019b3844-9cf0-70e9-b531-cc90ca86c68f
Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?
| ID | Type | Status | Attempts | Heartbeat |
|---|---|---|---|---|
| 14669 | artifact.fetch | complete | 1 / 3 | 3 months ago |
| 14670 | tool.cast_disasm | complete | 1 / 3 | 3 months ago |
| 99590 | analysis.bundle | complete | 1 / 3 | 1 week ago |
| 99591 | capability.graph | complete | 1 / 3 | 1 week ago |
| 99592 | detector.run | complete | 1 / 3 | 1 week ago |
| 99593 | validation.fork | complete | 1 / 3 | 1 week ago |
| 113863 | report.consolidate | complete | 1 / 6 | 1 week ago |
No slither job recorded yet.
OpenAI Codex v0.118.0 (research preview) -------- workdir: /tmp/codex-v85fhxrr model: gpt-5.4 provider: openai approval: never sandbox: read-only reasoning effort: high reasoning summaries: none session id: 019d5ca1-255b-7721-9120-3d9651763b9d -------- user You are a security auditor. You ONLY have runtime bytecode + analysis artifacts. You MUST read `BYTECODE_BUNDLE.json` before concluding; it contains the bytecode summary, evidence bundle, callsites, storage slots, and detector findings. Special cases when reasoning from bytecode (be explicit about uncertainty): - Selector inference is best-effort; missing selectors are common. - Fallback/receive paths may be the only entrypoints. - CALL vs DELEGATECALL semantics differ; DELEGATECALL executes in caller storage. - Proxy patterns (EIP-1967, minimal proxies, beacon) change which storage is authoritative. - Storage slots are raw; mappings/arrays appear via keccak patterns, names are unknown. - Guard detection is heuristic; absence of guards does NOT mean unguarded. - Returndata checking is unknown unless explicitly shown in evidence. - Precompiles (0x1..0x9) and common ERC20 transfer selectors may appear; do not over-claim. Output MUST be valid JSON matching the provided schema. - If you find nothing meaningful: set no_findings=true and findings=[]. - Otherwise: set no_findings=false and include findings with severity/category/title. - Locations can be pc references like "pc:0x123" or selectors like "selector:0xa9059cbb". Focus on: reentrancy, access control, upgradeability/proxy issues, signature validation, accounting/invariant breaks, dangerous delegatecall, and untrusted external calls. Be conservative: if evidence is weak, mark severity low/medium and explain why. warning: Codex could not find system bubblewrap on PATH. Please install bubblewrap with your package manager. Codex will use the vendored bubblewrap in the meantime. ERROR: You've hit your usage limit. Visit https://chatgpt.com/codex/settings/usage to purchase more credits or try again at Apr 8th, 2026 9:11 AM. ERROR: You've hit your usage limit. Visit https://chatgpt.com/codex/settings/usage to purchase more credits or try again at Apr 8th, 2026 9:11 AM.
{
"codex": {
"ran_at": "2026-04-05T07:52:39.609015+00:00",
"returncode": 1
},
"project": {
"mode": "bytecode",
"bytecode_length": 3570,
"bytecode_truncated": false,
"capability_graph_present": true,
"analysis_artifact_present": true
},
"summary": null,
"no_findings": null,
"schema_version": 1
}
