TW
Tripwire
Find contracts. Test them. Review real vulns.

Analysis Run

019b3836-4fe8-728c-8ca1-9af652324fb8

complete
Chain ID
1
Address
0xb8df363e0dd784defa2c23ad281cad70e34b9895
Block Number
Created
Fri, Dec 19, 2025 8:04 PM
Review Summary

What survived the funnel

Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?

back to vulns open contract
Confirmed
0
Validated
0
Source
Bytecode only
Review Backing
Not yet
Best current signal
Untrusted CALL target/value reachable
crit 0 high 0 direct contract
Review Checklist
1. Read the findings table first. Ignore raw jobs until the result looks real.
2. Confirm attacker control, not just the existence of a sink.
3. Confirm money or privilege impact.
4. Keep it if the behavior is real. Kill it if this is normal proxy, admin, or upgrade plumbing.

Processing Jobs

Status & attempts
ID Type Status Attempts Heartbeat
7591 artifact.fetch complete 1 / 3 4 months ago
7592 tool.cast_disasm complete 1 / 3 4 months ago
82275 analysis.bundle complete 1 / 3 2 weeks ago
82276 capability.graph complete 1 / 3 2 weeks ago
82277 detector.run complete 1 / 3 2 weeks ago
82278 validation.fork complete 1 / 3 2 weeks ago

Artifact

Runtime bytecode: available
Creation TX:
Deployer:
Proxy: no
Implementation:
Verified Source: no

Slither

tool.slither

No slither job recorded yet.

Codex

report.consolidate

No codex job recorded yet.

