PUSH2 0x0002 00000178: JUMP 00000179: JUMPDEST 0000017a: DUP1 0000017b: PUSH1 0x02 0000017d: PUSH1 0x00 0000017f: POP 00000180: SWAP1 00000181: DUP1 00000182: MLOAD 00000183: SWAP1 00000184: PUSH1 0x20 00000186: ADD 00000187: SWAP1 00000188: DUP3 00000189: DUP1 0000018a: SLOAD 0000018b: PUSH1 0x01 0000018d: DUP2 0000018e: PUSH1 0x01 00000190: AND 00000191: ISZERO 00000192: PUSH2 0x0100 00000195: MUL 00000196: SUB 00000197: AND 00000198: PUSH1 0x02 0000019a: SWAP1 0000019b: DIV 0000019c: SWAP1 0000019d: PUSH1 0x00 0000019f: MSTORE 000001a0: PUSH1 0x20 000001a2: PUSH1 0x00 000001a4: KECCAK256 000001a5: SWAP1 000001a6: PUSH1 0x1f 000001a8: ADD 000001a9: PUSH1 0x20 000001ab: SWAP1 000001ac: DIV 000001ad: DUP2 000001ae: ADD 000001af: SWAP3 000001b0: DUP3 000001b1: PUSH1 0x1f 000001b3: LT 000001b4: PUSH2 0x01c8 000001b7: JUMPI 000001b8: DUP1 000001b9: MLOAD 000001ba: PUSH1 0xff 000001bc: NOT 000001bd: AND 000001be: DUP4 000001bf: DUP1 000001c0: ADD 000001c1: OR 000001c2: DUP6 000001c3: SSTORE 000001c4: PUSH2 0x01f9 000001c7: JUMP 000001c8: JUMPDEST 000001c9: DUP3 000001ca: DUP1 000001cb: ADD 000001cc: PUSH1 0x01 000001ce: ADD 000001cf: DUP6 000001d0: SSTORE 000001d1: DUP3 000001d2: ISZERO 000001d3: PUSH2 0x01f9 000001d6: JUMPI 000001d7: SWAP2 000001d8: DUP3 000001d9: ADD 000001da: JUMPDEST 000001db: DUP3 000001dc: DUP2 000001dd: GT 000001de: ISZERO 000001df: PUSH2 0x01f8 000001e2: JUMPI 000001e3: DUP3 000001e4: MLOAD 000001e5: DUP3 000001e6: PUSH1 0x00 000001e8: POP 000001e9: SSTORE 000001ea: SWAP2 000001eb: PUSH1 0x20 000001ed: ADD 000001ee: SWAP2 000001ef: SWAP1 000001f0: PUSH1 0x01 000001f2: ADD 000001f3: SWAP1 000001f4: PUSH2 0x01da 000001f7: JUMP 000001f8: JUMPDEST 000001f9: JUMPDEST 000001fa: POP 000001fb: SWAP1 000001fc: POP 000001fd: PUSH2 0x0224 00000200: SWAP2 00000201: SWAP1 00000202: PUSH2 0x0206 00000205: JUMP 00000206: JUMPDEST 00000207: DUP1 00000208: DUP3 00000209: GT 0000020a: ISZERO 0000020b: PUSH2 0x0220 0000020e: JUMPI 0000020f: PUSH1 0x00 00000211: DUP2 00000212: DUP2 00000213: POP 00000214: PUSH1 0x00 00000216: SWAP1 00000217: SSTORE 00000218: POP 00000219: PUSH1 0x01 0000021b: ADD 0000021c: PUSH2 0x0206 0000021f: JUMP 00000220: JUMPDEST 00000221: POP 00000222: SWAP1 00000223: JUMP 00000224: JUMPDEST 00000225: POP 00000226: POP 00000227: JUMPDEST 00000228: POP 00000229: POP 0000022a: JUMP 0000022b: JUMPDEST 0000022c: PUSH1 0x02 0000022e: PUSH1 0x00 00000230: POP 00000231: DUP1 00000232: SLOAD 00000233: PUSH1 0x01 00000235: DUP2 00000236: PUSH1 0x01 00000238: AND 00000239: ISZERO 0000023a: PUSH2 0x0100 0000023d: MUL 0000023e: SUB 0000023f: AND 00000240: PUSH1 0x02 00000242: SWAP1 00000243: DIV 00000244: DUP1 00000245: PUSH1 0x1f 00000247: ADD 00000248: PUSH1 0x20 0000024a: DUP1 0000024b: SWAP2 0000024c: DIV 0000024d: MUL 0000024e: PUSH1 0x20 00000250: ADD 00000251: PUSH1 0x40 00000253: MLOAD 00000254: SWAP1 00000255: DUP2 00000256: ADD 00000257: PUSH1 0x40 00000259: MSTORE 0000025a: DUP1 0000025b: SWAP3 0000025c: SWAP2 0000025d: SWAP1 0000025e: DUP2 0000025f: DUP2 00000260: MSTORE 00000261: PUSH1 0x20 00000263: ADD 00000264: DUP3 00000265: DUP1 00000266: SLOAD 00000267: PUSH1 0x01 00000269: DUP2 0000026a: PUSH1 0x01 0000026c: AND 0000026d: ISZERO 0000026e: PUSH2 0x0100 00000271: MUL 00000272: SUB 00000273: AND 00000274: PUSH1 0x02 00000276: SWAP1 00000277: DIV 00000278: DUP1 00000279: ISZERO 0000027a: PUSH2 0x02c4 0000027d: JUMPI 0000027e: DUP1 0000027f: PUSH1 0x1f 00000281: LT 00000282: PUSH2 0x0299 00000285: JUMPI 00000286: PUSH2 0x0100 00000289: DUP1 0000028a: DUP4 0000028b: SLOAD 0000028c: DIV 0000028d: MUL 0000028e: DUP4 0000028f: MSTORE 00000290: SWAP2 00000291: PUSH1 0x20 00000293: ADD 00000294: SWAP2 00000295: PUSH2 0x02c4 00000298: JUMP 00000299: JUMPDEST 0000029a: DUP3 0000029b: ADD 0000029c: SWAP2 0000029d: SWAP1 0000029e: PUSH1 0x00 000002a0: MSTORE 000002a1: PUSH1 0x20 000002a3: PUSH1 0x00 000002a5: KECCAK256 000002a6: SWAP1 000002a7: JUMPDEST 000002a8: DUP2 000002a9: SLOAD 000002aa: DUP2 000002ab: MSTORE 000002ac: SWAP1 000002ad: PUSH1 0x01 000002af: ADD 000002b0: SWAP1 000002b1: PUSH1 0x20 000002b3: ADD 000002b4: DUP1 000002b5: DUP4 000002b6: GT 000002b7: PUSH2 0x02a7 000002ba: JUMPI 000002bb: DUP3 000002bc: SWAP1 000002bd: SUB 000002be: PUSH1 0x1f 000002c0: AND 000002c1: DUP3 000002c2: ADD 000002c3: SWAP2 000002c4: JUMPDEST 000002c5: POP 000002c6: POP 000002c7: POP 000002c8: POP 000002c9: POP 000002ca: DUP2 000002cb: JUMP 000002cc: JUMPDEST 000002cd: PUSH2 0x0394 000002d0: PUSH1 0x40 000002d2: PUSH1 0x40 000002d4: MLOAD 000002d5: SWAP1 000002d6: DUP2 000002d7: ADD 000002d8: PUSH1 0x40 000002da: MSTORE 000002db: DUP1 000002dc: PUSH1 0x03 000002de: DUP2 000002df: MSTORE 000002e0: PUSH1 0x20 000002e2: ADD 000002e3: PUSH32 0x55524c0000000000000000000000000000000000000000000000000000000000 00000304: DUP2 00000305: MSTORE 00000306: PUSH1 0x20 00000308: ADD 00000309: POP 0000030a: PUSH1 0x80 0000030c: PUSH1 0x40 0000030e: MLOAD 0000030f: SWAP1 00000310: DUP2 00000311: ADD 00000312: PUSH1 0x40 00000314: MSTORE 00000315: DUP1 00000316: PUSH1 0x44 00000318: DUP2 00000319: MSTORE 0000031a: PUSH1 0x20 0000031c: ADD 0000031d: PUSH32 0x6a736f6e2868747470733a2f2f7777772e746865726f636b74726164696e672e 0000033e: DUP2 0000033f: MSTORE 00000340: PUSH1 0x20 00000342: ADD 00000343: PUSH32 0x636f6d2f6170692f7469636b65722f425443455552292e726573756c742e302e 00000364: DUP2 00000365: MSTORE 00000366: PUSH1 0x20 00000368: ADD 00000369: PUSH32 0x6c61737400000000000000000000000000000000000000000000000000000000 0000038a: DUP2 0000038b: MSTORE 0000038c: PUSH1 0x20 0000038e: ADD 0000038f: POP 00000390: PUSH2 0x05ab 00000393: JUMP 00000394: JUMPDEST 00000395: POP 00000396: JUMPDEST 00000397: JUMP 00000398: JUMPDEST 00000399: PUSH1 0x00 0000039b: PUSH1 0x00 0000039d: PUSH1 0x00 0000039f: PUSH1 0x00 000003a1: SWAP1 000003a2: SLOAD 000003a3: SWAP1 000003a4: PUSH2 0x0100 000003a7: EXP 000003a8: SWAP1 000003a9: DIV 000003aa: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 000003bf: AND 000003c0: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 000003d5: AND 000003d6: PUSH4 0x38cc4831 000003db: PUSH1 0x40 000003dd: MLOAD 000003de: DUP2 000003df: PUSH29 0x0100000000000000000000000000000000000000000000000000000000 000003fd: MUL 000003fe: DUP2 000003ff: MSTORE 00000400: PUSH1 0x04 00000402: ADD 00000403: DUP1 