TW
Tripwire
Find contracts. Test them. Review real vulns.

Analysis Run

019b477e-cead-7134-8a03-2f2697f56ef8

complete
Chain ID
1
Address
0xf8ceeb038185e21aec33d1f121371cf6988fd450
Block Number
Created
Mon, Dec 22, 2025 7:17 PM
Review Summary

What survived the funnel

Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?

back to vulns open contract
Confirmed
0
Validated
0
Source
Verified
Review Backing
Not yet
Best current signal
Untrusted DELEGATECALL target reachable
crit 0 high 0 direct contract
Review Checklist
1. Read the findings table first. Ignore raw jobs until the result looks real.
2. Confirm attacker control, not just the existence of a sink.
3. Confirm money or privilege impact.
4. Keep it if the behavior is real. Kill it if this is normal proxy, admin, or upgrade plumbing.

Processing Jobs

Status & attempts
ID Type Status Attempts Heartbeat
27249 artifact.fetch complete 1 / 3 3 months ago
27250 tool.cast_disasm complete 1 / 3 3 months ago
70606 analysis.bundle complete 1 / 3 1 week ago
70607 capability.graph complete 1 / 3 1 week ago
70608 detector.run complete 1 / 3 1 week ago
70609 validation.fork complete 1 / 3 1 week ago

Artifact

Runtime bytecode: available
Creation TX:
Deployer:
Proxy: no
Implementation:
Verified Source: yes

Slither

tool.slither

No slither job recorded yet.

Codex

report.consolidate

No codex job recorded yet.