Opcode Heuristics

tool.cast_disasm
Delegatecall
0
Selfdestruct
0
CREATE2
0
CALL-family (heavy)
2
EXT*/BALANCE
3
Total opcodes
337
Flags
No heuristic flags raised.
View cast disassembly output 
00000000: PUSH1 0x60
00000002: PUSH1 0x40
00000004: MSTORE
00000005: PUSH1 0x00
00000007: CALLDATALOAD
00000008: PUSH29 0x0100000000000000000000000000000000000000000000000000000000
00000026: SWAP1
00000027: DIV
00000028: DUP1
00000029: PUSH4 0x4e71d92d
0000002e: EQ
0000002f: PUSH2 0x004f
00000032: JUMPI
00000033: DUP1
00000034: PUSH4 0x590e1ae3
00000039: EQ
0000003a: PUSH2 0x005e
0000003d: JUMPI
0000003e: DUP1
0000003f: PUSH4 0xd7bb99ba
00000044: EQ
00000045: PUSH2 0x006d
00000048: JUMPI
00000049: PUSH2 0x004d
0000004c: JUMP
0000004d: JUMPDEST
0000004e: STOP
0000004f: JUMPDEST
00000050: PUSH2 0x005c
00000053: PUSH1 0x04
00000055: DUP1
00000056: POP
00000057: POP
00000058: PUSH2 0x007c
0000005b: JUMP
0000005c: JUMPDEST
0000005d: STOP
0000005e: JUMPDEST
0000005f: PUSH2 0x006b
00000062: PUSH1 0x04
00000064: DUP1
00000065: POP
00000066: POP
00000067: PUSH2 0x0150
0000006a: JUMP
0000006b: JUMPDEST
0000006c: STOP
0000006d: JUMPDEST
0000006e: PUSH2 0x007a
00000071: PUSH1 0x04
00000073: DUP1
00000074: POP
00000075: POP
00000076: PUSH2 0x026c
00000079: JUMP
0000007a: JUMPDEST
0000007b: STOP
0000007c: JUMPDEST
0000007d: PUSH1 0x02
0000007f: PUSH1 0x00
00000081: POP
00000082: SLOAD
00000083: TIMESTAMP
00000084: GT
00000085: DUP1
00000086: ISZERO
00000087: PUSH2 0x00ac
0000008a: JUMPI
0000008b: POP
0000008c: PUSH1 0x00
0000008e: PUSH1 0x00
00000090: POP
00000091: SLOAD
00000092: ADDRESS
00000093: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
000000a8: AND
000000a9: BALANCE
000000aa: LT
000000ab: ISZERO
000000ac: JUMPDEST
000000ad: ISZERO
000000ae: PUSH2 0x014d
000000b1: JUMPI
000000b2: PUSH1 0x01
000000b4: PUSH1 0x00
000000b6: SWAP1
000000b7: SLOAD
000000b8: SWAP1
000000b9: PUSH2 0x0100
000000bc: EXP
000000bd: SWAP1
000000be: DIV
000000bf: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
000000d4: AND
000000d5: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
000000ea: AND
000000eb: PUSH1 0x00
000000ed: ADDRESS
000000ee: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
00000103: AND
00000104: BALANCE
00000105: PUSH1 0x40
00000107: MLOAD
00000108: DUP1
00000109: SWAP1
0000010a: POP
0000010b: PUSH1 0x00
0000010d: PUSH1 0x40
0000010f: MLOAD
00000110: DUP1
00000111: DUP4
00000112: SUB
00000113: DUP2
00000114: DUP6
00000115: DUP9
00000116: DUP9
00000117: CALL
00000118: SWAP4
00000119: POP
0000011a: POP
0000011b: POP
0000011c: POP
0000011d: POP
0000011e: PUSH32 0xee8bd2627aed9de724b2a6436eb39b6f0fb4cc3887341b3f8a72d9babec9eb64
0000013f: PUSH1 0x40
00000141: MLOAD
00000142: DUP1
00000143: SWAP1
00000144: POP
00000145: PUSH1 0x40
00000147: MLOAD
00000148: DUP1
00000149: SWAP2
0000014a: SUB
0000014b: SWAP1
0000014c: LOG1
0000014d: JUMPDEST
0000014e: JUMPDEST
0000014f: JUMP
00000150: JUMPDEST
00000151: PUSH1 0x02
00000153: PUSH1 0x00
00000155: POP
00000156: SLOAD
00000157: TIMESTAMP
00000158: GT
00000159: DUP1
0000015a: ISZERO
0000015b: PUSH2 0x017f
0000015e: JUMPI
0000015f: POP
00000160: PUSH1 0x00
00000162: PUSH1 0x00
00000164: POP
00000165: SLOAD
00000166: ADDRESS
00000167: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
0000017c: AND
0000017d: BALANCE
0000017e: LT
0000017f: JUMPDEST
00000180: ISZERO
00000181: PUSH2 0x0269
00000184: JUMPI
00000185: CALLER
00000186: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
