019b3844-96c7-731e-9904-200e7b3377db
Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?
| ID | Type | Status | Attempts | Heartbeat |
|---|---|---|---|---|
| 13605 | artifact.fetch | complete | 1 / 3 | 4 months ago |
| 13606 | tool.cast_disasm | complete | 1 / 3 | 4 months ago |
| 56993 | analysis.bundle | complete | 1 / 3 | 2 weeks ago |
| 56994 | capability.graph | complete | 1 / 3 | 2 weeks ago |
| 56995 | detector.run | complete | 1 / 3 | 2 weeks ago |
| 56996 | validation.fork | complete | 1 / 3 | 2 weeks ago |
No slither job recorded yet.
No codex job recorded yet.
00000000: PUSH1 0x80 00000002: PUSH1 0x40 00000004: MSTORE 00000005: PUSH1 0x04 00000007: CALLDATASIZE 00000008: LT 00000009: PUSH2 0x0043 0000000c: JUMPI 0000000d: PUSH1 0x00 0000000f: CALLDATALOAD 00000010: PUSH1 0xe0 00000012: SHR 00000013: DUP1 00000014: PUSH4 0x0231ee26 00000019: EQ 0000001a: PUSH2 0x004f 0000001d: JUMPI 0000001e: DUP1 0000001f: PUSH4 0x7f29171c 00000024: EQ 00000025: PUSH2 0x007b 00000028: JUMPI 00000029: DUP1 0000002a: PUSH4 0xbe423626 0000002f: EQ 00000030: PUSH2 0x0090 00000033: JUMPI 00000034: DUP1 00000035: PUSH4 0xc6dbdf61 0000003a: EQ 0000003b: PUSH2 0x00c3 0000003e: JUMPI 0000003f: PUSH2 0x004a 00000042: JUMP 00000043: JUMPDEST 00000044: CALLDATASIZE 00000045: PUSH2 0x004a 00000048: JUMPI 00000049: STOP 0000004a: JUMPDEST 0000004b: PUSH1 0x00 0000004d: DUP1 0000004e: REVERT 0000004f: JUMPDEST 00000050: CALLVALUE 00000051: DUP1 00000052: ISZERO 00000053: PUSH2 0x005b 00000056: JUMPI 00000057: PUSH1 0x00 00000059: DUP1 0000005a: REVERT 0000005b: JUMPDEST 0000005c: POP 0000005d: PUSH2 0x0079 00000060: PUSH1 0x04 00000062: DUP1 00000063: CALLDATASIZE 00000064: SUB 00000065: PUSH1 0x20 00000067: DUP2 00000068: LT 00000069: ISZERO 0000006a: PUSH2 0x0072 0000006d: JUMPI 0000006e: PUSH1 0x00 00000070: DUP1 00000071: REVERT 00000072: JUMPDEST 00000073: POP 00000074: CALLDATALOAD 00000075: PUSH2 0x00f4 00000078: JUMP 00000079: JUMPDEST 0000007a: STOP 0000007b: JUMPDEST 0000007c: CALLVALUE 0000007d: DUP1 0000007e: ISZERO 0000007f: PUSH2 0x0087 00000082: JUMPI 00000083: PUSH1 0x00 00000085: DUP1 00000086: REVERT 00000087: JUMPDEST 00000088: POP 00000089: PUSH2 0x0079 0000008c: PUSH2 0x016e 0000008f: JUMP 00000090: JUMPDEST 00000091: CALLVALUE 00000092: DUP1 00000093: ISZERO 00000094: PUSH2 0x009c 00000097: JUMPI 00000098: PUSH1 0x00 0000009a: DUP1 0000009b: REVERT 0000009c: JUMPDEST 0000009d: POP 0000009e: PUSH2 0x0079 000000a1: PUSH1 0x04 000000a3: DUP1 000000a4: CALLDATASIZE 000000a5: SUB 000000a6: PUSH1 0x20 000000a8: DUP2 