00000000: PUSH1 0x80 00000002: PUSH1 0x40 00000004: MSTORE 00000005: PUSH1 0x04 00000007: CALLDATASIZE 00000008: LT 00000009: PUSH2 0x004a 0000000c: JUMPI 0000000d: PUSH1 0x00 0000000f: CALLDATALOAD 00000010: PUSH1 0xe0 00000012: SHR 00000013: DUP1 00000014: PUSH4 0x13af4035 00000019: EQ 0000001a: PUSH2 0x0054 0000001d: JUMPI 0000001e: DUP1 0000001f: PUSH4 0x6c5d4ad0 00000024: EQ 00000025: PUSH2 0x0087 00000028: JUMPI 00000029: DUP1 0000002a: PUSH4 0x893d20e8 0000002f: EQ 00000030: PUSH2 0x013a 00000033: JUMPI 00000034: DUP1 00000035: PUSH4 0x9b0b0fda 0000003a: EQ 0000003b: PUSH2 0x016b 0000003e: JUMPI 0000003f: DUP1 00000040: PUSH4 0xaaf10f42 00000045: EQ 00000046: PUSH2 0x019b 00000049: JUMPI 0000004a: JUMPDEST 0000004b: PUSH2 0x0052 0000004e: PUSH2 0x01b0 00000051: JUMP 00000052: JUMPDEST 00000053: STOP 00000054: JUMPDEST 00000055: CALLVALUE 00000056: DUP1 00000057: ISZERO 00000058: PUSH2 0x0060 0000005b: JUMPI 0000005c: PUSH1 0x00 0000005e: DUP1 0000005f: REVERT 00000060: JUMPDEST 00000061: POP 00000062: PUSH2 0x0052 00000065: PUSH1 0x04 00000067: DUP1 00000068: CALLDATASIZE 00000069: SUB 0000006a: PUSH1 0x20 0000006c: DUP2 0000006d: LT 0000006e: ISZERO 0000006f: PUSH2 0x0077 00000072: JUMPI 00000073: PUSH1 0x00 00000075: DUP1 00000076: REVERT 00000077: JUMPDEST 00000078: POP 00000079: CALLDATALOAD 0000007a: PUSH1 0x01 0000007c: PUSH1 0x01 0000007e: PUSH1 0xa0 00000080: SHL 00000081: SUB 00000082: AND 00000083: PUSH2 0x036c 00000086: JUMP 00000087: JUMPDEST 00000088: CALLVALUE 00000089: DUP1 0000008a: ISZERO 0000008b: PUSH2 0x0093 0000008e: JUMPI 0000008f: PUSH1 0x00 00000091: DUP1 00000092: REVERT 00000093: JUMPDEST 00000094: POP 00000095: PUSH2 0x0052 00000098: PUSH1 0x04 0000009a: DUP1 0000009b: CALLDATASIZE 0000009c: SUB 0000009d: PUSH1 0x20 0000009f: DUP2 000000a0: LT 000000a1: ISZERO 000000a2: PUSH2 0x00aa 000000a5: JUMPI 000000a6: PUSH1 0x00 000000a8: DUP1 000000a9: REVERT 000000aa: JUMPDEST 000000ab: DUP2 000000ac: ADD 000000ad: SWAP1 000000ae: PUSH1 0x20 000000b0: DUP2 000000b1: ADD 000000b2: DUP2 000000b3: CALLDATALOAD 000000b4: PUSH5 0x0100000000 000000ba: DUP2 000000bb: GT 000000bc: ISZERO 000000bd: PUSH2 0x00c5 000000c0: JUMPI 000000c1: PUSH1 0x00 000000c3: DUP1 000000c4: REVERT 000000c5: JUMPDEST 000000c6: DUP3 000000c7: ADD 000000c8: DUP4 000000c9: PUSH1 0x20 000000cb: DUP3 000000cc: ADD 000000cd: GT 000000ce: ISZERO 000000cf: PUSH2 0x00d7 000000d2: JUMPI 000000d3: PUSH1 0x00 000000d5: DUP1 000000d6: REVERT 000000d7: JUMPDEST 000000d8: DUP1 000000d9: CALLDATALOAD 000000da: SWAP1 000000db: PUSH1 0x20 000000dd: ADD 000000de: SWAP2 000000df: DUP5 000000e0: PUSH1 0x01 000000e2: DUP4 000000e3: MUL 000000e4: DUP5 000000e5: ADD 000000e6: GT 000000e7: PUSH5 0x0100000000 000000ed: DUP4 000000ee: GT 000000ef: OR 000000f0: ISZERO 000000f1: PUSH2 0x00f9 000000f4: JUMPI 000000f5: PUSH1 0x00 000000f7: DUP1 000000f8: REVERT 000000f9: JUMPDEST 000000fa: SWAP2 000000fb: SWAP1 000000fc: DUP1 000000fd: DUP1 000000fe: PUSH1 0x1f 00000100: ADD 00000101: PUSH1 0x20 00000103: DUP1 00000104: SWAP2 00000105: DIV 00000106: MUL 00000107: PUSH1 0x20 00000109: ADD 0000010a: PUSH1 0x40 0000010c: MLOAD 0000010d: SWAP1 0000010e: DUP2 0000010f: ADD 00000110: PUSH1 0x40 00000112: MSTORE 00000113: DUP1 00000114: SWAP4 00000115: SWAP3 00000116: SWAP2 00000117: SWAP1 