TW
Tripwire
Find contracts. Test them. Review real vulns.

Analysis Run

019b477e-bc12-72c4-9684-c7ba6fed5d48

complete
Chain ID
1
Address
0xb02b12bf1f2337d2e45554aec474e4e25bdf8c76
Block Number
Created
Mon, Dec 22, 2025 7:17 PM
Review Summary

What survived the funnel

Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?

back to vulns open contract
Confirmed
0
Validated
0
Source
Bytecode only
Review Backing
Not yet
Best current signal
Untrusted CALL target/value reachable
crit 0 high 0 direct contract
Review Checklist
1. Read the findings table first. Ignore raw jobs until the result looks real.
2. Confirm attacker control, not just the existence of a sink.
3. Confirm money or privilege impact.
4. Keep it if the behavior is real. Kill it if this is normal proxy, admin, or upgrade plumbing.

Processing Jobs

Status & attempts
ID Type Status Attempts Heartbeat
24011 artifact.fetch complete 1 / 3 4 months ago
24012 tool.cast_disasm complete 1 / 3 4 months ago
67206 analysis.bundle complete 1 / 3 2 weeks ago
67207 capability.graph complete 1 / 3 2 weeks ago
67208 detector.run complete 1 / 3 2 weeks ago
67209 validation.fork complete 1 / 3 2 weeks ago

Artifact

Runtime bytecode: available
Creation TX:
Deployer:
Proxy: no
Implementation:
Verified Source: no

Slither

tool.slither

No slither job recorded yet.

Codex

report.consolidate

No codex job recorded yet.

