TW
Tripwire
Find contracts. Test them. Review real vulns.

Analysis Run

019bb2d5-fd57-707f-a904-b2b419626a9c

complete
Chain ID
1
Address
0x3d64bd587300af85ae54007d350bfd293dc24581
Block Number
Created
Mon, Jan 12, 2026 3:32 PM
Review Summary

What survived the funnel

Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?

back to vulns open contract
Confirmed
0
Validated
0
Source
Bytecode only
Review Backing
Present
Best current signal
Untrusted DELEGATECALL target reachable
crit 0 high 0 proxy context implementation known
Review Checklist
1. Read the findings table first. Ignore raw jobs until the result looks real.
2. Confirm attacker control, not just the existence of a sink.
3. Confirm money or privilege impact.
4. Keep it if the behavior is real. Kill it if this is normal proxy, admin, or upgrade plumbing.

Processing Jobs

Status & attempts
ID Type Status Attempts Heartbeat
39594 artifact.fetch complete 1 / 3 3 months ago
39595 proxy.resolve complete 1 / 3 3 months ago
39596 tool.cast_disasm complete 1 / 3 3 months ago
39597 analysis.bundle complete 1 / 3 3 months ago
39598 capability.graph complete 1 / 3 3 months ago
39599 detector.run complete 1 / 3 3 months ago
39600 validation.fork complete 1 / 3 3 months ago
39733 report.consolidate complete 1 / 6 3 months ago

Artifact

Runtime bytecode: available
Creation TX:
Deployer:
Proxy: yes onchain_only
Implementation:
0x9ee44137984af40481663744d27c5ae79210991e target (child run)
Verified Source: no
Proxy evidence 
{
    "method": "eip1967",
    "status": "onchain_only",
    "implementation": "0x9ee44137984af40481663744d27c5ae79210991e",
    "onchain_method": "eip1967"
}

Slither

tool.slither

No slither job recorded yet.

Codex

report.consolidate
Job Status
complete
Attempts
1 / 6
Findings
3
No findings?
no
Summary
Bytecode shows multiple low-level CALLs with computed targets/values and CREATE/SELFDESTRUCT opcodes; guards and reachability are not proven in the artifacts, so risks are conditional on reachability and access control.
View stdout 
{"no_findings":false,"summary":"Bytecode shows multiple low-level CALLs with computed targets/values and CREATE/SELFDESTRUCT opcodes; guards and reachability are not proven in the artifacts, so risks are conditional on reachability and access control.","findings":[{"severity":"medium","category":"reentrancy","title":"Low-level CALLs to computed targets/values without detected guards","exploit_scenario":"The implementation performs multiple CALLs where both the target and value are computed. If any of these values are influenced by user input or cross-chain messages, a malicious target can reenter during external calls or redirect value transfers before state is finalized, potentially draining funds or corrupting accounting. The bytecode analysis did not detect any guard checks around these sinks, so safety depends on off-chain assumptions or unseen controls.","recommendation":"Add explicit reentrancy protection around external-call paths, update critical state before CALLs, and restrict/allowlist external targets where possible. Ensure return data is validated and enforce strict access control for any function that can trigger value-bearing CALLs.","evidence":"callsites list shows CALL at pcs 4453/6904/11718/11868/12355/13930 with target_expression_category/value_expression_category \"computed\" and returndata_checked null; detector findings \"Untrusted CALL target/value reachable\" and \"ETH value transfer possible\" report no guards detected.","locations":["pc:0x1165","pc:0x1af8","pc:0x2dc6","pc:0x2e5c","pc:0x3043","pc:0x366a"]},{"severity":"low","category":"other","title":"SELFDESTRUCT opcode present in runtime bytecode (reachability unclear)","exploit_scenario":"If the SELFDESTRUCT opcode is reachable from any externally callable path, an attacker (or compromised privileged role) could irreversibly destroy the implementation, and in a proxy setup this could brick the proxy logic. The opcode appears in a block without a JUMPDEST, which may indicate embedded data rather than executable code, so reachability is uncertain.","recommendation":"Confirm that the SELFDESTRUCT opcode is unreachable in executable code. If reachable, remove it or gate it behind strict, revocable admin controls and timelocks.","evidence":"basic_blocks include SELFDESTRUCT at start_pc 17721; heuristics_summary flags selfdestruct_present; detector finding \"SELFDESTRUCT reachable\" has status unknown.","locations":["pc:0x4539"]},{"severity":"low","category":"other","title":"CREATE/CREATE2 opcodes present (factory behavior)","exploit_scenario":"The bytecode includes CREATE and CREATE2. If these paths are externally reachable without strict access control, an attacker could deploy arbitrary contracts, squat deterministic addresses, or grief the system with storage/gas usage. This may be intended factory behavior, but access control is not proven in the artifacts.","recommendation":"Verify CREATE/CREATE2 are only reachable by authorized roles. If public deployment is intended, document the security model and enforce input validation (salt/code size) to avoid abuse.","evidence":"heuristics_summary reports create_count=2 and create2_count=1; a basic block includes CREATE2 at start_pc 17838.","locations":["pc:0x45ae"]}]}
View stderr 
OpenAI Codex v0.77.0 (research preview)
--------
workdir: /tmp/codex-p8jeuz72
model: gpt-5.2-codex
provider: openai
approval: never
sandbox: read-only
reasoning effort: high
reasoning summaries: auto
session id: 019bb2eb-3a2c-7cf1-b238-028ead44c627
--------
user
Context: The user requested the proxy at 0x3d64bd587300af85ae54007d350bfd293dc24581.
Audit the implementation at 0x9ee44137984af40481663744d27c5ae79210991e.
Findings should refer to the implementation unless explicitly about proxy mechanics.

