019b3836-57d9-713c-a5d6-5d3ac9f53fcf
Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?
| ID | Type | Status | Attempts | Heartbeat |
|---|---|---|---|---|
| 8565 | artifact.fetch | complete | 1 / 3 | 3 months ago |
| 8566 | tool.cast_disasm | complete | 1 / 3 | 3 months ago |
| 98570 | analysis.bundle | complete | 1 / 3 | 1 week ago |
| 98571 | capability.graph | complete | 1 / 3 | 1 week ago |
| 98572 | detector.run | complete | 1 / 3 | 1 week ago |
| 98573 | validation.fork | complete | 1 / 3 | 1 week ago |
No slither job recorded yet.
No codex job recorded yet.
00000000: PUSH1 0x60 00000002: PUSH1 0x40 00000004: MSTORE 00000005: CALLDATASIZE 00000006: ISZERO 00000007: PUSH2 0x0035 0000000a: JUMPI 0000000b: PUSH1 0xe0 0000000d: PUSH1 0x02 0000000f: EXP 00000010: PUSH1 0x00 00000012: CALLDATALOAD 00000013: DIV 00000014: PUSH4 0x31e3e2fe 00000019: DUP2 0000001a: EQ 0000001b: PUSH2 0x003e 0000001e: JUMPI 0000001f: DUP1 00000020: PUSH4 0x3a314b24 00000025: EQ 00000026: PUSH2 0x005e 00000029: JUMPI 0000002a: DUP1 0000002b: PUSH4 0xbb6b4619 00000030: EQ 00000031: PUSH2 0x013b 00000034: JUMPI 00000035: JUMPDEST 00000036: PUSH2 0x0000 00000039: JUMPDEST 0000003a: PUSH2 0x0002 0000003d: JUMP 0000003e: JUMPDEST 0000003f: PUSH2 0x0217 00000042: PUSH1 0x00 00000044: DUP1 00000045: SLOAD 00000046: PUSH1 0x01 00000048: PUSH1 0xa0 0000004a: PUSH1 0x02 0000004c: EXP 0000004d: SUB 0000004e: SWAP1 0000004f: DUP2 00000050: AND 00000051: CALLER 00000052: SWAP1 00000053: SWAP2 00000054: AND 00000055: EQ 00000056: PUSH2 0x0229 00000059: JUMPI 0000005a: PUSH2 0x0002 0000005d: JUMP 0000005e: JUMPDEST 0000005f: PUSH2 0x0217 00000062: PUSH1 0x04 00000064: CALLDATALOAD 00000065: PUSH1 0x01 00000067: SLOAD 00000068: PUSH1 0xe0 0000006a: PUSH1 0x02 0000006c: EXP 0000006d: PUSH4 0x16c72721 00000072: MUL 00000073: PUSH1 0x60 00000075: SWAP1 00000076: DUP2 00000077: MSTORE 00000078: PUSH1 0x00 0000007a: SWAP2 0000007b: PUSH2 0x2710 0000007e: CALLVALUE 0000007f: PUSH1 0x05 00000081: DUP2 00000082: MUL 00000083: SWAP2 00000084: SWAP1 00000085: SWAP2 00000086: DIV 00000087: SWAP1 00000088: SUB 00000089: SWAP2 0000008a: PUSH1 0x01 0000008c: PUSH1 0xa0 0000008e: PUSH1 0x02 00000090: EXP 00000091: SUB 00000092: SWAP1 00000093: SWAP2 00000094: AND 00000095: SWAP1 00000096: PUSH4 0x16c72721 0000009b: SWAP1 0000009c: PUSH1 0x64 0000009e: SWAP1 0000009f: PUSH1 0x20 000000a1: SWAP1 000000a2: PUSH1 0x04 000000a4: DUP2 000000a5: DUP9 000000a6: DUP8 000000a7: PUSH2 0x61da 000000aa: GAS 000000ab: SUB 000000ac: CALL 000000ad: ISZERO 000000ae: PUSH2 0x0002 000000b1: JUMPI 000000b2: POP 000000b3: POP 000000b4: PUSH1 0x40 000000b6: MLOAD 000000b7: MLOAD 000000b8: SWAP1 000000b9: POP 000000ba: DUP1 000000bb: ISZERO 000000bc: PUSH2 0x00e0 000000bf: JUMPI 000000c0: POP 000000c1: PUSH1 0x40 000000c3: MLOAD 000000c4: PUSH1 0x01 000000c6: PUSH1 0xa0 000000c8: PUSH1 0x02 000000ca: EXP 000000cb: SUB 000000cc: DUP5 000000cd: AND 000000ce: SWAP1 000000cf: DUP4 000000d0: SWAP1 000000d1: DUP4 000000d2: SWAP1 000000d3: DUP3 000000d4: DUP2 000000d5: DUP2 000000d6: DUP2 000000d7: DUP6 000000d8: DUP9 000000d9: DUP4 000000da: CALL 000000db: SWAP4 000000dc: POP 000000dd: POP 000000de: POP 000000df: POP 000000e0: JUMPDEST 000000e1: ISZERO 000000e2: PUSH2 0x0039 000000e5: JUMPI 000000e6: DUP3 000000e7: PUSH1 0x01 000000e9: PUSH1 0xa0 000000eb: PUSH1 0x02 000000ed: EXP 000000ee: SUB 000000ef: AND 000000f0: CALLER 000000f1: PUSH1 0x01 000000f3: PUSH1 0xa0 000000f5: PUSH1 0x02 000000f7: EXP 000000f8: SUB 000000f9: AND 000000fa: PUSH32 