TW
Tripwire
Find contracts. Test them. Review real vulns.

Analysis Run

019ba9a5-c5f0-7178-a508-b5536da7b47d

complete
Chain ID
1
Address
0x90cbe4bdd538d6e9b379bff5fe72c3d67a521de5
Block Number
Created
Sat, Jan 10, 2026 8:42 PM
Review Summary

What survived the funnel

Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?

back to vulns open contract
Confirmed
0
Validated
0
Source
Verified
Review Backing
Not yet
Best current signal
Untrusted DELEGATECALL target reachable
crit 0 high 0 proxy context implementation known
Review Checklist
1. Read the findings table first. Ignore raw jobs until the result looks real.
2. Confirm attacker control, not just the existence of a sink.
3. Confirm money or privilege impact.
4. Keep it if the behavior is real. Kill it if this is normal proxy, admin, or upgrade plumbing.

Processing Jobs

Status & attempts
ID Type Status Attempts Heartbeat
37017 artifact.fetch complete 1 / 3 3 months ago
37018 proxy.resolve complete 1 / 3 3 months ago
37019 tool.cast_disasm complete 1 / 3 3 months ago
37020 analysis.bundle complete 1 / 3 3 months ago
37021 capability.graph complete 1 / 3 3 months ago
37022 detector.run complete 1 / 3 3 months ago
37023 validation.fork complete 1 / 3 3 months ago

Artifact

Runtime bytecode: available
Creation TX:
Deployer:
Proxy: yes confirmed
Implementation:
0x544e62df13d6273e64b06ac1afd925c8dcbc6569 target (child run)
Verified Source: yes
Proxy evidence 
{
    "method": "etherscan+onchain",
    "status": "confirmed",
    "etherscan_hint": {
        "source": "etherscan",
        "etherscan": {
            "proxy_flag": true,
            "implementation": "0x544e62df13d6273e64b06ac1afd925c8dcbc6569"
        }
    },
    "implementation": "0x544e62df13d6273e64b06ac1afd925c8dcbc6569",
    "onchain_method": "beacon"
}

Slither

tool.slither

No slither job recorded yet.

Codex

report.consolidate

No codex job recorded yet.