00000118: DUP2 00000119: DUP2 0000011a: MSTORE 0000011b: PUSH1 0x20 0000011d: ADD 0000011e: DUP4 0000011f: DUP4 00000120: DUP1 00000121: DUP3 00000122: DUP5 00000123: CALLDATACOPY 00000124: PUSH1 0x00 00000126: SWAP3 00000127: ADD 00000128: SWAP2 00000129: SWAP1 0000012a: SWAP2 0000012b: MSTORE 0000012c: POP 0000012d: SWAP3 0000012e: SWAP6 0000012f: POP 00000130: PUSH2 0x03af 00000133: SWAP5 00000134: POP 00000135: POP 00000136: POP 00000137: POP 00000138: POP 00000139: JUMP 0000013a: JUMPDEST 0000013b: CALLVALUE 0000013c: DUP1 0000013d: ISZERO 0000013e: PUSH2 0x0146 00000141: JUMPI 00000142: PUSH1 0x00 00000144: DUP1 00000145: REVERT 00000146: JUMPDEST 00000147: POP 00000148: PUSH2 0x014f 0000014b: PUSH2 0x0505 0000014e: JUMP 0000014f: JUMPDEST 00000150: PUSH1 0x40 00000152: DUP1 00000153: MLOAD 00000154: PUSH1 0x01 00000156: PUSH1 0x01 00000158: PUSH1 0xa0 0000015a: SHL 0000015b: SUB 0000015c: SWAP1 0000015d: SWAP3 0000015e: AND 0000015f: DUP3 00000160: MSTORE 00000161: MLOAD 00000162: SWAP1 00000163: DUP2 00000164: SWAP1 00000165: SUB 00000166: PUSH1 0x20 00000168: ADD 00000169: SWAP1 0000016a: RETURN 0000016b: JUMPDEST 0000016c: CALLVALUE 0000016d: DUP1 0000016e: ISZERO 0000016f: PUSH2 0x0177 00000172: JUMPI 00000173: PUSH1 0x00 00000175: DUP1 00000176: REVERT 00000177: JUMPDEST 00000178: POP 00000179: PUSH2 0x0052 0000017c: PUSH1 0x04 0000017e: DUP1 0000017f: CALLDATASIZE 00000180: SUB 00000181: PUSH1 0x40 00000183: DUP2 00000184: LT 00000185: ISZERO 00000186: PUSH2 0x018e 00000189: JUMPI 0000018a: PUSH1 0x00 0000018c: DUP1 0000018d: REVERT 0000018e: JUMPDEST 0000018f: POP 00000190: DUP1 00000191: CALLDATALOAD 00000192: SWAP1 00000193: PUSH1 0x20 00000195: ADD 00000196: CALLDATALOAD 00000197: PUSH2 0x054b 0000019a: JUMP 0000019b: JUMPDEST 0000019c: CALLVALUE 0000019d: DUP1 0000019e: ISZERO 0000019f: PUSH2 0x01a7 000001a2: JUMPI 000001a3: PUSH1 0x00 000001a5: DUP1 000001a6: REVERT 000001a7: JUMPDEST 000001a8: POP 000001a9: PUSH2 0x014f 000001ac: PUSH2 0x0589 000001af: JUMP 000001b0: JUMPDEST 000001b1: PUSH1 0x00 000001b3: PUSH2 0x01ba 000001b6: PUSH2 0x05bd 000001b9: JUMP 000001ba: JUMPDEST 000001bb: PUSH1 0x40 000001bd: DUP1 000001be: MLOAD 000001bf: PUSH1 0x04 000001c1: DUP2 000001c2: MSTORE 000001c3: PUSH1 0x24 000001c5: DUP2 000001c6: ADD 000001c7: DUP3 000001c8: MSTORE 000001c9: PUSH1 0x20 000001cb: DUP2 000001cc: ADD 000001cd: DUP1 000001ce: MLOAD 000001cf: PUSH1 0x01 000001d1: PUSH1 0x01 000001d3: PUSH1 0xe0 000001d5: SHL 000001d6: SUB 000001d7: AND 000001d8: PUSH4 0x5bca3931 000001dd: PUSH1 0xe1 000001df: SHL 000001e0: OR 000001e1: DUP2 000001e2: MSTORE 000001e3: SWAP2 000001e4: MLOAD 000001e5: DUP2 000001e6: MLOAD 000001e7: SWAP4 000001e8: SWAP5 000001e9: POP 000001ea: PUSH1 0x00 000001ec: SWAP4 000001ed: DUP5 000001ee: SWAP4 000001ef: PUSH1 0x01 000001f1: PUSH1 0x01 000001f3: PUSH1 0xa0 000001f5: SHL 000001f6: SUB 000001f7: DUP8 000001f8: AND 000001f9: SWAP4 000001fa: SWAP3 000001fb: SWAP2 000001fc: DUP3 000001fd: SWAP2 000001fe: SWAP1 000001ff: DUP1 00000200: DUP4 00000201: DUP4 00000202: JUMPDEST 00000203: PUSH1 0x20 00000205: DUP4 00000206: LT 00000207: PUSH2 0x0221 0000020a: JUMPI 0000020b: DUP1 0000020c: MLOAD 0000020d: DUP3 0000020e: MSTORE 