TW
Tripwire
Find contracts. Test them. Review real vulns.

Analysis Run

019ba8df-e217-7388-a0f5-4cd596693231

complete
Chain ID
1
Address
0xcd81502214d405f40ff14884f2b3962a2f822d67
Block Number
Created
Sat, Jan 10, 2026 5:06 PM
Review Summary

What survived the funnel

Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?

back to vulns open contract
Confirmed
0
Validated
0
Source
Bytecode only
Review Backing
Not yet
Best current signal
Untrusted DELEGATECALL target reachable
crit 0 high 0 proxy context implementation known
Review Checklist
1. Read the findings table first. Ignore raw jobs until the result looks real.
2. Confirm attacker control, not just the existence of a sink.
3. Confirm money or privilege impact.
4. Keep it if the behavior is real. Kill it if this is normal proxy, admin, or upgrade plumbing.

Processing Jobs

Status & attempts
ID Type Status Attempts Heartbeat
33127 artifact.fetch complete 1 / 3 3 months ago
33128 proxy.resolve complete 1 / 3 3 months ago
33129 tool.cast_disasm complete 1 / 3 3 months ago
33130 analysis.bundle complete 1 / 3 3 months ago
33131 capability.graph complete 1 / 3 3 months ago
33132 detector.run complete 1 / 3 3 months ago
33133 validation.fork complete 1 / 3 3 months ago

Artifact

Runtime bytecode: available
Creation TX:
Deployer:
Proxy: yes onchain_only
Implementation:
0x2e9f95c5327e3c6c30d6601b4bb1b527defea577 target (child run)
Verified Source: no
Proxy evidence 
{
    "method": "eip1967",
    "status": "onchain_only",
    "implementation": "0x2e9f95c5327e3c6c30d6601b4bb1b527defea577",
    "onchain_method": "eip1967"
}

Slither

tool.slither

No slither job recorded yet.

Codex

report.consolidate

No codex job recorded yet.