000000a9: LT 000000aa: ISZERO 000000ab: PUSH2 0x00b3 000000ae: JUMPI 000000af: PUSH1 0x00 000000b1: DUP1 000000b2: REVERT 000000b3: JUMPDEST 000000b4: POP 000000b5: CALLDATALOAD 000000b6: PUSH1 0x01 000000b8: PUSH1 0x01 000000ba: PUSH1 0xa0 000000bc: SHL 000000bd: SUB 000000be: AND 000000bf: PUSH2 0x01e8 000000c2: JUMP 000000c3: JUMPDEST 000000c4: CALLVALUE 000000c5: DUP1 000000c6: ISZERO 000000c7: PUSH2 0x00cf 000000ca: JUMPI 000000cb: PUSH1 0x00 000000cd: DUP1 000000ce: REVERT 000000cf: JUMPDEST 000000d0: POP 000000d1: PUSH2 0x00d8 000000d4: PUSH2 0x02a0 000000d7: JUMP 000000d8: JUMPDEST 000000d9: PUSH1 0x40 000000db: DUP1 000000dc: MLOAD 000000dd: PUSH1 0x01 000000df: PUSH1 0x01 000000e1: PUSH1 0xa0 000000e3: SHL 000000e4: SUB 000000e5: SWAP1 000000e6: SWAP3 000000e7: AND 000000e8: DUP3 000000e9: MSTORE 000000ea: MLOAD 000000eb: SWAP1 000000ec: DUP2 000000ed: SWAP1 000000ee: SUB 000000ef: PUSH1 0x20 000000f1: ADD 000000f2: SWAP1 000000f3: RETURN 000000f4: JUMPDEST 000000f5: PUSH1 0x00 000000f7: SLOAD 000000f8: PUSH1 0x01 000000fa: PUSH1 0x01 000000fc: PUSH1 0xa0 000000fe: SHL 000000ff: SUB 00000100: AND 00000101: CALLER 00000102: EQ 00000103: PUSH2 0x013d 00000106: JUMPI 00000107: PUSH1 0x40 00000109: MLOAD 0000010a: PUSH3 0x461bcd 0000010e: PUSH1 0xe5 00000110: SHL 00000111: DUP2 00000112: MSTORE 00000113: PUSH1 0x04 00000115: ADD 00000116: DUP1 00000117: DUP1 00000118: PUSH1 0x20 0000011a: ADD 0000011b: DUP3 0000011c: DUP2 0000011d: SUB 0000011e: DUP3 0000011f: MSTORE 00000120: PUSH1 0x2c 00000122: DUP2 00000123: MSTORE 00000124: PUSH1 0x20 00000126: ADD 00000127: DUP1 00000128: PUSH2 0x030f 0000012b: PUSH1 0x2c 0000012d: SWAP2 0000012e: CODECOPY 0000012f: PUSH1 0x40 00000131: ADD 00000132: SWAP2 00000133: POP 00000134: POP 00000135: PUSH1 0x40 00000137: MLOAD 00000138: DUP1 00000139: SWAP2 0000013a: SUB 0000013b: SWAP1 0000013c: REVERT 0000013d: JUMPDEST 0000013e: PUSH1 0x40 00000140: MLOAD 00000141: CALLER 00000142: SWAP1 00000143: DUP3 00000144: ISZERO 00000145: PUSH2 0x08fc 00000148: MUL 00000149: SWAP1 0000014a: DUP4 0000014b: SWAP1 0000014c: PUSH1 0x00 0000014e: DUP2 0000014f: DUP2 00000150: DUP2 00000151: DUP6 00000152: DUP9 00000153: DUP9 00000154: CALL 00000155: SWAP4 00000156: POP 00000157: POP 00000158: POP 00000159: POP 0000015a: ISZERO 0000015b: DUP1 0000015c: ISZERO 0000015d: PUSH2 0x016a 00000160: JUMPI 00000161: RETURNDATASIZE 00000162: PUSH1 0x00 00000164: DUP1 00000165: RETURNDATACOPY 00000166: RETURNDATASIZE 00000167: PUSH1 0x00 00000169: REVERT 0000016a: JUMPDEST 0000016b: POP 0000016c: POP 