You are a security auditor. You ONLY have runtime bytecode + analysis artifacts.
You MUST read `BYTECODE_BUNDLE.json` before concluding; it contains the bytecode summary,
evidence bundle, callsites, storage slots, and detector findings.

Special cases when reasoning from bytecode (be explicit about uncertainty):
- Selector inference is best-effort; missing selectors are common.
- Fallback/receive paths may be the only entrypoints.
- CALL vs DELEGATECALL semantics differ; DELEGATECALL executes in caller storage.
- Proxy patterns (EIP-1967, minimal proxies, beacon) change which storage is authoritative.
- Storage slots are raw; mappings/arrays appear via keccak patterns, names are unknown.
- Guard detection is heuristic; absence of guards does NOT mean unguarded.
- Returndata checking is unknown unless explicitly shown in evidence.
- Precompiles (0x1..0x9) and common ERC20 transfer selectors may appear; do not over-claim.

Output MUST be valid JSON matching the provided schema.
- If you find nothing meaningful: set no_findings=true and findings=[].
- Otherwise: set no_findings=false and include findings with severity/category/title.
- Locations can be pc references like "pc:0x123" or selectors like "selector:0xa9059cbb".

Focus on: reentrancy, access control, upgradeability/proxy issues, signature validation,
accounting/invariant breaks, dangerous delegatecall, and untrusted external calls.
Be conservative: if evidence is weak, mark severity low/medium and explain why.
mcp startup: no servers

thinking
**Locating BYTECODE_BUNDLE.json**
exec
/bin/bash -lc ls in /tmp/codex-p8jeuz72 succeeded in 6ms:
BYTECODE_BUNDLE.json
codex-output-schema.json
exec
/bin/bash -lc 'cat BYTECODE_BUNDLE.json' in /tmp/codex-p8jeuz72 succeeded in 9ms:
{
  "analysis_artifact": {
    "address": "0x9ee44137984af40481663744d27c5ae79210991e",
    "artifact_hash": "0xae043948ad4962455269662df6207518a3d365a801bb3b8a3cb3fc9bd5d8081b",
    "artifact_json": {
      "auth": {
        "guards": []
      },
      "basic_blocks": [
        {
          "end_pc": 14,
          "hash": "0xfda3859bd30bc26a6b3112c883aac8a1d7dbad697e14840bb45f5cfc31e8789d",
          "opcodes": [
            "PUSH1",
            "PUSH1",
            "MSTORE",
            "PUSH1",
            "CALLDATASIZE",
            "LT",
            "ISZERO",