00000404: SWAP1 00000405: POP 00000406: PUSH1 0x20 00000408: PUSH1 0x40 0000040a: MLOAD 0000040b: DUP1 0000040c: DUP4 0000040d: SUB 0000040e: DUP2 0000040f: PUSH1 0x00 00000411: DUP8 00000412: PUSH2 0x61da 00000415: GAS 00000416: SUB 00000417: CALL 00000418: ISZERO 00000419: PUSH2 0x0002 0000041c: JUMPI 0000041d: POP 0000041e: POP 0000041f: POP 00000420: PUSH1 0x40 00000422: MLOAD 00000423: DUP1 00000424: MLOAD 00000425: SWAP1 00000426: PUSH1 0x20 00000428: ADD 00000429: POP 0000042a: SWAP1 0000042b: POP 0000042c: PUSH1 0x00 0000042e: DUP2 0000042f: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 00000444: AND 00000445: EQ 00000446: ISZERO 00000447: PUSH2 0x04e7 0000044a: JUMPI 0000044b: PUSH2 0x0454 0000044e: PUSH1 0x00 00000450: PUSH2 0x09a1 00000453: JUMP 00000454: JUMPDEST 00000455: POP 00000456: PUSH1 0x00 00000458: PUSH1 0x00 0000045a: SWAP1 0000045b: SLOAD 0000045c: SWAP1 0000045d: PUSH2 0x0100 00000460: EXP 00000461: SWAP1 00000462: DIV 00000463: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 00000478: AND 00000479: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 0000048e: AND 0000048f: PUSH4 0x38cc4831 00000494: PUSH1 0x40 00000496: MLOAD 00000497: DUP2 00000498: PUSH29 0x0100000000000000000000000000000000000000000000000000000000 000004b6: MUL 000004b7: DUP2 000004b8: MSTORE 000004b9: PUSH1 0x04 000004bb: ADD 000004bc: DUP1 000004bd: SWAP1 000004be: POP 000004bf: PUSH1 0x20 000004c1: PUSH1 0x40 000004c3: MLOAD 000004c4: DUP1 000004c5: DUP4 000004c6: SUB 000004c7: DUP2 000004c8: PUSH1 0x00 000004ca: DUP8 000004cb: PUSH2 0x61da 000004ce: GAS 000004cf: SUB 000004d0: CALL 000004d1: ISZERO 000004d2: PUSH2 0x0002 000004d5: JUMPI 000004d6: POP 000004d7: POP 000004d8: POP 000004d9: PUSH1 0x40 000004db: MLOAD 000004dc: DUP1 000004dd: MLOAD 000004de: SWAP1 000004df: PUSH1 0x20 000004e1: ADD 000004e2: POP 000004e3: SWAP1 000004e4: POP 000004e5: DUP1 000004e6: POP 000004e7: JUMPDEST 000004e8: DUP1 000004e9: PUSH1 0x01 000004eb: PUSH1 0x00 000004ed: PUSH2 0x0100 000004f0: EXP 000004f1: DUP2 000004f2: SLOAD 000004f3: DUP2 000004f4: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 00000509: MUL 0000050a: NOT 0000050b: AND 0000050c: SWAP1 0000050d: DUP4 0000050e: MUL 0000050f: OR 00000510: SWAP1 00000511: SSTORE 00000512: POP 00000513: PUSH1 0x01 00000515: PUSH1 0x00 00000517: SWAP1 00000518: SLOAD 00000519: SWAP1 0000051a: PUSH2 0x0100 0000051d: EXP 0000051e: SWAP1 0000051f: DIV 00000520: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 00000535: AND 00000536: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 0000054b: AND 0000054c: PUSH4 0xc281d19e 00000551: PUSH1 0x40 00000553: MLOAD 00000554: DUP2 00000555: PUSH29 0x0100000000000000000000000000000000000000000000000000000000 00000573: MUL 00000574: DUP2 00000575: MSTORE 00000576: PUSH1 0x04 00000578: ADD 00000579: DUP1 0000057a: SWAP1 0000057b: POP 0000057c: PUSH1 0x20 0000057e: PUSH1 0x40 00000580: MLOAD 00000581: DUP1 00000582: DUP4 00000583: SUB 00000584: DUP2 00000585: PUSH1 0x00 00000587: DUP8 00000588: PUSH2 0x61da 0000058b: GAS 0000058c: SUB 0000058d: CALL 0000058e: ISZERO 0000058f: PUSH2 0x0002 00000592: JUMPI 00000593: POP 