TW
Tripwire
Find contracts. Test them. Review real vulns.

Analysis Run

019ba5f9-b727-73db-9580-ac316ee6fc2b

complete
Chain ID
1
Address
0x163907a71f55c2d29cdc4e36cadd0f09847d4fe1
Block Number
Created
Sat, Jan 10, 2026 3:36 AM
Review Summary

What survived the funnel

Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?

back to vulns open contract
Confirmed
0
Validated
0
Source
Bytecode only
Review Backing
Not yet
Best current signal
Untrusted DELEGATECALL target reachable
crit 0 high 0 proxy context implementation known
Review Checklist
1. Read the findings table first. Ignore raw jobs until the result looks real.
2. Confirm attacker control, not just the existence of a sink.
3. Confirm money or privilege impact.
4. Keep it if the behavior is real. Kill it if this is normal proxy, admin, or upgrade plumbing.

Processing Jobs

Status & attempts
ID Type Status Attempts Heartbeat
32071 artifact.fetch complete 1 / 3 3 months ago
32072 proxy.resolve complete 1 / 3 3 months ago
32073 tool.cast_disasm complete 1 / 3 3 months ago
32074 analysis.bundle complete 1 / 3 3 months ago
32075 capability.graph complete 1 / 3 3 months ago
32076 detector.run complete 1 / 3 3 months ago
32077 validation.fork complete 1 / 3 3 months ago

Artifact

Runtime bytecode: available
Creation TX:
Deployer:
Proxy: yes etherscan_only
Implementation:
0xa3d5699a389c1be44468add10134cb33f726d391
Verified Source: no
Proxy evidence 
{
    "status": "etherscan_only",
    "etherscan_hint": {
        "source": "etherscan",
        "etherscan": {
            "proxy_flag": true,
            "implementation": "0xa3d5699a389c1be44468add10134cb33f726d391"
        }
    },
    "implementation": "0xa3d5699a389c1be44468add10134cb33f726d391"
}

Slither

tool.slither

No slither job recorded yet.

Codex

report.consolidate

No codex job recorded yet.