thinking
**Investigating JSON and bytecode evidence**
exec
/bin/bash -lc 'rg -n "SELFDESTRUCT|selfdestruct" BYTECODE_BUNDLE.json' in /tmp/codex-p8jeuz72 succeeded in 7ms:
17783:            "SELFDESTRUCT"
22932:            "selfdestruct": 1,
23256:            "selfdestruct": 1,
23580:            "selfdestruct": 1,
23904:            "selfdestruct": 1,
24228:            "selfdestruct": 1,
24552:            "selfdestruct": 1,
24876:            "selfdestruct": 1,
25200:            "selfdestruct": 1,
25524:            "selfdestruct": 1,
25848:            "selfdestruct": 1,
26172:            "selfdestruct": 1,
26496:            "selfdestruct": 1,
26820:            "selfdestruct": 1,
27144:            "selfdestruct": 1,
27468:            "selfdestruct": 1,
27792:            "selfdestruct": 1,
28116:            "selfdestruct": 1,
28440:            "selfdestruct": 1,
28764:            "selfdestruct": 1,

thinking
**Searching for SELFDESTRUCT opcode**
exec
/bin/bash -lc "sed -n '17760,17820p' BYTECODE_BUNDLE.json" in /tmp/codex-p8jeuz72 succeeded in 8ms:
          "start_pc": 17696
        },
        {
          "end_pc": 17720,
          "hash": "0x965de54aec5291f89d40d1e1ea4390b86eb9627df5c27b43fe11bf9853fccfd3",
          "opcodes": [
            "INVALID"
          ],
          "start_pc": 17720
        },
        {
          "end_pc": 17735,
          "hash": "0x3d62fe5c59d8fb48fb86c2063757e939869e0f76b9b82cbba5c4f1c7aaa6e74e",
          "opcodes": [
            "OP_A2",
            "PUSH5",
            "OP_22",
            "SLT",
            "SHA3",
            "OP_4D",