00000594: POP 00000595: POP 00000596: PUSH1 0x40 00000598: MLOAD 00000599: DUP1 0000059a: MLOAD 0000059b: SWAP1 0000059c: PUSH1 0x20 0000059e: ADD 0000059f: POP 000005a0: SWAP2 000005a1: POP 000005a2: POP 000005a3: PUSH2 0x05a8 000005a6: JUMP 000005a7: POP 000005a8: JUMPDEST 000005a9: SWAP1 000005aa: JUMP 000005ab: JUMPDEST 000005ac: PUSH1 0x00 000005ae: PUSH1 0x00 000005b0: PUSH1 0x00 000005b2: PUSH1 0x00 000005b4: PUSH1 0x00 000005b6: SWAP1 000005b7: SLOAD 000005b8: SWAP1 000005b9: PUSH2 0x0100 000005bc: EXP 000005bd: SWAP1 000005be: DIV 000005bf: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 000005d4: AND 000005d5: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 000005ea: AND 000005eb: PUSH4 0x38cc4831 000005f0: PUSH1 0x40 000005f2: MLOAD 000005f3: DUP2 000005f4: PUSH29 0x0100000000000000000000000000000000000000000000000000000000 00000612: MUL 00000613: DUP2 00000614: MSTORE 00000615: PUSH1 0x04 00000617: ADD 00000618: DUP1 00000619: SWAP1 0000061a: POP 0000061b: PUSH1 0x20 0000061d: PUSH1 0x40 0000061f: MLOAD 00000620: DUP1 00000621: DUP4 00000622: SUB 00000623: DUP2 00000624: PUSH1 0x00 00000626: DUP8 00000627: PUSH2 0x61da 0000062a: GAS 0000062b: SUB 0000062c: CALL 0000062d: ISZERO 0000062e: PUSH2 0x0002 00000631: JUMPI 00000632: POP 00000633: POP 00000634: POP 00000635: PUSH1 0x40 00000637: MLOAD 00000638: DUP1 00000639: MLOAD 0000063a: SWAP1 0000063b: PUSH1 0x20 0000063d: ADD 0000063e: POP 0000063f: SWAP1 00000640: POP 00000641: PUSH1 0x00 00000643: DUP2 00000644: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 00000659: AND 0000065a: EQ 0000065b: ISZERO 0000065c: PUSH2 0x06fc 0000065f: JUMPI 00000660: PUSH2 0x0669 00000663: PUSH1 0x00 00000665: PUSH2 0x09a1 00000668: JUMP 00000669: JUMPDEST 0000066a: POP 0000066b: PUSH1 0x00 0000066d: PUSH1 0x00 0000066f: SWAP1 00000670: SLOAD 00000671: SWAP1 00000672: PUSH2 0x0100 00000675: EXP 00000676: SWAP1 00000677: DIV 00000678: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 0000068d: AND 0000068e: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 000006a3: AND 000006a4: PUSH4 0x38cc4831 000006a9: PUSH1 0x40 000006ab: MLOAD 000006ac: DUP2 000006ad: PUSH29 0x0100000000000000000000000000000000000000000000000000000000 000006cb: MUL 000006cc: DUP2 000006cd: MSTORE 000006ce: PUSH1 0x04 000006d0: ADD 000006d1: DUP1 000006d2: SWAP1 000006d3: POP 000006d4: PUSH1 0x20 000006d6: PUSH1 0x40 000006d8: MLOAD 000006d9: DUP1 000006da: DUP4 000006db: SUB 000006dc: DUP2 000006dd: PUSH1 0x00 000006df: DUP8 000006e0: PUSH2 0x61da 000006e3: GAS 000006e4: SUB 000006e5: CALL 000006e6: ISZERO 000006e7: PUSH2 0x0002 000006ea: JUMPI 000006eb: POP 000006ec: POP 000006ed: POP 000006ee: PUSH1 0x40 000006f0: MLOAD 000006f1: DUP1 000006f2: MLOAD 000006f3: SWAP1 000006f4: PUSH1 0x20 000006f6: ADD 000006f7: POP 000006f8: SWAP1 000006f9: POP 000006fa: DUP1 000006fb: POP 000006fc: JUMPDEST 000006fd: DUP1 000006fe: PUSH1 0x01 00000700: PUSH1 0x00 00000702: PUSH2 0x0100 00000705: EXP 00000706: DUP2 00000707: SLOAD 00000708: DUP2 00000709: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 0000071e: MUL 0000071f: NOT 00000720: AND 00000721: SWAP1 00000722: DUP4 