019b3836-5e7d-7145-9776-a964253bef39
Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?
| ID | Type | Status | Attempts | Heartbeat |
|---|---|---|---|---|
| 9495 | artifact.fetch | complete | 1 / 3 | 3 months ago |
| 9496 | tool.cast_disasm | complete | 1 / 3 | 3 months ago |
| 82656 | analysis.bundle | complete | 1 / 3 | 1 week ago |
| 82657 | capability.graph | complete | 1 / 3 | 1 week ago |
| 82658 | detector.run | complete | 1 / 3 | 1 week ago |
| 82659 | validation.fork | complete | 1 / 3 | 1 week ago |
| 113659 | report.consolidate | complete | 1 / 6 | 1 week ago |
No slither job recorded yet.
OpenAI Codex v0.118.0 (research preview) -------- workdir: /tmp/codex-sew2oyth model: gpt-5.4 provider: openai approval: never sandbox: read-only reasoning effort: high reasoning summaries: none session id: 019d5c9a-a9f3-75d2-9939-9f3664997342 -------- user You are a security auditor. You ONLY have runtime bytecode + analysis artifacts. You MUST read `BYTECODE_BUNDLE.json` before concluding; it contains the bytecode summary, evidence bundle, callsites, storage slots, and detector findings. Special cases when reasoning from bytecode (be explicit about uncertainty): - Selector inference is best-effort; missing selectors are common. - Fallback/receive paths may be the only entrypoints. - CALL vs DELEGATECALL semantics differ; DELEGATECALL executes in caller storage. - Proxy patterns (EIP-1967, minimal proxies, beacon) change which storage is authoritative. - Storage slots are raw; mappings/arrays appear via keccak patterns, names are unknown. - Guard detection is heuristic; absence of guards does NOT mean unguarded. - Returndata checking is unknown unless explicitly shown in evidence. - Precompiles (0x1..0x9) and common ERC20 transfer selectors may appear; do not over-claim. Output MUST be valid JSON matching the provided schema. - If you find nothing meaningful: set no_findings=true and findings=[]. - Otherwise: set no_findings=false and include findings with severity/category/title. - Locations can be pc references like "pc:0x123" or selectors like "selector:0xa9059cbb". Focus on: reentrancy, access control, upgradeability/proxy issues, signature validation, accounting/invariant breaks, dangerous delegatecall, and untrusted external calls. Be conservative: if evidence is weak, mark severity low/medium and explain why. warning: Codex could not find system bubblewrap on PATH. Please install bubblewrap with your package manager. Codex will use the vendored bubblewrap in the meantime. ERROR: You've hit your usage limit. Visit https://chatgpt.com/codex/settings/usage to purchase more credits or try again at Apr 8th, 2026 9:11 AM. ERROR: You've hit your usage limit. Visit https://chatgpt.com/codex/settings/usage to purchase more credits or try again at Apr 8th, 2026 9:11 AM.
{
"codex": {
"ran_at": "2026-04-05T07:45:35.371174+00:00",
"returncode": 1
},
"project": {
"mode": "bytecode",
"bytecode_length": 4082,
"bytecode_truncated": false,
"capability_graph_present": true,
"analysis_artifact_present": true
},
"summary": null,
"no_findings": null,
"schema_version": 1
}