thinking
**Analyzing bytecode and function selectors**
exec
/bin/bash -lc 'rg -n "40c10f19|f2fde38b|8da5cb5b|9dc29fac" BYTECODE_BUNDLE.json' in /tmp/codex-p8jeuz72 succeeded in 8ms:
22843:          "selector": "0x8da5cb5b"
22863:          "selector": "0xf2fde38b"
22899:          "selector": "0x40c10f19"
22911:          "selector": "0x9dc29fac"
29732:          "selector": "0x8da5cb5b",
31352:          "selector": "0xf2fde38b",
34268:          "selector": "0x40c10f19",
35240:          "selector": "0x9dc29fac",
36230:        "0x8da5cb5b",
36235:        "0xf2fde38b",
36244:        "0x40c10f19",
36247:        "0x9dc29fac",
36637:      "full": "0x608060405260043610156200001357600080fd5b60003560e01c8062e1d8d01462000232578063017e7e58146200022c578063084e070d14620002265780630ce49a2314620002205780631075d47f146200021a57806313adf8541462000214578063162c0700146200020e5780632a1c537c14620002085780633088a5f91462000202578063370e8de714620001fc5780633a1a5b7614620001f6578063485cc95514620001f0578063500b19e714620001ea5780635c975abb14620001e457806362ceb3a114620001de578063633662ec14620001d857806364fb065b14620001d25780636b44950614620001cc578063715018a614620001c6578063777609ff14620001c05780637f34071d14620001ba5780638ccc73b714620001b45780638da5cb5b14620001ae578063a23e3e8914620001a8578063ba46ae7214620001a2578063cea9d26f146200019c578063eb1e62371462000196578063f2fde38b1462000190578063f9eaee0d146200018a5763ff74927b146200018457600080fd5b62001e8c565b62001da1565b62001d6c565b62001ba9565b62001a61565b620019d7565b620016d0565b62001697565b6200162f565b62001493565b62000f86565b62000f13565b62000e9f565b62000e59565b62000e23565b62000e02565b62000ddd565b62000db2565b62000c73565b62000b3c565b62000a81565b62000a56565b62000a00565b620009ca565b62000958565b62000461565b6200037e565b6200032e565b620002f1565b34620002e0576040366003190112620002e057600054604051620e1d8d60e41b81526004803590820152602480359082015290602090829060449082906001600160a01b03165afa8015620002da57620002a091600091620002a4575b506040519081529081906020820190565b0390f35b620002cb915060203d602011620002d2575b620002c2818362001932565b81019062001f03565b386200028f565b503d620002b6565b62001f13565b600080fd5b6000910312620002e057565b34620002e0576000366003190112620002e057600a546040516001600160a01b039091168152602090f35b6001600160a01b03811603620002e057565b34620002e0576040366003190112620002e057602060243562000351816200031c565b60043560009081526005835260408082206001600160a01b03938416835260205290205416604051908152f35b34620002e0576020366003190112620002e0576004356200039f816200031c565b60018060a01b031660005260096020526040806000205460ff825191818116835260081c166020820152f35b9181601f84011215620002e0578235916001600160401b038311620002e05760208381860195010111620002e057565b90610100600319830112620002e05760043562000418816200031c565b91602435916044356200042b816200031c565b91606435916084359160a4359160c4359160e435906001600160401b038211620002e0576200045d91600401620003cb565b9091565b6200046c36620003fb565b6200047e989492989691959662002bc2565b60025460ff1615620004909062001f1f565b6001600160a01b03851660009081526003602052604090205460ff16620004b79062001f62565b6001600160a01b038281169990969083908a90620004d78d151562001faf565b620004e48b151562001ffc565b620004f5634000002083146200205c565b804211156200050490620020a9565b604080516001600160a01b038b8116602083019081529282018b9052606082019490945293909216608084015260a0808401919091528252906200054a60c08262001932565b5190206040518060208101926200058b9084603c917f19457468657265756d205369676e6564204d6573736167653a0a3332000000008252601c8201520190565b03601f19810182526200059f908262001932565b519020913690620005b09262001e32565b620005bb9162002c07565b600b54620005d79187166001600160a01b0390911614620020f6565b620005e483871162002143565b83851662000812579062000780839262000641620007a095896200062b7f9c423378cf27f0c8a3c114818ed506e08512bb659ae451a814734afb59c88afa9b3414620021cf565b81151580620007f2575b620007c7575b620021bb565b92620006d287620006cb620006c4620006bd620006b76200068b620006ad620006916200068b620006848960018060a01b03166000526009602052604060002090565b5460ff1690565b60ff1690565b6001600160a01b03909716600090815260096020526