Opcode Heuristics

tool.cast_disasm
Delegatecall
2
Selfdestruct
0
CREATE2
0
CALL-family (heavy)
1
EXT*/BALANCE
2
Total opcodes
658
Flags
delegatecall_present
View cast disassembly output 
00000000: PUSH1 0x80
00000002: PUSH1 0x40
00000004: MSTORE
00000005: CALLDATASIZE
00000006: PUSH2 0x000b
00000009: JUMPI
0000000a: STOP
0000000b: JUMPDEST
0000000c: PUSH2 0x0013
0000000f: PUSH2 0x0015
00000012: JUMP
00000013: JUMPDEST
00000014: STOP
00000015: JUMPDEST
00000016: PUSH32 0x0000000000000000000000000a19711f1b1696bf1fb93478bb3e5f454a3ab07b
00000037: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
0000004c: AND
0000004d: CALLER
0000004e: SUB
0000004f: PUSH2 0x00d8
00000052: JUMPI
00000053: PUSH0
00000054: CALLDATALOAD
00000055: PUSH32 0xffffffff00000000000000000000000000000000000000000000000000000000
00000076: AND
00000077: PUSH32 0x4f1ef28600000000000000000000000000000000000000000000000000000000
00000098: EQ
00000099: PUSH2 0x00ce
0000009c: JUMPI
0000009d: PUSH1 0x40
0000009f: MLOAD
000000a0: PUSH32 0xd2b576ec00000000000000000000000000000000000000000000000000000000
000000c1: DUP2
000000c2: MSTORE
000000c3: PUSH1 0x04
000000c5: ADD
000000c6: PUSH1 0x40
000000c8: MLOAD
000000c9: DUP1
000000ca: SWAP2
000000cb: SUB
000000cc: SWAP1
000000cd: REVERT
000000ce: JUMPDEST
000000cf: PUSH2 0x00d6
000000d2: PUSH2 0x00e0
000000d5: JUMP
000000d6: JUMPDEST
000000d7: JUMP
000000d8: JUMPDEST
000000d9: PUSH2 0x00d6
000000dc: PUSH2 0x010e
000000df: JUMP
000000e0: JUMPDEST
000000e1: PUSH0
000000e2: DUP1
000000e3: PUSH2 0x00ef
000000e6: CALLDATASIZE
000000e7: PUSH1 0x04
000000e9: DUP2
000000ea: DUP5
000000eb: PUSH2 0x0444
000000ee: JUMP
000000ef: JUMPDEST
000000f0: DUP2
000000f1: ADD
000000f2: SWAP1
000000f3: PUSH2 0x00fc
000000f6: SWAP2
000000f7: SWAP1
000000f8: PUSH2 0x0498
000000fb: JUMP
000000fc: JUMPDEST
000000fd: SWAP2
000000fe: POP
000000ff: SWAP2
00000100: POP
00000101: PUSH2 0x010a
00000104: DUP3
00000105: DUP3
00000106: PUSH2 0x011e
00000109: JUMP
0000010a: JUMPDEST
0000010b: POP
0000010c: POP
0000010d: JUMP
0000010e: JUMPDEST
0000010f: PUSH2 0x00d6
00000112: PUSH2 0x0119
00000115: PUSH2 0x0185
00000118: JUMP
00000119: JUMPDEST
0000011a: PUSH2 0x01c9
0000011d: JUMP
0000011e: JUMPDEST
0000011f: PUSH2 0x0127
00000122: DUP3
00000123: PUSH2 0x01e7
00000126: JUMP
00000127: JUMPDEST
00000128: PUSH1 0x40
0000012a: MLOAD
0000012b: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
00000140: DUP4
00000141: AND
00000142: SWAP1
00000143: PUSH32 0xbc7cd75a20ee27fd9adebab32041f755214dbc6bffa90cc0225b39da2e5c2d3b
00000164: SWAP1
00000165: PUSH0
00000166: SWAP1
00000167: LOG2
00000168: DUP1
00000169: MLOAD
0000016a: ISZERO
0000016b: PUSH2 0x017d
0000016e: JUMPI
0000016f: PUSH2 0x0178
00000172: DUP3
00000173: DUP3
00000174: PUSH2 0x02ba
00000177: JUMP
00000178: JUMPDEST
00000179: POP
0000017a: POP
0000017b: POP
0000017c: JUMP
0000017d: JUMPDEST
0000017e: PUSH2 0x010a
00000181: PUSH2 0x0339
00000184: JUMP
00000185: JUMPDEST
00000186: PUSH0
00000187: PUSH2 0x01c4
0000018a: PUSH32 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc
000001ab: SLOAD
000001ac: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
000001c1: AND
000001c2: SWAP1
000001c3: JUMP
000001c4: JUMPDEST
000001c5: SWAP1
000001c6: POP
000001c7: SWAP1
000001c8: JUMP
000001c9: JUMPDEST
000001ca: CALLDATASIZE
000001cb: PUSH0
000001cc: DUP1
000001cd: CALLDATACOPY
000001ce: PUSH0
000001cf: DUP1
000001d0: CALLDATASIZE
000001d1: PUSH0
000001d2: DUP5
000001d3: GAS
000001d4: DELEGATECALL
000001d5: RETURNDATASIZE
000001d6: PUSH0
000001d7: DUP1
000001d8: RETURNDATACOPY
000001d9: DUP1
000001da: DUP1
000001db: ISZERO
000001dc: PUSH2 0x01e3
000001df: JUMPI
000001e0: RETURNDATASIZE
000001e1: PUSH0
000001e2: RETURN
000001e3: JUMPDEST
000001e4: RETURNDATASIZE
000001e5: PUSH0
000001e6: REVERT
000001e7: JUMPDEST
000001e8: DUP1
000001e9: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
000001fe: AND
000001ff: EXTCODESIZE
00000200: PUSH0
00000201: SUB
00000202: PUSH2 0x0254
00000205: JUMPI
00000206: PUSH1 0x40
00000208: MLOAD
00000209: PUSH32 0x4c9c8ce300000000000000000000000000000000000000000000000000000000
0000022a: DUP2
0000022b: MSTORE
0000022c: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
00000241: DUP3
00000242: AND
00000243: PUSH1 0x04
00000245: DUP3
00000246: ADD