00000000: PUSH1 0x60 00000002: PUSH1 0x40 00000004: MSTORE 00000005: PUSH1 0xe0 00000007: PUSH1 0x02 00000009: EXP 0000000a: PUSH1 0x00 0000000c: CALLDATALOAD 0000000d: DIV 0000000e: PUSH4 0x38bbfa50 00000013: DUP2 00000014: EQ 00000015: PUSH2 0x0031 00000018: JUMPI 00000019: DUP1 0000001a: PUSH4 0x73db0844 0000001f: EQ 00000020: PUSH2 0x00f8 00000023: JUMPI 00000024: DUP1 00000025: PUSH4 0x82ab890a 0000002a: EQ 0000002b: PUSH2 0x0101 0000002e: JUMPI 0000002f: JUMPDEST 00000030: STOP 00000031: JUMPDEST 00000032: PUSH1 0x40 00000034: DUP1 00000035: MLOAD 00000036: PUSH1 0x20 00000038: PUSH1 0x24 0000003a: DUP1 0000003b: CALLDATALOAD 0000003c: PUSH1 0x04 0000003e: DUP2 0000003f: DUP2 00000040: ADD 00000041: CALLDATALOAD 00000042: PUSH1 0x1f 00000044: DUP2 00000045: ADD 00000046: DUP6 00000047: SWAP1 00000048: DIV 00000049: DUP6 0000004a: MUL 0000004b: DUP7 0000004c: ADD 0000004d: DUP6 0000004e: ADD 0000004f: SWAP1 00000050: SWAP7 00000051: MSTORE 00000052: DUP6 00000053: DUP6 00000054: MSTORE 00000055: PUSH2 0x002f 00000058: SWAP6 00000059: DUP2 0000005a: CALLDATALOAD 0000005b: SWAP6 0000005c: SWAP2 0000005d: SWAP5 0000005e: PUSH1 0x44 00000060: SWAP5 00000061: SWAP3 00000062: SWAP4 00000063: SWAP1 00000064: SWAP3 00000065: ADD 00000066: SWAP2 00000067: DUP2 00000068: SWAP1 00000069: DUP5 0000006a: ADD 0000006b: DUP4 0000006c: DUP3 0000006d: DUP1 0000006e: DUP3 0000006f: DUP5 00000070: CALLDATACOPY 00000071: POP 00000072: POP 00000073: PUSH1 0x40 00000075: DUP1 00000076: MLOAD 00000077: PUSH1 0x20 00000079: SWAP8 0000007a: CALLDATALOAD 0000007b: DUP1 0000007c: DUP11 0000007d: ADD 0000007e: CALLDATALOAD 0000007f: PUSH1 0x1f 00000081: DUP2 00000082: ADD 00000083: DUP11 00000084: SWAP1 00000085: DIV 00000086: DUP11 00000087: MUL 00000088: DUP4 00000089: ADD 0000008a: DUP11 0000008b: ADD 0000008c: SWAP1 0000008d: SWAP4 0000008e: MSTORE 0000008f: DUP3 00000090: DUP3 00000091: MSTORE 00000092: SWAP7 00000093: SWAP9 00000094: SWAP8 00000095: PUSH1 0x64 00000097: SWAP8 00000098: SWAP2 00000099: SWAP7 0000009a: POP 0000009b: PUSH1 0x24 0000009d: SWAP2 0000009e: SWAP1 0000009f: SWAP2 000000a0: ADD 000000a1: SWAP5 000000a2: POP 000000a3: SWAP1 000000a4: SWAP3 000000a5: POP 000000a6: DUP3 000000a7: SWAP2 000000a8: POP 000000a9: DUP5 000000aa: ADD 000000ab: DUP4 000000ac: DUP3 000000ad: DUP1 000000ae: DUP3 000000af: DUP5 000000b0: CALLDATACOPY 000000b1: POP 000000b2: SWAP5 000000b3: SWAP7 000000b4: POP 000000b5: POP 000000b6: POP 000000b7: POP 000000b8: POP 000000b9: POP 000000ba: POP 000000bb: PUSH2 0x01fd 000000be: PUSH1 0x00 000000c0: DUP1 000000c1: SLOAD 000000c2: PUSH1 0x01 000000c4: PUSH1 0xa0 000000c6: PUSH1 0x02 000000c8: EXP 000000c9: SUB 000000ca: AND 000000cb: DUP2 000000cc: EQ 000000cd: ISZERO 000000ce: PUSH2 0x02e6 000000d1: JUMPI 000000d2: PUSH2 0x02e4 000000d5: PUSH1 0x00 000000d7: JUMPDEST 000000d8: PUSH1 0x00 000000da: PUSH1 0x00 000000dc: PUSH2 0x06c5 000000df: PUSH20 0x1d3b2638a7cc9f2cb3d298a3da7a90b67e5506ed 000000f4: JUMPDEST 000000f5: EXTCODESIZE 000000f6: SWAP1 000000f7: JUMP 000000f8: JUMPDEST 000000f9: PUSH2 0x01eb 000000fc: PUSH1 0x02 000000fe: SLOAD 000000ff: DUP2 00000100: JUMP 00000101: JUMPDEST 00000102: PUSH2 0x002f 00000105: PUSH1 0x04 00000107: CALLDATALOAD 00000108: PUSH2 0x02e0 0000010b: DUP2 0000010c: PUSH1 0x40 0000010e: PUSH1 0x40 00000110: MLOAD 00000111: SWAP1 00000112: DUP2 00000113: ADD 00000114: PUSH1 0x40 00000116: MSTORE 00000117: DUP1 00000118: PUSH1 0x03 0000011a: DUP2 0000011b: MSTORE 0000011c: PUSH1 0x20 0000011e: ADD 0000011f: PUSH32 0x55524c0000000000000000000000000000000000000000000000000000000000 00000140: DUP2 00000141: MSTORE 00000142: PUSH1 0x20 00000144: ADD 00000145: POP 00000146: PUSH1 0x80 00000148: PUSH1 0x40 0000014a: MLOAD 0000014b: SWAP1 0000014c: DUP2 0000014d: ADD 0000014e: PUSH1 0x40 00000150: MSTORE 00000151: DUP1 00000152: PUSH1 0x44 00000154: DUP2 00000155: MSTORE 00000156: PUSH1 0x20 00000158: ADD 00000159: PUSH32 0x6a736f6e2868747470733a2f2f706f6c6f6e6965782e636f6d2f7075626c6963 