040902090565b5460081c60ff1690565b6200221b565b886200222a565b916200221b565b906200223e565b620006f8620006eb8c6000526001602052604060002090565b546001600160a01b031690565b888a821615620007be575b6200076a6200077992936200072a8360018060a01b03166000526007602052604060002090565b6001600160a01b038416600090815260076020526040902060018101919062000759906002905b015460ff1690565b92604051998a9660208801620022dc565b03601f19810185528462001932565b8a62002e03565b506040519485941696846040919493926060820195825260208201520152565b0390a3620007bc60016000805160206200458e83398151915255565b005b30915062000703565b600a546200063b908390620007ec906001600160a01b03165b6001600160a01b031690565b62002daa565b50600a546200080a906001600160a01b0316620007e0565b151562000635565b6040516370a0823160e01b808252306004830152909691939291602088602481898b165afa978815620002da576000986200092d575b506200085990303389891662002ce4565b604051908152306004820152602081602481888a165afa938415620002da576200064184620008bd7f9c423378cf27f0c8a3c114818ed506e08512bb659ae451a814734afb59c88afa9a620007a098620007809660009162000909575b50620021bb565b81151580620008e9575b15620021bb57600a546200063b9083906001600160a01b03168c8c1662002d39565b50600a5462000901906001600160a01b0316620007e0565b1515620008c7565b62000926915060203d602011620002d257620002c2818362001932565b38620008b6565b62000859919850620009509060203d602011620002d257620002c2818362001932565b979062000848565b34620002e0576020366003190112620002e05760043562000979816200031c565b6200098362002e8d565b600080546001600160a01b0319166001600160a01b03929092169182178155907fd064f30256bdcc26eea3e43e8841e129f5103b2f452b51f82ca744d8491ed2f88280a280f35b34620002e0576020366003190112620002e0576004356000526001602052602060018060a01b0360406000205416604051908152f35b34620002e0576040366003190112620002e057602062000a4d60243562000a27816200031c565b6004356000526008835260406000209060018060a01b0316600052602052604060002090565b54604051908152f35b34620002e0576000366003190112620002e0576000546040516001600160a01b039091168152602090f35b34620002e0576020366003190112620002e05760043562000aa2816200031c565b62000aac62002e8d565b6001600160a01b0316801562000af757600080546001600160a01b0319168217815590807f20b3e30ad6ccfd06f6c1189187387369397da6974bd36cf6fee3b44c1c08d45b8380a380f35b60405162461bcd60e51b815260206004820152601760248201527f576d624170703a20696e76616c696420676174657761790000000000000000006044820152606490fd5b34620002e0576080366003190112620002e0576004356001600160401b038111620002e05762000b71903690600401620003cb565b906044356064359162000b84836200031c565b6000546001600160a01b0394908516330362000be95762000bd4620007bc9562000bbc620006eb866000526001602052604060002090565b818716918291161490811562000bde575b5062002349565b6024359162002ec8565b905030143862000bcd565b60405162461bcd60e51b815260206004820152602f60248201527f576d624170703a204f6e6c7920574d4220676174657761792063616e2063616c60448201526e36103a3434b990333ab731ba34b7b760891b6064820152608490fd5b6040906003190112620002e05760043562000c61816200031c565b9060243562000c70816200031c565b90565b34620002e05762000c843662000c46565b90600080516020620045ae83398151915254916001600160401b0360ff8460401c161593168015908162000da9575b600114908162000d9e575b15908162000d94575b5062000d8257600080516020620045ae833981519152805467ffffffffffffffff1916600117905562000d00918362000d565762002396565b62000d0757005b600080516020620045ae833981519152805460ff60401b19169055604051600181527fc7f505b2f371ae2175ee4913f4499e1f2633a7b5936321eed1cdaeb6115181d29080602081015b0390a1005b600080516020620045ae833981519152805460ff60401b19166801000000000000000017905562002396565b60405163f92ee8a960e01b8152600490fd5b9050153862000cc7565b303b15915062000cbe565b84915062000cb3565b34620002e0576000366003190112620002e057600b546040516001600160a01b039091168152602090f35b34620002e0576000366003190112620002e057602060ff600254166040519015158152f35b34620002e0576000366003190112620002e057602060405163400000208152f35b34620002e0576020366003190112620002e0576004356000526006602052602060018060a01b0360406000205416604051908152f35b34620002e0576020366003190112620002e05760043562000e7a816200031c565b60018060a01b03166000526004602052602060ff604060002