019b3836-4a73-709e-aeb4-192941b16d0f
Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?
| ID | Type | Status | Attempts | Heartbeat |
|---|---|---|---|---|
| 6775 | artifact.fetch | complete | 1 / 3 | 3 months ago |
| 6776 | tool.cast_disasm | complete | 1 / 3 | 3 months ago |
| 49480 | analysis.bundle | complete | 1 / 3 | 1 week ago |
| 49481 | capability.graph | complete | 1 / 3 | 1 week ago |
| 49482 | detector.run | complete | 1 / 3 | 1 week ago |
| 49483 | validation.fork | complete | 1 / 3 | 1 week ago |
| 113315 | report.consolidate | complete | 1 / 6 | 1 week ago |
No slither job recorded yet.
{"no_findings":true,"summary":"Read BYTECODE_BUNDLE.json and reviewed the runtime bytecode, detector output, storage accesses, and callsites. This appears to be a small token-like contract with best-effort selector matches for `name()`, `decimals()`, `balanceOf(address)`, `symbol()`, and a `transfer(address,uint256)`-style entrypoint. No `DELEGATECALL`, proxy slot writes, privileged upgrade path, signature-validation path, or attacker-controlled external call were evidenced. The single `CALL` at pc `0x1a4` is inside the string-return helper and is most consistent with the old Solidity identity-precompile copy pattern (`to=0x04`, `value=0`), so the detector's \"ETH value transfer/untrusted CALL\" flags are likely false positives from bytecode-only analysis. I did note the default path ends in `STOP` rather than an explicit revert, so empty/unknown calldata and ETH can likely be accepted, but with only bytecode and no source-level intent I do not treat that alone as a meaningful security finding.","findings":[]}
OpenAI Codex v0.118.0 (research preview)
--------
workdir: /tmp/codex-bq5_k41q
model: gpt-5.4
provider: openai
approval: never
sandbox: read-only
reasoning effort: high
reasoning summaries: none
session id: 019d5c8d-f33c-76a0-b6e6-ff9c5fca1ea1
--------
user
You are a security auditor. You ONLY have runtime bytecode + analysis artifacts.
You MUST read `BYTECODE_BUNDLE.json` before concluding; it contains the bytecode summary,
evidence bundle, callsites, storage slots, and detector findings.
Special cases when reasoning from bytecode (be explicit about uncertainty):
- Selector inference is best-effort; missing selectors are common.
- Fallback/receive paths may be the only entrypoints.
- CALL vs DELEGATECALL semantics differ; DELEGATECALL executes in caller storage.
- Proxy patterns (EIP-1967, minimal proxies, beacon) change which storage is authoritative.
- Storage slots are raw; mappings/arrays appear via keccak patterns, names are unknown.
- Guard detection is heuristic; absence of guards does NOT mean unguarded.
- Returndata checking is unknown unless explicitly shown in evidence.
- Precompiles (0x1..0x9) and common ERC20 transfer selectors may appear; do not over-claim.
Output MUST be valid JSON matching the provided schema.
- If you find nothing meaningful: set no_findings=true and findings=[].
- Otherwise: set no_findings=false and include findings with severity/category/title.
- Locations can be pc references like "pc:0x123" or selectors like "selector:0xa9059cbb".
Focus on: reentrancy, access control, upgradeability/proxy issues, signature validation,
accounting/invariant breaks, dangerous delegatecall, and untrusted external calls.
Be conservative: if evidence is weak, mark severity low/medium and explain why.
warning: Codex could not find system bubblewrap on PATH. Please install bubblewrap with your package manager. Codex will use the vendored bubblewrap in the meantime.
exec
/bin/bash -lc "pwd && ls -la && rg --files -g 'BYTECODE_BUNDLE.json' -g 'AGENTS.md' -g '*.json'" in /tmp/codex-bq5_k41q
succeeded in 0ms:
/tmp/codex-bq5_k41q
total 84
drwx------ 2 noahkuhn noahkuhn 4096 Apr 5 07:31 .
drwxrwxrwt 270 nobody nogroup 24576 Apr 5 07:31 ..
-rw-rw-r-- 1 noahkuhn noahkuhn 45135 Apr 5 07:31 BYTECODE_BUNDLE.json
-rw-rw-r-- 1 noahkuhn noahkuhn 815 Apr 5 07:31 codex-output-schema.json
codex-output-schema.json
BYTECODE_BUNDLE.json
exec
/bin/bash -lc "sed -n '1,220p' BYTECODE_BUNDLE.json" in /tmp/codex-bq5_k41q
succeeded in 0ms:
{
"analysis_artifact": {
"address": "0xf6402a6c28a06669a3274c42f2c97a01f2c77366",
"artifact_hash": "0x05fddb6d9b964bb222c1865ea554e56f76291319efaa879e2d8ef9e84cb9188b",
"artifact_json": {
"auth": {
"guards": []
},
"basic_blocks": [
{
"end_pc": 24,
"hash": "0x6a350686911b120d699f8e8d1e9440d4ce17c4434492baee43484e2ef083a112",
"opcodes": [
"PUSH1",
"PUSH1",
"MSTORE",
"PUSH1",
"PUSH1",
"EXP",
"PUSH1",
"CALLDATALOAD",
"DIV",
"PUSH4",
"OP_81",
"EQ",
"PUSH2",
"JUMPI"
],
"start_pc": 0
},
{
"end_pc": 35,
"hash": "0x11a4040138a344993223d2484dd2a65a38e9d086cebb6ea1735fadc1ae31c9aa",
"opcodes": [
"OP_80",
"PUSH4",
"EQ",
"PUSH2",
"JUMPI"
],
"start_pc": 25
},
{
"end_pc": 46,
"hash": "0x4fab8e0271e2fa02958a0e8ac5e005f0bd037c5fdbc6c0d3511d4f35293e90f7",
"opcodes": [
"OP_80",
"PUSH4",
"EQ",
"PUSH2",
"JUMPI"
],
"start_pc": 36
},
{
"end_pc": 57,
"hash": "0xab80dc7c2dedd2f9410512c4e8942ea3e1fa3f2ed977db4a8dc8a7b8137f99e4",
"opcodes": [
"OP_80",
"PUSH4",
"EQ",
"PUSH2",
"JUMPI"
],
"start_pc": 47
},
{
"end_pc": 68,
"hash": "0x32a97559f1e4e1383ca1fee857a93e46fcbc4764861863b42f669978e65a51c7",
"opcodes": [
"OP_80",
"PUSH4",
"EQ",
"PUSH2",
"JUMPI"
],
"start_pc": 58
},
{
"end_pc": 70,
"hash": "0x55afd043d32294d5f0189f5a0aa04f3174e4c087a31c85396f49b5f17813cb96",
"opcodes": [
"JUMPDEST",
"STOP"
],
"start_pc": 69
},
{
"end_pc": 135,
"hash": "0x98ecaae10ed7c4e902ad39bbe3e70e01a545b3d14f0d0195b6cc0d51ca0355d2",
"opcodes": [
"JUMPDEST",
"PUSH2",
"PUSH1",
"OP_80",
"SLOAD",
"PUSH1",
"PUSH1",
"OP_82",
"OP_84",
"AND",
"ISZERO",
"PUSH2",
"MUL",
"PUSH1",
"NOT",
"ADD",
"OP_90",
"OP_92",
"AND",
"OP_91",
"OP_90",
"OP_91",
"DIV",
"PUSH1",
"OP_81",
"ADD",
"OP_82",
"OP_90",
"DIV",
"OP_90",
"OP_91",
"MUL",
"PUSH1",
"OP_90",
"OP_81",
"ADD",
"PUSH1",
"MSTORE",
"PUSH1",
"OP_82",
"OP_81",
"MSTORE",
"OP_92",
"OP_91",
"OP_90",
"OP_82",
"OP_82",
"OP_80",
"ISZERO",
"PUSH2",
"JUMPI"
],
"start_pc": 71
},
{
"end_pc": 143,
"hash": "0xb541e462d8523107b26a7b3401eab668994458f0f985dcd736c8e9ab307cd72c",
"opcodes": [
"OP_80",
"PUSH1",
"LT",
