019b477e-daf6-7399-b320-f165075e5f2e
Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?
| ID | Type | Status | Attempts | Heartbeat |
|---|---|---|---|---|
| 29557 | artifact.fetch | complete | 1 / 3 | 3 months ago |
| 29558 | tool.cast_disasm | complete | 1 / 3 | 3 months ago |
| 108521 | analysis.bundle | complete | 1 / 3 | 1 week ago |
| 108522 | capability.graph | complete | 1 / 3 | 1 week ago |
| 108523 | detector.run | complete | 1 / 3 | 1 week ago |
| 108524 | validation.fork | complete | 1 / 3 | 1 week ago |
No slither job recorded yet.
No codex job recorded yet.
00000000: PUSH1 0x80 00000002: PUSH1 0x40 00000004: MSTORE 00000005: PUSH1 0x04 00000007: CALLDATASIZE 00000008: LT 00000009: PUSH1 0x1e 0000000b: JUMPI 0000000c: PUSH0 0000000d: CALLDATALOAD 0000000e: PUSH1 0xe0 00000010: SHR 00000011: DUP1 00000012: PUSH4 0x5c60da1b 00000017: EQ 00000018: PUSH1 0x51 0000001a: JUMPI 0000001b: PUSH1 0x1f 0000001d: JUMP 0000001e: JUMPDEST 0000001f: JUMPDEST 00000020: CALLDATASIZE 00000021: PUSH0 00000022: DUP1 00000023: CALLDATACOPY 00000024: PUSH0 00000025: DUP1 00000026: CALLDATASIZE 00000027: PUSH0 00000028: PUSH20 0x89e816865646d5a88a8f38518a3964a6c31ae5f4 0000003d: GAS 0000003e: DELEGATECALL 0000003f: RETURNDATASIZE 00000040: PUSH0 00000041: DUP1 00000042: RETURNDATACOPY 00000043: DUP1 00000044: PUSH0 00000045: DUP2 00000046: EQ 00000047: PUSH1 0x4d 00000049: JUMPI 0000004a: RETURNDATASIZE 0000004b: PUSH0 0000004c: RETURN 0000004d: JUMPDEST 0000004e: RETURNDATASIZE 0000004f: PUSH0 00000050: REVERT 00000051: JUMPDEST 00000052: CALLVALUE 00000053: DUP1 00000054: ISZERO 00000055: PUSH1 0x5b 00000057: JUMPI 00000058: PUSH0 00000059: DUP1 0000005a: REVERT 0000005b: JUMPDEST 0000005c: POP 0000005d: PUSH1 0x62 0000005f: PUSH1 0x76 00000061: JUMP 00000062: JUMPDEST 00000063: PUSH1 0x40 00000065: MLOAD 00000066: PUSH1 0x6d 00000068: SWAP2 00000069: SWAP1 0000006a: PUSH1 0xc9 0000006c: JUMP 0000006d: JUMPDEST 0000006e: PUSH1 0x40 00000070: MLOAD 00000071: DUP1 00000072: SWAP2 00000073: SUB 00000074: SWAP1 00000075: RETURN 00000076: JUMPDEST 00000077: PUSH20 0x89e816865646d5a88a8f38518a3964a6c31ae5f4 0000008c: DUP2 0000008d: JUMP 0000008e: JUMPDEST 0000008f: PUSH0 00000090: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 000000a5: DUP3 000000a6: AND 000000a7: SWAP1 000000a8: POP 000000a9: SWAP2 000000aa: SWAP1 000000ab: POP 000000ac: JUMP 000000ad: JUMPDEST 000000ae: PUSH0 000000af: PUSH1 0xb5 000000b1: DUP3 000000b2: PUSH1 0x8e 000000b4: JUMP 000000b5: JUMPDEST 000000b6: SWAP1 000000b7: POP 000000b8: SWAP2 000000b9: SWAP1 000000ba: POP 000000bb: JUMP 000000bc: JUMPDEST 000000bd: PUSH1 0xc3 000000bf: DUP2 000000c0: PUSH1 0xad 000000c2: JUMP 000000c3: JUMPDEST 000000c4: DUP3 000000c5: MSTORE 000000c6: POP 000000c7: POP 000000c8: JUMP 000000c9: JUMPDEST 000000ca: PUSH0 000000cb: PUSH1 0x20 000000cd: DUP3 000000ce: ADD 000000cf: SWAP1 000000d0: POP 000000d1: PUSH1 0xda 000000d3: PUSH0 000000d4: DUP4 000000d5: ADD 000000d6: DUP5 000000d7: PUSH1 0xbc 000000d9: JUMP 000000da: JUMPDEST 000000db: SWAP3 000000dc: SWAP2 000000dd: POP 000000de: POP 000000df: JUMP 000000e0: INVALID 000000e1: LOG2 000000e2: PUSH5 0x6970667358 000000e8: UNKNOWN(0x22) 000000e9: SLT 000000ea: KECCAK256 000000eb: REVERT 000000ec: PUSH3 0x960fa9 000000f0: UNKNOWN(0xEF) 000000f1: STATICCALL 000000f2: PUSH9 0x7fd6fbb717d7794c16 000000fc: DUP11 000000fd: UNKNOWN(0x4E) 000000fe: PUSH17 0xe690dcadeaa29c11eb0bd2a464736f6c63 00000110: NUMBER 00000111: STOP 00000112: ADDMOD 00000113: BYTE 00000114: STOP 00000115: CALLER
| Severity | Category | Tool | Title | Confidence | Validated | Confirmed | Details |
|---|---|---|---|---|---|---|---|
| critical | upgradeability | detector | Untrusted DELEGATECALL target reachable | 70 | no | no |
viewtrace_id: 0x285fd8f5db45a471df67a5ba2720d3f6e97c72da0c83fd96d8b335f0d37efba0
validation_json{
"sink": "DELEGATECALL",
"errors": 0,
"status": "unknown",
"attempts": 12,
"trace_id": "0x285fd8f5db45a471df67a5ba2720d3f6e97c72da0c83fd96d8b335f0d37efba0",
"confirmed": false,
"trace_mode": "callTracer",
"call_targets": null,
"matched_probe": null,
"target_varies": null,
"classification": "no_sink"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0x5c60da1b",
"selector": "0x5c60da1b",
"calldata_variants": [
"0x5c60da1b",
"0x5c60da1b0000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 62,
"opcode": "DELEGATECALL",
"returndata_checked": null,
"value_expression_category": "n/a",
"target_expression_category": "computed"
}
],
"guards_detected": [],
"delegatecall_count": 1,
"untrusted_delegatecall_count": 1
}
|