00000247: MSTORE
00000248: PUSH1 0x24
0000024a: ADD
0000024b: JUMPDEST
0000024c: PUSH1 0x40
0000024e: MLOAD
0000024f: DUP1
00000250: SWAP2
00000251: SUB
00000252: SWAP1
00000253: REVERT
00000254: JUMPDEST
00000255: PUSH32 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc
00000276: DUP1
00000277: SLOAD
00000278: PUSH32 0xffffffffffffffffffffffff0000000000000000000000000000000000000000
00000299: AND
0000029a: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
000002af: SWAP3
000002b0: SWAP1
000002b1: SWAP3
000002b2: AND
000002b3: SWAP2
000002b4: SWAP1
000002b5: SWAP2
000002b6: OR
000002b7: SWAP1
000002b8: SSTORE
000002b9: JUMP
000002ba: JUMPDEST
000002bb: PUSH1 0x60
000002bd: PUSH0
000002be: DUP1
000002bf: DUP5
000002c0: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
000002d5: AND
000002d6: DUP5
000002d7: PUSH1 0x40
000002d9: MLOAD
000002da: PUSH2 0x02e3
000002dd: SWAP2
000002de: SWAP1
000002df: PUSH2 0x058c
000002e2: JUMP
000002e3: JUMPDEST
000002e4: PUSH0
000002e5: PUSH1 0x40
000002e7: MLOAD
000002e8: DUP1
000002e9: DUP4
000002ea: SUB
000002eb: DUP2
000002ec: DUP6
000002ed: GAS
000002ee: DELEGATECALL
000002ef: SWAP2
000002f0: POP
000002f1: POP
000002f2: RETURNDATASIZE
000002f3: DUP1
000002f4: PUSH0
000002f5: DUP2
000002f6: EQ
000002f7: PUSH2 0x031b
000002fa: JUMPI
000002fb: PUSH1 0x40
000002fd: MLOAD
000002fe: SWAP2
000002ff: POP
00000300: PUSH1 0x1f
00000302: NOT
00000303: PUSH1 0x3f
00000305: RETURNDATASIZE
00000306: ADD
00000307: AND
00000308: DUP3
00000309: ADD
0000030a: PUSH1 0x40
0000030c: MSTORE
0000030d: RETURNDATASIZE
0000030e: DUP3
0000030f: MSTORE
00000310: RETURNDATASIZE
00000311: PUSH0
00000312: PUSH1 0x20
00000314: DUP5
00000315: ADD
00000316: RETURNDATACOPY
00000317: PUSH2 0x0320
0000031a: JUMP
0000031b: JUMPDEST
0000031c: PUSH1 0x60
0000031e: SWAP2
0000031f: POP
00000320: JUMPDEST
00000321: POP
00000322: SWAP2
00000323: POP
00000324: SWAP2
00000325: POP
00000326: PUSH2 0x0330
00000329: DUP6
0000032a: DUP4
0000032b: DUP4
0000032c: PUSH2 0x0371
0000032f: JUMP
00000330: JUMPDEST
00000331: SWAP6
00000332: SWAP5
00000333: POP
00000334: POP
00000335: POP
00000336: POP
00000337: POP
00000338: JUMP
00000339: JUMPDEST
0000033a: CALLVALUE
0000033b: ISZERO
0000033c: PUSH2 0x00d6
0000033f: JUMPI
00000340: PUSH1 0x40
00000342: MLOAD
00000343: PUSH32 0xb398979f00000000000000000000000000000000000000000000000000000000
00000364: DUP2
00000365: MSTORE
00000366: PUSH1 0x04
00000368: ADD
00000369: PUSH1 0x40
0000036b: MLOAD
0000036c: DUP1
0000036d: SWAP2
0000036e: SUB
0000036f: SWAP1
00000370: REVERT
00000371: JUMPDEST
00000372: PUSH1 0x60
00000374: DUP3
00000375: PUSH2 0x0386
00000378: JUMPI
00000379: PUSH2 0x0381
0000037c: DUP3
0000037d: PUSH2 0x0403
00000380: JUMP
00000381: JUMPDEST
00000382: PUSH2 0x03fc
00000385: JUMP
00000386: JUMPDEST
00000387: DUP2
00000388: MLOAD
00000389: ISZERO
0000038a: DUP1
0000038b: ISZERO
0000038c: PUSH2 0x03aa
0000038f: JUMPI
00000390: POP
00000391: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
000003a6: DUP5
000003a7: AND
000003a8: EXTCODESIZE
000003a9: ISZERO
000003aa: JUMPDEST
000003ab: ISZERO
000003ac: PUSH2 0x03f9
000003af: JUMPI
000003b0: PUSH1 0x40
000003b2: MLOAD
000003b3: PUSH32 0x9996b31500000000000000000000000000000000000000000000000000000000
000003d4: DUP2
000003d5: MSTORE
000003d6: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
000003eb: DUP6
000003ec: AND
000003ed: PUSH1 0x04
000003ef: DUP3
000003f0: ADD
000003f1: MSTORE
000003f2: PUSH1 0x24
000003f4: ADD
000003f5: PUSH2 0x024b
000003f8: JUMP
000003f9: JUMPDEST
000003fa: POP
000003fb: DUP1
000003fc: JUMPDEST
000003fd: SWAP4
000003fe: SWAP3
000003ff: POP
00000400: POP
00000401: POP
00000402: JUMP
00000403: JUMPDEST
00000404: DUP1
00000405: MLOAD
00000406: ISZERO
00000407: PUSH2 0x0412
0000040a: JUMPI
0000040b: DUP1
0000040c: MLOAD
0000040d: PUSH1 0x20
0000040f: DUP3
00000410: ADD
00000411: REVERT
00000412: JUMPDEST
00000413: PUSH1 0x40
00000415: MLOAD
00000416: PUSH32 0xd6bda27500000000000000000000000000000000000000000000000000000000
00000437: DUP2
00000438: MSTORE
00000439: PUSH1 0x04
0000043b: ADD
0000043c: PUSH1 0x40
0000043e: MLOAD
0000043f: DUP1
00000440: SWAP2
00000441: SUB
00000442: SWAP1
00000443: REVERT
00000444: JUMPDEST
00000445: PUSH0
00000446: DUP1
00000447: DUP6