"PUSH2",
"JUMPI"
],
"start_pc": 136
},
{
"end_pc": 162,
"hash": "0xd24444e4407f2aa5445718c8eb6b87b0e3084e7260f8c6ddaaa5593eebf1baca",
"opcodes": [
"PUSH2",
"OP_80",
"OP_83",
"SLOAD",
"DIV",
"MUL",
"OP_83",
"MSTORE",
"OP_91",
"PUSH1",
"ADD",
"OP_91",
"PUSH2",
"JUMP"
],
"start_pc": 144
},
{
"end_pc": 174,
"hash": "0x0797668067370b92178f6df4c843031a69398a602353bb33cc4bee1ac3dac8ff",
"opcodes": [
"JUMPDEST",
"PUSH2",
"PUSH1",
"SLOAD",
"PUSH1",
"AND",
"OP_81",
"JUMP"
],
"start_pc": 163
},
{
"end_pc": 198,
"hash": "0xf43024db297c83b74e88b7f27cad0502f667acddcb11bfd288ff24de69735b0b",
"opcodes": [
"JUMPDEST",
"PUSH2",
"PUSH1",
"CALLDATALOAD",
"PUSH1",
"PUSH1",
"OP_81",
"OP_90",
"MSTORE",
"OP_90",
"OP_81",
"MSTORE",
"PUSH1",
"OP_90",
"SHA3",
"SLOAD",
"OP_81",
"JUMP"
],
"start_pc": 175
},
{
"end_pc": 260,
exec
/bin/bash -lc 'cat codex-output-schema.json' in /tmp/codex-bq5_k41q
succeeded in 0ms:
{"type": "object", "additionalProperties": false, "required": ["no_findings", "summary", "findings"], "properties": {"no_findings": {"type": "boolean"}, "summary": {"type": "string"}, "findings": {"type": "array", "items": {"type": "object", "additionalProperties": false, "required": ["severity", "category", "title", "evidence", "locations", "exploit_scenario", "recommendation"], "properties": {"severity": {"type": "string", "enum": ["info", "low", "medium", "high", "critical"]}, "category": {"type": "string", "enum": ["access_control", "reentrancy", "math", "oracle", "upgradeability", "auth", "other"]}, "title": {"type": "string"}, "exploit_scenario": {"type": "string"}, "recommendation": {"type": "string"}, "evidence": {"type": "string"}, "locations": {"type": "array", "items": {"type": "string"}}}}}}}
exec
/bin/bash -lc "jq 'keys, .analysis_artifact.artifact_json | keys' BYTECODE_BUNDLE.json" in /tmp/codex-bq5_k41q
succeeded in 0ms:
[
0,
1,
2,
3,
4,
5
]
[
"auth",
"basic_blocks",
"callsites",
"cfg_edges",
"cfg_hash",
"dispatcher_type",
"function_entries",
"functions",
"selectors",
"sinks",
"storage",
"version"
]
exec
/bin/bash -lc "jq 'keys' BYTECODE_BUNDLE.json" in /tmp/codex-bq5_k41q
succeeded in 0ms:
[
"analysis_artifact",
"analysis_run",
"artifact",
"capability_graph",
"detector_findings",
"heuristics_summary"
]
exec
/bin/bash -lc "jq '.heuristics_summary, .detector_findings' BYTECODE_BUNDLE.json" in /tmp/codex-bq5_k41q
succeeded in 0ms:
{
"create2_count": 0,
"delegatecall_count": 0,
"flags": [],
"selfdestruct_count": 0
}
[
{
"confidence": 55,
"evidence_json": {
"eth_value_calls": 1,
"examples": [
{
"opcode": "CALL",
"pc": 420,
"returndata_checked": null,
"target_expression_category": "computed",
"value_expression_category": "computed"
}
],
"guards_detected": []
},
"normalized_json": {
"sink": "CALL",
"value": "nonzero"
},
"severity": "high",
"title": "ETH value transfer possible",
"validated": true,
"validation_json": {
"attempts": 1,
"call_targets": [
"0x0000000000000000000000000000000000000004",
"0xf6402a6c28a06669a3274c42f2c97a01f2c77366"
],
"classification": "target_varies",
"confirmed": true,
"errors": 0,
"matched_probe": null,
"sink": "CALL",
"status": "confirmed",
"target_varies": true,
"trace_id": "0x52768e4e427a536c74bafcb60dd282e3c9ec32a37ec691eb2f1b955c5de7a7ab",
"trace_mode": "callTracer"
}
},
{
"confidence": 60,
"evidence_json": {
"call_count": 1,
"examples": [
{
"opcode": "CALL",
"pc": 420,
"returndata_checked": null,
"target_expression_category": "computed",
"value_expression_category": "computed"
}
],
"guards_detected": [],
"untrusted_call_count": 1
},
"normalized_json": {
"sink": "CALL"
},
"severity": "high",
"title": "Untrusted CALL target/value reachable",
"validated": true,
"validation_json": {
"attempts": 1,
"call_targets": [
"0x0000000000000000000000000000000000000004",
"0xf6402a6c28a06669a3274c42f2c97a01f2c77366"
],
"classification": "target_varies",
"confirmed": true,
"errors": 0,
"matched_probe": null,
"sink": "CALL",
"status": "confirmed",
"target_varies": true,
"trace_id": "0x52768e4e427a536c74bafcb60dd282e3c9ec32a37ec691eb2f1b955c5de7a7ab",
"trace_mode": "callTracer"
}
}
]
exec
/bin/bash -lc "jq '.analysis_artifact.artifact_json.selectors, .analysis_artifact.artifact_json.function_entries, .analysis_artifact.artifact_json.callsites, .analysis_artifact.artifact_json.sinks, .analysis_artifact.artifact_json.storage, .analysis_artifact.artifact_json.auth' BYTECODE_BUNDLE.json" in /tmp/codex-bq5_k41q
succeeded in 0ms:
[
"0x06fdde03",
"0x313ce567",
"0x70a08231",
"0x95d89b41",
"0xa9059cbb"
]
[
{
"entry_pc": null,
"selector": "0x06fdde03"
},
{
"entry_pc": 1889567281,
"selector": "0x313ce567"
},
{
"entry_pc": 2514000705,
"selector": "0x70a08231"
},
{
"entry_pc": 2835717307,
"selector": "0x95d89b41"
},
{
"entry_pc": null,
"selector": "0xa9059cbb"
}
]
[
{
"opcode": "CALL",
"pc": 420,
"returndata_checked": null,
"target_expression_category": "computed",
"value_expression_category": "computed"
}
]
{
"call": 1,
"create": 0,
"create2": 0,
"delegatecall": 0,
"selfdestruct": 0,
"staticcall": 0,
"upgrade_slot_write_suspected": false
}
{
"keccak_count": 6,
"reads": 11,
"slots": [
{
"op": "SLOAD",
"pc": 78,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 149,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SLOAD",
"pc": 169,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000003"
},
{
"op": "SLOAD",
"pc": 206,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
},
{
"op": "SLOAD",
"pc": 274,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
}
],
"writes": 2
}
{
"guards": []
}
exec
/bin/bash -lc "jq '.analysis_artifact.artifact_json.basic_blocks[] | select(.start_pc <= 420 and .end_pc >= 350) | {start_pc,end_pc,opcodes}' BYTECODE_BUNDLE.json" in /tmp/codex-bq5_k41q
succeeded in 0ms:
{
"start_pc": 331,
"end_pc": 355,
"opcodes": [
"POP",
"PUSH1",
"PUSH1",
"PUSH1",
"EXP",
"SUB",
"OP_82",
"AND",
"PUSH1",
"OP_90",
"OP_81",
"MSTORE",
"PUSH1",
"OP_90",
"SHA3",
"SLOAD",
"OP_80",
"OP_82",
"ADD",
"LT"
]
}
{
"start_pc": 356,
"end_pc": 361,
"opcodes": [
"JUMPDEST",
"ISZERO",
"PUSH2",
"JUMPI"
]
}
{
"start_pc": 362,
"end_pc": 365,
"opcodes": [
"PUSH2",
"JUMP"
]
}
{
"start_pc": 366,
"end_pc": 436,
"opcodes": [
