TW
Tripwire
Find contracts. Test them. Review real vulns.

Analysis Run

019b3836-4e80-71fd-8339-59837b9f6bb7

complete
Chain ID
1
Address
0x08c6000b9202b1e366726b34813f049f8cea8c12
Block Number
Created
Fri, Dec 19, 2025 8:04 PM
Review Summary

What survived the funnel

Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?

back to vulns open contract
Confirmed
0
Validated
0
Source
Bytecode only
Review Backing
Not yet
Best current signal
Authorization based on tx.origin
crit 0 high 0 direct contract
Review Checklist
1. Read the findings table first. Ignore raw jobs until the result looks real.
2. Confirm attacker control, not just the existence of a sink.
3. Confirm money or privilege impact.
4. Keep it if the behavior is real. Kill it if this is normal proxy, admin, or upgrade plumbing.

Processing Jobs

Status & attempts
ID Type Status Attempts Heartbeat
7387 artifact.fetch complete 1 / 3 3 months ago
7388 tool.cast_disasm complete 1 / 3 3 months ago
109478 analysis.bundle complete 1 / 3 1 week ago
109479 capability.graph complete 1 / 3 1 week ago
109480 detector.run complete 1 / 3 1 week ago
109481 validation.fork complete 1 / 3 1 week ago

Artifact

Runtime bytecode: available
Creation TX:
Deployer:
Proxy: no
Implementation:
Verified Source: no

Slither

tool.slither

No slither job recorded yet.

Codex

report.consolidate

No codex job recorded yet.