Opcode Heuristics

tool.cast_disasm
Delegatecall
1
Selfdestruct
0
CREATE2
0
CALL-family (heavy)
1
EXT*/BALANCE
1
Total opcodes
196
Flags
delegatecall_present
View cast disassembly output 
00000000: PUSH1 0x80
00000002: PUSH1 0x40
00000004: MSTORE
00000005: CALLDATASIZE
00000006: PUSH1 0x0a
00000008: JUMPI
00000009: STOP
0000000a: JUMPDEST
0000000b: CALLVALUE
0000000c: DUP1
0000000d: ISZERO
0000000e: PUSH1 0x15
00000010: JUMPI
00000011: PUSH1 0x00
00000013: DUP1
00000014: REVERT
00000015: JUMPDEST
00000016: POP
00000017: PUSH1 0x00
00000019: PUSH32 0x000000000000000000000000d04d29022b5e7e25ab36a4f020c906f78def112a
0000003a: PUSH1 0x01
0000003c: PUSH1 0x01
0000003e: PUSH1 0xa0
00000040: SHL
00000041: SUB
00000042: AND
00000043: PUSH4 0x34c5c27e
00000048: PUSH1 0x40
0000004a: MLOAD
0000004b: DUP2
0000004c: PUSH4 0xffffffff
00000051: AND
00000052: PUSH1 0xe0
00000054: SHL
00000055: DUP2
00000056: MSTORE
00000057: PUSH1 0x04
00000059: ADD
0000005a: PUSH1 0x20
0000005c: PUSH1 0x40
0000005e: MLOAD
0000005f: DUP1
00000060: DUP4
00000061: SUB
00000062: DUP2
00000063: DUP7
00000064: DUP1
00000065: EXTCODESIZE
00000066: ISZERO
00000067: DUP1
00000068: ISZERO
00000069: PUSH1 0x70
0000006b: JUMPI
0000006c: PUSH1 0x00
0000006e: DUP1
0000006f: REVERT
00000070: JUMPDEST
00000071: POP
00000072: GAS
00000073: STATICCALL
00000074: ISZERO
00000075: DUP1
00000076: ISZERO
00000077: PUSH1 0x83
00000079: JUMPI
0000007a: RETURNDATASIZE
0000007b: PUSH1 0x00
0000007d: DUP1
0000007e: RETURNDATACOPY
0000007f: RETURNDATASIZE
00000080: PUSH1 0x00
00000082: REVERT
00000083: JUMPDEST
00000084: POP
00000085: POP
00000086: POP
00000087: POP
00000088: PUSH1 0x40
0000008a: MLOAD
0000008b: RETURNDATASIZE
0000008c: PUSH1 0x1f
0000008e: NOT
0000008f: PUSH1 0x1f
00000091: DUP3
00000092: ADD
00000093: AND
00000094: DUP3
00000095: ADD
00000096: DUP1
00000097: PUSH1 0x40
00000099: MSTORE
0000009a: POP
0000009b: DUP2
0000009c: ADD
0000009d: SWAP1
0000009e: PUSH1 0xa5
000000a0: SWAP2
000000a1: SWAP1
000000a2: PUSH1 0xce
000000a4: JUMP
000000a5: JUMPDEST
000000a6: SWAP1
000000a7: POP
000000a8: PUSH1 0x40
000000aa: MLOAD
000000ab: CALLDATASIZE
000000ac: DUP1
000000ad: PUSH1 0x00
000000af: DUP4
000000b0: CALLDATACOPY
000000b1: PUSH1 0x00
000000b3: DUP1
000000b4: DUP3
000000b5: DUP5
000000b6: DUP7
000000b7: GAS
000000b8: DELEGATECALL
000000b9: RETURNDATASIZE
000000ba: SWAP2
000000bb: POP
000000bc: DUP2
000000bd: PUSH1 0x00
000000bf: DUP5
000000c0: RETURNDATACOPY
000000c1: DUP1
000000c2: DUP1
000000c3: ISZERO
000000c4: PUSH1 0xca
000000c6: JUMPI
000000c7: DUP3
000000c8: DUP5
000000c9: RETURN
000000ca: JUMPDEST
000000cb: DUP3
000000cc: DUP5
000000cd: REVERT
000000ce: JUMPDEST
000000cf: PUSH1 0x00
000000d1: PUSH1 0x20
000000d3: DUP3
000000d4: DUP5
000000d5: SUB
000000d6: SLT
000000d7: ISZERO
000000d8: PUSH1 0xde
000000da: JUMPI
000000db: DUP1
000000dc: DUP2
000000dd: REVERT
000000de: JUMPDEST
000000df: DUP2
000000e0: MLOAD
000000e1: PUSH1 0x01
000000e3: PUSH1 0x01
000000e5: PUSH1 0xa0
000000e7: SHL
000000e8: SUB
000000e9: DUP2
000000ea: AND
000000eb: DUP2
000000ec: EQ
000000ed: PUSH1 0xf3
000000ef: JUMPI
000000f0: DUP2
000000f1: DUP3
000000f2: REVERT
000000f3: JUMPDEST
000000f4: SWAP4
000000f5: SWAP3
000000f6: POP
000000f7: POP
000000f8: POP
000000f9: JUMP
000000fa: INVALID
000000fb: LOG2
000000fc: PUSH5 0x6970667358
00000102: UNKNOWN(0x22)
00000103: SLT
00000104: KECCAK256
00000105: UNKNOWN(0x2D)
00000106: PUSH21 0x55c5aef8e419d6ee3792cdbc3ca778174bf6a996b5
0000011c: GASLIMIT
0000011d: COINBASE
0000011e: DUP5
0000011f: UNKNOWN(0x2F)
00000120: POP
00000121: SWAP11
00000122: UNKNOWN(0xE9)
00000123: UNKNOWN(0xD0)
00000124: UNKNOWN(0xCB)
00000125: PUSH5 0x736f6c6343
0000012b: STOP
0000012c: ADDMOD
0000012d: STOP
0000012e: STOP
0000012f: CALLER

Findings

validated = confirmed for call sinks; sink observed for others
Severity Category Tool Title Confidence Validated Confirmed Details
critical upgradeability detector Untrusted DELEGATECALL target reachable 70 no no
view
validation_json 
{
    "sink": "DELEGATECALL",
    "errors": 10,
    "status": "unknown",
    "attempts": 11,
    "confirmed": false,
    "trace_mode": "callTracer",
    "call_targets": null,
    "matched_probe": null,
    "target_varies": null,
    "classification": "no_sink"
}
witness_json 
{
    "notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
    "constraints": [],
    "entrypoints": [
        {
            "calldata": "0x",
            "selector": "fallback",
            "calldata_variants": [
                "0x"
            ]
        }
    ]
}
evidence_json 
{
    "examples": [
        {
            "pc": 184,
            "opcode": "DELEGATECALL",
            "returndata_checked": null,
            "value_expression_category": "n/a",
            "target_expression_category": "computed"
        }
    ],
    "guards_detected": [],
    "delegatecall_count": 1,
    "untrusted_delegatecall_count": 1
}
medium upgradeability cast DELEGATECALL present 80 no
view
evidence_json 
{
    "notes": "delegatecall enables execution in caller context; common in proxies/upgradeable patterns",
    "delegatecall_count": 1
}