"JUMPDEST",
"PUSH1",
"MLOAD",
"OP_80",
"OP_80",
"PUSH1",
"ADD",
"OP_82",
"OP_81",
"SUB",
"OP_82",
"MSTORE",
"OP_83",
"OP_81",
"OP_81",
"MLOAD",
"OP_81",
"MSTORE",
"PUSH1",
"ADD",
"OP_91",
"POP",
"OP_80",
"MLOAD",
"OP_90",
"PUSH1",
"ADD",
"OP_90",
"OP_80",
"OP_83",
"OP_83",
"OP_82",
"OP_90",
"PUSH1",
"PUSH1",
"PUSH1",
"OP_84",
"PUSH1",
"ADD",
"DIV",
"PUSH1",
"MUL",
"PUSH1",
"ADD",
"CALL",
"POP",
"OP_90",
"POP",
"OP_90",
"OP_81",
"ADD",
"OP_90",
"PUSH1",
"AND",
"OP_80",
"ISZERO",
"PUSH2",
"JUMPI"
]
}
exec
/bin/bash -lc "jq '.artifact | keys' BYTECODE_BUNDLE.json" in /tmp/codex-bq5_k41q
succeeded in 0ms:
[
"codehash",
"compiler_json",
"implementation_address",
"is_proxy",
"runtime_bytecode",
"verified_source"
]
exec
/bin/bash -lc "jq '.artifact' BYTECODE_BUNDLE.json" in /tmp/codex-bq5_k41q
succeeded in 0ms:
{
"codehash": "0x289530693f3ee5d3a88c2632409fec9d12f8860d6e925b201f1169c0cdeda88e",
"compiler_json": {
"etherscan": {
"skipped": true
}
},
"implementation_address": null,
"is_proxy": false,
"runtime_bytecode": {
"full": "0x606060405260e060020a600035046306fdde038114610047578063313ce567146100a357806370a08231146100af57806395d89b41146100c7578063a9059cbb14610120575b005b61016e600180546020600282841615610100026000190190921691909104601f810182900490910260809081016040526060828152929190828280156102be5780601f10610293576101008083540402835291602001916102be565b6101dc60035460ff1681565b6101dc60043560006020819052908152604090205481565b61016e600280546020601f600019610100600185161502019092168390049182018190040260809081016040526060828152929190828280156102be5780601f10610293576101008083540402835291602001916102be565b610045600435602435600160a060020a033316600090815260208190526040902054819010806101645750600160a060020a03821660009081526040902054808201105b156101e657610002565b60405180806020018281038252838181518152602001915080519060200190808383829060006004602084601f0104600f02600301f150905090810190601f1680156101ce5780820380516001836020036101000a031916815260200191505b509250505060405180910390f35b6060908152602090f35b806000600050600033600160a060020a03168152602001908152602001600020600082828250540392505081905550806000600050600084600160a060020a0316815260200190815260200160002060008282825054019250508190555081600160a060020a031633600160a060020a03167fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef836040518082815260200191505060405180910390a35050565b820191906000526020600020905b8154815290600101906020018083116102a157829003601f168201915b50505050508156",
"head": null,
"length": 1422,
"tail": null,
"truncated": false
},
"verified_source": false
}
exec
/bin/bash -lc "jq '.analysis_artifact.artifact_json.functions' BYTECODE_BUNDLE.json" in /tmp/codex-bq5_k41q
succeeded in 0ms:
[
{
"auth": {
"guards": []
},
"entry_pc": null,
"selector": "0x06fdde03",
"sinks": {
"call": 1,
"delegatecall": 0,
"selfdestruct": 0,
"staticcall": 0
},
"storage": {
"reads": 11,
"slots": [
{
"op": "SLOAD",
"pc": 78,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 149,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SLOAD",
"pc": 169,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000003"
},
{
"op": "SLOAD",
"pc": 206,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
},
{
"op": "SLOAD",
"pc": 274,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
}
],
"writes": 2
}
},
{
"auth": {
"guards": []
},
"entry_pc": 1889567281,
"selector": "0x313ce567",
"sinks": {
"call": 1,
"delegatecall": 0,
"selfdestruct": 0,
"staticcall": 0
},
"storage": {
"reads": 11,
"slots": [
{
"op": "SLOAD",
"pc": 78,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 149,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SLOAD",
"pc": 169,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000003"
},
{
"op": "SLOAD",
"pc": 206,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
},
{
"op": "SLOAD",
"pc": 274,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
}
],
"writes": 2
}
},
{
"auth": {
"guards": []
},
"entry_pc": 2514000705,
"selector": "0x70a08231",
"sinks": {
"call": 1,
"delegatecall": 0,
"selfdestruct": 0,
"staticcall": 0
},
"storage": {
"reads": 11,
"slots": [
{
"op": "SLOAD",
"pc": 78,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 149,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SLOAD",
"pc": 169,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000003"
},
{
"op": "SLOAD",
"pc": 206,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
},
{
"op": "SLOAD",
"pc": 274,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
}
],
"writes": 2
}
},
{
"auth": {
"guards": []
},
"entry_pc": 2835717307,
"selector": "0x95d89b41",
"sinks": {
"call": 1,
"delegatecall": 0,
"selfdestruct": 0,
"staticcall": 0
},
"storage": {
"reads": 11,
"slots": [
{
"op": "SLOAD",
"pc": 78,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 149,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SLOAD",
"pc": 169,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000003"
},
{
"op": "SLOAD",
"pc": 206,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
},
{
"op": "SLOAD",
"pc": 274,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
}
],
"writes": 2
}
},
{
"auth": {
"guards": []
},
"entry_pc": null,
"selector": "0xa9059cbb",
"sinks": {
"call": 1,
"delegatecall": 0,
"selfdestruct": 0,
"staticcall": 0
},
"storage": {
"reads": 11,
"slots": [
{
"op": "SLOAD",
"pc": 78,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000001"
},
{
"op": "SLOAD",
"pc": 149,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
},
{
"op": "SLOAD",
"pc": 169,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000003"
},
{
"op": "SLOAD",
"pc": 206,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000002"
},
{
"op": "SLOAD",
"pc": 274,
"slot": "0x0000000000000000000000000000000000000000000000000000000000000100"
}
],
"writes": 2
}
}
]
exec
/bin/bash -lc "node - <<'NODE'
const fs=require('fs');
const data=JSON.parse(fs.readFileSync('BYTECODE_BUNDLE.json','utf8'));
let hex=data.artifact.runtime_bytecode.full.slice(2);