054166040519015158152f35b34620002e05762000eb03662000c46565b9062000ebb62002e8d565b60018060a01b03809116906bffffffffffffffffffffffff60a01b928284600a541617600a55168092600b541617600b557f0ece17eb3c7956200bc16430b1b4e21294c171c44e83c74aff3d681f39e9381a600080a3005b34620002e05760008060031936011262000f835762000f3162002e8d565b6000805160206200456e83398151915280546001600160a01b0319811690915581906001600160a01b03167f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e08280a380f35b80fd5b34620002e05762001085620010186200108c62000fa336620003fb565b909a869893949b62000fba9b969a93989b62002bc2565b62000fcb60ff600254161562001f1f565b62000fd989421115620020a9565b8b6040998a5198899160209d8e8401948b8b879195949360809360a084019760018060a01b038094168552602085015260408401521660608201520152565b03976200102e601f19998a810183528262001932565b51902089517f19457468657265756d205369676e6564204d6573736167653a0a333200000000818d01908152601c8101929092526200107981603c84015b038a810183528262001932565b51902092369162001e32565b9062002c07565b600b54909590620010bd90620010ab906001600160a01b0316620007e0565b6001600160a01b0397881614620020f6565b6001600160a01b0382166000908152600460205260409020620010eb90620010e59062000684565b620023f8565b620010f883891162002143565b6200110a63400000208a14156200205c565b6200113783878416996200112281308d339062002ce4565b8115158062001449575b6200142f57620021bb565b91883b15620002e0578151632770a7eb60e21b81523060048201526024810184905260009b8c82604481838f5af1918215620002da5760049262001411575b5083516306fdde0360e01b8152918d908390818e5afa8015620002da576004928e8092620013f2575b86516395d89b4160e01b8152949091508490818f5afa908115620002da576004938f8093620013c8575b50508b8d87519586809263313ce56760e01b82525afa988915620002da578f9c8f9a8d937f1e374c0c31cae653a45e8fcb86aa5a976ad44ce6b88abdce4efd068b5817860b9f6200134e998f999e6200136a9f8e939562001392575b5062001298836200128f62001244846000526008602052604060002090565b62001279620006eb8762001262886000526005602052604060002090565b9060018060a01b0316600052602052604060002090565b60018060a01b0316600052602052604060002090565b541015620024c5565b620012cf620012b1826000526008602052604060002090565b62001279620006eb8562001262866000526005602052604060002090565b620012dc848254620021bb565b9055620012f7620006eb826000526001602052604060002090565b9788161562001389575b916200132c620006eb6200133a96959362001262620013479b9c966000526005602052604060002090565b9a8d519b8c97880162002512565b0390810185528462001932565b8c62002e03565b5051978852602088015260408701529116939081906060820190565b0390a36200138660016000805160206200458e83398151915255565b80f35b30975062001301565b620013b8919550863d8811620013c0575b620013af818362001932565b810190620024ad565b933862001225565b503d620013a3565b620013e99293503d8091833e620013e0818362001932565b81019062002445565b90388f620011c9565b6200140992503d8091833e620013e0818362001932565b388e6200119f565b80620014216200142892620018fc565b80620002e5565b3862001176565b600a546200063b9083906001600160a01b03168d62002d39565b50600a5489166001600160a01b031615156200112c565b9181601f84011215620002e0578235916001600160401b038311620002e0576020808501948460051b010111620002e057565b34620002e0576060366003190112620002e0576001600160401b03600435818111620002e057620014c990369060040162001460565b602492919235828111620002e057620014e790369060040162001460565b939092604435908111620002e0576200150590369060040162001460565b9290946200151262002e8d565b808214806200161a575b15620015dd5760005b8281106200152f57005b806200154962001543600193888b62002597565b620025ae565b15620015b257620015ab6200156a6200156483868b62002597565b620025ba565b6200158c6200157b84888a62002597565b356000526001602052604060002090565b80546001600160a01b0319166001600160a01b03909216919091179055565b0162001525565b620015d7620015c76200157b83878962002597565b80546001600160a01b0319169055565b620015ab565b60405162461bcd60e51b815260206004820152601560248201527415db58905c1c0e881a5b9d985b1a59081a5b9c1d5d605a1b6044820152606490fd5b508381146200151c565b80151503620002e057565b34620002e0576020366003190112620002e0577ffb9c4e6a4456a56cbc992fcdf3fec2dabe1329db41981bc0b6d9ed43bb8fdb3a6020600435620016738162001624565b6200167d62002e8d565b151560ff