0000019b: AND
0000019c: PUSH1 0x00
0000019e: PUSH1 0x03
000001a0: PUSH1 0x00
000001a2: POP
000001a3: PUSH1 0x00
000001a5: CALLER
000001a6: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
000001bb: AND
000001bc: DUP2
000001bd: MSTORE
000001be: PUSH1 0x20
000001c0: ADD
000001c1: SWAP1
000001c2: DUP2
000001c3: MSTORE
000001c4: PUSH1 0x20
000001c6: ADD
000001c7: PUSH1 0x00
000001c9: KECCAK256
000001ca: PUSH1 0x00
000001cc: POP
000001cd: SLOAD
000001ce: PUSH1 0x40
000001d0: MLOAD
000001d1: DUP1
000001d2: SWAP1
000001d3: POP
000001d4: PUSH1 0x00
000001d6: PUSH1 0x40
000001d8: MLOAD
000001d9: DUP1
000001da: DUP4
000001db: SUB
000001dc: DUP2
000001dd: DUP6
000001de: DUP9
000001df: DUP9
000001e0: CALL
000001e1: SWAP4
000001e2: POP
000001e3: POP
000001e4: POP
000001e5: POP
000001e6: POP
000001e7: PUSH32 0xa106080046e721a64324bdde8bc3488902e644ecc9f2e01c2db2c65debf6fa2e
00000208: CALLER
00000209: PUSH1 0x40
0000020b: MLOAD
0000020c: DUP1
0000020d: DUP3
0000020e: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
00000223: AND
00000224: DUP2
00000225: MSTORE
00000226: PUSH1 0x20
00000228: ADD
00000229: SWAP2
0000022a: POP
0000022b: POP
0000022c: PUSH1 0x40
0000022e: MLOAD
0000022f: DUP1
00000230: SWAP2
00000231: SUB
00000232: SWAP1
00000233: LOG1
00000234: PUSH1 0x00
00000236: PUSH1 0x03
00000238: PUSH1 0x00
0000023a: POP
0000023b: PUSH1 0x00
0000023d: CALLER
0000023e: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
00000253: AND
00000254: DUP2
00000255: MSTORE
00000256: PUSH1 0x20
00000258: ADD
00000259: SWAP1
0000025a: DUP2
0000025b: MSTORE
0000025c: PUSH1 0x20
0000025e: ADD
0000025f: PUSH1 0x00
00000261: KECCAK256
00000262: PUSH1 0x00
00000264: POP
00000265: DUP2
00000266: SWAP1
00000267: SSTORE
00000268: POP
00000269: JUMPDEST
0000026a: JUMPDEST
0000026b: JUMP
0000026c: JUMPDEST
0000026d: PUSH1 0x02
0000026f: PUSH1 0x00
00000271: POP
00000272: SLOAD
00000273: TIMESTAMP
00000274: GT
00000275: ISZERO
00000276: ISZERO
00000277: PUSH2 0x030c
0000027a: JUMPI
0000027b: CALLVALUE
0000027c: PUSH1 0x03
0000027e: PUSH1 0x00
00000280: POP
00000281: PUSH1 0x00
00000283: CALLER
00000284: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
00000299: AND
0000029a: DUP2
0000029b: MSTORE
0000029c: PUSH1 0x20
0000029e: ADD
0000029f: SWAP1
000002a0: DUP2
000002a1: MSTORE
000002a2: PUSH1 0x20
000002a4: ADD
000002a5: PUSH1 0x00
000002a7: KECCAK256
000002a8: PUSH1 0x00
000002aa: DUP3
000002ab: DUP3
000002ac: DUP3
000002ad: POP
000002ae: SLOAD
000002af: ADD
000002b0: SWAP3
000002b1: POP
000002b2: POP
000002b3: DUP2
000002b4: SWAP1
000002b5: SSTORE
000002b6: POP
000002b7: PUSH32 0x370510fa7e8c74204b8d2fd52b7a0837e535ea0c1491fd4e13730ce825e40524
000002d8: CALLER
000002d9: CALLVALUE
000002da: PUSH1 0x40
000002dc: MLOAD
000002dd: DUP1
000002de: DUP4
000002df: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
000002f4: AND
000002f5: DUP2
000002f6: MSTORE
000002f7: PUSH1 0x20
000002f9: ADD
000002fa: DUP3
000002fb: DUP2
000002fc: MSTORE
000002fd: PUSH1 0x20
000002ff: ADD
00000300: SWAP3
00000301: POP
00000302: POP
00000303: POP
00000304: PUSH1 0x40
00000306: MLOAD
00000307: DUP1
00000308: SWAP2
00000309: SUB
0000030a: SWAP1
0000030b: LOG1
0000030c: JUMPDEST
0000030d: JUMPDEST
0000030e: JUMP
View stderr 
Warning: This is a nightly build of Foundry. It is recommended to use the latest stable version. To mute this warning set `FOUNDRY_DISABLE_NIGHTLY_WARNING` in your environment.