00000723: MUL 00000724: OR 00000725: SWAP1 00000726: SSTORE 00000727: POP 00000728: PUSH1 0x01 0000072a: PUSH1 0x00 0000072c: SWAP1 0000072d: SLOAD 0000072e: SWAP1 0000072f: PUSH2 0x0100 00000732: EXP 00000733: SWAP1 00000734: DIV 00000735: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 0000074a: AND 0000074b: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 00000760: AND 00000761: PUSH4 0x524f3889 00000766: DUP7 00000767: PUSH1 0x40 00000769: MLOAD 0000076a: DUP3 0000076b: PUSH29 0x0100000000000000000000000000000000000000000000000000000000 00000789: MUL 0000078a: DUP2 0000078b: MSTORE 0000078c: PUSH1 0x04 0000078e: ADD 0000078f: DUP1 00000790: DUP1 00000791: PUSH1 0x20 00000793: ADD 00000794: DUP3 00000795: DUP2 00000796: SUB 00000797: DUP3 00000798: MSTORE 00000799: DUP4 0000079a: DUP2 0000079b: DUP2 0000079c: MLOAD 0000079d: DUP2 0000079e: MSTORE 0000079f: PUSH1 0x20 000007a1: ADD 000007a2: SWAP2 000007a3: POP 000007a4: DUP1 000007a5: MLOAD 000007a6: SWAP1 000007a7: PUSH1 0x20 000007a9: ADD 000007aa: SWAP1 000007ab: DUP1 000007ac: DUP4 000007ad: DUP4 000007ae: DUP3 000007af: SWAP1 000007b0: PUSH1 0x00 000007b2: PUSH1 0x04 000007b4: PUSH1 0x20 000007b6: DUP5 000007b7: PUSH1 0x1f 000007b9: ADD 000007ba: DIV 000007bb: PUSH1 0x0f 000007bd: MUL 000007be: PUSH1 0x03 000007c0: ADD 000007c1: CALL 000007c2: POP 000007c3: SWAP1 000007c4: POP 000007c5: SWAP1 000007c6: DUP2 000007c7: ADD 000007c8: SWAP1 000007c9: PUSH1 0x1f 000007cb: AND 000007cc: DUP1 000007cd: ISZERO 000007ce: PUSH2 0x07eb 000007d1: JUMPI 000007d2: DUP1 000007d3: DUP3 000007d4: SUB 000007d5: DUP1 000007d6: MLOAD 000007d7: PUSH1 0x01 000007d9: DUP4 000007da: PUSH1 0x20 000007dc: SUB 000007dd: PUSH2 0x0100 000007e0: EXP 000007e1: SUB 000007e2: NOT 000007e3: AND 000007e4: DUP2 000007e5: MSTORE 000007e6: PUSH1 0x20 000007e8: ADD 000007e9: SWAP2 000007ea: POP 000007eb: JUMPDEST 000007ec: POP 000007ed: SWAP3 000007ee: POP 000007ef: POP 000007f0: POP 000007f1: PUSH1 0x20 000007f3: PUSH1 0x40 000007f5: MLOAD 000007f6: DUP1 000007f7: DUP4 000007f8: SUB 000007f9: DUP2 000007fa: PUSH1 0x00 000007fc: DUP8 000007fd: PUSH2 0x61da 00000800: GAS 00000801: SUB 00000802: CALL 00000803: ISZERO 00000804: PUSH2 0x0002 00000807: JUMPI 00000808: POP 00000809: POP 0000080a: POP 0000080b: PUSH1 0x40 0000080d: MLOAD 0000080e: DUP1 0000080f: MLOAD 00000810: SWAP1 00000811: PUSH1 0x20 00000813: ADD 00000814: POP 00000815: SWAP2 00000816: POP 00000817: PUSH3 0x030d40 0000081b: GASPRICE 0000081c: MUL 0000081d: PUSH8 0x0de0b6b3a7640000 00000826: ADD 00000827: DUP3 00000828: GT 00000829: ISZERO 0000082a: PUSH2 0x083a 0000082d: JUMPI 0000082e: PUSH1 0x00 00000830: PUSH1 0x01 00000832: MUL 00000833: SWAP3 00000834: POP 00000835: POP 00000836: PUSH2 0x099a 00000839: JUMP 0000083a: JUMPDEST 0000083b: PUSH1 0x01 0000083d: PUSH1 0x00 0000083f: SWAP1 00000840: SLOAD 00000841: SWAP1 00000842: PUSH2 0x0100 00000845: EXP 00000846: SWAP1 00000847: DIV 00000848: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 0000085d: AND 0000085e: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 00000873: AND 00000874: PUSH4 0xadf59f99 00000879: DUP4 0000087a: PUSH1 0x00 0000087c: DUP9 