const opnames={0x00:'STOP',0x01:'ADD',0x02:'MUL',0x03:'SUB',0x04:'DIV',0x05:'SDIV',0x06:'MOD',0x07:'SMOD',0x08:'ADDMOD',0x09:'MULMOD',0x0a:'EXP',0x0b:'SIGNEXTEND',0x10:'LT',0x11:'GT',0x12:'SLT',0x13:'SGT',0x14:'EQ',0x15:'ISZERO',0x16:'AND',0x17:'OR',0x18:'XOR',0x19:'NOT',0x1a:'BYTE',0x20:'SHA3',0x30:'ADDRESS',0x31:'BALANCE',0x32:'ORIGIN',0x33:'CALLER',0x34:'CALLVALUE',0x35:'CALLDATALOAD',0x36:'CALLDATASIZE',0x37:'CALLDATACOPY',0x38:'CODESIZE',0x39:'CODECOPY',0x3a:'GASPRICE',0x3b:'EXTCODESIZE',0x3c:'EXTCODECOPY',0x3d:'RETURNDATASIZE',0x3e:'RETURNDATACOPY',0x40:'BLOCKHASH',0x41:'COINBASE',0x42:'TIMESTAMP',0x43:'NUMBER',0x44:'DIFFICULTY',0x45:'GASLIMIT',0x46:'CHAINID',0x47:'SELFBALANCE',0x48:'BASEFEE',0x50:'POP',0x51:'MLOAD',0x52:'MSTORE',0x53:'MSTORE8',0x54:'SLOAD',0x55:'SSTORE',0x56:'JUMP',0x57:'JUMPI',0x58:'PC',0x59:'MSIZE',0x5a:'GAS',0x5b:'JUMPDEST',0xf0:'CREATE',0xf1:'CALL',0xf2:'CALLCODE',0xf3:'RETURN',0xf4:'DELEGATECALL',0xf5:'CREATE2',0xfa:'STATICCALL',0xfd:'REVERT',0xfe:'INVALID',0xff:'SELFDESTRUCT'};
for(let i=0,pc=0;i<hex.length;){
const op=parseInt(hex.slice(i,i+2),16); i+=2;
let name=opnames[op];
if("'!name){ if(op>=0x60&&op<=0x7f) name='"'PUSH'+(op-0x5f); else if(op>=0x80&&op<=0x8f) name='DUP'+(op-0x7f); else if(op>=0x90&&op<=0x9f) name='SWAP'+(op-0x8f); else if(op>=0xa0&&op<=0xa4) name='LOG'+(op-0x9f); else name='OP_'+op.toString(16); }
let arg='';
if(op>=0x60&&op<=0x7f){ const n=op-0x5f; arg='0x'+hex.slice(i,i+2*n); i+=2*n; }
console.log(pc.toString().padStart(4), name, arg);
pc += 1 + (op>=0x60&&op<=0x7f ? op-0x5f : 0);
}
NODE" in /tmp/codex-bq5_k41q
succeeded in 0ms:
0 PUSH1 0x60
2 PUSH1 0x40
4 MSTORE
5 PUSH1 0xe0
7 PUSH1 0x02
9 EXP
10 PUSH1 0x00
12 CALLDATALOAD
13 DIV
14 PUSH4 0x06fdde03
19 DUP2
20 EQ
21 PUSH2 0x0047
24 JUMPI
25 DUP1
26 PUSH4 0x313ce567
31 EQ
32 PUSH2 0x00a3
35 JUMPI
36 DUP1
37 PUSH4 0x70a08231
42 EQ
43 PUSH2 0x00af
46 JUMPI
47 DUP1
48 PUSH4 0x95d89b41
53 EQ
54 PUSH2 0x00c7
57 JUMPI
58 DUP1
59 PUSH4 0xa9059cbb
64 EQ
65 PUSH2 0x0120
68 JUMPI
69 JUMPDEST
70 STOP
71 JUMPDEST
72 PUSH2 0x016e
75 PUSH1 0x01
77 DUP1
78 SLOAD
79 PUSH1 0x20
81 PUSH1 0x02
83 DUP3
84 DUP5
85 AND
86 ISZERO
87 PUSH2 0x0100
90 MUL
91 PUSH1 0x00
93 NOT
94 ADD
95 SWAP1
96 SWAP3
97 AND
98 SWAP2
99 SWAP1
100 SWAP2
101 DIV
102 PUSH1 0x1f
104 DUP2
105 ADD
106 DUP3
107 SWAP1
108 DIV
109 SWAP1
110 SWAP2
111 MUL
112 PUSH1 0x80
114 SWAP1
115 DUP2
116 ADD
117 PUSH1 0x40
119 MSTORE
120 PUSH1 0x60
122 DUP3
123 DUP2
124 MSTORE
125 SWAP3
126 SWAP2
127 SWAP1
128 DUP3
129 DUP3
130 DUP1
131 ISZERO
132 PUSH2 0x02be
135 JUMPI
136 DUP1
137 PUSH1 0x1f
139 LT
140 PUSH2 0x0293
143 JUMPI
144 PUSH2 0x0100
147 DUP1
148 DUP4
149 SLOAD
150 DIV
151 MUL
152 DUP4
153 MSTORE
154 SWAP2
155 PUSH1 0x20
157 ADD
158 SWAP2
159 PUSH2 0x02be
162 JUMP
163 JUMPDEST
164 PUSH2 0x01dc
167 PUSH1 0x03
169 SLOAD
170 PUSH1 0xff
172 AND
173 DUP2
174 JUMP
175 JUMPDEST
176 PUSH2 0x01dc
179 PUSH1 0x04
181 CALLDATALOAD
182 PUSH1 0x00
184 PUSH1 0x20
186 DUP2
187 SWAP1
188 MSTORE
189 SWAP1
190 DUP2
191 MSTORE
192 PUSH1 0x40
194 SWAP1
195 SHA3
196 SLOAD
197 DUP2
198 JUMP
199 JUMPDEST
200 PUSH2 0x016e
203 PUSH1 0x02
205 DUP1
206 SLOAD
207 PUSH1 0x20
209 PUSH1 0x1f
211 PUSH1 0x00
213 NOT
214 PUSH2 0x0100
217 PUSH1 0x01
219 DUP6
220 AND
221 ISZERO
222 MUL
223 ADD
224 SWAP1
225 SWAP3
226 AND
227 DUP4
228 SWAP1
229 DIV
230 SWAP2
231 DUP3
232 ADD
233 DUP2
234 SWAP1
235 DIV
236 MUL
237 PUSH1 0x80
239 SWAP1
240 DUP2
241 ADD
242 PUSH1 0x40
244 MSTORE
245 PUSH1 0x60
247 DUP3
248 DUP2
249 MSTORE
250 SWAP3
251 SWAP2
252 SWAP1
253 DUP3
254 DUP3
255 DUP1
256 ISZERO
257 PUSH2 0x02be
260 JUMPI
261 DUP1
262 PUSH1 0x1f
264 LT
265 PUSH2 0x0293
268 JUMPI
269 PUSH2 0x0100
272 DUP1
273 DUP4
274 SLOAD
275 DIV
276 MUL
277 DUP4
278 MSTORE
279 SWAP2
280 PUSH1 0x20
282 ADD
283 SWAP2
284 PUSH2 0x02be
287 JUMP
288 JUMPDEST
289 PUSH2 0x0045
292 PUSH1 0x04
294 CALLDATALOAD
295 PUSH1 0x24
297 CALLDATALOAD
298 PUSH1 0x01
300 PUSH1 0xa0
302 PUSH1 0x02
304 EXP
305 SUB
306 CALLER
307 AND
308 PUSH1 0x00
310 SWAP1
311 DUP2
312 MSTORE
313 PUSH1 0x20
315 DUP2
316 SWAP1
317 MSTORE
318 PUSH1 0x40
320 SWAP1
321 SHA3
322 SLOAD
323 DUP2
324 SWAP1
325 LT
326 DUP1
327 PUSH2 0x0164
330 JUMPI
331 POP
332 PUSH1 0x01
334 PUSH1 0xa0
336 PUSH1 0x02
338 EXP
339 SUB
340 DUP3
341 AND
342 PUSH1 0x00
344 SWAP1
345 DUP2
346 MSTORE
347 PUSH1 0x40
349 SWAP1
350 SHA3
351 SLOAD
352 DUP1
353 DUP3
354 ADD
355 LT
356 JUMPDEST
357 ISZERO
358 PUSH2 0x01e6
361 JUMPI
362 PUSH2 0x0002
365 JUMP
366 JUMPDEST
367 PUSH1 0x40
369 MLOAD
370 DUP1
371 DUP1
372 PUSH1 0x20
374 ADD
375 DUP3
376 DUP2
377 SUB
378 DUP3
379 MSTORE
380 DUP4
381 DUP2
382 DUP2
383 MLOAD
384 DUP2
385 MSTORE
386 PUSH1 0x20
388 ADD
389 SWAP2
390 POP
391 DUP1
392 MLOAD
393 SWAP1
394 PUSH1 0x20
396 ADD
397 SWAP1
398 DUP1
399 DUP4
400 DUP4
401 DUP3
402 SWAP1
403 PUSH1 0x00
405 PUSH1 0x04
407 PUSH1 0x20
409 DUP5
410 PUSH1 0x1f
412 ADD
413 DIV
414 PUSH1 0x0f
416 MUL
417 PUSH1 0x03
419 ADD
420 CALL
421 POP
422 SWAP1
423 POP
424 SWAP1
425 DUP2
426 ADD
427 SWAP1
428 PUSH1 0x1f
430 AND
431 DUP1
432 ISZERO
433 PUSH2 0x01ce
436 JUMPI
437 DUP1
438 DUP3
439 SUB
440 DUP1
441 MLOAD
442 PUSH1 0x01
444 DUP4
445 PUSH1 0x20
447 SUB
448 PUSH2 0x0100
451 EXP
452 SUB
453 NOT
454 AND
455 DUP2
456 MSTORE
457 PUSH1 0x20
459 ADD
460 SWAP2
461 POP
462 JUMPDEST
463 POP
464 SWAP3
465 POP
466 POP
467 POP
468 PUSH1 0x40
470 MLOAD
471 DUP1
472 SWAP2
473 SUB
474 SWAP1
475 RETURN
476 JUMPDEST
477 PUSH1 0x60
479 SWAP1
480 DUP2
481 MSTORE
482 PUSH1 0x20
484 SWAP1
485 RETURN
486 JUMPDEST
487 DUP1
488 PUSH1 0x00
490 PUSH1 0x00
492 POP
493 PUSH1 0x00
495 CALLER
496 PUSH1 0x01
498 PUSH1 0xa0
500 PUSH1 0x02
502 EXP
503 SUB
504 AND
505 DUP2
506 MSTORE
507 PUSH1 0x20
509 ADD
510 SWAP1
511 DUP2
512 MSTORE
513 PUSH1 0x20
515 ADD
516 PUSH1 0x00
518 SHA3
519 PUSH1 0x00
521 DUP3
522 DUP3
523 DUP3
524 POP
525 SLOAD
526 SUB
527 SWAP3
528 POP
529 POP
530 DUP2
531 SWAP1
532 SSTORE
533 POP
534 DUP1
535 PUSH1 0x00
537 PUSH1 0x00
539 POP
540 PUSH1 0x00
542 DUP5
543 PUSH1 0x01
545 PUSH1 0xa0
547 PUSH1 0x02
549 EXP
550 SUB
551 AND
552 DUP2
553 MSTORE
554 PUSH1 0x20
556 ADD
557 SWAP1
558 DUP2
559 MSTORE
560 PUSH1 0x20
562 ADD
563 PUSH1 0x00
565 SHA3
566 PUSH1 0x00
568 DUP3
569 DUP3
570 DUP3
571 POP
572 SLOAD
573 ADD
574 SWAP3
575 POP
576 POP
577 DUP2
578 SWAP1
579 SSTORE
580 POP
581 DUP2
582 PUSH1 0x01
584 PUSH1 0xa0
586 PUSH1 0x02