0000017a: DUP2 0000017b: MSTORE 0000017c: PUSH1 0x20 0000017e: ADD 0000017f: PUSH32 0x3f636f6d6d616e643d72657475726e5469636b6572292e555344545f4554482e 000001a0: DUP2 000001a1: MSTORE 000001a2: PUSH1 0x20 000001a4: ADD 000001a5: PUSH32 0x6c61737400000000000000000000000000000000000000000000000000000000 000001c6: DUP2 000001c7: MSTORE 000001c8: PUSH1 0x20 000001ca: ADD 000001cb: POP 000001cc: PUSH1 0x00 000001ce: DUP1 000001cf: SLOAD 000001d0: DUP2 000001d1: SWAP1 000001d2: PUSH1 0x01 000001d4: PUSH1 0xa0 000001d6: PUSH1 0x02 000001d8: EXP 000001d9: SUB 000001da: AND 000001db: DUP2 000001dc: EQ 000001dd: ISZERO 000001de: PUSH2 0x0446 000001e1: JUMPI 000001e2: PUSH2 0x0444 000001e5: PUSH1 0x00 000001e7: PUSH2 0x00d7 000001ea: JUMP 000001eb: JUMPDEST 000001ec: PUSH1 0x40 000001ee: DUP1 000001ef: MLOAD 000001f0: SWAP2 000001f1: DUP3 000001f2: MSTORE 000001f3: MLOAD 000001f4: SWAP1 000001f5: DUP2 000001f6: SWAP1 000001f7: SUB 000001f8: PUSH1 0x20 000001fa: ADD 000001fb: SWAP1 000001fc: RETURN 000001fd: JUMPDEST 000001fe: PUSH1 0x01 00000200: PUSH1 0xa0 00000202: PUSH1 0x02 00000204: EXP 00000205: SUB 00000206: AND 00000207: CALLER 00000208: PUSH1 0x01 0000020a: PUSH1 0xa0 0000020c: PUSH1 0x02 0000020e: EXP 0000020f: SUB 00000210: AND 00000211: EQ 00000212: ISZERO 00000213: ISZERO 00000214: PUSH2 0x021c 00000217: JUMPI 00000218: PUSH2 0x0002 0000021b: JUMP 0000021c: JUMPDEST 0000021d: PUSH2 0x02d8 00000220: DUP3 00000221: PUSH1 0x02 00000223: PUSH1 0x40 00000225: DUP1 00000226: MLOAD 00000227: PUSH1 0x20 00000229: DUP2 0000022a: ADD 0000022b: SWAP1 0000022c: SWAP2 0000022d: MSTORE 0000022e: PUSH1 0x00 00000230: SWAP1 00000231: DUP2 00000232: SWAP1 00000233: MSTORE 00000234: DUP3 00000235: DUP2 00000236: DUP1 00000237: DUP1 00000238: JUMPDEST 00000239: DUP4 0000023a: MLOAD 0000023b: DUP2 0000023c: LT 0000023d: ISZERO 0000023e: PUSH2 0x02ba 00000241: JUMPI 00000242: PUSH1 0x30 00000244: PUSH1 0xf8 00000246: PUSH1 0x02 00000248: EXP 00000249: MUL 0000024a: DUP5 0000024b: DUP3 0000024c: DUP2 0000024d: MLOAD 0000024e: DUP2 0000024f: LT 00000250: ISZERO 00000251: PUSH2 0x0002 00000254: JUMPI 00000255: ADD 00000256: PUSH1 0x20 00000258: ADD 00000259: MLOAD 0000025a: PUSH1 0xf8 0000025c: PUSH1 0x02 0000025e: EXP 0000025f: SWAP1 00000260: DUP2 00000261: SWAP1 00000262: DIV 00000263: MUL 00000264: PUSH1 0x01 00000266: PUSH1 0xf8 00000268: PUSH1 0x02 0000026a: EXP 0000026b: SUB 0000026c: NOT 0000026d: AND 0000026e: LT 0000026f: DUP1 00000270: ISZERO 00000271: SWAP1 00000272: PUSH2 0x02a5 00000275: JUMPI 00000276: POP 00000277: PUSH1 0x39 00000279: PUSH1 0xf8 0000027b: PUSH1 0x02 0000027d: EXP 0000027e: MUL 0000027f: DUP5 00000280: DUP3 00000281: DUP2 00000282: MLOAD 00000283: DUP2 00000284: LT 00000285: ISZERO 00000286: PUSH2 0x0002 00000289: JUMPI 0000028a: ADD 0000028b: PUSH1 0x20 0000028d: ADD 0000028e: MLOAD 0000028f: PUSH1 0xf8 00000291: PUSH1 0x02 00000293: EXP 00000294: SWAP1 00000295: DUP2 00000296: SWAP1 00000297: DIV 00000298: MUL 00000299: PUSH1 0x01 0000029b: PUSH1 0xf8 0000029d: PUSH1 0x02 0000029f: EXP 000002a0: SUB 000002a1: NOT 000002a2: AND 000002a3: GT 000002a4: ISZERO 000002a5: JUMPDEST 000002a6: ISZERO 000002a7: PUSH2 0x03b3 000002aa: JUMPI 000002ab: DUP2 000002ac: ISZERO 000002ad: PUSH2 0x0414 000002b0: JUMPI 000002b1: DUP6 000002b2: PUSH1 0x00 000002b4: EQ 000002b5: ISZERO 000002b6: PUSH2 0x040b 000002b9: JUMPI 000002ba: JUMPDEST 000002bb: PUSH1 0x00 000002bd: DUP7 000002be: GT 000002bf: ISZERO 000002c0: PUSH2 0x02cd 000002c3: JUMPI 000002c4: PUSH1 0x0a 000002c6: DUP7 