0000020f: PUSH1 0x1f 00000211: NOT 00000212: SWAP1 00000213: SWAP3 00000214: ADD 00000215: SWAP2 00000216: PUSH1 0x20 00000218: SWAP2 00000219: DUP3 0000021a: ADD 0000021b: SWAP2 0000021c: ADD 0000021d: PUSH2 0x0202 00000220: JUMP 00000221: JUMPDEST 00000222: PUSH1 0x01 00000224: DUP4 00000225: PUSH1 0x20 00000227: SUB 00000228: PUSH2 0x0100 0000022b: EXP 0000022c: SUB 0000022d: DUP1 0000022e: NOT 0000022f: DUP3 00000230: MLOAD 00000231: AND 00000232: DUP2 00000233: DUP5 00000234: MLOAD 00000235: AND 00000236: DUP1 00000237: DUP3 00000238: OR 00000239: DUP6 0000023a: MSTORE 0000023b: POP 0000023c: POP 0000023d: POP 0000023e: POP 0000023f: POP 00000240: POP 00000241: SWAP1 00000242: POP 00000243: ADD 00000244: SWAP2 00000245: POP 00000246: POP 00000247: PUSH1 0x00 00000249: PUSH1 0x40 0000024b: MLOAD 0000024c: DUP1 0000024d: DUP4 0000024e: SUB 0000024f: DUP2 00000250: DUP6 00000251: GAS 00000252: STATICCALL 00000253: SWAP2 00000254: POP 00000255: POP 00000256: RETURNDATASIZE 00000257: DUP1 00000258: PUSH1 0x00 0000025a: DUP2 0000025b: EQ 0000025c: PUSH2 0x0281 0000025f: JUMPI 00000260: PUSH1 0x40 00000262: MLOAD 00000263: SWAP2 00000264: POP 00000265: PUSH1 0x1f 00000267: NOT 00000268: PUSH1 0x3f 0000026a: RETURNDATASIZE 0000026b: ADD 0000026c: AND 0000026d: DUP3 0000026e: ADD 0000026f: PUSH1 0x40 00000271: MSTORE 00000272: RETURNDATASIZE 00000273: DUP3 00000274: MSTORE 00000275: RETURNDATASIZE 00000276: PUSH1 0x00 00000278: PUSH1 0x20 0000027a: DUP5 0000027b: ADD 0000027c: RETURNDATACOPY 0000027d: PUSH2 0x0286 00000280: JUMP 00000281: JUMPDEST 00000282: PUSH1 0x60 00000284: SWAP2 00000285: POP 00000286: JUMPDEST 00000287: POP 00000288: SWAP2 00000289: POP 0000028a: SWAP2 0000028b: POP 0000028c: DUP2 0000028d: DUP1 0000028e: ISZERO 0000028f: PUSH2 0x0299 00000292: JUMPI 00000293: POP 00000294: DUP1 00000295: MLOAD 00000296: PUSH1 0x20 00000298: EQ 00000299: JUMPDEST 0000029a: ISZERO 0000029b: PUSH2 0x02f8 0000029e: JUMPI 0000029f: PUSH1 0x00 000002a1: DUP2 000002a2: DUP1 000002a3: PUSH1 0x20 000002a5: ADD 000002a6: SWAP1 000002a7: MLOAD 000002a8: PUSH1 0x20 000002aa: DUP2 000002ab: LT 000002ac: ISZERO 000002ad: PUSH2 0x02b5 000002b0: JUMPI 000002b1: PUSH1 0x00 000002b3: DUP1 000002b4: REVERT 000002b5: JUMPDEST 000002b6: POP 000002b7: MLOAD 000002b8: SWAP1 000002b9: POP 000002ba: DUP1 000002bb: ISZERO 000002bc: PUSH2 0x02f6 000002bf: JUMPI 000002c0: PUSH1 0x40 000002c2: MLOAD 000002c3: PUSH3 0x461bcd 000002c7: PUSH1 0xe5 000002c9: SHL 000002ca: DUP2 000002cb: MSTORE 000002cc: PUSH1 0x04 000002ce: ADD 000002cf: DUP1 000002d0: DUP1 000002d1: PUSH1 0x20 000002d3: ADD 000002d4: DUP3 000002d5: DUP2 000002d6: SUB 000002d7: DUP3 000002d8: MSTORE 000002d9: PUSH1 0x35 000002db: DUP2 000002dc: MSTORE 000002dd: PUSH1 0x20 000002df: ADD 000002e0: DUP1 000002e1: PUSH2 0x06b7 000002e4: PUSH1 0x35 000002e6: SWAP2 000002e7: CODECOPY 000002e8: PUSH1 0x40 000002ea: ADD 000002eb: SWAP2 000002ec: POP 000002ed: POP 000002ee: PUSH1 0x40 000002f0: MLOAD 000002f1: DUP1 000002f2: SWAP2 000002f3: SUB 000002f4: SWAP1 000002f5: REVERT 000002f6: JUMPDEST 000002f7: POP 000002f8: JUMPDEST 000002f9: PUSH1 0x00 000002fb: PUSH2 0x0302 000002fe: PUSH2 0x05e2 00000301: JUMP 00000302: JUMPDEST 