Opcode Heuristics

tool.cast_disasm
Delegatecall
0
Selfdestruct
0
CREATE2
0
CALL-family (heavy)
2
EXT*/BALANCE
2
Total opcodes
336
Flags
No heuristic flags raised.
View cast disassembly output 
00000000: PUSH1 0x60
00000002: PUSH1 0x40
00000004: MSTORE
00000005: CALLDATASIZE
00000006: ISZERO
00000007: PUSH2 0x0035
0000000a: JUMPI
0000000b: PUSH1 0xe0
0000000d: PUSH1 0x02
0000000f: EXP
00000010: PUSH1 0x00
00000012: CALLDATALOAD
00000013: DIV
00000014: PUSH4 0x58975919
00000019: DUP2
0000001a: EQ
0000001b: PUSH2 0x00f7
0000001e: JUMPI
0000001f: DUP1
00000020: PUSH4 0x76cdb03b
00000025: EQ
00000026: PUSH2 0x0100
00000029: JUMPI
0000002a: DUP1
0000002b: PUSH4 0xc4363f00
00000030: EQ
00000031: PUSH2 0x0112
00000034: JUMPI
00000035: JUMPDEST
00000036: PUSH2 0x016b
00000039: PUSH2 0xc350
0000003c: GAS
0000003d: GT
0000003e: ISZERO
0000003f: PUSH2 0x016d
00000042: JUMPI
00000043: PUSH1 0x01
00000045: SLOAD
00000046: PUSH1 0x00
00000048: SLOAD
00000049: PUSH32 0xb6b55f2500000000000000000000000000000000000000000000000000000000
0000006a: PUSH1 0x60
0000006c: SWAP1
0000006d: DUP2
0000006e: MSTORE
0000006f: PUSH1 0x64
00000071: SWAP2
00000072: SWAP1
00000073: SWAP2
00000074: MSTORE
00000075: PUSH1 0x01
00000077: PUSH1 0xa0
00000079: PUSH1 0x02
0000007b: EXP
0000007c: SUB
0000007d: SWAP1
0000007e: SWAP2
0000007f: AND
00000080: SWAP1
00000081: PUSH4 0xb6b55f25
00000086: SWAP1
00000087: CALLVALUE
00000088: SWAP1
00000089: PUSH1 0x84
0000008b: SWAP1
0000008c: PUSH1 0x20
0000008e: SWAP1
0000008f: PUSH1 0x24
00000091: DUP2
00000092: DUP6
00000093: DUP9
00000094: PUSH2 0x8502
00000097: GAS
00000098: SUB
00000099: CALL
0000009a: ISZERO
0000009b: PUSH2 0x0002
0000009e: JUMPI
0000009f: POP
000000a0: POP
000000a1: PUSH1 0x40
000000a3: MLOAD
000000a4: MLOAD
000000a5: ISZERO
000000a6: ISZERO
000000a7: SWAP2
000000a8: POP
000000a9: PUSH2 0x00f2
000000ac: SWAP1
000000ad: POP
000000ae: JUMPI
000000af: PUSH1 0x40
000000b1: DUP1
000000b2: MLOAD
000000b3: ORIGIN
000000b4: PUSH1 0x01
000000b6: PUSH1 0xa0
000000b8: PUSH1 0x02
000000ba: EXP
000000bb: SUB
000000bc: AND
000000bd: DUP2
000000be: MSTORE
000000bf: CALLVALUE
000000c0: PUSH1 0x20
000000c2: DUP3
000000c3: ADD
000000c4: MSTORE
000000c5: DUP2
000000c6: MLOAD
000000c7: PUSH32 0xe1fffcc4923d04b559f4d29a8bfc6cda04eb5b0d3c460751c2402c5c5cc9109c
000000e8: SWAP3
000000e9: SWAP2
000000ea: DUP2
000000eb: SWAP1
000000ec: SUB
000000ed: SWAP1
000000ee: SWAP2
000000ef: ADD
000000f0: SWAP1
000000f1: LOG1
000000f2: JUMPDEST
000000f3: PUSH2 0x01a7
000000f6: JUMP
000000f7: JUMPDEST
000000f8: PUSH2 0x01a9
000000fb: PUSH1 0x00
000000fd: SLOAD
000000fe: DUP2
000000ff: JUMP
00000100: JUMPDEST
00000101: PUSH2 0x01bb
00000104: PUSH1 0x01
00000106: SLOAD
00000107: PUSH1 0x01
00000109: PUSH1 0xa0
0000010b: PUSH1 0x02
0000010d: EXP
0000010e: SUB
0000010f: AND
00000110: DUP2
00000111: JUMP
00000112: JUMPDEST
00000113: PUSH2 0x01a9
00000116: PUSH1 0x04
00000118: CALLDATALOAD
00000119: PUSH1 0x24
0000011b: CALLDATALOAD
0000011c: PUSH1 0x44
0000011e: CALLDATALOAD
0000011f: PUSH1 0x01
00000121: SLOAD
00000122: PUSH1 0x00
00000124: SWAP1
00000125: CALLER
00000126: PUSH1 0x01
00000128: PUSH1 0xa0
0000012a: PUSH1 0x02
0000012c: EXP
0000012d: SUB
0000012e: SWAP1
0000012f: DUP2
00000130: AND
00000131: SWAP2