000002c7: SWAP1 000002c8: EXP 000002c9: SWAP1 000002ca: SWAP3 000002cb: MUL 000002cc: SWAP2 000002cd: JUMPDEST 000002ce: POP 000002cf: SWAP1 000002d0: SWAP6 000002d1: SWAP5 000002d2: POP 000002d3: POP 000002d4: POP 000002d5: POP 000002d6: POP 000002d7: JUMP 000002d8: JUMPDEST 000002d9: PUSH1 0x02 000002db: SSTORE 000002dc: POP 000002dd: POP 000002de: POP 000002df: JUMP 000002e0: JUMPDEST 000002e1: POP 000002e2: POP 000002e3: JUMP 000002e4: JUMPDEST 000002e5: POP 000002e6: JUMPDEST 000002e7: PUSH1 0x00 000002e9: PUSH1 0x00 000002eb: SWAP1 000002ec: SLOAD 000002ed: SWAP1 000002ee: PUSH2 0x0100 000002f1: EXP 000002f2: SWAP1 000002f3: DIV 000002f4: PUSH1 0x01 000002f6: PUSH1 0xa0 000002f8: PUSH1 0x02 000002fa: EXP 000002fb: SUB 000002fc: AND 000002fd: PUSH1 0x01 000002ff: PUSH1 0xa0 00000301: PUSH1 0x02 00000303: EXP 00000304: SUB 00000305: AND 00000306: PUSH4 0x38cc4831 0000030b: PUSH1 0x40 0000030d: MLOAD 0000030e: DUP2 0000030f: PUSH1 0xe0 00000311: PUSH1 0x02 00000313: EXP 00000314: MUL 00000315: DUP2 00000316: MSTORE 00000317: PUSH1 0x04 00000319: ADD 0000031a: DUP1 0000031b: SWAP1 0000031c: POP 0000031d: PUSH1 0x20 0000031f: PUSH1 0x40 00000321: MLOAD 00000322: DUP1 00000323: DUP4 00000324: SUB 00000325: DUP2 00000326: PUSH1 0x00 00000328: DUP8 00000329: PUSH2 0x61da 0000032c: GAS 0000032d: SUB 0000032e: CALL 0000032f: ISZERO 00000330: PUSH2 0x0002 00000333: JUMPI 00000334: POP 00000335: POP 00000336: PUSH1 0x40 00000338: DUP1 00000339: MLOAD 0000033a: DUP1 0000033b: MLOAD 0000033c: PUSH1 0x01 0000033e: DUP1 0000033f: SLOAD 00000340: PUSH1 0x01 00000342: PUSH1 0xa0 00000344: PUSH1 0x02 00000346: EXP 00000347: SUB 00000348: NOT 00000349: AND 0000034a: SWAP1 0000034b: SWAP2 0000034c: OR 0000034d: SWAP1 0000034e: DUP2 0000034f: SWAP1 00000350: SSTORE 00000351: PUSH32 0xc281d19e00000000000000000000000000000000000000000000000000000000 00000372: DUP3 00000373: MSTORE 00000374: SWAP2 00000375: MLOAD 00000376: PUSH1 0x01 00000378: PUSH1 0xa0 0000037a: PUSH1 0x02 0000037c: EXP 0000037d: SUB 0000037e: SWAP3 0000037f: SWAP1 00000380: SWAP3 00000381: AND 00000382: SWAP3 00000383: POP 00000384: PUSH4 0xc281d19e 00000389: SWAP2 0000038a: PUSH1 0x04 0000038c: DUP3 0000038d: DUP2 0000038e: ADD 0000038f: SWAP3 00000390: PUSH1 0x20 00000392: SWAP3 00000393: SWAP2 00000394: SWAP1 00000395: DUP3 00000396: SWAP1 00000397: SUB 00000398: ADD 00000399: DUP2 0000039a: PUSH1 0x00 0000039c: DUP8 0000039d: PUSH2 0x61da 000003a0: GAS 000003a1: SUB 000003a2: CALL 000003a3: ISZERO 000003a4: PUSH2 0x0002 000003a7: JUMPI 000003a8: POP 000003a9: POP 000003aa: PUSH1 0x40 000003ac: MLOAD 000003ad: MLOAD 000003ae: SWAP2 000003af: POP 000003b0: POP 000003b1: SWAP1 000003b2: JUMP 000003b3: JUMPDEST 000003b4: DUP4 000003b5: DUP2 000003b6: DUP2 000003b7: MLOAD 000003b8: DUP2 000003b9: LT 000003ba: ISZERO 000003bb: PUSH2 0x0002 000003be: JUMPI 000003bf: ADD 000003c0: PUSH1 0x20 000003c2: ADD 000003c3: MLOAD 000003c4: PUSH1 0xf8 000003c6: PUSH1 0x02 000003c8: EXP 000003c9: SWAP1 000003ca: DUP2 000003cb: SWAP1 000003cc: DIV 000003cd: MUL 000003ce: PUSH1 0x01 000003d0: PUSH1 0xf8 000003d2: PUSH1 0x02 000003d4: EXP 000003d5: SUB 000003d6: NOT 000003d7: AND 000003d8: PUSH32 0x2e00000000000000000000000000000000000000000000000000000000000000 000003f9: EQ 000003fa: ISZERO 000003fb: PUSH2 0x0403 000003fe: JUMPI 000003ff: PUSH1 0x01 00000401: SWAP2 00000402: POP 00000403: JUMPDEST 00000404: PUSH1 0x01 00000406: ADD 00000407: PUSH2 0x0238 0000040a: JUMP 0000040b: JUMPDEST 0000040c: PUSH1 0x00 0000040e: NOT 0000040f: SWAP6 00000410: SWAP1 00000411: SWAP6 00000412: ADD 00000413: SWAP5 00000414: JUMPDEST 00000415: PUSH1 0x0a 00000417: DUP4 00000418: MUL 00000419: SWAP3 0000041a: POP 0000041b: DUP3 0000041c: POP 0000041d: PUSH1 0x30 0000041f: DUP5 00000420: DUP3 00000421: DUP2 00000422: MLOAD 00000423: DUP2 00000424: LT 00000425: ISZERO 00000426: PUSH2 0x0002 00000429: JUMPI 0000042a: ADD 0000042b: PUSH1 0x20 0000042d: ADD 0000042e: MLOAD 0000042f: PUSH1 0xf8 00000431: PUSH1 0x02 00000433: EXP 00000434: SWAP1 00000435: DUP2 00000436: SWAP1 00000437: DIV 00000438: DUP2 00000439: MUL 0000043a: DIV 0000043b: SUB 0000043c: SWAP1 0000043d: SWAP3 0000043e: ADD 0000043f: SWAP2 00000440: PUSH2 0x0403 00000443: JUMP 00000444: JUMPDEST 00000445: POP 00000446: JUMPDEST 00000447: PUSH1 0x00 00000449: PUSH1 0x00 0000044b: SWAP1 0000044c: SLOAD 0000044d: SWAP1 0000044e: PUSH2 0x0100 00000451: EXP 00000452: SWAP1 00000453: DIV 00000454: PUSH1 0x01 00000456: PUSH1 0xa0 00000458: PUSH1 0x02 0000045a: EXP 0000045b: SUB 0000045c: AND 0000045d: PUSH1 0x01 0000045f: PUSH1 0xa0 00000461: PUSH1 0x02 00000463: EXP 00000464: SUB 00000465: AND 00000466: PUSH4 0x38cc4831 0000046b: PUSH1 0x40 0000046d: MLOAD 0000046e: DUP2 0000046f: PUSH1 0xe0 00000471: PUSH1 0x02 00000473: EXP 00000474: MUL 00000475: DUP2 00000476: MSTORE 00000477: PUSH1 0x04 00000479: ADD 0000047a: DUP1 0000047b: SWAP1 0000047c: POP 0000047d: PUSH1 0x20 0000047f: PUSH1 0x40 00000481: MLOAD 00000482: DUP1 00000483: DUP4 00000484: SUB 00000485: DUP2 00000486: PUSH1 0x00 00000488: DUP8 00000489: PUSH2 0x61da 0000048c: GAS 0000048d: SUB 0000048e: CALL 0000048f: ISZERO 00000490: PUSH2 0x0002 00000493: JUMPI 00000494: POP 00000495: POP 00000496: PUSH1 0x40 00000498: MLOAD 00000499: DUP1 0000049a: MLOAD 0000049b: PUSH1 0x01 0000049d: DUP1 0000049e: SLOAD 0000049f: PUSH1 0x01 000004a1: PUSH1 0xa0 000004a3: PUSH1 0x02 000004a5: EXP 000004a6: SUB 000004a7: NOT 000004a8: AND 000004a9: SWAP1 000004aa: SWAP2 000004ab: OR 000004ac: SWAP1 000004ad: DUP2 000004ae: SWAP1 000004af: SSTORE 000004b0: PUSH32 0x524f388900000000000000000000000000000000000000000000000000000000 000004d1: DUP3 000004d2: MSTORE 000004d3: PUSH1 0x20 000004d5: PUSH1 0x04 000004d7: DUP4 000004d8: DUP2 000004d9: ADD 000004da: DUP3 000004db: DUP2 000004dc: MSTORE 000004dd: DUP10 000004de: MLOAD 000004df: PUSH1 0x24 000004e1: DUP7 000004e2: ADD 000004e3: MSTORE 000004e4: DUP10 000004e5: MLOAD 000004e6: PUSH1 0x01 000004e8: PUSH1 0xa0 000004ea: PUSH1 0x02 000004ec: EXP 000004ed: SUB 000004ee: SWAP5 000004ef: SWAP1 000004f0: SWAP5 000004f1: AND 000004f2: SWAP6 000004f3: POP 000004f4: PUSH4 0x524f3889 000004f9: SWAP5 000004fa: DUP11 000004fb: SWAP5 000004fc: SWAP2 000004fd: SWAP4 000004fe: DUP5 000004ff: SWAP4 00000500: PUSH1 0x44 00000502: SWAP3 00000503: SWAP1 00000504: SWAP3 00000505: ADD 00000506: SWAP3 00000507: DUP7 00000508: DUP3 00000509: ADD 0000050a: SWAP3 0000050b: SWAP1 0000050c: SWAP2 0000050d: DUP3 0000050e: SWAP2 0000050f: DUP6 00000510: SWAP2 00000511: DUP4 00000512: SWAP2 00000513: DUP7 00000514: SWAP2 00000515: PUSH1 0x00 00000517: SWAP2 00000518: SWAP1 00000519: PUSH1 0x1f 0000051b: DUP6 0000051c: ADD 0000051d: DIV 0000051e: PUSH1 0x03 00000520: MUL 00000521: PUSH1 0x0f 00000523: ADD 00000524: CALL 00000525: POP 00000526: SWAP1 00000527: POP 00000528: SWAP1 00000529: DUP2 0000052a: ADD 0000052b: SWAP1 0000052c: PUSH1 0x1f 0000052e: AND 0000052f: DUP1 00000530: ISZERO 00000531: PUSH2 0x054e 00000534: JUMPI 00000535: DUP1 00000536: DUP3 00000537: SUB 00000538: DUP1 00000539: MLOAD 0000053a: PUSH1 0x01 0000053c: DUP4 0000053d: PUSH1 0x20 0000053f: SUB 00000540: PUSH2 0x0100 00000543: EXP 00000544: SUB 00000545: NOT 00000546: AND 00000547: DUP2 00000548: MSTORE 00000549: PUSH1 0x20 0000054b: ADD 0000054c: SWAP2 0000054d: POP 0000054e: JUMPDEST 0000054f: POP 00000550: SWAP3 00000551: POP 00000552: POP 00000553: POP 00000554: PUSH1 0x20 00000556: PUSH1 0x40 00000558: MLOAD 00000559: DUP1 0000055a: DUP4 0000055b: SUB 0000055c: DUP2 0000055d: PUSH1 0x00 0000055f: DUP8 00000560: PUSH2 0x61da 00000563: GAS 00000564: SUB 00000565: CALL 00000566: ISZERO 00000567: PUSH2 0x0002 0000056a: JUMPI 0000056b: POP 0000056c: POP 0000056d: PUSH1 0x40 0000056f: MLOAD 00000570: MLOAD 00000571: SWAP2 00000572: POP 00000573: POP 00000574: PUSH8 0x0de0b6b3a7640000 0000057d: PUSH3 0x030d40 00000581: GASPRICE 00000582: MUL 00000583: ADD 00000584: DUP2 00000585: GT 00000586: ISZERO 00000587: PUSH2 0x0597 0000058a: JUMPI 0000058b: PUSH1 0x00 0000058d: SWAP2 0000058e: POP 0000058f: JUMPDEST 00000590: POP 00000591: SWAP4 00000592: SWAP3 00000593: POP 00000594: POP 00000595: POP 00000596: JUMP 00000597: JUMPDEST 00000598: PUSH1 0x01 0000059a: PUSH1 0x00 0000059c: SWAP1 0000059d: SLOAD 0000059e: SWAP1 0000059f: PUSH2 0x0100 000005a2: EXP 000005a3: SWAP1 000005a4: DIV 000005a5: PUSH1 0x01 000005a7: PUSH1 0xa0 000005a9: PUSH1 0x02 000005ab: EXP 000005ac: SUB 000005ad: AND 000005ae: PUSH1 0x01 000005b0: PUSH1 0xa0 000005b2: PUSH1 0x02 000005b4: EXP 000005b5: SUB 000005b6: AND 000005b7: PUSH4 0xadf59f99 000005bc: DUP3 000005bd: DUP8 000005be: DUP8 000005bf: DUP8 000005c0: PUSH1 0x40 000005c2: MLOAD 000005c3: DUP6 000005c4: PUSH1 0xe0 000005c6: PUSH1 0x02 000005c8: EXP 000005c9: MUL 000005ca: DUP2 000005cb: MSTORE 000005cc: PUSH1 0x04 000005ce: ADD 000005cf: DUP1 000005d0: DUP5 000005d1: DUP2 000005d2: MSTORE 000005d3: PUSH1 0x20 000005d5: ADD 000005d6: DUP1 000005d7: PUSH1 0x20 000005d9: ADD 000005da: DUP1 000005db: PUSH1 0x20 000005dd: ADD 000005de: DUP4 000005df: DUP2 000005e0: SUB 000005e1: DUP4 000005e2: MSTORE 000005e3: DUP6 000005e4: DUP2 000005e5: DUP2 000005e6: MLOAD 000005e7: DUP2 000005e8: MSTORE 000005e9: PUSH1 0x20 000005eb: ADD 000005ec: SWAP2 000005ed: POP 000005ee: DUP1 000005ef: MLOAD 000005f0: SWAP1 000005f1: PUSH1 0x20 000005f3: ADD 000005f4: SWAP1 000005f5: DUP1 000005f6: DUP4 000005f7: DUP4 000005f8: DUP3 000005f9: SWAP1 000005fa: PUSH1 0x00 000005fc: PUSH1 0x04 000005fe: PUSH1 0x20 00000600: DUP5 00000601: PUSH1 0x1f 00000603: ADD 00000604: DIV 00000605: PUSH1 0x03 00000607: MUL 00000608: PUSH1 0x0f 0000060a: ADD 0000060b: CALL 0000060c: POP 0000060d: SWAP1 0000060e: POP 0000060f: SWAP1 00000610: DUP2 00000611: ADD 00000612: SWAP1 00000613: PUSH1 0x1f 00000615: AND 00000616: DUP1 00000617: ISZERO 00000618: PUSH2 0x0635 0000061b: JUMPI 0000061c: DUP1 0000061d: DUP3 0000061e: SUB 0000061f: DUP1 00000620: MLOAD 00000621: PUSH1 0x01 00000623: DUP4 00000624: PUSH1 0x20 00000626: SUB 00000627: PUSH2 0x0100 0000062a: EXP 0000062b: SUB 0000062c: NOT 0000062d: AND 0000062e: DUP2 0000062f: MSTORE 00000630: PUSH1 0x20 00000632: ADD 00000633: SWAP2 00000634: POP 00000635: JUMPDEST 00000636: POP 00000637: DUP4 00000638: DUP2 00000639: SUB 0000063a: DUP3 0000063b: MSTORE 0000063c: DUP5 0000063d: DUP2 0000063e: DUP2 0000063f: MLOAD 00000640: DUP2 00000641: MSTORE 00000642: PUSH1 0x20 00000644: ADD 00000645: SWAP2 00000646: POP 00000647: DUP1 00000648: MLOAD 00000649: SWAP1 0000064a: PUSH1 0x20 0000064c: ADD 0000064d: SWAP1 0000064e: DUP1 0000064f: DUP4 00000650: DUP4 00000651: DUP3 00000652: SWAP1 00000653: PUSH1 0x00 00000655: PUSH1 0x04 