00000303: SWAP1 00000304: POP 00000305: PUSH1 0x01 00000307: PUSH1 0x01 00000309: PUSH1 0xa0 0000030b: SHL 0000030c: SUB 0000030d: DUP2 0000030e: AND 0000030f: PUSH2 0x0349 00000312: JUMPI 00000313: PUSH1 0x40 00000315: MLOAD 00000316: PUSH3 0x461bcd 0000031a: PUSH1 0xe5 0000031c: SHL 0000031d: DUP2 0000031e: MSTORE 0000031f: PUSH1 0x04 00000321: ADD 00000322: DUP1 00000323: DUP1 00000324: PUSH1 0x20 00000326: ADD 00000327: DUP3 00000328: DUP2 00000329: SUB 0000032a: DUP3 0000032b: MSTORE 0000032c: PUSH1 0x30 0000032e: DUP2 0000032f: MSTORE 00000330: PUSH1 0x20 00000332: ADD 00000333: DUP1 00000334: PUSH2 0x0654 00000337: PUSH1 0x30 00000339: SWAP2 0000033a: CODECOPY 0000033b: PUSH1 0x40 0000033d: ADD 0000033e: SWAP2 0000033f: POP 00000340: POP 00000341: PUSH1 0x40 00000343: MLOAD 00000344: DUP1 00000345: SWAP2 00000346: SUB 00000347: SWAP1 00000348: REVERT 00000349: JUMPDEST 0000034a: CALLDATASIZE 0000034b: PUSH1 0x00 0000034d: DUP1 0000034e: CALLDATACOPY 0000034f: PUSH1 0x00 00000351: DUP1 00000352: CALLDATASIZE 00000353: PUSH1 0x00 00000355: DUP5 00000356: GAS 00000357: DELEGATECALL 00000358: RETURNDATASIZE 00000359: PUSH1 0x00 0000035b: DUP1 0000035c: RETURNDATACOPY 0000035d: DUP1 0000035e: PUSH2 0x0366 00000361: JUMPI 00000362: RETURNDATASIZE 00000363: PUSH1 0x00 00000365: REVERT 00000366: JUMPDEST 00000367: POP 00000368: RETURNDATASIZE 00000369: PUSH1 0x00 0000036b: RETURN 0000036c: JUMPDEST 0000036d: PUSH2 0x0374 00000370: PUSH2 0x05bd 00000373: JUMP 00000374: JUMPDEST 00000375: PUSH1 0x01 00000377: PUSH1 0x01 00000379: PUSH1 0xa0 0000037b: SHL 0000037c: SUB 0000037d: AND 0000037e: CALLER 0000037f: PUSH1 0x01 00000381: PUSH1 0x01 00000383: PUSH1 0xa0 00000385: SHL 00000386: SUB 00000387: AND 00000388: EQ 00000389: DUP1 0000038a: PUSH2 0x0391 0000038d: JUMPI 0000038e: POP 0000038f: CALLER 00000390: ISZERO 00000391: JUMPDEST 00000392: ISZERO 00000393: PUSH2 0x03a4 00000396: JUMPI 00000397: PUSH2 0x039f 0000039a: DUP2 0000039b: PUSH2 0x0607 0000039e: JUMP 0000039f: JUMPDEST 000003a0: PUSH2 0x03ac 000003a3: JUMP 000003a4: JUMPDEST 000003a5: PUSH2 0x03ac 000003a8: PUSH2 0x01b0 000003ab: JUMP 000003ac: JUMPDEST 000003ad: POP 000003ae: JUMP 000003af: JUMPDEST 000003b0: PUSH2 0x03b7 000003b3: PUSH2 0x05bd 000003b6: JUMP 000003b7: JUMPDEST 000003b8: PUSH1 0x01 000003ba: PUSH1 0x01 000003bc: PUSH1 0xa0 000003be: SHL 000003bf: SUB 000003c0: AND 000003c1: CALLER 000003c2: PUSH1 0x01 000003c4: PUSH1 0x01 000003c6: PUSH1 0xa0 000003c8: SHL 000003c9: SUB 000003ca: AND 000003cb: EQ 000003cc: DUP1 000003cd: PUSH2 0x03d4 000003d0: JUMPI 000003d1: POP 000003d2: CALLER 000003d3: ISZERO 000003d4: JUMPDEST 000003d5: ISZERO 000003d6: PUSH2 0x03a4 000003d9: JUMPI 000003da: PUSH1 0x00 000003dc: PUSH2 0x03e3 000003df: PUSH2 0x05e2 000003e2: JUMP 000003e3: JUMPDEST 000003e4: SWAP1 000003e5: POP 000003e6: PUSH2 0x03ee 000003e9: DUP2 000003ea: PUSH2 0x062b 000003ed: JUMP 000003ee: JUMPDEST 000003ef: DUP3 000003f0: MLOAD 000003f1: PUSH1 0x20 000003f3: DUP5 000003f4: ADD 000003f5: KECCAK256 000003f6: EQ 000003f7: ISZERO 000003f8: PUSH2 0x0401 000003fb: JUMPI 000003fc: POP 000003fd: PUSH2 0x039f 00000400: JUMP 00000401: JUMPDEST 00000402: PUSH1 0x00 00000404: PUSH13 0x600d380380600d6000396000f3 