196002541660ff821617600255604051908152a1005b34620002e0576000366003190112620002e0576000805160206200456e833981519152546040516001600160a01b039091168152602090f35b34620002e0576060366003190112620002e057620007bc620017f8600435620016f9816200031c565b6024356200170662002e8d565b6200178662001723620006eb836000526001602052604060002090565b6001600160a01b03928184161562001802575b6001600160a01b03851660009081526007602052604090206001810192906200177c906200076a6200176a60028362000751565b604051968793308c60208701620025c6565b6044359162002e03565b5081167f4eb129c82dcd3eedb52df2b0e6fb4cfa41ac64ee9d63ff081acbb1877e85d79b600080a26001600160a01b0381166000908152600760205260409020620017d19062002690565b6001600160a01b031660009081526009602090815260408083208390556003909152902090565b805460ff19169055565b30915062001736565b90600182811c921680156200183d575b60208310146200182757565b634e487b7160e01b600052602260045260246000fd5b91607f16916200181b565b80546000939262001859826200180b565b91828252602093600191600181169081600014620018c6575060011462001882575b5050505050565b90939495506000929192528360002092846000945b838610620018b1575050505001019038808080806200187b565b80548587018301529401938590820162001897565b60ff19168685015250505090151560051b0101915038808080806200187b565b634e487b7160e01b600052604160045260246000fd5b6001600160401b0381116200191057604052565b620018e6565b604081019081106001600160401b038211176200191057604052565b90601f801991011681019081106001600160401b038211176200191057604052565b60005b838110620019685750506000910152565b818101518382015260200162001957565b90602091620019948151809281855285808601910162001954565b601f01601f1916010190565b91620019d060ff91620019c160409497969760608752606087019062001979565b90858203602087015262001979565b9416910152565b34620002e0576020366003190112620002e057600435620019f8816200031c565b60018060a01b03166000526007602052604060002060405162001a298162001a21818562001848565b038262001932565b620002a060ff60026040519462001a518662001a49816001850162001848565b038762001932565b01541660405193849384620019a0565b34620002e0576060366003190112620002e05760043562001a82816200031c565b60243562001a90816200031c565b6044359162001a9e62002e8d565b6001600160a01b0362001ab58382161515620026b2565b81169262001ac58415156200270d565b60405163a9059cbb60e01b81526001600160a01b03841660048201526024810182905293602090859060449082906000905af1908115620002da577f77023e19c7343ad491fd706c36335ca0e738340a91f29b1fd81e2673d44896c49462000d519262001b58575b50604080516001600160a01b0394851681529490931660208501529183019190915281906060820190565b62001b7e9060203d60201162001b86575b62001b75818362001932565b8101906200276d565b503862001b2d565b503d62001b69565b60ff811603620002e057565b359062001ba78262001b8e565b565b34620002e05760a0366003190112620002e05760043562001bca816200031c565b6024356001600160401b038111620002e05762001c0d7f91b749c3abeebc44a2d17b5872302f6e35b9d93f738119c3e772ba82aca85d72913690600401620003cb565b9262001d6760443562001c208162001b8e565b60643562001c2e8162001b8e565b6084359162001c3d8362001624565b62001c4762002e8d565b6001600160a01b0385166000818152600360205260409020805460ff191660ff861515161790559762001d5a62001cae62001c8436848b62001e32565b6040519062001c938262001916565b6008825267205b534849444f5d60c01b602083015262002b0c565b9662001cf962001cbd62001de7565b89815262001ccd36868d62001e32565b602082015260ff871660408201526001600160a01b0383166000908152600760205260409020620028b2565b62001d3162001d0762001e07565b60ff861681529160ff871660208401526001600160a01b0316600090815260096020526040902090565b8151815460209093015161ffff1990931660ff9091161760089290921b61ff0016919091179055565b60405196879687620029d7565b0390a2005b34620002e0576020366003190112620002e057620007bc60043562001d91816200031c565b62001d9b62002e8d565b62002a2e565b34620002e0576020366003190112620002e05760043562001dc2816200031c565b60018060a01b03166000526003602052602060ff604060002054166040519015158152f35b60405190606082018281106001600160401b038211176200191057604052565b6040519062001ba78262001916565b6001600160401b0381116200191057601f01601f191660200190565b92919262001e408262001e16565b9162001e50604051938462001932565b829481845281830111620002e0578281602093846000960137010152565