00000657: PUSH1 0x20 00000659: DUP5 0000065a: PUSH1 0x1f 0000065c: ADD 0000065d: DIV 0000065e: PUSH1 0x03 00000660: MUL 00000661: PUSH1 0x0f 00000663: ADD 00000664: CALL 00000665: POP 00000666: SWAP1 00000667: POP 00000668: SWAP1 00000669: DUP2 0000066a: ADD 0000066b: SWAP1 0000066c: PUSH1 0x1f 0000066e: AND 0000066f: DUP1 00000670: ISZERO 00000671: PUSH2 0x068e 00000674: JUMPI 00000675: DUP1 00000676: DUP3 00000677: SUB 00000678: DUP1 00000679: MLOAD 0000067a: PUSH1 0x01 0000067c: DUP4 0000067d: PUSH1 0x20 0000067f: SUB 00000680: PUSH2 0x0100 00000683: EXP 00000684: SUB 00000685: NOT 00000686: AND 00000687: DUP2 00000688: MSTORE 00000689: PUSH1 0x20 0000068b: ADD 0000068c: SWAP2 0000068d: POP 0000068e: JUMPDEST 0000068f: POP 00000690: SWAP6 00000691: POP 00000692: POP 00000693: POP 00000694: POP 00000695: POP 00000696: POP 00000697: PUSH1 0x20 00000699: PUSH1 0x40 0000069b: MLOAD 0000069c: DUP1 0000069d: DUP4 0000069e: SUB 0000069f: DUP2 000006a0: DUP6 000006a1: DUP9 000006a2: PUSH2 0x8502 000006a5: GAS 000006a6: SUB 000006a7: CALL 000006a8: ISZERO 000006a9: PUSH2 0x0002 000006ac: JUMPI 000006ad: POP 000006ae: POP 000006af: PUSH1 0x40 000006b1: MLOAD 000006b2: MLOAD 000006b3: SWAP4 000006b4: POP 000006b5: PUSH2 0x058f 000006b8: SWAP2 000006b9: POP 000006ba: POP 000006bb: JUMP 000006bc: JUMPDEST 000006bd: POP 000006be: PUSH1 0x00 000006c0: JUMPDEST 000006c1: SWAP2 000006c2: SWAP1 000006c3: POP 000006c4: JUMP 000006c5: JUMPDEST 000006c6: GT 000006c7: ISZERO 000006c8: PUSH2 0x06f9 000006cb: JUMPI 000006cc: POP 000006cd: PUSH1 0x00 000006cf: DUP1 000006d0: SLOAD 000006d1: PUSH1 0x01 000006d3: PUSH1 0xa0 000006d5: PUSH1 0x02 000006d7: EXP 000006d8: SUB 000006d9: NOT 000006da: AND 000006db: PUSH20 0x1d3b2638a7cc9f2cb3d298a3da7a90b67e5506ed 000006f0: OR 000006f1: SWAP1 000006f2: SSTORE 000006f3: PUSH1 0x01 000006f5: PUSH2 0x06c0 000006f8: JUMP 000006f9: JUMPDEST 000006fa: PUSH1 0x00 000006fc: PUSH2 0x0718 000006ff: PUSH20 0x9efbea6358bed926b293d2ce63a730d6d98d43dd 00000714: PUSH2 0x00f4 00000717: JUMP 00000718: JUMPDEST 00000719: GT 0000071a: ISZERO 0000071b: PUSH2 0x074f 0000071e: JUMPI 0000071f: POP 00000720: PUSH1 0x00 00000722: DUP1 00000723: SLOAD 00000724: PUSH20 0x9efbea6358bed926b293d2ce63a730d6d98d43dd 00000739: PUSH1 0x01 0000073b: PUSH1 0xa0 0000073d: PUSH1 0x02 0000073f: EXP 00000740: SUB 00000741: NOT 00000742: SWAP2 00000743: SWAP1 00000744: SWAP2 00000745: AND 00000746: OR 00000747: SWAP1 00000748: SSTORE 00000749: PUSH1 0x01 0000074b: PUSH2 0x06c0 0000074e: JUMP 0000074f: JUMPDEST 00000750: PUSH1 0x00 00000752: PUSH2 0x076e 00000755: PUSH20 0x20e12a1f859b3feae5fb2a0a32c18f5a65555bbf 0000076a: PUSH2 0x00f4 0000076d: JUMP 0000076e: JUMPDEST 0000076f: GT 00000770: ISZERO 00000771: PUSH2 0x07a5 00000774: JUMPI 00000775: POP 00000776: PUSH1 0x00 00000778: DUP1 00000779: SLOAD 0000077a: PUSH20 0x20e12a1f859b3feae5fb2a0a32c18f5a65555bbf 0000078f: PUSH1 0x01 00000791: PUSH1 0xa0 00000793: PUSH1 0x02 00000795: EXP 00000796: SUB 00000797: NOT 00000798: SWAP2 00000799: SWAP1 0000079a: SWAP2 0000079b: AND 0000079c: OR 0000079d: SWAP1 0000079e: SSTORE 0000079f: PUSH1 0x01 000007a1: PUSH2 0x06c0 000007a4: JUMP 000007a5: JUMPDEST 000007a6: PUSH1 0x00 000007a8: PUSH2 0x07c4 000007ab: PUSH20 0x9a1d6e5c6c8d081ac45c6af98b74a42442afba60 000007c0: PUSH2 0x00f4 000007c3: JUMP 000007c4: JUMPDEST 000007c5: GT 000007c6: ISZERO 000007c7: PUSH2 0x06bc 000007ca: JUMPI 000007cb: POP 000007cc: PUSH1 0x00 000007ce: DUP1 000007cf: SLOAD 000007d0: PUSH1 0x01 000007d2: PUSH1 0xa0 000007d4: PUSH1 0x02 000007d6: EXP 000007d7: SUB 000007d8: NOT 000007d9: AND 000007da: PUSH20 0x9a1d6e5c6c8d081ac45c6af98b74a42442afba60 000007ef: OR 000007f0: SWAP1 000007f1: SSTORE 000007f2: PUSH1 0x01 000007f4: PUSH2 0x06c0 000007f7: JUMP