Opcode Heuristics

tool.cast_disasm
Delegatecall
0
Selfdestruct
0
CREATE2
0
CALL-family (heavy)
1
EXT*/BALANCE
0
Total opcodes
269
Flags
No heuristic flags raised.
View cast disassembly output 
00000000: CALLDATASIZE
00000001: ISZERO
00000002: ISZERO
00000003: PUSH2 0x0008
00000006: JUMPI
00000007: STOP
00000008: JUMPDEST
00000009: PUSH1 0x20
0000000b: PUSH2 0x0014
0000000e: DUP2
0000000f: CODESIZE
00000010: PUSH2 0x0109
00000013: JUMP
00000014: JUMPDEST
00000015: PUSH1 0x00
00000017: DUP3
00000018: DUP3
00000019: DUP3
0000001a: CODECOPY
0000001b: DUP1
0000001c: MLOAD
0000001d: SWAP2
0000001e: POP
0000001f: DUP1
00000020: SLOAD
00000021: PUSH1 0x04
00000023: DUP1
00000024: DUP4
00000025: DUP5
00000026: CALLDATACOPY
00000027: PUSH1 0x01
00000029: PUSH1 0xe0
0000002b: SHL
0000002c: DUP4
0000002d: MLOAD
0000002e: DIV
0000002f: PUSH4 0xc4627c5d
00000034: DUP2
00000035: EQ
00000036: PUSH2 0x0057
00000039: JUMPI
0000003a: PUSH4 0x776d1a01
0000003f: DUP2
00000040: EQ
00000041: PUSH2 0x00a6
00000044: JUMPI
00000045: PUSH4 0x1e77933e
0000004a: DUP2
0000004b: EQ
0000004c: PUSH2 0x00c0
0000004f: JUMPI
00000050: DUP4
00000051: DUP5
00000052: REVERT
00000053: PUSH2 0x00d5
00000056: JUMP
00000057: JUMPDEST
00000058: DUP5
00000059: CALLER
0000005a: EQ
0000005b: PUSH2 0x0069
0000005e: PUSH1 0x01
00000060: DUP3
00000061: DUP7
00000062: CALLER
00000063: EQ
00000064: OR
00000065: PUSH2 0x0131
00000068: JUMP
00000069: JUMPDEST
0000006a: CALLDATASIZE
0000006b: DUP4
0000006c: DUP7
0000006d: CALLDATACOPY
0000006e: PUSH2 0x007f
00000071: PUSH1 0x02
00000073: PUSH1 0x01
00000075: SLOAD
00000076: DUP8
00000077: MLOAD
00000078: EQ
00000079: DUP4
0000007a: OR
0000007b: PUSH2 0x0131
0000007e: JUMP
0000007f: JUMPDEST
00000080: POP
00000081: PUSH2 0x00a1
00000084: PUSH1 0x03
00000086: DUP6
00000087: DUP7
00000088: PUSH1 0x60
0000008a: MLOAD
0000008b: PUSH2 0x0096
0000008e: DUP12
0000008f: PUSH1 0x40
00000091: MLOAD
00000092: PUSH2 0x00e1
00000095: JUMP
00000096: JUMPDEST
00000097: DUP12
00000098: MLOAD
00000099: DUP11
0000009a: MLOAD
0000009b: GAS
0000009c: CALL
0000009d: PUSH2 0x0131
000000a0: JUMP
000000a1: JUMPDEST
000000a2: PUSH2 0x00d5
000000a5: JUMP
000000a6: JUMPDEST
000000a7: PUSH2 0x00b2
000000aa: DUP3
000000ab: DUP7
000000ac: CALLER
000000ad: EQ
000000ae: PUSH2 0x0131
000000b1: JUMP
000000b2: JUMPDEST
000000b3: DUP6
000000b4: DUP3
000000b5: DUP6
000000b6: CALLDATACOPY
000000b7: DUP4
000000b8: MLOAD
000000b9: PUSH1 0x01
000000bb: SSTORE
000000bc: PUSH2 0x00d5
000000bf: JUMP
000000c0: JUMPDEST
000000c1: PUSH2 0x00cc
000000c4: DUP3
000000c5: DUP7
000000c6: CALLER
000000c7: EQ
000000c8: PUSH2 0x0131
000000cb: JUMP
000000cc: JUMPDEST
000000cd: DUP6
000000ce: DUP3
000000cf: DUP6
000000d0: CALLDATACOPY
000000d1: DUP4
000000d2: MLOAD
000000d3: DUP5
000000d4: SSTORE
000000d5: JUMPDEST
000000d6: POP
000000d7: POP
000000d8: POP
000000d9: POP
000000da: POP
000000db: POP
000000dc: STOP
000000dd: PUSH2 0x0149
000000e0: JUMP
000000e1: JUMPDEST
000000e2: PUSH1 0x00
000000e4: DUP3
000000e5: DUP3
000000e6: ADD
000000e7: SWAP1
000000e8: POP
000000e9: PUSH1 0x01
000000eb: DUP3
000000ec: DUP3
000000ed: GT
000000ee: DUP4
000000ef: DUP4
000000f0: EQ
000000f1: OR
000000f2: LT
000000f3: ISZERO
000000f4: PUSH2 0x0102
000000f7: JUMPI
000000f8: PUSH1 0x00
000000fa: PUSH1 0x00
000000fc: MSTORE
000000fd: PUSH1 0x20
000000ff: PUSH1 0x00
00000101: REVERT
00000102: JUMPDEST
00000103: JUMPDEST
00000104: SWAP3
00000105: SWAP2
00000106: POP
00000107: POP
00000108: JUMP
00000109: JUMPDEST
0000010a: PUSH1 0x00
0000010c: DUP3
0000010d: DUP3
0000010e: SUB
0000010f: SWAP1
00000110: POP
00000111: PUSH1 0x01
00000113: DUP3
00000114: DUP3
00000115: LT
00000116: DUP4
00000117: DUP4
00000118: EQ
00000119: OR
0000011a: LT
0000011b: ISZERO
0000011c: PUSH2 0x012a
0000011f: JUMPI
00000120: PUSH1 0x00
00000122: PUSH1 0x00
00000124: MSTORE
00000125: PUSH1 0x20
00000127: PUSH1 0x00
00000129: REVERT
0000012a: JUMPDEST
0000012b: JUMPDEST
0000012c: SWAP3
0000012d: SWAP2
0000012e: POP
0000012f: POP
00000130: JUMP
00000131: JUMPDEST
00000132: PUSH1 0x01
00000134: DUP2
00000135: LT
00000136: ISZERO
00000137: PUSH2 0x0144
0000013a: JUMPI
0000013b: DUP2
0000013c: PUSH1 0x00
0000013e: MSTORE
0000013f: PUSH1 0x20
00000141: PUSH1 0x00
00000143: REVERT
00000144: JUMPDEST
00000145: JUMPDEST
00000146: POP
00000147: POP
00000148: JUMP
00000149: JUMPDEST
0000014a: STOP
0000014b: STOP
0000014c: STOP
0000014d: STOP
0000014e: STOP
0000014f: STOP
00000150: STOP
00000151: STOP
00000152: STOP
00000153: STOP
00000154: STOP
00000155: STOP
00000156: UNKNOWN(0x0E)
00000157: UNKNOWN(0xA6)
00000158: UNKNOWN(0xB5)
00000159: UNKNOWN(0xED)
0000015a: UNKNOWN(0xC8)
0000015b: SWAP1
0000015c: TLOAD
0000015d: DUP6
0000015e: MLOAD
0000015f: UNKNOWN(0x4B)
00000160: CALLDATASIZE
00000161: PUSH23 0x703f1bfe6ec260ad0000000000000000000000003e947a
00000179: UNKNOWN(0x27)
0000017a: BYTE
0000017b: CALLDATACOPY
0000017c: UNKNOWN(0xAE)
0000017d: PUSH28