00000132: AND
00000133: EQ
00000134: ISZERO
00000135: DUP1
00000136: PUSH2 0x013f
00000139: JUMPI
0000013a: POP
0000013b: PUSH1 0x00
0000013d: DUP5
0000013e: LT
0000013f: JUMPDEST
00000140: DUP1
00000141: PUSH2 0x014a
00000144: JUMPI
00000145: POP
00000146: PUSH1 0x00
00000148: DUP4
00000149: LT
0000014a: JUMPDEST
0000014b: DUP1
0000014c: PUSH2 0x015e
0000014f: JUMPI
00000150: POP
00000151: ADDRESS
00000152: PUSH1 0x01
00000154: PUSH1 0xa0
00000156: PUSH1 0x02
00000158: EXP
00000159: SUB
0000015a: AND
0000015b: BALANCE
0000015c: DUP5
0000015d: GT
0000015e: JUMPDEST
0000015f: ISZERO
00000160: PUSH2 0x01c5
00000163: JUMPI
00000164: JUMPDEST
00000165: SWAP4
00000166: SWAP3
00000167: POP
00000168: POP
00000169: POP
0000016a: JUMP
0000016b: JUMPDEST
0000016c: STOP
0000016d: JUMPDEST
0000016e: ORIGIN
0000016f: PUSH1 0x01
00000171: PUSH1 0xa0
00000173: PUSH1 0x02
00000175: EXP
00000176: SUB
00000177: AND
00000178: PUSH1 0x60
0000017a: SWAP1
0000017b: DUP2
0000017c: MSTORE
0000017d: CALLVALUE
0000017e: PUSH1 0x80
00000180: MSTORE
00000181: PUSH32 0xe1fffcc4923d04b559f4d29a8bfc6cda04eb5b0d3c460751c2402c5c5cc9109c
000001a2: SWAP1
000001a3: PUSH1 0x40
000001a5: SWAP1
000001a6: LOG1
000001a7: JUMPDEST
000001a8: JUMP
000001a9: JUMPDEST
000001aa: PUSH1 0x40
000001ac: DUP1
000001ad: MLOAD
000001ae: SWAP2
000001af: DUP3
000001b0: MSTORE
000001b1: MLOAD
000001b2: SWAP1
000001b3: DUP2
000001b4: SWAP1
000001b5: SUB
000001b6: PUSH1 0x20
000001b8: ADD
000001b9: SWAP1
000001ba: RETURN
000001bb: JUMPDEST
000001bc: PUSH1 0x60
000001be: SWAP1
000001bf: DUP2
000001c0: MSTORE
000001c1: PUSH1 0x20
000001c3: SWAP1
000001c4: RETURN
000001c5: JUMPDEST
000001c6: DUP4
000001c7: PUSH1 0x00
000001c9: EQ
000001ca: ISZERO
000001cb: PUSH2 0x01dc
000001ce: JUMPI
000001cf: ADDRESS
000001d0: PUSH1 0x01
000001d2: PUSH1 0xa0
000001d4: PUSH1 0x02
000001d6: EXP
000001d7: SUB
000001d8: AND
000001d9: BALANCE
000001da: SWAP4
000001db: POP
000001dc: JUMPDEST
000001dd: PUSH1 0x01
000001df: SLOAD
000001e0: DUP2
000001e1: SLOAD
000001e2: PUSH32 0xa70c169700000000000000000000000000000000000000000000000000000000
00000203: PUSH1 0x60
00000205: SWAP1
00000206: DUP2
00000207: MSTORE
00000208: PUSH1 0x64
0000020a: SWAP2
0000020b: DUP3
0000020c: MSTORE
0000020d: PUSH1 0x84
0000020f: DUP7
00000210: SWAP1
00000211: MSTORE
00000212: PUSH1 0x01
00000214: PUSH1 0xa0
00000216: PUSH1 0x02
00000218: EXP
00000219: SUB
0000021a: DUP6
0000021b: DUP2
0000021c: AND
0000021d: PUSH1 0xa4
0000021f: MSTORE
00000220: SWAP1
00000221: SWAP3
00000222: AND
00000223: SWAP2
00000224: PUSH4 0xa70c1697
00000229: SWAP2
0000022a: DUP8
0000022b: SWAP2
0000022c: PUSH1 0xc4
0000022e: SWAP2
0000022f: PUSH1 0x20
00000231: SWAP2
00000232: SWAP1
00000233: DUP2
00000234: DUP6
00000235: DUP9
00000236: PUSH2 0x8502
00000239: GAS
0000023a: SUB
0000023b: CALL
0000023c: ISZERO
0000023d: PUSH2 0x0002
00000240: JUMPI
00000241: POP
00000242: POP
00000243: PUSH1 0x40
00000245: MLOAD
00000246: MLOAD
00000247: SWAP3
00000248: POP
00000249: PUSH2 0x0164
0000024c: SWAP2
0000024d: POP
0000024e: POP
0000024f: JUMP
View stderr 
Warning: This is a nightly build of Foundry. It is recommended to use the latest stable version. To mute this warning set `FOUNDRY_DISABLE_NIGHTLY_WARNING` in your environment.