Opcode Heuristics

tool.cast_disasm
Delegatecall
1
Selfdestruct
0
CREATE2
0
CALL-family (heavy)
1
EXT*/BALANCE
0
Total opcodes
162
Flags
delegatecall_present
View cast disassembly output 
00000000: PUSH1 0x80
00000002: DUP1
00000003: PUSH1 0x40
00000005: MSTORE
00000006: PUSH32 0x5c60da1b00000000000000000000000000000000000000000000000000000000
00000027: DUP2
00000028: MSTORE
00000029: PUSH1 0x20
0000002b: DUP2
0000002c: PUSH1 0x04
0000002e: DUP2
0000002f: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
00000044: PUSH32 0x000000000000000000000000d25c6f0293d41758552b0b27d6f69353a1134d51
00000065: AND
00000066: GAS
00000067: STATICCALL
00000068: SWAP1
00000069: DUP2
0000006a: ISZERO
0000006b: PUSH2 0x010b
0000006e: JUMPI
0000006f: PUSH0
00000070: SWAP2
00000071: PUSH2 0x007b
00000074: JUMPI
00000075: JUMPDEST
00000076: POP
00000077: PUSH2 0x0167
0000007a: JUMP
0000007b: JUMPDEST
0000007c: SWAP1
0000007d: POP
0000007e: PUSH1 0x20
00000080: RETURNDATASIZE
00000081: PUSH1 0x20
00000083: GT
00000084: PUSH2 0x0104
00000087: JUMPI
00000088: JUMPDEST
00000089: PUSH32 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffe0
000000aa: PUSH1 0x1f
000000ac: DUP3
000000ad: ADD
000000ae: AND
000000af: DUP3
000000b0: ADD
000000b1: SWAP2
000000b2: DUP1
000000b3: DUP4
000000b4: LT
000000b5: PUSH8 0xffffffffffffffff
000000be: DUP5
000000bf: GT
000000c0: OR
000000c1: PUSH2 0x00d7
000000c4: JUMPI
000000c5: PUSH2 0x00d1
000000c8: SWAP3
000000c9: PUSH1 0x40
000000cb: MSTORE
000000cc: ADD
000000cd: PUSH2 0x0116
000000d0: JUMP
000000d1: JUMPDEST
000000d2: PUSH0
000000d3: PUSH2 0x0075
000000d6: JUMP
000000d7: JUMPDEST
000000d8: PUSH32 0x4e487b7100000000000000000000000000000000000000000000000000000000
000000f9: PUSH0
000000fa: MSTORE
000000fb: PUSH1 0x41
000000fd: PUSH1 0x04
000000ff: MSTORE
00000100: PUSH1 0x24
00000102: PUSH0
00000103: REVERT
00000104: JUMPDEST
00000105: POP
00000106: RETURNDATASIZE
00000107: PUSH2 0x0088
0000010a: JUMP
0000010b: JUMPDEST
0000010c: PUSH1 0x40
0000010e: MLOAD
0000010f: RETURNDATASIZE
00000110: PUSH0
00000111: DUP3
00000112: RETURNDATACOPY
00000113: RETURNDATASIZE
00000114: SWAP1
00000115: REVERT
00000116: JUMPDEST
00000117: PUSH32 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff80
00000138: PUSH1 0x20
0000013a: SWAP2
0000013b: ADD
0000013c: SLT
0000013d: PUSH2 0x0163
00000140: JUMPI
00000141: PUSH1 0x80
00000143: MLOAD
00000144: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
00000159: DUP2
0000015a: AND
0000015b: DUP2
0000015c: SUB
0000015d: PUSH2 0x0163
00000160: JUMPI
00000161: SWAP1
00000162: JUMP
00000163: JUMPDEST
00000164: PUSH0
00000165: DUP1
00000166: REVERT
00000167: JUMPDEST
00000168: PUSH0
00000169: DUP1
0000016a: SWAP2
0000016b: CALLDATASIZE
0000016c: DUP3
0000016d: DUP1
0000016e: CALLDATACOPY
0000016f: DUP2
00000170: CALLDATASIZE
00000171: SWAP2
00000172: GAS
00000173: DELEGATECALL
00000174: RETURNDATASIZE
00000175: PUSH0
00000176: DUP1
00000177: RETURNDATACOPY
00000178: ISZERO
00000179: PUSH2 0x0180
0000017c: JUMPI
0000017d: RETURNDATASIZE
0000017e: PUSH0
0000017f: RETURN
00000180: JUMPDEST
00000181: RETURNDATASIZE
00000182: PUSH0
00000183: REVERT
00000184: INVALID
00000185: LOG2
00000186: PUSH5 0x6970667358
0000018c: UNKNOWN(0x22)
0000018d: SLT
0000018e: KECCAK256
0000018f: UNKNOWN(0xB6)
00000190: UNKNOWN(0x0C)
00000191: UNKNOWN(0xBF)
00000192: UNKNOWN(0x4C)
00000193: UNKNOWN(0xE8)
00000194: PUSH24 0x2cb3e254605ee39a357ae36438377aa078a457c041ee4eec
000001ad: POP
000001ae: UNKNOWN(0xDA)
000001af: PUSH5 0x736f6c6343
000001b5: STOP
000001b6: ADDMOD
000001b7: OR
000001b8: STOP
000001b9: CALLER

Findings

validated = confirmed for call sinks; sink observed for others
Severity Category Tool Title Confidence Validated Confirmed Details
critical upgradeability detector Untrusted DELEGATECALL target reachable 70 no no
view
trace_id: 0xbc39c7adfa5d26da0c545cab2129f5a7e2eb2f4f187c3a23a71521b2b5254168
call_targets: 0x544e62df13d6273e64b06ac1afd925c8dcbc6569
target_varies: no
classification: constant_target
validation_json 
{
    "sink": "DELEGATECALL",
    "errors": 0,
    "status": "sink_reached",
    "attempts": 1,
    "trace_id": "0xbc39c7adfa5d26da0c545cab2129f5a7e2eb2f4f187c3a23a71521b2b5254168",
    "confirmed": false,
    "trace_mode": "callTracer",
    "call_targets": [
        "0x544e62df13d6273e64b06ac1afd925c8dcbc6569"
    ],
    "matched_probe": null,
    "target_varies": false,
    "classification": "constant_target"
}
witness_json 
{
    "notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
    "constraints": [],
    "entrypoints": [
        {
            "calldata": "0x",
            "selector": "fallback",
            "calldata_variants": [
                "0x"
            ]
        }
    ]
}
evidence_json 
{
    "examples": [
        {
            "pc": 371,
            "opcode": "DELEGATECALL",
            "returndata_checked": null,
            "value_expression_category": "n/a",
            "target_expression_category": "computed"
        }
    ],
    "guards_detected": [],
    "delegatecall_count": 1,
    "untrusted_delegatecall_count": 1
}
medium upgradeability cast DELEGATECALL present 80 no
view
evidence_json 
{
    "notes": "delegatecall enables execution in caller context; common in proxies/upgradeable patterns",
    "delegatecall_count": 1
}