Warning: This is a nightly build of Foundry. It is recommended to use the latest stable version. To mute this warning set `FOUNDRY_DISABLE_NIGHTLY_WARNING` in your environment.
| Severity | Category | Tool | Title | Confidence | Validated | Confirmed | Details |
|---|---|---|---|---|---|---|---|
| high | other | detector | Untrusted CALL target/value reachable | 60 | yes | yes |
viewtrace_id: 0x4d6f55466f8e793af4c6aebcaa1bd1e50aab41b1b0e5c41ba11c039c36805835
call_targets:
0x1d3b2638a7cc9f2cb3d298a3da7a90b67e5506ed, 0x3dbdc81a6edc94c720b0b88fb65dbd7e395fdcf6, 0xa8cd51814bddfefad87b9e69a778a913d9a5e323
target_varies:
yes
classification:
target_varies
validation_json{
"sink": "CALL",
"errors": 0,
"status": "confirmed",
"attempts": 1,
"trace_id": "0x4d6f55466f8e793af4c6aebcaa1bd1e50aab41b1b0e5c41ba11c039c36805835",
"confirmed": true,
"trace_mode": "callTracer",
"call_targets": [
"0x1d3b2638a7cc9f2cb3d298a3da7a90b67e5506ed",
"0x3dbdc81a6edc94c720b0b88fb65dbd7e395fdcf6",
"0xa8cd51814bddfefad87b9e69a778a913d9a5e323"
],
"matched_probe": null,
"target_varies": true,
"classification": "target_varies"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0x38bbfa50",
"selector": "0x38bbfa50",
"calldata_variants": [
"0x38bbfa50",
"0x38bbfa500000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x73db0844",
"selector": "0x73db0844",
"calldata_variants": [
"0x73db0844",
"0x73db08440000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x82ab890a",
"selector": "0x82ab890a",
"calldata_variants": [
"0x82ab890a",
"0x82ab890a0000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 814,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 930,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 1166,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
}
],
"call_count": 8,
"guards_detected": [],
"untrusted_call_count": 8
}
|
| high | other | detector | ETH value transfer possible | 55 | yes | yes |
viewtrace_id: 0x4d6f55466f8e793af4c6aebcaa1bd1e50aab41b1b0e5c41ba11c039c36805835
call_targets:
0x1d3b2638a7cc9f2cb3d298a3da7a90b67e5506ed, 0x3dbdc81a6edc94c720b0b88fb65dbd7e395fdcf6, 0xa8cd51814bddfefad87b9e69a778a913d9a5e323
target_varies:
yes
classification:
target_varies
validation_json{
"sink": "CALL",
"errors": 0,
"status": "confirmed",
"attempts": 1,
"trace_id": "0x4d6f55466f8e793af4c6aebcaa1bd1e50aab41b1b0e5c41ba11c039c36805835",
"confirmed": true,
"trace_mode": "callTracer",
"call_targets": [
"0x1d3b2638a7cc9f2cb3d298a3da7a90b67e5506ed",
"0x3dbdc81a6edc94c720b0b88fb65dbd7e395fdcf6",
"0xa8cd51814bddfefad87b9e69a778a913d9a5e323"
],
"matched_probe": null,
"target_varies": true,
"classification": "target_varies"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0x38bbfa50",
"selector": "0x38bbfa50",
"calldata_variants": [
"0x38bbfa50",
"0x38bbfa500000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x73db0844",
"selector": "0x73db0844",
"calldata_variants": [
"0x73db0844",
"0x73db08440000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x82ab890a",
"selector": "0x82ab890a",
"calldata_variants": [
"0x82ab890a",
"0x82ab890a0000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 814,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 930,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 1166,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
}
],
"eth_value_calls": 8,
"guards_detected": []
}
|