0000016d: JUMP 0000016e: JUMPDEST 0000016f: PUSH1 0x01 00000171: SLOAD 00000172: PUSH1 0x01 00000174: PUSH1 0x01 00000176: PUSH1 0xa0 00000178: SHL 00000179: SUB 0000017a: AND 0000017b: CALLER 0000017c: EQ 0000017d: PUSH2 0x01b7 00000180: JUMPI 00000181: PUSH1 0x40 00000183: MLOAD 00000184: PUSH3 0x461bcd 00000188: PUSH1 0xe5 0000018a: SHL 0000018b: DUP2 0000018c: MSTORE 0000018d: PUSH1 0x04 0000018f: ADD 00000190: DUP1 00000191: DUP1 00000192: PUSH1 0x20 00000194: ADD 00000195: DUP3 00000196: DUP2 00000197: SUB 00000198: DUP3 00000199: MSTORE 0000019a: PUSH1 0x36 0000019c: DUP2 0000019d: MSTORE 0000019e: PUSH1 0x20 000001a0: ADD 000001a1: DUP1 000001a2: PUSH2 0x02b0 000001a5: PUSH1 0x36 000001a7: SWAP2 000001a8: CODECOPY 000001a9: PUSH1 0x40 000001ab: ADD 000001ac: SWAP2 000001ad: POP 000001ae: POP 000001af: PUSH1 0x40 000001b1: MLOAD 000001b2: DUP1 000001b3: SWAP2 000001b4: SUB 000001b5: SWAP1 000001b6: REVERT 000001b7: JUMPDEST 000001b8: CALLER 000001b9: PUSH2 0x01c1 000001bc: JUMPI 000001bd: PUSH1 0x00 000001bf: DUP1 000001c0: REVERT 000001c1: JUMPDEST 000001c2: PUSH1 0x01 000001c4: DUP1 000001c5: SLOAD 000001c6: PUSH1 0x00 000001c8: DUP1 000001c9: SLOAD 000001ca: PUSH1 0x01 000001cc: PUSH1 0x01 000001ce: PUSH1 0xa0 000001d0: SHL 000001d1: SUB 000001d2: NOT 000001d3: SWAP1 000001d4: DUP2 000001d5: AND 000001d6: PUSH1 0x01 000001d8: PUSH1 0x01 000001da: PUSH1 0xa0 000001dc: SHL 000001dd: SUB 000001de: DUP5 000001df: AND 000001e0: OR 000001e1: SWAP1 000001e2: SWAP2 000001e3: SSTORE 000001e4: AND 000001e5: SWAP1 000001e6: SSTORE 000001e7: JUMP 000001e8: JUMPDEST 000001e9: PUSH1 0x00 000001eb: SLOAD 000001ec: PUSH1 0x01 000001ee: PUSH1 0x01 000001f0: PUSH1 0xa0 000001f2: SHL 000001f3: SUB 000001f4: AND 000001f5: CALLER 000001f6: EQ 000001f7: PUSH2 0x0231 000001fa: JUMPI 000001fb: PUSH1 0x40 000001fd: MLOAD 000001fe: PUSH3 0x461bcd 00000202: PUSH1 0xe5 00000204: SHL 00000205: DUP2 00000206: MSTORE 00000207: PUSH1 0x04 00000209: ADD 0000020a: DUP1 0000020b: DUP1 0000020c: PUSH1 0x20 0000020e: ADD 0000020f: DUP3 00000210: DUP2 00000211: SUB 00000212: DUP3 00000213: MSTORE 00000214: PUSH1 0x2c 00000216: DUP2 00000217: MSTORE 00000218: PUSH1 0x20 0000021a: ADD 0000021b: DUP1 0000021c: PUSH2 0x030f 0000021f: PUSH1 0x2c 00000221: SWAP2 00000222: CODECOPY 00000223: PUSH1 0x40 00000225: ADD 00000226: SWAP2 00000227: POP 00000228: POP 00000229: PUSH1 0x40 0000022b: MLOAD 0000022c: DUP1 0000022d: SWAP2 0000022e: SUB 0000022f: SWAP1 00000230: REVERT 00000231: JUMPDEST 00000232: PUSH1 0x00 00000234: SLOAD 00000235: PUSH1 0x01 