588 EXP
589 SUB
590 AND
591 CALLER
592 PUSH1 0x01
594 PUSH1 0xa0
596 PUSH1 0x02
598 EXP
599 SUB
600 AND
601 PUSH32 0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef
634 DUP4
635 PUSH1 0x40
637 MLOAD
638 DUP1
639 DUP3
640 DUP2
641 MSTORE
642 PUSH1 0x20
644 ADD
645 SWAP2
646 POP
647 POP
648 PUSH1 0x40
650 MLOAD
651 DUP1
652 SWAP2
653 SUB
654 SWAP1
655 LOG4
656 POP
657 POP
658 JUMP
659 JUMPDEST
660 DUP3
661 ADD
662 SWAP2
663 SWAP1
664 PUSH1 0x00
666 MSTORE
667 PUSH1 0x20
669 PUSH1 0x00
671 SHA3
672 SWAP1
673 JUMPDEST
674 DUP2
675 SLOAD
676 DUP2
677 MSTORE
678 SWAP1
679 PUSH1 0x01
681 ADD
682 SWAP1
683 PUSH1 0x20
685 ADD
686 DUP1
687 DUP4
688 GT
689 PUSH2 0x02a1
692 JUMPI
693 DUP3
694 SWAP1
695 SUB
696 PUSH1 0x1f
698 AND
699 DUP3
700 ADD
701 SWAP2
702 JUMPDEST
703 POP
704 POP
705 POP
706 POP
707 POP
708 DUP2
709 JUMP
exec
/bin/bash -lc "jq '.analysis_run, .capability_graph' BYTECODE_BUNDLE.json" in /tmp/codex-bq5_k41q
succeeded in 0ms:
{
"address": "0xf6402a6c28a06669a3274c42f2c97a01f2c77366",
"block_number": null,
"chain_id": 1,
"child_links": [],
"created_at": "2025-12-19T20:04:00.000000Z",
"id": "019b3836-4a73-709e-aeb4-192941b16d0f",
"parent_links": [],
"status": "running",
"updated_at": "2026-04-04T20:01:00.000000Z"
}
{
"address": "0xf6402a6c28a06669a3274c42f2c97a01f2c77366",
"block_number": null,
"chain_id": 1,
"codehash": "0x289530693f3ee5d3a88c2632409fec9d12f8860d6e925b201f1169c0cdeda88e",
"created_at": "2026-04-04T20:01:00.000000Z",
"graph_hash": "0x79918618b32706f11e6f41828d8f6b9b3700a5c8a04e03e51aa53a54773b4a56",
"graph_json": {
"edges": [
{
"from": "bb:0",
"to": "bb:71",
"type": "control_flow"
},
{
"from": "bb:0",
"to": "bb:25",
"type": "control_flow_fallthrough"
},
{
"from": "bb:25",
"to": "bb:163",
"type": "control_flow"
},
{
"from": "bb:25",
"to": "bb:36",
"type": "control_flow_fallthrough"
},
{
"from": "bb:36",
"to": "bb:175",
"type": "control_flow"
},
{
"from": "bb:36",
"to": "bb:47",
"type": "control_flow_fallthrough"
},
{
"from": "bb:47",
"to": "bb:199",
"type": "control_flow"
},
{
"from": "bb:47",
"to": "bb:58",
"type": "control_flow_fallthrough"
},
{
"from": "bb:58",
"to": "bb:288",
"type": "control_flow"
},
{
"from": "bb:58",
"to": "bb:69",
"type": "control_flow_fallthrough"
},
{
"from": "bb:71",
"to": "bb:702",
"type": "control_flow"
},
{
"from": "bb:71",
"to": "bb:136",
"type": "control_flow_fallthrough"
},
{
"from": "bb:136",
"to": "bb:659",
"type": "control_flow"
},
{
"from": "bb:136",
"to": "bb:144",
"type": "control_flow_fallthrough"
},
{
"from": "bb:144",
"to": "bb:702",
"type": "control_flow"
},
{
"from": "bb:199",
"to": "bb:702",
"type": "control_flow"
},
{
"from": "bb:199",
"to": "bb:261",
"type": "control_flow_fallthrough"
},
{
"from": "bb:261",
"to": "bb:659",
"type": "control_flow"
},
{
"from": "bb:261",
"to": "bb:269",
"type": "control_flow_fallthrough"
},
{
"from": "bb:269",
"to": "bb:702",
"type": "control_flow"
},
{
"from": "bb:288",
"to": "bb:356",
"type": "control_flow"
},
{
"from": "bb:288",
"to": "bb:331",
"type": "control_flow_fallthrough"
},
{
"from": "bb:331",
"to": "bb:356",
"type": "control_flow_fallthrough"
},
{
"from": "bb:356",
"to": "bb:486",
"type": "control_flow"
},
{
"from": "bb:356",
"to": "bb:362",
"type": "control_flow_fallthrough"
},
{
"from": "bb:366",
"to": "bb:462",
"type": "control_flow"
},
{
"from": "bb:366",
"to": "bb:437",
"type": "control_flow_fallthrough"
},
{
"from": "bb:437",
"to": "bb:462",
"type": "control_flow_fallthrough"
},
{
"from": "bb:659",
"to": "bb:673",
"type": "control_flow_fallthrough"
},
{
"from": "bb:673",
"to": "bb:673",
"type": "control_flow"
},
{
"from": "bb:673",
"to": "bb:693",
"type": "control_flow_fallthrough"
},
{
"from": "bb:693",
"to": "bb:702",
"type": "control_flow_fallthrough"
},
{
"from": "fn:0x313ce567",
"to": "bb:1889567281",
"type": "entry"
},
{
"from": "fn:0x70a08231",
"to": "bb:2514000705",
"type": "entry"
},
{
"from": "fn:0x95d89b41",
"to": "bb:2835717307",
"type": "entry"
},
{
"from": "bb:366",
"to": "call:420",
"type": "contains"
},
{
"from": "call:420",
"to": "sink:call",
"type": "capability"
}
],
"nodes": [
{
"end_pc": 24,
"hash": "0x6a350686911b120d699f8e8d1e9440d4ce17c4434492baee43484e2ef083a112",
"id": "bb:0",
"start_pc": 0,
"type": "basic_block"
},
{
"end_pc": 35,
"hash": "0x11a4040138a344993223d2484dd2a65a38e9d086cebb6ea1735fadc1ae31c9aa",
"id": "bb:25",
"start_pc": 25,
"type": "basic_block"
},
{
"end_pc": 46,
"hash": "0x4fab8e0271e2fa02958a0e8ac5e005f0bd037c5fdbc6c0d3511d4f35293e90f7",
"id": "bb:36",
"start_pc": 36,
"type": "basic_block"
},
{
"end_pc": 57,
"hash": "0xab80dc7c2dedd2f9410512c4e8942ea3e1fa3f2ed977db4a8dc8a7b8137f99e4",
"id": "bb:47",
"start_pc": 47,
"type": "basic_block"
},
{
"end_pc": 68,
"hash": "0x32a97559f1e4e1383ca1fee857a93e46fcbc4764861863b42f669978e65a51c7",
"id": "bb:58",
"start_pc": 58,
"type": "basic_block"
},
{
"end_pc": 70,
"hash": "0x55afd043d32294d5f0189f5a0aa04f3174e4c087a31c85396f49b5f17813cb96",
"id": "bb:69",
"start_pc": 69,
"type": "basic_block"
},
{
"end_pc": 135,
"hash": "0x98ecaae10ed7c4e902ad39bbe3e70e01a545b3d14f0d0195b6cc0d51ca0355d2",
"id": "bb:71",
"start_pc": 71,
"type": "basic_block"
},
{
"end_pc": 143,
"hash": "0xb541e462d8523107b26a7b3401eab668994458f0f985dcd736c8e9ab307cd72c",
"id": "bb:136",
"start_pc": 136,
"type": "basic_block"
},
{
"end_pc": 162,
"hash": "0xd24444e4407f2aa5445718c8eb6b87b0e3084e7260f8c6ddaaa5593eebf1baca",
"id": "bb:144",
"start_pc": 144,
"type": "basic_block"
},
{
"end_pc": 174,
"hash": "0x0797668067370b92178f6df4c843031a69398a602353bb33cc4bee1ac3dac8ff",
"id": "bb:163",
"start_pc": 163,
"type": "basic_block"
},
{
"end_pc": 198,
"hash": "0xf43024db297c83b74e88b7f27cad0502f667acddcb11bfd288ff24de69735b0b",
"id": "bb:175",
"start_pc": 175,
"type": "basic_block"
},
{
"end_pc": 260,
"hash": "0x25cc00c0b57ee8600172e6d17cf9dab3a3d5db95ecc41927d76157c63c97ba62",
"id": "bb:199",
"start_pc": 199,
"type": "basic_block"
},
{
"end_pc": 268,
"hash": "0xafa5955bda1667677efd3ebe51ce4959d2311711e234451281bb9b7c73183797",
"id": "bb:261",
"start_pc": 261,
"type": "basic_block"
},
{
"end_pc": 287,
"hash": "0x2d7c95f55b53556c66bf75247957deabfbc5dd3b2f5ebc013ca5c58ac33f3dc4",