Findings

validated = confirmed for call sinks; sink observed for others
Severity Category Tool Title Confidence Validated Confirmed Details
high auth detector Authorization based on tx.origin 70 no
view
validation_json 
{
    "reason": "missing sink mapping",
    "status": "no_sink"
}
witness_json 
{
    "notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
    "constraints": [],
    "entrypoints": [
        {
            "calldata": "0x58975919",
            "selector": "0x58975919",
            "calldata_variants": [
                "0x58975919",
                "0x589759190000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0x76cdb03b",
            "selector": "0x76cdb03b",
            "calldata_variants": [
                "0x76cdb03b",
                "0x76cdb03b0000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0xc4363f00",
            "selector": "0xc4363f00",
            "calldata_variants": [
                "0xc4363f00",
                "0xc4363f000000000000000000000000000000000000000000000000000000000000000000"
            ]
        }
    ]
}
evidence_json 
{
    "guards_detected": [
        {
            "pc": 179,
            "type": "tx_origin_used"
        },
        {
            "pc": 366,
            "type": "tx_origin_used"
        }
    ]
}
medium other detector Untrusted CALL target/value reachable 45 no no
view
trace_id: 0xe7286293f72b6b7db6bf907c3904f82464f7809ecbf2e02e7c7a61488b9fac5b
call_targets: 0x08c6000b9202b1e366726b34813f049f8cea8c12
target_varies: no
classification: constant_target
validation_json 
{
    "sink": "CALL",
    "errors": 0,
    "status": "sink_reached",
    "attempts": 1,
    "trace_id": "0xe7286293f72b6b7db6bf907c3904f82464f7809ecbf2e02e7c7a61488b9fac5b",
    "confirmed": false,
    "trace_mode": "callTracer",
    "call_targets": [
        "0x08c6000b9202b1e366726b34813f049f8cea8c12"
    ],
    "matched_probe": null,
    "target_varies": false,
    "classification": "constant_target"
}
witness_json 
{
    "notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
    "constraints": [],
    "entrypoints": [
        {
            "calldata": "0x58975919",
            "selector": "0x58975919",
            "calldata_variants": [
                "0x58975919",
                "0x589759190000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0x76cdb03b",
            "selector": "0x76cdb03b",
            "calldata_variants": [
                "0x76cdb03b",
                "0x76cdb03b0000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0xc4363f00",
            "selector": "0xc4363f00",
            "calldata_variants": [
                "0xc4363f00",
                "0xc4363f000000000000000000000000000000000000000000000000000000000000000000"
            ]
        }
    ]
}
evidence_json 
{
    "examples": [
        {
            "pc": 153,
            "opcode": "CALL",
            "returndata_checked": null,
            "value_expression_category": "constant",
            "target_expression_category": "computed"
        },
        {
            "pc": 571,
            "opcode": "CALL",
            "returndata_checked": null,
            "value_expression_category": "computed",
            "target_expression_category": "computed"
        }
    ],
    "call_count": 2,
    "guards_detected": [
        {
            "pc": 179,
            "type": "tx_origin_used"
        },
        {
            "pc": 366,
            "type": "tx_origin_used"
        }
    ],
    "untrusted_call_count": 2
}
medium other detector ETH value transfer possible 40 no no
view
trace_id: 0xe7286293f72b6b7db6bf907c3904f82464f7809ecbf2e02e7c7a61488b9fac5b
call_targets: 0x08c6000b9202b1e366726b34813f049f8cea8c12
target_varies: no
classification: constant_target
validation_json 
{
    "sink": "CALL",
    "errors": 0,
    "status": "sink_reached",
    "attempts": 1,
    "trace_id": "0xe7286293f72b6b7db6bf907c3904f82464f7809ecbf2e02e7c7a61488b9fac5b",
    "confirmed": false,
    "trace_mode": "callTracer",
    "call_targets": [
        "0x08c6000b9202b1e366726b34813f049f8cea8c12"
    ],
    "matched_probe": null,
    "target_varies": false,
    "classification": "constant_target"
}
witness_json 
{
    "notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
    "constraints": [],
    "entrypoints": [
        {
            "calldata": "0x58975919",
            "selector": "0x58975919",
            "calldata_variants": [
                "0x58975919",
                "0x589759190000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0x76cdb03b",
            "selector": "0x76cdb03b",
            "calldata_variants": [
                "0x76cdb03b",
                "0x76cdb03b0000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0xc4363f00",
            "selector": "0xc4363f00",
            "calldata_variants": [
                "0xc4363f00",
                "0xc4363f000000000000000000000000000000000000000000000000000000000000000000"
            ]
        }
    ]
}
evidence_json 
{
    "examples": [
        {
            "pc": 153,
            "opcode": "CALL",
            "returndata_checked": null,
            "value_expression_category": "constant",
            "target_expression_category": "computed"
        },
        {
            "pc": 571,
            "opcode": "CALL",
            "returndata_checked": null,
            "value_expression_category": "computed",
            "target_expression_category": "computed"
        }
    ],
    "eth_value_calls": 2,
    "guards_detected": [
        {
            "pc": 179,
            "type": "tx_origin_used"
        },
        {
            "pc": 366,
            "type": "tx_origin_used"
        }
    ]
}