00000412: PUSH1 0x98 00000414: SHL 00000415: DUP4 00000416: PUSH1 0x40 00000418: MLOAD 00000419: PUSH1 0x20 0000041b: ADD 0000041c: DUP1 0000041d: DUP4 0000041e: PUSH19 0xffffffffffffffffffffffffffffffffffffff 00000432: NOT 00000433: AND 00000434: DUP2 00000435: MSTORE 00000436: PUSH1 0x0d 00000438: ADD 00000439: DUP3 0000043a: DUP1 0000043b: MLOAD 0000043c: SWAP1 0000043d: PUSH1 0x20 0000043f: ADD 00000440: SWAP1 00000441: DUP1 00000442: DUP4 00000443: DUP4 00000444: JUMPDEST 00000445: PUSH1 0x20 00000447: DUP4 00000448: LT 00000449: PUSH2 0x0463 0000044c: JUMPI 0000044d: DUP1 0000044e: MLOAD 0000044f: DUP3 00000450: MSTORE 00000451: PUSH1 0x1f 00000453: NOT 00000454: SWAP1 00000455: SWAP3 00000456: ADD 00000457: SWAP2 00000458: PUSH1 0x20 0000045a: SWAP2 0000045b: DUP3 0000045c: ADD 0000045d: SWAP2 0000045e: ADD 0000045f: PUSH2 0x0444 00000462: JUMP 00000463: JUMPDEST 00000464: PUSH1 0x01 00000466: DUP4 00000467: PUSH1 0x20 00000469: SUB 0000046a: PUSH2 0x0100 0000046d: EXP 0000046e: SUB 0000046f: DUP1 00000470: NOT 00000471: DUP3 00000472: MLOAD 00000473: AND 00000474: DUP2 00000475: DUP5 00000476: MLOAD 00000477: AND 00000478: DUP1 00000479: DUP3 0000047a: OR 0000047b: DUP6 0000047c: MSTORE 0000047d: POP 0000047e: POP 0000047f: POP 00000480: POP 00000481: POP 00000482: POP 00000483: SWAP1 00000484: POP 00000485: ADD 00000486: SWAP3 00000487: POP 00000488: POP 00000489: POP 0000048a: PUSH1 0x40 0000048c: MLOAD 0000048d: PUSH1 0x20 0000048f: DUP2 00000490: DUP4 00000491: SUB 00000492: SUB 00000493: DUP2 00000494: MSTORE 00000495: SWAP1 00000496: PUSH1 0x40 00000498: MSTORE 00000499: SWAP1 0000049a: POP 0000049b: PUSH1 0x00 0000049d: DUP2 0000049e: MLOAD 0000049f: PUSH1 0x20 000004a1: DUP4 000004a2: ADD 000004a3: PUSH1 0x00 000004a5: CREATE 000004a6: SWAP1 000004a7: POP 000004a8: DUP4 000004a9: DUP1 000004aa: MLOAD 000004ab: SWAP1 000004ac: PUSH1 0x20 000004ae: ADD 000004af: KECCAK256 000004b0: PUSH2 0x04b8 000004b3: DUP3 000004b4: PUSH2 0x062b 000004b7: JUMP 000004b8: JUMPDEST 000004b9: EQ 000004ba: PUSH2 0x04f4 000004bd: JUMPI 000004be: PUSH1 0x40 000004c0: MLOAD 000004c1: PUSH3 0x461bcd 000004c5: PUSH1 0xe5 000004c7: SHL 000004c8: DUP2 000004c9: MSTORE 000004ca: PUSH1 0x04 000004cc: ADD 000004cd: DUP1 000004ce: DUP1 000004cf: PUSH1 0x20 000004d1: ADD 000004d2: DUP3 000004d3: DUP2 000004d4: SUB 000004d5: DUP3 000004d6: MSTORE 000004d7: PUSH1 0x33 000004d9: DUP2 000004da: MSTORE 000004db: PUSH1 0x20 000004dd: ADD 000004de: DUP1 000004df: PUSH2 0x0684 000004e2: PUSH1 0x33 000004e4: SWAP2 000004e5: CODECOPY 000004e6: PUSH1 0x40 000004e8: ADD 000004e9: SWAP2 000004ea: POP 000004eb: POP 000004ec: PUSH1 0x40 000004ee: MLOAD 000004ef: DUP1 000004f0: SWAP2 000004f1: SUB 000004f2: SWAP1 000004f3: REVERT 000004f4: JUMPDEST 000004f5: PUSH2 0x04fd 000004f8: DUP2 000004f9: PUSH2 0x062f 000004fc: JUMP 000004fd: JUMPDEST 000004fe: POP 000004ff: POP 00000500: POP 00000501: PUSH2 0x03ac 00000504: JUMP 00000505: JUMPDEST 00000506: PUSH1 0x00 00000508: PUSH2 0x050f 0000050b: PUSH2 0x05bd 0000050e: JUMP 0000050f: JUMPDEST 00000510: PUSH1 0x01 00000512: PUSH1 0x01 00000514: PUSH1 0xa0 00000516: SHL 00000517: SUB 00000518: AND 00000519: CALLER 0000051a: PUSH1 