"id": "bb:269",
"start_pc": 269,
"type": "basic_block"
},
{
"end_pc": 330,
"hash": "0x435980e63e8ce74b1546c773b977539e252c3b58c2a48e589d5e4b5f0db4a467",
"id": "bb:288",
"start_pc": 288,
"type": "basic_block"
},
{
"end_pc": 355,
"hash": "0x4564fd855485df64c2f15d425ccbed5d618ae3201f93ff1c865ddaf985d9c17c",
"id": "bb:331",
"start_pc": 331,
"type": "basic_block"
},
{
"end_pc": 361,
"hash": "0xdbc487f98923d82e5519ad41039e72a41f60cd9b63fdbe1136d61bd6f8abfa2c",
"id": "bb:356",
"start_pc": 356,
"type": "basic_block"
},
{
"end_pc": 365,
"hash": "0xe3e309bc1e07cfcf3a57d63b83bb532b74ad57431ca2740f05d36dda54525e0c",
"id": "bb:362",
"start_pc": 362,
"type": "basic_block"
},
{
"end_pc": 436,
"hash": "0xe87774caea76bc177a5371246aef5edd587a648ef18b9c44f8f9e3493c7e42f9",
"id": "bb:366",
"start_pc": 366,
"type": "basic_block"
},
{
"end_pc": 461,
"hash": "0xf58d4f89bf5e858870e5b8fd30078e2000c6bc5dfc03278964058bc0fb121d54",
"id": "bb:437",
"start_pc": 437,
"type": "basic_block"
},
{
"end_pc": 475,
"hash": "0x8132fb948b1efd1e51910602043ebdf7785b796d15694e7f0d4bcd2a3685543a",
"id": "bb:462",
"start_pc": 462,
"type": "basic_block"
},
{
"end_pc": 485,
"hash": "0x4bea4c7e2378e1cf58844f194af315f143d81a27fc069ba166f9406d7de16353",
"id": "bb:476",
"start_pc": 476,
"type": "basic_block"
},
{
"end_pc": 658,
"hash": "0x1dd4d658a3554a8724bc7838b5d31ad663518d914ebc508b8f16a99e055fce80",
"id": "bb:486",
"start_pc": 486,
"type": "basic_block"
},
{
"end_pc": 672,
"hash": "0x3437092598320b1ea3e68b84e4d13dece0369d59c7417b5d1a5e89b833d37399",
"id": "bb:659",
"start_pc": 659,
"type": "basic_block"
},
{
"end_pc": 692,
"hash": "0xca2e018c8be7c3d7701d803902a439985b5424d9b99e3e66786a14592280b0d5",
"id": "bb:673",
"start_pc": 673,
"type": "basic_block"
},
{
"end_pc": 701,
"hash": "0xda50b0ed0ac82840e248a029e7317163fd3fda189c04590eb7f3560c599abef7",
"id": "bb:693",
"start_pc": 693,
"type": "basic_block"
},
{
"end_pc": 709,
"hash": "0x5695345ffbd77d18b6e0286d89da1329091a181c26a20cc15f222fbe64477744",
"id": "bb:702",
"start_pc": 702,
"type": "basic_block"
},
{
"id": "call:420",
"opcode": "CALL",
"pc": 420,
"type": "callsite"
},
{
"id": "sink:call",
"type": "sink"
},
{
"entry_pc": null,
"id": "fn:0x06fdde03",
"selector": "0x06fdde03",
"type": "function"
},
{
"entry_pc": 1889567281,
"id": "fn:0x313ce567",
"selector": "0x313ce567",
"type": "function"
},
{
"entry_pc": 2514000705,
"id": "fn:0x70a08231",
"selector": "0x70a08231",
"type": "function"
},
{
"entry_pc": 2835717307,
"id": "fn:0x95d89b41",
"selector": "0x95d89b41",
"type": "function"
},
{
"entry_pc": null,
"id": "fn:0xa9059cbb",
"selector": "0xa9059cbb",
"type": "function"
}
],
"version": "capability_graph_v1"
},
"id": 2869,
"updated_at": "2026-04-04T20:01:00.000000Z",
"version": "capability_graph_v1"
}
codex
{"no_findings":true,"summary":"Read BYTECODE_BUNDLE.json and reviewed the runtime bytecode, detector output, storage accesses, and callsites. This appears to be a small token-like contract with best-effort selector matches for `name()`, `decimals()`, `balanceOf(address)`, `symbol()`, and a `transfer(address,uint256)`-style entrypoint. No `DELEGATECALL`, proxy slot writes, privileged upgrade path, signature-validation path, or attacker-controlled external call were evidenced. The single `CALL` at pc `0x1a4` is inside the string-return helper and is most consistent with the old Solidity identity-precompile copy pattern (`to=0x04`, `value=0`), so the detector's \"ETH value transfer/untrusted CALL\" flags are likely false positives from bytecode-only analysis. I did note the default path ends in `STOP` rather than an explicit revert, so empty/unknown calldata and ETH can likely be accepted, but with only bytecode and no source-level intent I do not treat that alone as a meaningful security finding.","findings":[]}
tokens used
47,605
{
"codex": {
"ran_at": "2026-04-05T07:33:39.482650+00:00",
"returncode": 0
},
"project": {
"mode": "bytecode",
"bytecode_length": 1422,
"bytecode_truncated": false,
"capability_graph_present": true,
"analysis_artifact_present": true
},
"summary": "Read BYTECODE_BUNDLE.json and reviewed the runtime bytecode, detector output, storage accesses, and callsites. This appears to be a small token-like contract with best-effort selector matches for `name()`, `decimals()`, `balanceOf(address)`, `symbol()`, and a `transfer(address,uint256)`-style entrypoint. No `DELEGATECALL`, proxy slot writes, privileged upgrade path, signature-validation path, or attacker-controlled external call were evidenced. The single `CALL` at pc `0x1a4` is inside the string-return helper and is most consistent with the old Solidity identity-precompile copy pattern (`to=0x04`, `value=0`), so the detector's \"ETH value transfer/untrusted CALL\" flags are likely false positives from bytecode-only analysis. I did note the default path ends in `STOP` rather than an explicit revert, so empty/unknown calldata and ETH can likely be accepted, but with only bytecode and no source-level intent I do not treat that alone as a meaningful security finding.",
"raw_final": {
"summary": "Read BYTECODE_BUNDLE.json and reviewed the runtime bytecode, detector output, storage accesses, and callsites. This appears to be a small token-like contract with best-effort selector matches for `name()`, `decimals()`, `balanceOf(address)`, `symbol()`, and a `transfer(address,uint256)`-style entrypoint. No `DELEGATECALL`, proxy slot writes, privileged upgrade path, signature-validation path, or attacker-controlled external call were evidenced. The single `CALL` at pc `0x1a4` is inside the string-return helper and is most consistent with the old Solidity identity-precompile copy pattern (`to=0x04`, `value=0`), so the detector's \"ETH value transfer/untrusted CALL\" flags are likely false positives from bytecode-only analysis. I did note the default path ends in `STOP` rather than an explicit revert, so empty/unknown calldata and ETH can likely be accepted, but with only bytecode and no source-level intent I do not treat that alone as a meaningful security finding.",
"findings": [],
"no_findings": true
},
