TW
Tripwire
Find contracts. Test them. Review real vulns.

Analysis Run

019b3836-4f0e-7108-9b81-b3d2c4c2dd18

complete
Chain ID
1
Address
0xb8e4af7d62053f1aa3681777de3c72d9d96721f1
Block Number
Created
Fri, Dec 19, 2025 8:04 PM
Review Summary

What survived the funnel

Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?

back to vulns open contract
Confirmed
0
Validated
0
Source
Bytecode only
Review Backing
Not yet
Best current signal
Untrusted CALL target/value reachable
crit 0 high 0 direct contract
Review Checklist
1. Read the findings table first. Ignore raw jobs until the result looks real.
2. Confirm attacker control, not just the existence of a sink.
3. Confirm money or privilege impact.
4. Keep it if the behavior is real. Kill it if this is normal proxy, admin, or upgrade plumbing.

Processing Jobs

Status & attempts
ID Type Status Attempts Heartbeat
7475 artifact.fetch complete 1 / 3 3 months ago
7476 tool.cast_disasm complete 1 / 3 3 months ago
109334 analysis.bundle complete 1 / 3 1 week ago
109335 capability.graph complete 1 / 3 1 week ago
109336 detector.run complete 1 / 3 1 week ago
109337 validation.fork complete 1 / 3 1 week ago

Artifact

Runtime bytecode: available
Creation TX:
Deployer:
Proxy: no
Implementation:
Verified Source: no

Slither

tool.slither

No slither job recorded yet.

Codex

report.consolidate

No codex job recorded yet.