Findings

validated = confirmed for call sinks; sink observed for others
Severity Category Tool Title Confidence Validated Confirmed Details
medium other detector Untrusted CALL target/value reachable 45 no no
view
trace_id: 0xf14a4108349e4083cddf9228e98e2351840267854322990c7037cd89a4276368
call_targets: 0xb02b12bf1f2337d2e45554aec474e4e25bdf8c76
target_varies: no
classification: constant_target
validation_json 
{
    "sink": "CALL",
    "errors": 0,
    "status": "sink_reached",
    "attempts": 1,
    "trace_id": "0xf14a4108349e4083cddf9228e98e2351840267854322990c7037cd89a4276368",
    "confirmed": false,
    "trace_mode": "callTracer",
    "call_targets": [
        "0xb02b12bf1f2337d2e45554aec474e4e25bdf8c76"
    ],
    "matched_probe": null,
    "target_varies": false,
    "classification": "constant_target"
}
witness_json 
{
    "notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
    "constraints": [],
    "entrypoints": [
        {
            "calldata": "0xc4627c5d",
            "selector": "0xc4627c5d",
            "calldata_variants": [
                "0xc4627c5d",
                "0xc4627c5d0000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0x776d1a01",
            "selector": "0x776d1a01",
            "calldata_variants": [
                "0x776d1a01",
                "0x776d1a010000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0x1e77933e",
            "selector": "0x1e77933e",
            "calldata_variants": [
                "0x1e77933e",
                "0x1e77933e0000000000000000000000000000000000000000000000000000000000000000"
            ]
        }
    ]
}
evidence_json 
{
    "examples": [
        {
            "pc": 156,
            "opcode": "CALL",
            "returndata_checked": null,
            "value_expression_category": "computed",
            "target_expression_category": "computed"
        }
    ],
    "call_count": 1,
    "guards_detected": [
        {
            "pc": 99,
            "type": "msg_sender_eq_const",
            "value": 1
        },
        {
            "pc": 173,
            "type": "msg_sender_eq_const",
            "value": 178
        },
        {
            "pc": 199,
            "type": "msg_sender_eq_const",
            "value": 204
        }
    ],
    "untrusted_call_count": 1
}
medium other detector ETH value transfer possible 40 no no
view
trace_id: 0xf14a4108349e4083cddf9228e98e2351840267854322990c7037cd89a4276368
call_targets: 0xb02b12bf1f2337d2e45554aec474e4e25bdf8c76
target_varies: no
classification: constant_target
validation_json 
{
    "sink": "CALL",
    "errors": 0,
    "status": "sink_reached",
    "attempts": 1,
    "trace_id": "0xf14a4108349e4083cddf9228e98e2351840267854322990c7037cd89a4276368",
    "confirmed": false,
    "trace_mode": "callTracer",
    "call_targets": [
        "0xb02b12bf1f2337d2e45554aec474e4e25bdf8c76"
    ],
    "matched_probe": null,
    "target_varies": false,
    "classification": "constant_target"
}
witness_json 
{
    "notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
    "constraints": [],
    "entrypoints": [
        {
            "calldata": "0xc4627c5d",
            "selector": "0xc4627c5d",
            "calldata_variants": [
                "0xc4627c5d",
                "0xc4627c5d0000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0x776d1a01",
            "selector": "0x776d1a01",
            "calldata_variants": [
                "0x776d1a01",
                "0x776d1a010000000000000000000000000000000000000000000000000000000000000000"
            ]
        },
        {
            "calldata": "0x1e77933e",
            "selector": "0x1e77933e",
            "calldata_variants": [
                "0x1e77933e",
                "0x1e77933e0000000000000000000000000000000000000000000000000000000000000000"
            ]
        }
    ]
}
evidence_json 
{
    "examples": [
        {
            "pc": 156,
            "opcode": "CALL",
            "returndata_checked": null,
            "value_expression_category": "computed",
            "target_expression_category": "computed"
        }
    ],
    "eth_value_calls": 1,
    "guards_detected": [
        {
            "pc": 99,
            "type": "msg_sender_eq_const",
            "value": 1
        },
        {
            "pc": 173,
            "type": "msg_sender_eq_const",
            "value": 178
        },
        {
            "pc": 199,
            "type": "msg_sender_eq_const",
            "value": 204
        }
    ]
}