019b3844-94d8-72d9-b102-f2b72e75c1a0
Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?
| ID | Type | Status | Attempts | Heartbeat |
|---|---|---|---|---|
| 13265 | artifact.fetch | complete | 1 / 3 | 3 months ago |
| 13266 | tool.cast_disasm | complete | 1 / 3 | 3 months ago |
| 112314 | analysis.bundle | complete | 1 / 3 | 1 week ago |
| 112315 | capability.graph | complete | 1 / 3 | 1 week ago |
| 112316 | detector.run | complete | 1 / 3 | 1 week ago |
| 112317 | validation.fork | complete | 1 / 3 | 1 week ago |
No slither job recorded yet.
No codex job recorded yet.
00000000: PUSH1 0x80 00000002: PUSH1 0x40 00000004: MSTORE 00000005: CALLDATASIZE 00000006: ISZERO 00000007: DUP1 00000008: ISZERO 00000009: PUSH1 0x11 0000000b: JUMPI 0000000c: POP 0000000d: PUSH1 0x00 0000000f: CALLVALUE 00000010: GT 00000011: JUMPDEST 00000012: ISZERO 00000013: PUSH1 0x82 00000015: JUMPI 00000016: CALLER 00000017: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 0000002c: AND 0000002d: CALLVALUE 0000002e: PUSH32 0x606834f57405380c4fb88d1f4850326ad3885f014bab3b568dfbf7a041eef738 0000004f: PUSH1 0x00 00000051: CALLDATASIZE 00000052: PUSH1 0x40 00000054: MLOAD 00000055: DUP1 00000056: DUP1 00000057: PUSH1 0x20 00000059: ADD 0000005a: DUP3 0000005b: DUP2 0000005c: SUB 0000005d: DUP3 0000005e: MSTORE 0000005f: DUP5 00000060: DUP5 00000061: DUP3 00000062: DUP2 00000063: DUP2 00000064: MSTORE 00000065: PUSH1 0x20 00000067: ADD 00000068: SWAP3 00000069: POP 0000006a: DUP1 0000006b: DUP3 0000006c: DUP5 0000006d: CALLDATACOPY 0000006e: PUSH1 0x40 00000070: MLOAD 00000071: SWAP3 00000072: ADD 00000073: DUP3 00000074: SWAP1 00000075: SUB 00000076: SWAP6 00000077: POP 00000078: SWAP1 00000079: SWAP4 0000007a: POP 0000007b: POP 0000007c: POP 0000007d: POP 0000007e: LOG3 0000007f: PUSH1 0xa8 00000081: JUMP 00000082: JUMPDEST 00000083: PUSH1 0x00 00000085: SLOAD 00000086: CALLDATASIZE 00000087: PUSH1 0x00 00000089: DUP1 0000008a: CALLDATACOPY 0000008b: PUSH1 0x00 0000008d: DUP1 0000008e: CALLDATASIZE 0000008f: PUSH1 0x00 00000091: DUP5 00000092: GAS 00000093: DELEGATECALL 00000094: RETURNDATASIZE 00000095: PUSH1 0x00 00000097: DUP1 00000098: RETURNDATACOPY 00000099: DUP1 0000009a: DUP1 0000009b: ISZERO 0000009c: PUSH1 0xa3 0000009e: JUMPI 0000009f: RETURNDATASIZE 000000a0: PUSH1 0x00 000000a2: RETURN 000000a3: JUMPDEST 000000a4: RETURNDATASIZE 000000a5: PUSH1 0x00 000000a7: REVERT 000000a8: JUMPDEST 000000a9: STOP 000000aa: STOP 000000ab: LOG1 000000ac: PUSH6 0x627a7a723058 000000b3: KECCAK256 000000b4: MULMOD 000000b5: UNKNOWN(0xAD) 000000b6: PUSH1 0x00 000000b8: PUSH17 0x879c5d9739059132e69cc1b5b90d2b945f 000000ca: SSTORE 000000cb: EXTCODESIZE 000000cc: EXTCODEHASH 000000cd: GASLIMIT 000000ce: UNKNOWN(0xCE) 000000cf: UNKNOWN(0xEA) 000000d0: NUMBER 000000d1: UNKNOWN(0xD6) 000000d2: TLOAD 000000d3: DUP16 000000d4: STOP 000000d5: UNKNOWN(0x29)
Warning: This is a nightly build of Foundry. It is recommended to use the latest stable version. To mute this warning set `FOUNDRY_DISABLE_NIGHTLY_WARNING` in your environment.
| Severity | Category | Tool | Title | Confidence | Validated | Confirmed | Details |
|---|---|---|---|---|---|---|---|
| critical | upgradeability | detector | Untrusted DELEGATECALL target reachable | 70 | no | no |
viewtrace_id: 0x180cc3d5aa914b3e0d9f5fa5aad379923dc543550c58ebab49892ca36bd042b8
call_targets:
0xb1dd690cc9af7bb1a906a9b5a94f94191cc553ce
target_varies:
no
classification:
constant_target
validation_json{
"sink": "DELEGATECALL",
"errors": 0,
"status": "sink_reached",
"attempts": 1,
"trace_id": "0x180cc3d5aa914b3e0d9f5fa5aad379923dc543550c58ebab49892ca36bd042b8",
"confirmed": false,
"trace_mode": "callTracer",
"call_targets": [
"0xb1dd690cc9af7bb1a906a9b5a94f94191cc553ce"
],
"matched_probe": null,
"target_varies": false,
"classification": "constant_target"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0x",
"selector": "fallback",
"calldata_variants": [
"0x"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 147,
"opcode": "DELEGATECALL",
"returndata_checked": null,
"value_expression_category": "n/a",
"target_expression_category": "computed"
}
],
"guards_detected": [],
"delegatecall_count": 1,
"untrusted_delegatecall_count": 1
}
|