"no_findings": true,
"schema_version": 1
}
00000000: PUSH1 0x60 00000002: PUSH1 0x40 00000004: MSTORE 00000005: PUSH1 0xe0 00000007: PUSH1 0x02 00000009: EXP 0000000a: PUSH1 0x00 0000000c: CALLDATALOAD 0000000d: DIV 0000000e: PUSH4 0x06fdde03 00000013: DUP2 00000014: EQ 00000015: PUSH2 0x0047 00000018: JUMPI 00000019: DUP1 0000001a: PUSH4 0x313ce567 0000001f: EQ 00000020: PUSH2 0x00a3 00000023: JUMPI 00000024: DUP1 00000025: PUSH4 0x70a08231 0000002a: EQ 0000002b: PUSH2 0x00af 0000002e: JUMPI 0000002f: DUP1 00000030: PUSH4 0x95d89b41 00000035: EQ 00000036: PUSH2 0x00c7 00000039: JUMPI 0000003a: DUP1 0000003b: PUSH4 0xa9059cbb 00000040: EQ 00000041: PUSH2 0x0120 00000044: JUMPI 00000045: JUMPDEST 00000046: STOP 00000047: JUMPDEST 00000048: PUSH2 0x016e 0000004b: PUSH1 0x01 0000004d: DUP1 0000004e: SLOAD 0000004f: PUSH1 0x20 00000051: PUSH1 0x02 00000053: DUP3 00000054: DUP5 00000055: AND 00000056: ISZERO 00000057: PUSH2 0x0100 0000005a: MUL 0000005b: PUSH1 0x00 0000005d: NOT 0000005e: ADD 0000005f: SWAP1 00000060: SWAP3 00000061: AND 00000062: SWAP2 00000063: SWAP1 00000064: SWAP2 00000065: DIV 00000066: PUSH1 0x1f 00000068: DUP2 00000069: ADD 0000006a: DUP3 0000006b: SWAP1 0000006c: DIV 0000006d: SWAP1 0000006e: SWAP2 0000006f: MUL 00000070: PUSH1 0x80 00000072: SWAP1 00000073: DUP2 00000074: ADD 00000075: PUSH1 0x40 00000077: MSTORE 00000078: PUSH1 0x60 0000007a: DUP3 0000007b: DUP2 0000007c: MSTORE 0000007d: SWAP3 0000007e: SWAP2 0000007f: SWAP1 00000080: DUP3 00000081: DUP3 00000082: DUP1 00000083: ISZERO 00000084: PUSH2 0x02be 00000087: JUMPI 00000088: DUP1 00000089: PUSH1 0x1f 0000008b: LT 0000008c: PUSH2 0x0293 0000008f: JUMPI 00000090: PUSH2 0x0100 00000093: DUP1 00000094: DUP4 00000095: SLOAD 00000096: DIV 00000097: MUL 00000098: DUP4 00000099: MSTORE 0000009a: SWAP2 0000009b: PUSH1 0x20 0000009d: ADD 0000009e: SWAP2 0000009f: PUSH2 0x02be 000000a2: JUMP 000000a3: JUMPDEST 000000a4: PUSH2 0x01dc 000000a7: PUSH1 0x03 000000a9: SLOAD 000000aa: PUSH1 0xff 000000ac: AND 000000ad: DUP2 000000ae: JUMP 000000af: JUMPDEST 000000b0: PUSH2 0x01dc 000000b3: PUSH1 0x04 000000b5: CALLDATALOAD 000000b6: PUSH1 0x00 000000b8: PUSH1 0x20 000000ba: DUP2 000000bb: SWAP1 000000bc: MSTORE 000000bd: SWAP1 000000be: DUP2 000000bf: MSTORE 000000c0: PUSH1 0x40 000000c2: SWAP1 000000c3: KECCAK256 000000c4: SLOAD 000000c5: DUP2 000000c6: JUMP 000000c7: JUMPDEST 000000c8: PUSH2 0x016e 000000cb: PUSH1 0x02 000000cd: DUP1 000000ce: SLOAD 000000cf: PUSH1 0x20 000000d1: PUSH1 0x1f 000000d3: PUSH1 0x00 000000d5: NOT 000000d6: PUSH2 0x0100 000000d9: PUSH1 0x01 000000db: DUP6 000000dc: AND 000000dd: ISZERO 000000de: MUL 000000df: ADD 000000e0: SWAP1 000000e1: SWAP3 000000e2: AND 000000e3: DUP4 000000e4: SWAP1 000000e5: DIV 000000e6: SWAP2 000000e7: DUP3 000000e8: ADD 000000e9: DUP2 000000ea: SWAP1 000000eb: DIV 000000ec: MUL 000000ed: PUSH1 0x80 000000ef: SWAP1 000000f0: DUP2 000000f1: ADD 000000f2: PUSH1 0x40 000000f4: MSTORE 000000f5: PUSH1 0x60 000000f7: DUP3 000000f8: DUP2 000000f9: MSTORE 000000fa: SWAP3 000000fb: SWAP2 000000fc: SWAP1 000000fd: DUP3 000000fe: DUP3 000000ff: DUP1 00000100: ISZERO 00000101: PUSH2 0x02be 00000104: JUMPI 00000105: DUP1 00000106: PUSH1 0x1f 00000108: LT 00000109: PUSH2 0x0293 0000010c: JUMPI 0000010d: PUSH2 0x0100 00000110: DUP1 00000111: DUP4 00000112: SLOAD 00000113: DIV 00000114: MUL 00000115: DUP4 00000116: MSTORE 00000117: SWAP2 00000118: PUSH1 0x20 0000011a: ADD 0000011b: SWAP2 0000011c: PUSH2 0x02be 0000011f: JUMP 00000120: JUMPDEST 00000121: PUSH2 0x0045 00000124: PUSH1 0x04 00000126: CALLDATALOAD 00000127: PUSH1 0x24 00000129: CALLDATALOAD 0000012a: PUSH1 0x01 0000012c: PUSH1 0xa0 0000012e: PUSH1 0x02 00000130: EXP 00000131: SUB 00000132: CALLER 00000133: AND 00000134: PUSH1 0x00 00000136: SWAP1 00000137: DUP2 00000138: MSTORE 00000139: PUSH1 0x20 0000013b: DUP2 0000013c: SWAP1 0000013d: MSTORE 0000013e: PUSH1 0x40 00000140: SWAP1 00000141: KECCAK256 00000142: SLOAD 00000143: DUP2 00000144: SWAP1 00000145: LT 00000146: DUP1 00000147: PUSH2 0x0164 0000014a: JUMPI 0000014b: POP 0000014c: PUSH1 0x01 0000014e: PUSH1 0xa0 00000150: PUSH1 0x02 00000152: EXP 00000153: SUB 00000154: DUP3 00000155: AND 00000156: PUSH1 0x00 00000158: SWAP1 00000159: DUP2 0000015a: MSTORE 0000015b: PUSH1 0x40 0000015d: SWAP1 0000015e: KECCAK256 0000015f: SLOAD 00000160: DUP1 00000161: DUP3 00000162: ADD 00000163: LT 00000164: JUMPDEST 00000165: ISZERO 00000166: PUSH2 0x01e6 00000169: JUMPI 0000016a: PUSH2 0x0002 0000016d: JUMP 0000016e: JUMPDEST 0000016f: PUSH1 0x40 00000171: MLOAD 00000172: DUP1 00000173: DUP1 00000174: PUSH1 0x20 00000176: ADD 00000177: DUP3 00000178: DUP2 00000179: SUB 0000017a: DUP3 0000017b: MSTORE 0000017c: DUP4 0000017d: DUP2 0000017e: DUP2 0000017f: MLOAD 00000180: DUP2 00000181: MSTORE 00000182: PUSH1 0x20 00000184: ADD 00000185: SWAP2 00000186: POP 00000187: DUP1 00000188: MLOAD 00000189: SWAP1 0000018a: PUSH1 0x20 0000018c: ADD 0000018d: SWAP1 0000018e: DUP1 0000018f: DUP4 00000190: DUP4 00000191: DUP3 00000192: SWAP1 00000193: PUSH1 0x00 00000195: PUSH1 0x04 00000197: PUSH1 0x20 00000199: DUP5 0000019a: PUSH1 0x1f 0000019c: ADD 0000019d: DIV 0000019e: PUSH1 0x0f 000001a0: MUL 000001a1: PUSH1 0x03 000001a3: ADD 000001a4: CALL 000001a5: POP 000001a6: SWAP1 000001a7: POP 000001a8: SWAP1 000001a9: DUP2 000001aa: ADD 000001ab: SWAP1 000001ac: PUSH1 0x1f 000001ae: AND 000001af: DUP1 000001b0: ISZERO 000001b1: PUSH2 0x01ce 000001b4: JUMPI 000001b5: DUP1 000001b6: DUP3 000001b7: SUB 000001b8: DUP1 000001b9: MLOAD 000001ba: PUSH1 0x01 000001bc: DUP4 000001bd: PUSH1 0x20 000001bf: SUB 000001c0: PUSH2 0x0100 000001c3: EXP 000001c4: SUB 000001c5: NOT 000001c6: AND 000001c7: DUP2 000001c8: MSTORE 000001c9: PUSH1 0x20 000001cb: ADD 000001cc: SWAP2 000001cd: POP 000001ce: JUMPDEST 000001cf: POP 000001d0: SWAP3 000001d1: POP 000001d2: POP 000001d3: POP 000001d4: PUSH1 0x40 000001d6: MLOAD 000001d7: DUP1 000001d8: SWAP2 000001d9: SUB 000001da: SWAP1 000001db: RETURN 000001dc: JUMPDEST 000001dd: PUSH1 0x60 000001df: SWAP1 000001e0: DUP2 000001e1: MSTORE 000001e2: PUSH1 0x20 000001e4: SWAP1 000001e5: RETURN 000001e6: JUMPDEST 000001e7: DUP1 000001e8: PUSH1 0x00 000001ea: PUSH1 0x00 000001ec: POP 000001ed: PUSH1 0x00 000001ef: CALLER 000001f0: PUSH1 0x01 000001f2: PUSH1 0xa0 000001f4: PUSH1 0x02 000001f6: EXP 000001f7: SUB 000001f8: AND 000001f9: DUP2 000001fa: MSTORE 000001fb: PUSH1 0x20 000001fd: ADD 000001fe: SWAP1 000001ff: DUP2 00000200: MSTORE 00000201: PUSH1 0x20 00000203: ADD 00000204: PUSH1 0x00 00000206: KECCAK256 00000207: PUSH1 0x00 00000209: DUP3 0000020a: DUP3 0000020b: DUP3 0000020c: POP 0000020d: SLOAD 0000020e: SUB 0000020f: SWAP3 00000210: POP 00000211: POP 00000212: DUP2 00000213: SWAP1 00000214: SSTORE 00000215: POP 00000216: DUP1 00000217: PUSH1 0x00 00000219: PUSH1 0x00 0000021b: POP 0000021c: PUSH1 0x00 0000021e: DUP5 0000021f: PUSH1 0x01 00000221: PUSH1 0xa0 00000223: PUSH1 0x02 00000225: EXP 00000226: SUB 00000227: AND 00000228: DUP2 00000229: MSTORE 0000022a: PUSH1 0x20 0000022c: ADD 0000022d: SWAP1 0000022e: DUP2 0000022f: MSTORE 00000230: PUSH1 0x20 00000232: ADD 00000233: PUSH1 0x00 00000235: KECCAK256 00000236: PUSH1 0x00 00000238: DUP3 00000239: DUP3 0000023a: DUP3 0000023b: POP 0000023c: SLOAD 0000023d: ADD 0000023e: SWAP3 0000023f: POP 00000240: POP 00000241: DUP2 00000242: SWAP1 00000243: SSTORE 00000244: POP 00000245: DUP2 00000246: PUSH1 0x01 00000248: PUSH1 0xa0 0000024a: PUSH1 0x02 0000024c: EXP 0000024d: SUB 0000024e: AND 0000024f: CALLER 00000250: PUSH1 0x01 00000252: PUSH1 0xa0 00000254: PUSH1 0x02 00000256: EXP 00000257: SUB 00000258: AND 00000259: PUSH32 0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef 0000027a: DUP4 0000027b: PUSH1 0x40 0000027d: MLOAD 0000027e: DUP1 0000027f: DUP3 00000280: DUP2 00000281: MSTORE 00000282: PUSH1 0x20 00000284: ADD 00000285: SWAP2 00000286: POP 00000287: POP 00000288: PUSH1 0x40 0000028a: MLOAD 0000028b: DUP1 0000028c: SWAP2 0000028d: SUB 0000028e: SWAP1 0000028f: LOG3 00000290: POP 00000291: POP 00000292: JUMP 00000293: JUMPDEST 00000294: DUP3 00000295: ADD 00000296: SWAP2 00000297: SWAP1 00000298: PUSH1 0x00 0000029a: MSTORE 0000029b: PUSH1 0x20 0000029d: PUSH1 0x00 0000029f: KECCAK256 000002a0: SWAP1 000002a1: JUMPDEST 000002a2: DUP2 000002a3: SLOAD 000002a4: DUP2 000002a5: MSTORE 000002a6: SWAP1 000002a7: PUSH1 0x01 000002a9: ADD 000002aa: SWAP1 000002ab: PUSH1 0x20 000002ad: ADD 000002ae: DUP1 000002af: DUP4 000002b0: GT 000002b1: PUSH2 0x02a1 000002b4: JUMPI 000002b5: DUP3 000002b6: SWAP1 000002b7: SUB 000002b8: PUSH1 0x1f 000002ba: AND 000002bb: DUP3 000002bc: ADD 000002bd: SWAP2 000002be: JUMPDEST 000002bf: POP 000002c0: POP 000002c1: POP 000002c2: POP 000002c3: POP 000002c4: DUP2 000002c5: JUMP
Warning: This is a nightly build of Foundry. It is recommended to use the latest stable version. To mute this warning set `FOUNDRY_DISABLE_NIGHTLY_WARNING` in your environment.
| Severity | Category | Tool | Title | Confidence | Validated | Confirmed | Details |
|---|---|---|---|---|---|---|---|
| high | other | detector | ETH value transfer possible | 55 | yes | yes |
viewtrace_id: 0x52768e4e427a536c74bafcb60dd282e3c9ec32a37ec691eb2f1b955c5de7a7ab
call_targets:
0x0000000000000000000000000000000000000004, 0xf6402a6c28a06669a3274c42f2c97a01f2c77366
target_varies:
yes
classification:
target_varies
validation_json{
"sink": "CALL",
"errors": 0,
"status": "confirmed",
"attempts": 1,
"trace_id": "0x52768e4e427a536c74bafcb60dd282e3c9ec32a37ec691eb2f1b955c5de7a7ab",
"confirmed": true,
"trace_mode": "callTracer",
"call_targets": [
"0x0000000000000000000000000000000000000004",
"0xf6402a6c28a06669a3274c42f2c97a01f2c77366"
],
"matched_probe": null,
"target_varies": true,
"classification": "target_varies"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0x06fdde03",
"selector": "0x06fdde03",
"calldata_variants": [
"0x06fdde03",
"0x06fdde030000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x313ce567",
"selector": "0x313ce567",
"calldata_variants": [
"0x313ce567",
"0x313ce5670000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x70a08231",
"selector": "0x70a08231",
"calldata_variants": [
"0x70a08231",
"0x70a082310000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x95d89b41",
"selector": "0x95d89b41",
"calldata_variants": [
"0x95d89b41",
"0x95d89b410000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xa9059cbb",
"selector": "0xa9059cbb",
"calldata_variants": [
"0xa9059cbb",
"0xa9059cbb0000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 420,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
}
],
"eth_value_calls": 1,
"guards_detected": []
}
|
| high | other | detector | Untrusted CALL target/value reachable | 60 | yes | yes |
viewtrace_id: 0x52768e4e427a536c74bafcb60dd282e3c9ec32a37ec691eb2f1b955c5de7a7ab
call_targets:
0x0000000000000000000000000000000000000004, 0xf6402a6c28a06669a3274c42f2c97a01f2c77366
target_varies:
yes
classification:
target_varies
validation_json{
"sink": "CALL",
"errors": 0,
"status": "confirmed",
"attempts": 1,
"trace_id": "0x52768e4e427a536c74bafcb60dd282e3c9ec32a37ec691eb2f1b955c5de7a7ab",
"confirmed": true,
"trace_mode": "callTracer",
"call_targets": [
"0x0000000000000000000000000000000000000004",
"0xf6402a6c28a06669a3274c42f2c97a01f2c77366"
],
"matched_probe": null,
"target_varies": true,
"classification": "target_varies"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0x06fdde03",
"selector": "0x06fdde03",
"calldata_variants": [
"0x06fdde03",
"0x06fdde030000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x313ce567",
"selector": "0x313ce567",
"calldata_variants": [
"0x313ce567",
"0x313ce5670000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x70a08231",
"selector": "0x70a08231",
"calldata_variants": [
"0x70a08231",
"0x70a082310000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x95d89b41",
"selector": "0x95d89b41",
"calldata_variants": [
"0x95d89b41",
"0x95d89b410000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xa9059cbb",
"selector": "0xa9059cbb",
"calldata_variants": [
"0xa9059cbb",
"0xa9059cbb0000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 420,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
}
],
"call_count": 1,
"guards_detected": [],
"untrusted_call_count": 1
}
|