Opcode Heuristics

tool.cast_disasm
Delegatecall
1
Selfdestruct
0
CREATE2
0
CALL-family (heavy)
1
EXT*/BALANCE
0
Total opcodes
235
Flags
delegatecall_present
View cast disassembly output 
00000000: PUSH1 0x80
00000002: PUSH1 0x40
00000004: MSTORE
00000005: PUSH1 0x04
00000007: CALLDATASIZE
00000008: LT
00000009: PUSH2 0x0022
0000000c: JUMPI
0000000d: PUSH1 0x00
0000000f: CALLDATALOAD
00000010: PUSH1 0xe0
00000012: SHR
00000013: DUP1
00000014: PUSH4 0xc45a0155
00000019: EQ
0000001a: PUSH2 0x00d3
0000001d: JUMPI
0000001e: PUSH2 0x0029
00000021: JUMP
00000022: JUMPDEST
00000023: CALLDATASIZE
00000024: PUSH2 0x0029
00000027: JUMPI
00000028: STOP
00000029: JUMPDEST
0000002a: PUSH1 0x00
0000002c: PUSH32 0x000000000000000000000000983fff0c748f16caf870f4f7cddc4d5ddbb423b5
0000004d: PUSH1 0x01
0000004f: PUSH1 0x01
00000051: PUSH1 0xa0
00000053: SHL
00000054: SUB
00000055: AND
00000056: PUSH4 0xbba48a90
0000005b: PUSH1 0x40
0000005d: MLOAD
0000005e: DUP2
0000005f: PUSH4 0xffffffff
00000064: AND
00000065: PUSH1 0xe0
00000067: SHL
00000068: DUP2
00000069: MSTORE
0000006a: PUSH1 0x04
0000006c: ADD
0000006d: PUSH1 0x20
0000006f: PUSH1 0x40
00000071: MLOAD
00000072: DUP1
00000073: DUP4
00000074: SUB
00000075: DUP2
00000076: DUP7
00000077: GAS
00000078: STATICCALL
00000079: ISZERO
0000007a: DUP1
0000007b: ISZERO
0000007c: PUSH2 0x0089
0000007f: JUMPI
00000080: RETURNDATASIZE
00000081: PUSH1 0x00
00000083: DUP1
00000084: RETURNDATACOPY
00000085: RETURNDATASIZE
00000086: PUSH1 0x00
00000088: REVERT
00000089: JUMPDEST
0000008a: POP
0000008b: POP
0000008c: POP
0000008d: POP
0000008e: PUSH1 0x40
00000090: MLOAD
00000091: RETURNDATASIZE
00000092: PUSH1 0x1f
00000094: NOT
00000095: PUSH1 0x1f
00000097: DUP3
00000098: ADD
00000099: AND
0000009a: DUP3
0000009b: ADD
0000009c: DUP1
0000009d: PUSH1 0x40
0000009f: MSTORE
000000a0: POP
000000a1: DUP2
000000a2: ADD
000000a3: SWAP1
000000a4: PUSH2 0x00ad
000000a7: SWAP2
000000a8: SWAP1
000000a9: PUSH2 0x0123
000000ac: JUMP
000000ad: JUMPDEST
000000ae: SWAP1
000000af: POP
000000b0: CALLDATASIZE
000000b1: PUSH1 0x00
000000b3: DUP1
000000b4: CALLDATACOPY
000000b5: PUSH1 0x00
000000b7: DUP1
000000b8: CALLDATASIZE
000000b9: PUSH1 0x00
000000bb: DUP5
000000bc: GAS
000000bd: DELEGATECALL
000000be: RETURNDATASIZE
000000bf: PUSH1 0x00
000000c1: DUP1
000000c2: RETURNDATACOPY
000000c3: DUP1
000000c4: DUP1
000000c5: ISZERO
000000c6: PUSH2 0x00ce
000000c9: JUMPI
000000ca: RETURNDATASIZE
000000cb: PUSH1 0x00
000000cd: RETURN
000000ce: JUMPDEST
000000cf: RETURNDATASIZE
000000d0: PUSH1 0x00
000000d2: REVERT
000000d3: JUMPDEST
000000d4: CALLVALUE
000000d5: DUP1
000000d6: ISZERO
000000d7: PUSH2 0x00df
000000da: JUMPI
000000db: PUSH1 0x00
000000dd: DUP1
000000de: REVERT
000000df: JUMPDEST
000000e0: POP
000000e1: PUSH2 0x0107
000000e4: PUSH32 0x000000000000000000000000983fff0c748f16caf870f4f7cddc4d5ddbb423b5
00000105: DUP2
00000106: JUMP
00000107: JUMPDEST
00000108: PUSH1 0x40
0000010a: MLOAD
0000010b: PUSH1 0x01
0000010d: PUSH1 0x01
0000010f: PUSH1 0xa0
00000111: SHL
00000112: SUB
00000113: SWAP1
00000114: SWAP2
00000115: AND
00000116: DUP2
00000117: MSTORE
00000118: PUSH1 0x20
0000011a: ADD
0000011b: PUSH1 0x40
0000011d: MLOAD
0000011e: DUP1
0000011f: SWAP2
00000120: SUB
00000121: SWAP1
00000122: RETURN
00000123: JUMPDEST
00000124: PUSH1 0x00
00000126: PUSH1 0x20
00000128: DUP3
00000129: DUP5
0000012a: SUB
0000012b: SLT
0000012c: ISZERO
0000012d: PUSH2 0x0135
00000130: JUMPI
00000131: PUSH1 0x00
00000133: DUP1
00000134: REVERT
00000135: JUMPDEST
00000136: DUP2
00000137: MLOAD
00000138: PUSH1 0x01
0000013a: PUSH1 0x01
0000013c: PUSH1 0xa0
0000013e: SHL
0000013f: SUB
00000140: DUP2
00000141: AND
00000142: DUP2
00000143: EQ
00000144: PUSH2 0x014c
00000147: JUMPI
00000148: PUSH1 0x00
0000014a: DUP1
0000014b: REVERT
0000014c: JUMPDEST
0000014d: SWAP4
0000014e: SWAP3
0000014f: POP
00000150: POP
00000151: POP
00000152: JUMP
00000153: INVALID
00000154: LOG2
00000155: PUSH5 0x6970667358
0000015b: UNKNOWN(0x22)
0000015c: SLT
0000015d: KECCAK256
0000015e: MUL
0000015f: UNKNOWN(0xAD)
00000160: UNKNOWN(0xB8)
00000161: CALLDATALOAD
00000162: UNKNOWN(0xDD)
00000163: SWAP1
00000164: SWAP7
00000165: LOG4
00000166: UNKNOWN(0x28)
00000167: SWAP12
00000168: MSTORE
00000169: LOG4
0000016a: DUP3
0000016b: DUP7
0000016c: SWAP4
0000016d: REVERT
0000016e: MLOAD
0000016f: SLT
00000170: KECCAK256
00000171: LT
00000172: SWAP15
00000173: SWAP8
00000174: DUP14
00000175: PUSH13 0x7a9021a4d6b19d4064736f6c63
00000183: NUMBER
00000184: STOP
00000185: ADDMOD
00000186: EXP
00000187: STOP
00000188: CALLER

Findings

validated = confirmed for call sinks; sink observed for others
Severity Category Tool Title Confidence Validated Confirmed Details
critical upgradeability detector Untrusted DELEGATECALL target reachable 70 no no
view
trace_id: 0xc75f0b07e4b59e2ade1fb3cc517adb6a14104cd298adfadd193b6e4489015cff
validation_json 
{
    "sink": "DELEGATECALL",
    "errors": 0,
    "status": "unknown",
    "attempts": 12,
    "trace_id": "0xc75f0b07e4b59e2ade1fb3cc517adb6a14104cd298adfadd193b6e4489015cff",
    "confirmed": false,
    "trace_mode": "callTracer",
    "call_targets": null,
    "matched_probe": null,
    "target_varies": null,
    "classification": "no_sink"
}
witness_json 
{
    "notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
    "constraints": [],
    "entrypoints": [
        {
            "calldata": "0xc45a0155",
            "selector": "0xc45a0155",
            "calldata_variants": [
                "0xc45a0155",
                "0xc45a01550000000000000000000000000000000000000000000000000000000000000000"
            ]
        }
    ]
}
evidence_json 
{
    "examples": [
        {
            "pc": 189,
            "opcode": "DELEGATECALL",
            "returndata_checked": null,
            "value_expression_category": "n/a",
            "target_expression_category": "computed"
        }
    ],
    "guards_detected": [],
    "delegatecall_count": 1,
    "untrusted_delegatecall_count": 1
}