0000087d: DUP9 0000087e: PUSH1 0x40 00000880: MLOAD 00000881: DUP6 00000882: PUSH29 0x0100000000000000000000000000000000000000000000000000000000 000008a0: MUL 000008a1: DUP2 000008a2: MSTORE 000008a3: PUSH1 0x04 000008a5: ADD 000008a6: DUP1 000008a7: DUP5 000008a8: DUP2 000008a9: MSTORE 000008aa: PUSH1 0x20 000008ac: ADD 000008ad: DUP1 000008ae: PUSH1 0x20 000008b0: ADD 000008b1: DUP1 000008b2: PUSH1 0x20 000008b4: ADD 000008b5: DUP4 000008b6: DUP2 000008b7: SUB 000008b8: DUP4 000008b9: MSTORE 000008ba: DUP6 000008bb: DUP2 000008bc: DUP2 000008bd: MLOAD 000008be: DUP2 000008bf: MSTORE 000008c0: PUSH1 0x20 000008c2: ADD 000008c3: SWAP2 000008c4: POP 000008c5: DUP1 000008c6: MLOAD 000008c7: SWAP1 000008c8: PUSH1 0x20 000008ca: ADD 000008cb: SWAP1 000008cc: DUP1 000008cd: DUP4 000008ce: DUP4 000008cf: DUP3 000008d0: SWAP1 000008d1: PUSH1 0x00 000008d3: PUSH1 0x04 000008d5: PUSH1 0x20 000008d7: DUP5 000008d8: PUSH1 0x1f 000008da: ADD 000008db: DIV 000008dc: PUSH1 0x0f 000008de: MUL 000008df: PUSH1 0x03 000008e1: ADD 000008e2: CALL 000008e3: POP 000008e4: SWAP1 000008e5: POP 000008e6: SWAP1 000008e7: DUP2 000008e8: ADD 000008e9: SWAP1 000008ea: PUSH1 0x1f 000008ec: AND 000008ed: DUP1 000008ee: ISZERO 000008ef: PUSH2 0x090c 000008f2: JUMPI 000008f3: DUP1 000008f4: DUP3 000008f5: SUB 000008f6: DUP1 000008f7: MLOAD 000008f8: PUSH1 0x01 000008fa: DUP4 000008fb: PUSH1 0x20 000008fd: SUB 000008fe: PUSH2 0x0100 00000901: EXP 00000902: SUB 00000903: NOT 00000904: AND 00000905: DUP2 00000906: MSTORE 00000907: PUSH1 0x20 00000909: ADD 0000090a: SWAP2 0000090b: POP 0000090c: JUMPDEST 0000090d: POP 0000090e: DUP4 0000090f: DUP2 00000910: SUB 00000911: DUP3 00000912: MSTORE 00000913: DUP5 00000914: DUP2 00000915: DUP2 00000916: MLOAD 00000917: DUP2 00000918: MSTORE 00000919: PUSH1 0x20 0000091b: ADD 0000091c: SWAP2 0000091d: POP 0000091e: DUP1 0000091f: MLOAD 00000920: SWAP1 00000921: PUSH1 0x20 00000923: ADD 00000924: SWAP1 00000925: DUP1 00000926: DUP4 00000927: DUP4 00000928: DUP3 00000929: SWAP1 0000092a: PUSH1 0x00 0000092c: PUSH1 0x04 0000092e: PUSH1 0x20 00000930: DUP5 00000931: PUSH1 0x1f 00000933: ADD 00000934: DIV 00000935: PUSH1 0x0f 00000937: MUL 00000938: PUSH1 0x03 0000093a: ADD 0000093b: CALL 0000093c: POP 0000093d: SWAP1 0000093e: POP 0000093f: SWAP1 00000940: DUP2 00000941: ADD 00000942: SWAP1 00000943: PUSH1 0x1f 00000945: AND 00000946: DUP1 00000947: ISZERO 00000948: PUSH2 0x0965 0000094b: JUMPI 0000094c: DUP1 0000094d: DUP3 0000094e: SUB 0000094f: DUP1 00000950: MLOAD 00000951: PUSH1 0x01 00000953: DUP4 00000954: PUSH1 0x20 00000956: SUB 00000957: PUSH2 0x0100 0000095a: EXP 0000095b: SUB 0000095c: NOT 0000095d: AND 0000095e: DUP2 0000095f: MSTORE 00000960: PUSH1 0x20 00000962: ADD 00000963: SWAP2 00000964: POP 00000965: JUMPDEST 00000966: POP 00000967: SWAP6 00000968: POP 00000969: POP 0000096a: POP 0000096b: POP 0000096c: POP 0000096d: POP 0000096e: PUSH1 0x20 00000970: PUSH1 0x40 00000972: MLOAD 00000973: DUP1 00000974: DUP4 00000975: SUB 00000976: DUP2 00000977: DUP6 00000978: DUP9 00000979: PUSH2 0x8502 0000097c: GAS 0000097d: SUB 0000097e: CALL 0000097f: ISZERO 00000980: PUSH2 0x0002 00000983: JUMPI 