Opcode Heuristics

tool.cast_disasm
Delegatecall
0
Selfdestruct
0
CREATE2
0
CALL-family (heavy)
2
EXT*/BALANCE
0
Total opcodes
279
Flags
No heuristic flags raised.
View cast disassembly output 
00000000: PUSH1 0x60
00000002: PUSH1 0x40
00000004: MSTORE
00000005: CALLDATASIZE
00000006: ISZERO
00000007: PUSH2 0x0056
0000000a: JUMPI
0000000b: PUSH1 0xe0
0000000d: PUSH1 0x02
0000000f: EXP
00000010: PUSH1 0x00
00000012: CALLDATALOAD
00000013: DIV
00000014: PUSH4 0x5982c47b
00000019: DUP2
0000001a: EQ
0000001b: PUSH2 0x00b8
0000001e: JUMPI
0000001f: DUP1
00000020: PUSH4 0x5daf08ca
00000025: EQ
00000026: PUSH2 0x010c
00000029: JUMPI
0000002a: DUP1
0000002b: PUSH4 0x8da5cb5b
00000030: EQ
00000031: PUSH2 0x012d
00000034: JUMPI
00000035: DUP1
00000036: PUSH4 0xa6f9dae1
0000003b: EQ
0000003c: PUSH2 0x013f
0000003f: JUMPI
00000040: DUP1
00000041: PUSH4 0xb2cf099c
00000046: EQ
00000047: PUSH2 0x017e
0000004a: JUMPI
0000004b: DUP1
0000004c: PUSH4 0xe79a79e6
00000051: EQ
00000052: PUSH2 0x0187
00000055: JUMPI
00000056: JUMPDEST
00000057: PUSH2 0x0190
0000005a: PUSH1 0x03
0000005c: DUP1
0000005d: SLOAD
0000005e: CALLVALUE
0000005f: SWAP1
00000060: DUP2
00000061: ADD
00000062: SWAP1
00000063: SWAP2
00000064: SSTORE
00000065: PUSH1 0x04
00000067: SLOAD
00000068: PUSH1 0x64
0000006a: SWAP2
0000006b: MUL
0000006c: DIV
0000006d: PUSH1 0x00
0000006f: PUSH1 0x01
00000071: DUP2
00000072: SWAP1
00000073: SLOAD
00000074: PUSH1 0x01
00000076: PUSH1 0xa0
00000078: PUSH1 0x02
0000007a: EXP
0000007b: SUB
0000007c: AND
0000007d: SWAP1
0000007e: DUP4
0000007f: PUSH1 0x60
00000081: DUP3
00000082: DUP2
00000083: DUP2
00000084: DUP2
00000085: DUP6
00000086: DUP9
00000087: DUP4
00000088: CALL
00000089: POP
0000008a: POP
0000008b: PUSH1 0x02
0000008d: SLOAD
0000008e: PUSH1 0x40
00000090: MLOAD
00000091: CALLVALUE
00000092: SWAP3
00000093: SWAP1
00000094: SWAP3
00000095: SUB
00000096: SWAP5
00000097: PUSH1 0x01
00000099: PUSH1 0xa0
0000009b: PUSH1 0x02
0000009d: EXP
0000009e: SUB
0000009f: SWAP2
000000a0: SWAP1
000000a1: SWAP2
000000a2: AND
000000a3: SWAP4
000000a4: POP
000000a5: DUP5
000000a6: SWAP2
000000a7: SWAP1
000000a8: DUP2
000000a9: DUP2
000000aa: DUP2
000000ab: DUP6
000000ac: DUP9
000000ad: DUP4
000000ae: CALL
000000af: POP
000000b0: POP
000000b1: POP
000000b2: POP
000000b3: POP
000000b4: JUMPDEST
000000b5: POP
000000b6: POP
000000b7: JUMP
000000b8: JUMPDEST
000000b9: PUSH2 0x0190
000000bc: PUSH1 0x04
000000be: CALLDATALOAD
000000bf: PUSH1 0x24
000000c1: CALLDATALOAD
000000c2: PUSH1 0x00
000000c4: SLOAD
000000c5: CALLER
000000c6: PUSH1 0x01
000000c8: PUSH1 0xa0
000000ca: PUSH1 0x02
000000cc: EXP
000000cd: SUB
000000ce: SWAP1
000000cf: DUP2
000000d0: AND
000000d1: SWAP2
000000d2: AND
000000d3: EQ
000000d4: ISZERO
000000d5: PUSH2 0x01af
000000d8: JUMPI
000000d9: DUP1
000000da: PUSH1 0x01
000000dc: PUSH1 0xff
000000de: DUP5
000000df: AND
000000e0: PUSH1 0x02
000000e2: DUP2
000000e3: LT
000000e4: ISZERO
000000e5: PUSH2 0x0002
000000e8: JUMPI
000000e9: ADD
000000ea: DUP1
000000eb: SLOAD
000000ec: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
00000101: NOT
00000102: AND
00000103: SWAP1
00000104: SWAP2
00000105: OR
00000106: SWAP1
00000107: SSTORE
00000108: PUSH2 0x00b4
0000010b: JUMP
0000010c: JUMPDEST
0000010d: PUSH2 0x0192
00000110: PUSH1 0x04
00000112: CALLDATALOAD
00000113: PUSH1 0x01
00000115: DUP2
00000116: PUSH1 0x02
00000118: DUP2
00000119: LT
0000011a: ISZERO
0000011b: PUSH2 0x0002
0000011e: JUMPI
0000011f: POP
00000120: ADD
00000121: SLOAD
00000122: PUSH1 0x01
00000124: PUSH1 0xa0
00000126: PUSH1 0x02
00000128: EXP
00000129: SUB
0000012a: AND
0000012b: DUP2
0000012c: JUMP
0000012d: JUMPDEST
0000012e: PUSH2 0x0192
00000131: PUSH1 0x00
00000133: SLOAD
00000134: PUSH1 0x01
00000136: PUSH1 0xa0
00000138: PUSH1 0x02
0000013a: EXP
0000013b: SUB
0000013c: AND
0000013d: DUP2
0000013e: JUMP
0000013f: JUMPDEST
00000140: PUSH2 0x0190
00000143: PUSH1 0x04
00000145: CALLDATALOAD
00000146: PUSH1 0x00
00000148: SLOAD
00000149: CALLER
0000014a: PUSH1 0x01
0000014c: PUSH1 0xa0
0000014e: PUSH1 0x02
00000150: EXP
00000151: SUB
00000152: SWAP1
00000153: DUP2
00000154: AND
00000155: SWAP2
00000156: AND
00000157: EQ
00000158: ISZERO
00000159: PUSH2 0x01af
0000015c: JUMPI
0000015d: PUSH1 0x00
0000015f: DUP1
00000160: SLOAD
00000161: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
00000176: NOT
00000177: AND
00000178: DUP3
00000179: OR
0000017a: SWAP1
0000017b: SSTORE
0000017c: POP
0000017d: JUMP
0000017e: JUMPDEST
0000017f: PUSH2 0x01a5
00000182: PUSH1 0x03
00000184: SLOAD
00000185: DUP2
00000186: JUMP
00000187: JUMPDEST
00000188: PUSH2 0x01a5
0000018b: PUSH1 0x04
0000018d: SLOAD
0000018e: DUP2
0000018f: JUMP
00000190: JUMPDEST
00000191: STOP
00000192: JUMPDEST
00000193: PUSH1 0x01
00000195: PUSH1 0xa0
00000197: PUSH1 0x02
00000199: EXP
0000019a: SUB
0000019b: AND
0000019c: PUSH1 0x60
0000019e: SWAP1
0000019f: DUP2
000001a0: MSTORE
000001a1: PUSH1 0x20
000001a3: SWAP1
000001a4: RETURN
000001a5: JUMPDEST
000001a6: PUSH1 0x60
000001a8: SWAP1
000001a9: DUP2
000001aa: MSTORE
000001ab: PUSH1 0x20
000001ad: SWAP1
000001ae: RETURN
000001af: JUMPDEST
000001b0: PUSH2 0x0002
000001b3: JUMP
View stderr 
Warning: This is a nightly build of Foundry. It is recommended to use the latest stable version. To mute this warning set `FOUNDRY_DISABLE_NIGHTLY_WARNING` in your environment.