00000448: DUP6
00000449: GT
0000044a: ISZERO
0000044b: PUSH2 0x0452
0000044e: JUMPI
0000044f: PUSH0
00000450: DUP1
00000451: REVERT
00000452: JUMPDEST
00000453: DUP4
00000454: DUP7
00000455: GT
00000456: ISZERO
00000457: PUSH2 0x045e
0000045a: JUMPI
0000045b: PUSH0
0000045c: DUP1
0000045d: REVERT
0000045e: JUMPDEST
0000045f: POP
00000460: POP
00000461: DUP3
00000462: ADD
00000463: SWAP4
00000464: SWAP2
00000465: SWAP1
00000466: SWAP3
00000467: SUB
00000468: SWAP2
00000469: POP
0000046a: JUMP
0000046b: JUMPDEST
0000046c: PUSH32 0x4e487b7100000000000000000000000000000000000000000000000000000000
0000048d: PUSH0
0000048e: MSTORE
0000048f: PUSH1 0x41
00000491: PUSH1 0x04
00000493: MSTORE
00000494: PUSH1 0x24
00000496: PUSH0
00000497: REVERT
00000498: JUMPDEST
00000499: PUSH0
0000049a: DUP1
0000049b: PUSH1 0x40
0000049d: DUP4
0000049e: DUP6
0000049f: SUB
000004a0: SLT
000004a1: ISZERO
000004a2: PUSH2 0x04a9
000004a5: JUMPI
000004a6: PUSH0
000004a7: DUP1
000004a8: REVERT
000004a9: JUMPDEST
000004aa: DUP3
000004ab: CALLDATALOAD
000004ac: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
000004c1: DUP2
000004c2: AND
000004c3: DUP2
000004c4: EQ
000004c5: PUSH2 0x04cc
000004c8: JUMPI
000004c9: PUSH0
000004ca: DUP1
000004cb: REVERT
000004cc: JUMPDEST
000004cd: SWAP2
000004ce: POP
000004cf: PUSH1 0x20
000004d1: DUP4
000004d2: ADD
000004d3: CALLDATALOAD
000004d4: PUSH8 0xffffffffffffffff
000004dd: DUP1
000004de: DUP3
000004df: GT
000004e0: ISZERO
000004e1: PUSH2 0x04e8
000004e4: JUMPI
000004e5: PUSH0
000004e6: DUP1
000004e7: REVERT
000004e8: JUMPDEST
000004e9: DUP2
000004ea: DUP6
000004eb: ADD
000004ec: SWAP2
000004ed: POP
000004ee: DUP6
000004ef: PUSH1 0x1f
000004f1: DUP4
000004f2: ADD
000004f3: SLT
000004f4: PUSH2 0x04fb
000004f7: JUMPI
000004f8: PUSH0
000004f9: DUP1
000004fa: REVERT
000004fb: JUMPDEST
000004fc: DUP2
000004fd: CALLDATALOAD
000004fe: DUP2
000004ff: DUP2
00000500: GT
00000501: ISZERO
00000502: PUSH2 0x050d
00000505: JUMPI
00000506: PUSH2 0x050d
00000509: PUSH2 0x046b
0000050c: JUMP
0000050d: JUMPDEST
0000050e: PUSH1 0x40
00000510: MLOAD
00000511: PUSH1 0x1f
00000513: DUP3
00000514: ADD
00000515: PUSH32 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0
00000536: SWAP1
00000537: DUP2
00000538: AND
00000539: PUSH1 0x3f
0000053b: ADD
0000053c: AND
0000053d: DUP2
0000053e: ADD
0000053f: SWAP1
00000540: DUP4
00000541: DUP3
00000542: GT
00000543: DUP2
00000544: DUP4
00000545: LT
00000546: OR
00000547: ISZERO
00000548: PUSH2 0x0553
0000054b: JUMPI
0000054c: PUSH2 0x0553
0000054f: PUSH2 0x046b
00000552: JUMP
00000553: JUMPDEST
00000554: DUP2
00000555: PUSH1 0x40
00000557: MSTORE
00000558: DUP3
00000559: DUP2
0000055a: MSTORE
0000055b: DUP9
0000055c: PUSH1 0x20
0000055e: DUP5
0000055f: DUP8
00000560: ADD
00000561: ADD
00000562: GT
00000563: ISZERO
00000564: PUSH2 0x056b
00000567: JUMPI
00000568: PUSH0
00000569: DUP1
0000056a: REVERT
0000056b: JUMPDEST
0000056c: DUP3
0000056d: PUSH1 0x20
0000056f: DUP7
00000570: ADD
00000571: PUSH1 0x20
00000573: DUP4
00000574: ADD
00000575: CALLDATACOPY
00000576: PUSH0
00000577: PUSH1 0x20
00000579: DUP5
0000057a: DUP4
0000057b: ADD
0000057c: ADD
0000057d: MSTORE
0000057e: DUP1
0000057f: SWAP6
00000580: POP
00000581: POP
00000582: POP
00000583: POP
00000584: POP
00000585: POP
00000586: SWAP3
00000587: POP
00000588: SWAP3
00000589: SWAP1
0000058a: POP
0000058b: JUMP
0000058c: JUMPDEST
0000058d: PUSH0
0000058e: DUP3
0000058f: MLOAD
00000590: PUSH0
00000591: JUMPDEST
00000592: DUP2
00000593: DUP2
00000594: LT
00000595: ISZERO
00000596: PUSH2 0x05ab
00000599: JUMPI
0000059a: PUSH1 0x20
0000059c: DUP2
0000059d: DUP7
0000059e: ADD
0000059f: DUP2
000005a0: ADD
000005a1: MLOAD
000005a2: DUP6
000005a3: DUP4
000005a4: ADD
000005a5: MSTORE
000005a6: ADD
000005a7: PUSH2 0x0591
000005aa: JUMP
000005ab: JUMPDEST
000005ac: POP
000005ad: PUSH0
000005ae: SWAP3
000005af: ADD
000005b0: SWAP2
000005b1: DUP3
000005b2: MSTORE
000005b3: POP
000005b4: SWAP2
000005b5: SWAP1
000005b6: POP
000005b7: JUMP
000005b8: INVALID
000005b9: LOG2
000005ba: PUSH5 0x6970667358
000005c0: UNKNOWN(0x22)
000005c1: SLT
000005c2: KECCAK256
000005c3: SELFBALANCE
000005c4: UNKNOWN(0xF8)
000005c5: CALLVALUE
000005c6: UNKNOWN(0xCF)
000005c7: STATICCALL
000005c8: PUSH7 0x05c240449566a1
000005d0: DUP6
000005d1: PUSH31