00000237: PUSH1 0x01 00000239: PUSH1 0xa0 0000023b: SHL 0000023c: SUB 0000023d: DUP3 0000023e: DUP2 0000023f: AND 00000240: SWAP2 00000241: AND 00000242: EQ 00000243: ISZERO 00000244: PUSH2 0x027e 00000247: JUMPI 00000248: PUSH1 0x40 0000024a: MLOAD 0000024b: PUSH3 0x461bcd 0000024f: PUSH1 0xe5 00000251: SHL 00000252: DUP2 00000253: MSTORE 00000254: PUSH1 0x04 00000256: ADD 00000257: DUP1 00000258: DUP1 00000259: PUSH1 0x20 0000025b: ADD 0000025c: DUP3 0000025d: DUP2 0000025e: SUB 0000025f: DUP3 00000260: MSTORE 00000261: PUSH1 0x29 00000263: DUP2 00000264: MSTORE 00000265: PUSH1 0x20 00000267: ADD 00000268: DUP1 00000269: PUSH2 0x02e6 0000026c: PUSH1 0x29 0000026e: SWAP2 0000026f: CODECOPY 00000270: PUSH1 0x40 00000272: ADD 00000273: SWAP2 00000274: POP 00000275: POP 00000276: PUSH1 0x40 00000278: MLOAD 00000279: DUP1 0000027a: SWAP2 0000027b: SUB 0000027c: SWAP1 0000027d: REVERT 0000027e: JUMPDEST 0000027f: PUSH1 0x01 00000281: DUP1 00000282: SLOAD 00000283: PUSH1 0x01 00000285: PUSH1 0x01 00000287: PUSH1 0xa0 00000289: SHL 0000028a: SUB 0000028b: NOT 0000028c: AND 0000028d: PUSH1 0x01 0000028f: PUSH1 0x01 00000291: PUSH1 0xa0 00000293: SHL 00000294: SUB 00000295: SWAP3 00000296: SWAP1 00000297: SWAP3 00000298: AND 00000299: SWAP2 0000029a: SWAP1 0000029b: SWAP2 0000029c: OR 0000029d: SWAP1 0000029e: SSTORE 0000029f: JUMP 000002a0: JUMPDEST 000002a1: PUSH1 0x00 000002a3: SLOAD 000002a4: PUSH1 0x01 000002a6: PUSH1 0x01 000002a8: PUSH1 0xa0 000002aa: SHL 000002ab: SUB 000002ac: AND 000002ad: SWAP1 000002ae: JUMP 000002af: INVALID 000002b0: MSTORE8 000002b1: PUSH6 0x636f6e646172 000002b8: PUSH26 0x3a2063616c6c6572206973206e6f7420746865207072696d6172 000002d3: PUSH26 0x2063616e646964617465206163636f756e74596f752063616e27 000002ee: PUSH21 0x206d616b6520796f757273656c66205072696d6172 00000304: PUSH26 0x2043616e6469646174655365636f6e646172793a2063616c6c65 0000031f: PUSH19 0x206973206e6f7420746865207072696d617279 00000333: KECCAK256 00000334: PUSH2 0x6363 00000337: PUSH16 0x756e74a264697066735822122053493f 00000348: NOT 00000349: CALLDATALOAD 0000034a: PUSH1 0xfa 0000034c: PC 0000034d: PUSH18 0xe5cf0706ccf645158b9ae689efabbbc9ab0e 00000360: CODECOPY 00000361: EXTCODECOPY 00000362: UNKNOWN(0x2D) 00000363: UNKNOWN(0xC5) 00000364: UNKNOWN(0x24) 00000365: PUSH5 0x736f6c6343 0000036b: STOP 0000036c: MOD 0000036d: UNKNOWN(0x0C) 0000036e: STOP 0000036f: CALLER
Warning: This is a nightly build of Foundry. It is recommended to use the latest stable version. To mute this warning set `FOUNDRY_DISABLE_NIGHTLY_WARNING` in your environment.