0x01 0000051c: PUSH1 0x01 0000051e: PUSH1 0xa0 00000520: SHL 00000521: SUB 00000522: AND 00000523: EQ 00000524: DUP1 00000525: PUSH2 0x052c 00000528: JUMPI 00000529: POP 0000052a: CALLER 0000052b: ISZERO 0000052c: JUMPDEST 0000052d: ISZERO 0000052e: PUSH2 0x0540 00000531: JUMPI 00000532: PUSH2 0x0539 00000535: PUSH2 0x05bd 00000538: JUMP 00000539: JUMPDEST 0000053a: SWAP1 0000053b: POP 0000053c: PUSH2 0x0548 0000053f: JUMP 00000540: JUMPDEST 00000541: PUSH2 0x0548 00000544: PUSH2 0x01b0 00000547: JUMP 00000548: JUMPDEST 00000549: SWAP1 0000054a: JUMP 0000054b: JUMPDEST 0000054c: PUSH2 0x0553 0000054f: PUSH2 0x05bd 00000552: JUMP 00000553: JUMPDEST 00000554: PUSH1 0x01 00000556: PUSH1 0x01 00000558: PUSH1 0xa0 0000055a: SHL 0000055b: SUB 0000055c: AND 0000055d: CALLER 0000055e: PUSH1 0x01 00000560: PUSH1 0x01 00000562: PUSH1 0xa0 00000564: SHL 00000565: SUB 00000566: AND 00000567: EQ 00000568: DUP1 00000569: PUSH2 0x0570 0000056c: JUMPI 0000056d: POP 0000056e: CALLER 0000056f: ISZERO 00000570: JUMPDEST 00000571: ISZERO 00000572: PUSH2 0x057d 00000575: JUMPI 00000576: DUP1 00000577: DUP3 00000578: SSTORE 00000579: PUSH2 0x0585 0000057c: JUMP 0000057d: JUMPDEST 0000057e: PUSH2 0x0585 00000581: PUSH2 0x01b0 00000584: JUMP 00000585: JUMPDEST 00000586: POP 00000587: POP 00000588: JUMP 00000589: JUMPDEST 0000058a: PUSH1 0x00 0000058c: PUSH2 0x0593 0000058f: PUSH2 0x05bd 00000592: JUMP 00000593: JUMPDEST 00000594: PUSH1 0x01 00000596: PUSH1 0x01 00000598: PUSH1 0xa0 0000059a: SHL 0000059b: SUB 0000059c: AND 0000059d: CALLER 0000059e: PUSH1 0x01 000005a0: PUSH1 0x01 000005a2: PUSH1 0xa0 000005a4: SHL 000005a5: SUB 000005a6: AND 000005a7: EQ 000005a8: DUP1 000005a9: PUSH2 0x05b0 000005ac: JUMPI 000005ad: POP 000005ae: CALLER 000005af: ISZERO 000005b0: JUMPDEST 000005b1: ISZERO 000005b2: PUSH2 0x0540 000005b5: JUMPI 000005b6: PUSH2 0x0539 000005b9: PUSH2 0x05e2 000005bc: JUMP 000005bd: JUMPDEST 000005be: PUSH32 0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103 000005df: SLOAD 000005e0: SWAP1 000005e1: JUMP 000005e2: JUMPDEST 000005e3: PUSH32 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc 00000604: SLOAD 00000605: SWAP1 00000606: JUMP 00000607: JUMPDEST 00000608: PUSH32 0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103 00000629: SSTORE 0000062a: JUMP 0000062b: JUMPDEST 0000062c: EXTCODEHASH 0000062d: SWAP1 0000062e: JUMP 0000062f: JUMPDEST 00000630: PUSH32 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc 00000651: SSTORE 00000652: JUMP 00000653: INVALID 00000654: UNKNOWN(0x4C) 00000655: BALANCE 00000656: NUMBER 00000657: PUSH9 0x756753706c61736850 00000661: PUSH19 0x6f78793a20696d706c656d656e746174696f6e 00000675: KECCAK256 00000676: PUSH10 0x73206e6f742073657420 00000681: PUSH26 0x65744c314368756753706c61736850726f78793a20636f646520 0000069c: PUSH24 0x6173206e6f7420636f72726563746c79206465706c6f7965 000006b5: PUSH5 0x2e4c314368 000006bb: PUSH22 0x6753706c61736850726f78793a2073797374656d2069 000006d2: PUSH20 0x2063757272656e746c79206265696e6720757067 000006e7: PUSH19
Warning: This is a nightly build of Foundry. It is recommended to use the latest stable version. To mute this warning set `FOUNDRY_DISABLE_NIGHTLY_WARNING` in your environment.