Findings

validated = confirmed for call sinks; sink observed for others
Severity Category Tool Title Confidence Validated Confirmed Details
critical upgradeability detector Untrusted DELEGATECALL target reachable 70 no no
view
validation_json 
{
    "sink": "DELEGATECALL",
    "errors": 10,
    "status": "unknown",
    "attempts": 11,
    "confirmed": false,
    "trace_mode": "callTracer",
    "call_targets": null,
    "matched_probe": null,
    "target_varies": null,
    "classification": "no_sink"
}
witness_json 
{
    "notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
    "constraints": [],
    "entrypoints": [
        {
            "calldata": "0x",
            "selector": "fallback",
            "calldata_variants": [
                "0x"
            ]
        }
    ]
}
evidence_json 
{
    "examples": [
        {
            "pc": 468,
            "opcode": "DELEGATECALL",
            "returndata_checked": null,
            "value_expression_category": "n/a",
            "target_expression_category": "computed"
        },
        {
            "pc": 750,
            "opcode": "DELEGATECALL",
            "returndata_checked": null,
            "value_expression_category": "n/a",
            "target_expression_category": "computed"
        }
    ],
    "guards_detected": [],
    "delegatecall_count": 2,
    "untrusted_delegatecall_count": 2
}
medium upgradeability cast DELEGATECALL present 80 no
view
evidence_json 
{
    "notes": "delegatecall enables execution in caller context; common in proxies/upgradeable patterns",
    "delegatecall_count": 2
}