Findings

validated = confirmed for call sinks; sink observed for others
Severity Category Tool Title Confidence Validated Confirmed Details
high other detector Untrusted CALL target/value reachable 60 no no
view
trace_id: 0xd42534eac2e77453858d5aa9fb940190c21b0f90cc3bb0be3509ca8c65a4bfe6
call_targets: 0xb8e4af7d62053f1aa3681777de3c72d9d96721f1
target_varies: no
classification: constant_target
validation_json 
{
    "sink": "CALL",
    "errors": 0,
    "status": "sink_reached",
    "attempts": 1,
    "trace_id": "0xd42534eac2e77453858d5aa9fb940190c21b0f90cc3bb0be3509ca8c65a4bfe6",
    "confirmed": false,
    "trace_mode": "callTracer",
    "call_targets": [
        "0xb8e4af7d62053f1aa3681777de3c72d9d96721f1"
    ],
    "matched_probe": null,
    "target_varies": false,
    "classification": "constant_target"
}
witness_json 
{
    "notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
    "constraints": [],
    "entrypoints": [
        {
            "calldata": "0x5982c47b",
            "selector": "0x5982c47b",
            "calldata_variants": [
                "0x5982c47b",
                "0x5982c47b0000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0x5daf08ca",
            "selector": "0x5daf08ca",
            "calldata_variants": [
                "0x5daf08ca",
                "0x5daf08ca0000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0x8da5cb5b",
            "selector": "0x8da5cb5b",
            "calldata_variants": [
                "0x8da5cb5b",
                "0x8da5cb5b0000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0xa6f9dae1",
            "selector": "0xa6f9dae1",
            "calldata_variants": [
                "0xa6f9dae1",
                "0xa6f9dae10000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0xb2cf099c",
            "selector": "0xb2cf099c",
            "calldata_variants": [
                "0xb2cf099c",
                "0xb2cf099c0000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0xe79a79e6",
            "selector": "0xe79a79e6",
            "calldata_variants": [
                "0xe79a79e6",
                "0xe79a79e60000000000000000000000000000000000000000000000000000000000000000"
            ]
        }
    ]
}
evidence_json 
{
    "examples": [
        {
            "pc": 136,
            "opcode": "CALL",
            "returndata_checked": null,
            "value_expression_category": "computed",
            "target_expression_category": "computed"
        },
        {
            "pc": 174,
            "opcode": "CALL",
            "returndata_checked": null,
            "value_expression_category": "computed",
            "target_expression_category": "computed"
        }
    ],
    "call_count": 2,
    "guards_detected": [],
    "untrusted_call_count": 2
}
high other detector ETH value transfer possible 55 no no
view
trace_id: 0xd42534eac2e77453858d5aa9fb940190c21b0f90cc3bb0be3509ca8c65a4bfe6
call_targets: 0xb8e4af7d62053f1aa3681777de3c72d9d96721f1
target_varies: no
classification: constant_target
validation_json 
{
    "sink": "CALL",
    "errors": 0,
    "status": "sink_reached",
    "attempts": 1,
    "trace_id": "0xd42534eac2e77453858d5aa9fb940190c21b0f90cc3bb0be3509ca8c65a4bfe6",
    "confirmed": false,
    "trace_mode": "callTracer",
    "call_targets": [
        "0xb8e4af7d62053f1aa3681777de3c72d9d96721f1"
    ],
    "matched_probe": null,
    "target_varies": false,
    "classification": "constant_target"
}
witness_json 
{
    "notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
    "constraints": [],
    "entrypoints": [
        {
            "calldata": "0x5982c47b",
            "selector": "0x5982c47b",
            "calldata_variants": [
                "0x5982c47b",
                "0x5982c47b0000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0x5daf08ca",
            "selector": "0x5daf08ca",
            "calldata_variants": [
                "0x5daf08ca",
                "0x5daf08ca0000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0x8da5cb5b",
            "selector": "0x8da5cb5b",
            "calldata_variants": [
                "0x8da5cb5b",
                "0x8da5cb5b0000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0xa6f9dae1",
            "selector": "0xa6f9dae1",
            "calldata_variants": [
                "0xa6f9dae1",
                "0xa6f9dae10000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0xb2cf099c",
            "selector": "0xb2cf099c",
            "calldata_variants": [
                "0xb2cf099c",
                "0xb2cf099c0000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0xe79a79e6",
            "selector": "0xe79a79e6",
            "calldata_variants": [
                "0xe79a79e6",
                "0xe79a79e60000000000000000000000000000000000000000000000000000000000000000"
            ]
        }
    ]
}
evidence_json 
{
    "examples": [
        {
            "pc": 136,
            "opcode": "CALL",
            "returndata_checked": null,
            "value_expression_category": "computed",
            "target_expression_category": "computed"
        },
        {
            "pc": 174,
            "opcode": "CALL",
            "returndata_checked": null,
            "value_expression_category": "computed",
            "target_expression_category": "computed"
        }
    ],
    "eth_value_calls": 2,
    "guards_detected": []
}