| Severity | Category | Tool | Title | Confidence | Validated | Confirmed | Details |
|---|---|---|---|---|---|---|---|
| critical | upgradeability | detector | Untrusted DELEGATECALL target reachable | 70 | yes | yes |
viewtrace_id: 0x0343dac462ff5e5fc866065961381703e07d3d04443a2e2b4ecc771339d53865
call_targets:
0xd9db270c1b5e3bd161e8c8503c55ceabee709552, 0xf46655cad8c7db3719af4eb9cfdac0987985080c
target_varies:
yes
classification:
target_varies
validation_json{
"sink": "DELEGATECALL",
"errors": 0,
"status": "confirmed",
"attempts": 2,
"trace_id": "0x0343dac462ff5e5fc866065961381703e07d3d04443a2e2b4ecc771339d53865",
"confirmed": true,
"trace_mode": "callTracer",
"call_targets": [
"0xd9db270c1b5e3bd161e8c8503c55ceabee709552",
"0xf46655cad8c7db3719af4eb9cfdac0987985080c"
],
"matched_probe": null,
"target_varies": true,
"classification": "target_varies"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0x13af4035",
"selector": "0x13af4035",
"calldata_variants": [
"0x13af4035",
"0x13af40350000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x6c5d4ad0",
"selector": "0x6c5d4ad0",
"calldata_variants": [
"0x6c5d4ad0",
"0x6c5d4ad00000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x893d20e8",
"selector": "0x893d20e8",
"calldata_variants": [
"0x893d20e8",
"0x893d20e80000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x9b0b0fda",
"selector": "0x9b0b0fda",
"calldata_variants": [
"0x9b0b0fda",
"0x9b0b0fda0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xaaf10f42",
"selector": "0xaaf10f42",
"calldata_variants": [
"0xaaf10f42",
"0xaaf10f420000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 855,
"opcode": "DELEGATECALL",
"returndata_checked": null,
"value_expression_category": "n/a",
"target_expression_category": "computed"
}
],
"guards_detected": [],
"delegatecall_count": 1,
"untrusted_delegatecall_count": 1
}
|
| medium | other | detector | CREATE/CREATE2 reachable | 45 | no | no |
viewtrace_id: 0x09a493ecacf1c94967ebf71a35c81fbdae2a71943816dfe96d94e3ad364fd855
validation_json{
"sink": "CREATE",
"errors": 0,
"status": "unknown",
"attempts": 10,
"trace_id": "0x09a493ecacf1c94967ebf71a35c81fbdae2a71943816dfe96d94e3ad364fd855",
"confirmed": false,
"trace_mode": "structLogs",
"call_targets": null,
"matched_probe": null,
"target_varies": null,
"classification": "no_sink"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0x13af4035",
"selector": "0x13af4035",
"calldata_variants": [
"0x13af4035",
"0x13af40350000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x6c5d4ad0",
"selector": "0x6c5d4ad0",
"calldata_variants": [
"0x6c5d4ad0",
"0x6c5d4ad00000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x893d20e8",
"selector": "0x893d20e8",
"calldata_variants": [
"0x893d20e8",
"0x893d20e80000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x9b0b0fda",
"selector": "0x9b0b0fda",
"calldata_variants": [
"0x9b0b0fda",
"0x9b0b0fda0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xaaf10f42",
"selector": "0xaaf10f42",
"calldata_variants": [
"0xaaf10f42",
"0xaaf10f420000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"create_count": 1,
"create2_count": 0
}
|