00000984: POP 00000985: POP 00000986: POP 00000987: POP 00000988: PUSH1 0x40 0000098a: MLOAD 0000098b: DUP1 0000098c: MLOAD 0000098d: SWAP1 0000098e: PUSH1 0x20 00000990: ADD 00000991: POP 00000992: SWAP3 00000993: POP 00000994: POP 00000995: PUSH2 0x099a 00000998: JUMP 00000999: POP 0000099a: JUMPDEST 0000099b: POP 0000099c: SWAP3 0000099d: SWAP2 0000099e: POP 0000099f: POP 000009a0: JUMP 000009a1: JUMPDEST 000009a2: PUSH1 0x00 000009a4: PUSH1 0x00 000009a6: PUSH2 0x09c2 000009a9: PUSH20 0x1d3b2638a7cc9f2cb3d298a3da7a90b67e5506ed 000009be: PUSH2 0x0af8 000009c1: JUMP 000009c2: JUMPDEST 000009c3: GT 000009c4: ISZERO 000009c5: PUSH2 0x0a10 000009c8: JUMPI 000009c9: PUSH20 0x1d3b2638a7cc9f2cb3d298a3da7a90b67e5506ed 000009de: PUSH1 0x00 000009e0: PUSH1 0x00 000009e2: PUSH2 0x0100 000009e5: EXP 000009e6: DUP2 000009e7: SLOAD 000009e8: DUP2 000009e9: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 000009fe: MUL 000009ff: NOT 00000a00: AND 00000a01: SWAP1 00000a02: DUP4 00000a03: MUL 00000a04: OR 00000a05: SWAP1 00000a06: SSTORE 00000a07: POP 00000a08: PUSH1 0x01 00000a0a: SWAP1 00000a0b: POP 00000a0c: PUSH2 0x0af3 00000a0f: JUMP 00000a10: JUMPDEST 00000a11: PUSH1 0x00 00000a13: PUSH2 0x0a2f 00000a16: PUSH20 0x9efbea6358bed926b293d2ce63a730d6d98d43dd 00000a2b: PUSH2 0x0af8 00000a2e: JUMP 00000a2f: JUMPDEST 00000a30: GT 00000a31: ISZERO 00000a32: PUSH2 0x0a7d 00000a35: JUMPI 00000a36: PUSH20 0x9efbea6358bed926b293d2ce63a730d6d98d43dd 00000a4b: PUSH1 0x00 00000a4d: PUSH1 0x00 00000a4f: PUSH2 0x0100 00000a52: EXP 00000a53: DUP2 00000a54: SLOAD 00000a55: DUP2 00000a56: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 00000a6b: MUL 00000a6c: NOT 00000a6d: AND 00000a6e: SWAP1 00000a6f: DUP4 00000a70: MUL 00000a71: OR 00000a72: SWAP1 00000a73: SSTORE 00000a74: POP 00000a75: PUSH1 0x01 00000a77: SWAP1 00000a78: POP 00000a79: PUSH2 0x0af3 00000a7c: JUMP 00000a7d: JUMPDEST 00000a7e: PUSH1 0x00 00000a80: PUSH2 0x0a9c 00000a83: PUSH20 0x20e12a1f859b3feae5fb2a0a32c18f5a65555bbf 00000a98: PUSH2 0x0af8 00000a9b: JUMP 00000a9c: JUMPDEST 00000a9d: GT 00000a9e: ISZERO 00000a9f: PUSH2 0x0aea 00000aa2: JUMPI 00000aa3: PUSH20 0x20e12a1f859b3feae5fb2a0a32c18f5a65555bbf 00000ab8: PUSH1 0x00 00000aba: PUSH1 0x00 00000abc: PUSH2 0x0100 00000abf: EXP 00000ac0: DUP2 00000ac1: SLOAD 00000ac2: DUP2 00000ac3: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 00000ad8: MUL 00000ad9: NOT 00000ada: AND 00000adb: SWAP1 00000adc: DUP4 00000add: MUL 00000ade: OR 00000adf: SWAP1 00000ae0: SSTORE 00000ae1: POP 00000ae2: PUSH1 0x01 00000ae4: SWAP1 00000ae5: POP 00000ae6: PUSH2 0x0af3 00000ae9: JUMP 00000aea: JUMPDEST 00000aeb: PUSH1 0x00 00000aed: SWAP1 00000aee: POP 00000aef: PUSH2 0x0af3 00000af2: JUMP 00000af3: JUMPDEST 00000af4: SWAP2 00000af5: SWAP1 00000af6: POP 00000af7: JUMP 00000af8: JUMPDEST 00000af9: PUSH1 0x00 00000afb: DUP2 00000afc: EXTCODESIZE 00000afd: SWAP1 00000afe: POP 00000aff: JUMPDEST 00000b00: SWAP2 00000b01: SWAP1 00000b02: POP 00000b03: JUMP
Warning: This is a nightly build of Foundry. It is recommended to use the latest stable version. To mute this warning set `FOUNDRY_DISABLE_NIGHTLY_WARNING` in your environment.