0xa96f45c7f021e61b3f486703c7db5ff1987ae3e6c1612b7085a0ded0270e9679 0000011b: DUP4 0000011c: PUSH1 0x40 0000011e: MLOAD 0000011f: DUP1 00000120: DUP3 00000121: DUP2 00000122: MSTORE 00000123: PUSH1 0x20 00000125: ADD 00000126: SWAP2 00000127: POP 00000128: POP 00000129: PUSH1 0x40 0000012b: MLOAD 0000012c: DUP1 0000012d: SWAP2 0000012e: SUB 0000012f: SWAP1 00000130: LOG3 00000131: PUSH1 0x01 00000133: SWAP2 00000134: POP 00000135: JUMPDEST 00000136: POP 00000137: SWAP2 00000138: SWAP1 00000139: POP 0000013a: JUMP 0000013b: JUMPDEST 0000013c: PUSH2 0x0217 0000013f: PUSH1 0x04 00000141: CALLDATALOAD 00000142: PUSH1 0x01 00000144: SLOAD 00000145: PUSH1 0xe0 00000147: PUSH1 0x02 00000149: EXP 0000014a: PUSH4 0x16c72721 0000014f: MUL 00000150: PUSH1 0x60 00000152: SWAP1 00000153: DUP2 00000154: MSTORE 00000155: PUSH1 0x00 00000157: SWAP2 00000158: PUSH2 0x2710 0000015b: CALLVALUE 0000015c: PUSH1 0x05 0000015e: DUP2 0000015f: MUL 00000160: SWAP2 00000161: SWAP1 00000162: SWAP2 00000163: DIV 00000164: SWAP1 00000165: SUB 00000166: SWAP2 00000167: PUSH1 0x01 00000169: PUSH1 0xa0 0000016b: PUSH1 0x02 0000016d: EXP 0000016e: SUB 0000016f: SWAP1 00000170: SWAP2 00000171: AND 00000172: SWAP1 00000173: PUSH4 0x16c72721 00000178: SWAP1 00000179: PUSH1 0x64 0000017b: SWAP1 0000017c: PUSH1 0x20 0000017e: SWAP1 0000017f: PUSH1 0x04 00000181: DUP2 00000182: DUP9 00000183: DUP8 00000184: PUSH2 0x61da 00000187: GAS 00000188: SUB 00000189: CALL 0000018a: ISZERO 0000018b: PUSH2 0x0002 0000018e: JUMPI 0000018f: POP 00000190: POP 00000191: PUSH1 0x40 00000193: MLOAD 00000194: MLOAD 00000195: ISZERO 00000196: SWAP1 00000197: POP 00000198: DUP1 00000199: ISZERO 0000019a: PUSH2 0x01be 0000019d: JUMPI 0000019e: POP 0000019f: PUSH1 0x40 000001a1: MLOAD 000001a2: PUSH1 0x01 000001a4: PUSH1 0xa0 000001a6: PUSH1 0x02 000001a8: EXP 000001a9: SUB 000001aa: DUP5 000001ab: AND 000001ac: SWAP1 000001ad: DUP4 000001ae: SWAP1 000001af: DUP4 000001b0: SWAP1 000001b1: DUP3 000001b2: DUP2 000001b3: DUP2 000001b4: DUP2 000001b5: DUP6 000001b6: DUP9 000001b7: DUP4 000001b8: CALL 000001b9: SWAP4 000001ba: POP 000001bb: POP 000001bc: POP 000001bd: POP 000001be: JUMPDEST 000001bf: ISZERO 000001c0: PUSH2 0x0039 000001c3: JUMPI 000001c4: DUP3 000001c5: PUSH1 0x01 000001c7: PUSH1 0xa0 000001c9: PUSH1 0x02 000001cb: EXP 000001cc: SUB 000001cd: AND 000001ce: CALLER 000001cf: PUSH1 0x01 000001d1: PUSH1 0xa0 000001d3: PUSH1 0x02 000001d5: EXP 000001d6: SUB 000001d7: AND 000001d8: PUSH32 0xd4bdfe0093f06482f3075db72ba712b2171928d3a0f02a6dcafb5b100d70957b 000001f9: DUP4 000001fa: PUSH1 0x40 000001fc: MLOAD 000001fd: DUP1 000001fe: DUP3 000001ff: DUP2 00000200: MSTORE 00000201: PUSH1 0x20 00000203: ADD 00000204: SWAP2 00000205: POP 00000206: POP 00000207: PUSH1 0x40 00000209: MLOAD 0000020a: DUP1 0000020b: SWAP2 0000020c: SUB 0000020d: SWAP1 0000020e: LOG3 0000020f: PUSH1 0x01 00000211: SWAP2 00000212: POP 00000213: PUSH2 0x0135 00000216: JUMP 00000217: JUMPDEST 00000218: PUSH1 0x40 0000021a: DUP1 0000021b: MLOAD 0000021c: SWAP2 0000021d: DUP3 0000021e: MSTORE 0000021f: MLOAD 00000220: SWAP1 00000221: DUP2 00000222: SWAP1 00000223: SUB 00000224: PUSH1 0x20 00000226: ADD 00000227: SWAP1 00000228: RETURN 00000229: JUMPDEST 0000022a: PUSH1 0x00 0000022c: ADDRESS 0000022d: PUSH1 0x01 0000022f: PUSH1 0xa0 00000231: PUSH1 0x02 00000233: EXP 00000234: SUB 00000235: AND 00000236: BALANCE 00000237: GT 00000238: DUP1 00000239: ISZERO 0000023a: PUSH2 0x0261 0000023d: JUMPI 0000023e: POP 0000023f: DUP1 00000240: SLOAD 00000241: PUSH1 0x01 00000243: PUSH1 0xa0 