Findings

validated = confirmed for call sinks; sink observed for others
Severity Category Tool Title Confidence Validated Confirmed Details
high other detector Untrusted CALL target/value reachable 60 no no
view
trace_id: 0x25b831f400bdf0b4d2e08c9203edab6debe28a2baf466ad049d8d4d4efb35ed9
call_targets: 0xb8df363e0dd784defa2c23ad281cad70e34b9895
target_varies: no
classification: constant_target
validation_json 
{
    "sink": "CALL",
    "errors": 0,
    "status": "sink_reached",
    "attempts": 1,
    "trace_id": "0x25b831f400bdf0b4d2e08c9203edab6debe28a2baf466ad049d8d4d4efb35ed9",
    "confirmed": false,
    "trace_mode": "callTracer",
    "call_targets": [
        "0xb8df363e0dd784defa2c23ad281cad70e34b9895"
    ],
    "matched_probe": null,
    "target_varies": false,
    "classification": "constant_target"
}
witness_json 
{
    "notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
    "constraints": [],
    "entrypoints": [
        {
            "calldata": "0x4e71d92d",
            "selector": "0x4e71d92d",
            "calldata_variants": [
                "0x4e71d92d",
                "0x4e71d92d0000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0x590e1ae3",
            "selector": "0x590e1ae3",
            "calldata_variants": [
                "0x590e1ae3",
                "0x590e1ae30000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0xd7bb99ba",
            "selector": "0xd7bb99ba",
            "calldata_variants": [
                "0xd7bb99ba",
                "0xd7bb99ba0000000000000000000000000000000000000000000000000000000000000000"
            ]
        }
    ]
}
evidence_json 
{
    "examples": [
        {
            "pc": 279,
            "opcode": "CALL",
            "returndata_checked": null,
            "value_expression_category": "computed",
            "target_expression_category": "computed"
        },
        {
            "pc": 480,
            "opcode": "CALL",
            "returndata_checked": null,
            "value_expression_category": "computed",
            "target_expression_category": "computed"
        }
    ],
    "call_count": 2,
    "guards_detected": [],
    "untrusted_call_count": 2
}
high other detector ETH value transfer possible 55 no no
view
trace_id: 0x25b831f400bdf0b4d2e08c9203edab6debe28a2baf466ad049d8d4d4efb35ed9
call_targets: 0xb8df363e0dd784defa2c23ad281cad70e34b9895
target_varies: no
classification: constant_target
validation_json 
{
    "sink": "CALL",
    "errors": 0,
    "status": "sink_reached",
    "attempts": 1,
    "trace_id": "0x25b831f400bdf0b4d2e08c9203edab6debe28a2baf466ad049d8d4d4efb35ed9",
    "confirmed": false,
    "trace_mode": "callTracer",
    "call_targets": [
        "0xb8df363e0dd784defa2c23ad281cad70e34b9895"
    ],
    "matched_probe": null,
    "target_varies": false,
    "classification": "constant_target"
}
witness_json 
{
    "notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
    "constraints": [],
    "entrypoints": [
        {
            "calldata": "0x4e71d92d",
            "selector": "0x4e71d92d",
            "calldata_variants": [
                "0x4e71d92d",
                "0x4e71d92d0000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0x590e1ae3",
            "selector": "0x590e1ae3",
            "calldata_variants": [
                "0x590e1ae3",
                "0x590e1ae30000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0xd7bb99ba",
            "selector": "0xd7bb99ba",
            "calldata_variants": [
                "0xd7bb99ba",
                "0xd7bb99ba0000000000000000000000000000000000000000000000000000000000000000"
            ]
        }
    ]
}
evidence_json 
{
    "examples": [
        {
            "pc": 279,
            "opcode": "CALL",
            "returndata_checked": null,
            "value_expression_category": "computed",
            "target_expression_category": "computed"
        },
        {
            "pc": 480,
            "opcode": "CALL",
            "returndata_checked": null,
            "value_expression_category": "computed",
            "target_expression_category": "computed"
        }
    ],
    "eth_value_calls": 2,
    "guards_detected": []
}