| Severity | Category | Tool | Title | Confidence | Validated | Confirmed | Details |
|---|---|---|---|---|---|---|---|
| medium | other | detector | Untrusted CALL target/value reachable | 45 | yes | yes |
viewtrace_id: 0xf91866e38e2c64630373cdbbaca2e045255d1fa6a01620572736e9eac2d2c040
call_targets:
0x1d3b2638a7cc9f2cb3d298a3da7a90b67e5506ed, 0x2cb461d31ec958628aa900c87956f792e7cb9d5e, 0x3dbdc81a6edc94c720b0b88fb65dbd7e395fdcf6
target_varies:
yes
classification:
target_varies
validation_json{
"sink": "CALL",
"errors": 0,
"status": "confirmed",
"attempts": 1,
"trace_id": "0xf91866e38e2c64630373cdbbaca2e045255d1fa6a01620572736e9eac2d2c040",
"confirmed": true,
"trace_mode": "callTracer",
"call_targets": [
"0x1d3b2638a7cc9f2cb3d298a3da7a90b67e5506ed",
"0x2cb461d31ec958628aa900c87956f792e7cb9d5e",
"0x3dbdc81a6edc94c720b0b88fb65dbd7e395fdcf6"
],
"matched_probe": null,
"target_varies": true,
"classification": "target_varies"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0x27dc297e",
"selector": "0x27dc297e",
"calldata_variants": [
"0x27dc297e",
"0x27dc297e0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x73d4a13a",
"selector": "0x73d4a13a",
"calldata_variants": [
"0x73d4a13a",
"0x73d4a13a0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xc879b404",
"selector": "0xc879b404",
"calldata_variants": [
"0xc879b404",
"0xc879b4040000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 241,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 1047,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "constant_zero",
"target_expression_category": "computed"
},
{
"pc": 1232,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
}
],
"call_count": 11,
"guards_detected": [
{
"pc": 343,
"type": "msg_sender_eq_const",
"value": "0xffffffffffffffffffffffffffffffffffffffff"
}
],
"untrusted_call_count": 10
}
|
| medium | other | detector | ETH value transfer possible | 40 | yes | yes |
viewtrace_id: 0xf91866e38e2c64630373cdbbaca2e045255d1fa6a01620572736e9eac2d2c040
call_targets:
0x1d3b2638a7cc9f2cb3d298a3da7a90b67e5506ed, 0x2cb461d31ec958628aa900c87956f792e7cb9d5e, 0x3dbdc81a6edc94c720b0b88fb65dbd7e395fdcf6
target_varies:
yes
classification:
target_varies
validation_json{
"sink": "CALL",
"errors": 0,
"status": "confirmed",
"attempts": 1,
"trace_id": "0xf91866e38e2c64630373cdbbaca2e045255d1fa6a01620572736e9eac2d2c040",
"confirmed": true,
"trace_mode": "callTracer",
"call_targets": [
"0x1d3b2638a7cc9f2cb3d298a3da7a90b67e5506ed",
"0x2cb461d31ec958628aa900c87956f792e7cb9d5e",
"0x3dbdc81a6edc94c720b0b88fb65dbd7e395fdcf6"
],
"matched_probe": null,
"target_varies": true,
"classification": "target_varies"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0x27dc297e",
"selector": "0x27dc297e",
"calldata_variants": [
"0x27dc297e",
"0x27dc297e0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x73d4a13a",
"selector": "0x73d4a13a",
"calldata_variants": [
"0x73d4a13a",
"0x73d4a13a0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xc879b404",
"selector": "0xc879b404",
"calldata_variants": [
"0xc879b404",
"0xc879b4040000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 241,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 1232,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 1421,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
}
],
"eth_value_calls": 9,
"guards_detected": [
{
"pc": 343,
"type": "msg_sender_eq_const",
"value": "0xffffffffffffffffffffffffffffffffffffffff"
}
]
}
|