00000245: PUSH1 0x02 00000247: EXP 00000248: SUB 00000249: SWAP1 0000024a: DUP2 0000024b: AND 0000024c: SWAP1 0000024d: DUP3 0000024e: SWAP1 0000024f: ADDRESS 00000250: AND 00000251: BALANCE 00000252: PUSH1 0x60 00000254: DUP3 00000255: DUP2 00000256: DUP2 00000257: DUP2 00000258: DUP6 00000259: DUP9 0000025a: DUP4 0000025b: CALL 0000025c: SWAP4 0000025d: POP 0000025e: POP 0000025f: POP 00000260: POP 00000261: JUMPDEST 00000262: ISZERO 00000263: PUSH2 0x0039 00000266: JUMPI 00000267: POP 00000268: PUSH1 0x01 0000026a: SWAP1 0000026b: JUMP
Warning: This is a nightly build of Foundry. It is recommended to use the latest stable version. To mute this warning set `FOUNDRY_DISABLE_NIGHTLY_WARNING` in your environment.
| Severity | Category | Tool | Title | Confidence | Validated | Confirmed | Details |
|---|---|---|---|---|---|---|---|
| high | other | detector | Untrusted CALL target/value reachable | 60 | no | no |
viewtrace_id: 0xc51a17353edb82ea2864d6d260953f210852f7c857926dd04466af3b90906cbd
call_targets:
0x50491518707b238f91981849a6f241c77f948fc8
target_varies:
no
classification:
constant_target
validation_json{
"sink": "CALL",
"errors": 0,
"status": "sink_reached",
"attempts": 1,
"trace_id": "0xc51a17353edb82ea2864d6d260953f210852f7c857926dd04466af3b90906cbd",
"confirmed": false,
"trace_mode": "callTracer",
"call_targets": [
"0x50491518707b238f91981849a6f241c77f948fc8"
],
"matched_probe": null,
"target_varies": false,
"classification": "constant_target"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0x31e3e2fe",
"selector": "0x31e3e2fe",
"calldata_variants": [
"0x31e3e2fe",
"0x31e3e2fe0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x3a314b24",
"selector": "0x3a314b24",
"calldata_variants": [
"0x3a314b24",
"0x3a314b240000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xbb6b4619",
"selector": "0xbb6b4619",
"calldata_variants": [
"0xbb6b4619",
"0xbb6b46190000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 172,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 218,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 393,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
}
],
"call_count": 5,
"guards_detected": [],
"untrusted_call_count": 5
}
|
| high | other | detector | ETH value transfer possible | 55 | no | no |
viewtrace_id: 0xc51a17353edb82ea2864d6d260953f210852f7c857926dd04466af3b90906cbd
call_targets:
0x50491518707b238f91981849a6f241c77f948fc8
target_varies:
no
classification:
constant_target
validation_json{
"sink": "CALL",
"errors": 0,
"status": "sink_reached",
"attempts": 1,
"trace_id": "0xc51a17353edb82ea2864d6d260953f210852f7c857926dd04466af3b90906cbd",
"confirmed": false,
"trace_mode": "callTracer",
"call_targets": [
"0x50491518707b238f91981849a6f241c77f948fc8"
],
"matched_probe": null,
"target_varies": false,
"classification": "constant_target"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0x31e3e2fe",
"selector": "0x31e3e2fe",
"calldata_variants": [
"0x31e3e2fe",
"0x31e3e2fe0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x3a314b24",
"selector": "0x3a314b24",
"calldata_variants": [
"0x3a314b24",
"0x3a314b240000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xbb6b4619",
"selector": "0xbb6b4619",
"calldata_variants": [
"0xbb6b4619",
"0xbb6b46190000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 172,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 218,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 393,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
}
],
"eth_value_calls": 5,
"guards_detected": []
}
|