| Severity | Category | Tool | Title | Confidence | Validated | Confirmed | Details |
|---|---|---|---|---|---|---|---|
| high | other | detector | Untrusted CALL target/value reachable | 60 | no | no |
viewtrace_id: 0x1aba0598ffa676b1f89cd538d03a79b363538c225a6bd0009d80ce9228128684
call_targets:
0x559b6ab40f14a1ac0f02e23106b374deac91065a
target_varies:
no
classification:
constant_target
validation_json{
"sink": "CALL",
"errors": 0,
"status": "sink_reached",
"attempts": 1,
"trace_id": "0x1aba0598ffa676b1f89cd538d03a79b363538c225a6bd0009d80ce9228128684",
"confirmed": false,
"trace_mode": "callTracer",
"call_targets": [
"0x559b6ab40f14a1ac0f02e23106b374deac91065a"
],
"matched_probe": null,
"target_varies": false,
"classification": "constant_target"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0x0231ee26",
"selector": "0x0231ee26",
"calldata_variants": [
"0x0231ee26",
"0x0231ee260000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x7f29171c",
"selector": "0x7f29171c",
"calldata_variants": [
"0x7f29171c",
"0x7f29171c0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xbe423626",
"selector": "0xbe423626",
"calldata_variants": [
"0xbe423626",
"0xbe4236260000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xc6dbdf61",
"selector": "0xc6dbdf61",
"calldata_variants": [
"0xc6dbdf61",
"0xc6dbdf610000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 340,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
}
],
"call_count": 1,
"guards_detected": [],
"untrusted_call_count": 1
}
|
| high | other | detector | ETH value transfer possible | 55 | no | no |
viewtrace_id: 0x1aba0598ffa676b1f89cd538d03a79b363538c225a6bd0009d80ce9228128684
call_targets:
0x559b6ab40f14a1ac0f02e23106b374deac91065a
target_varies:
no
classification:
constant_target
validation_json{
"sink": "CALL",
"errors": 0,
"status": "sink_reached",
"attempts": 1,
"trace_id": "0x1aba0598ffa676b1f89cd538d03a79b363538c225a6bd0009d80ce9228128684",
"confirmed": false,
"trace_mode": "callTracer",
"call_targets": [
"0x559b6ab40f14a1ac0f02e23106b374deac91065a"
],
"matched_probe": null,
"target_varies": false,
"classification": "constant_target"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0x0231ee26",
"selector": "0x0231ee26",
"calldata_variants": [
"0x0231ee26",
"0x0231ee260000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x7f29171c",
"selector": "0x7f29171c",
"calldata_variants": [
"0x7f29171c",
"0x7f29171c0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xbe423626",
"selector": "0xbe423626",
"calldata_variants": [
"0xbe423626",
"0xbe4236260000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xc6dbdf61",
"selector": "0xc6dbdf61",
"calldata_variants": [
"0xc6dbdf61",
"0xc6dbdf610000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 340,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
}
],
"eth_value_calls": 1,
"guards_detected": []
}
|