b9080601f83011215620002e05781602062000c709335910162001e32565b34620002e0576040366003190112620002e0576001600160401b03600435818111620002e05762001ec290369060040162001e6e565b90602435908111620002e057620002a09162001ee762001eee92369060040162001e6e565b9062002b0c565b60405191829160208352602083019062001979565b90816020910312620002e0575190565b6040513d6000823e3d90fd5b1562001f2757565b60405162461bcd60e51b815260206004820152601360248201527214da1a591bd09c9a5919d94e881c185d5cd959606a1b6044820152606490fd5b1562001f6a57565b60405162461bcd60e51b815260206004820152601e60248201527f536869646f4272696467653a20746f6b656e206e6f7420616c6c6f77656400006044820152606490fd5b1562001fb757565b60405162461bcd60e51b815260206004820152601e60248201527f536869646f4272696467653a20696e76616c696420726563697069656e7400006044820152606490fd5b156200200457565b60405162461bcd60e51b815260206004820152602a60248201527f536869646f4272696467653a20616d6f756e74206d75737420626520677265616044820152690746572207468616e20360b41b6064820152608490fd5b156200206457565b60405162461bcd60e51b815260206004820152601e60248201527f536869646f4272696467653a20696e76616c696420746f436861696e496400006044820152606490fd5b15620020b157565b60405162461bcd60e51b815260206004820152601e60248201527f536869646f4272696467653a207369676e6174757265206578706972656400006044820152606490fd5b15620020fe57565b60405162461bcd60e51b815260206004820152601e60248201527f536869646f4272696467653a20696e76616c6964207369676e617475726500006044820152606490fd5b156200214b57565b60405162461bcd60e51b815260206004820152602c60248201527f536869646f4272696467653a20616d6f756e74206d757374206265206772656160448201526b746572207468616e2066656560a01b6064820152608490fd5b634e487b7160e01b600052601160045260246000fd5b91908203918211620021c957565b620021a5565b15620021d757565b606460405162461bcd60e51b815260206004820152602060248201527f536869646f4272696467653a20696e73756666696369656e7420616d6f756e746044820152fd5b604d8111620021c957600a0a90565b81810292918115918404141715620021c957565b811562002249570490565b634e487b7160e01b600052601260045260246000fd5b80546000939262002270826200180b565b91828252602093600191600181169081600014620018c6575060011462002298575050505050565b90939495506000929192528360002092846000945b838610620022c7575050505001019038808080806200187b565b805485870183015294019385908201620022ad565b949060c094620019d09360ff956200233a939a999a60e08a52600760e08b01526663726f7373546f60c81b6101008b01526101209260018060a01b0380921660208c01521660408a015260608901528060808901528701906200225f565b9085820360a08701526200225f565b156200235157565b60405162461bcd60e51b815260206004820152601d60248201527f576d624170703a2052656d6f7465206973206e6f7420747275737465640000006044820152606490fd5b620023cf9160018060a01b03166bffffffffffffffffffffffff60a01b6000541617600055620023c5620036ca565b62001d9b620036ca565b620023d9620036ca565b620023e3620036ca565b60016000805160206200458e83398151915255565b156200240057565b60405162461bcd60e51b815260206004820152601e60248201527f536869646f4272696467653a20746f6b656e206e6f74207772617070656400006044820152606490fd5b602081830312620002e0578051906001600160401b038211620002e0570181601f82011215620002e05780516200247c8162001e16565b926200248c604051948562001932565b81845260208284010111620002e05762000c70916020808501910162001954565b90816020910312620002e0575162000c708162001b8e565b15620024cd57565b60405162461bcd60e51b815260206004820152601f60248201527f536869646f4272696467653a20696e73756666696369656e742071756f7461006044820152606490fd5b949060c094620019d09360ff9562002572939a999a60e08a52600960e08b01526863726f73734261636b60b81b6101008b01526101209260018060a01b0380921660208c01521660408a0152606089015280608089015287019062001979565b9085820360a087015262001979565b634e487b7160e01b600052603260045260246000fd5b9190811015620025a85760051b0190565b62002581565b3562000c708162001624565b3562000c70816200031c565b936200233a60c09460ff94620019d09499989960e08952600b60e08a01526a3932b6b7bb32aa37b5b2b760a91b6101008a01526101209160018060a01b0380921660208b0152166040890152600060608901528060808901528701906200225f565b81811062002634575050565b6000815560010162002628565b6200264d81546200180b565b908162002658575050565b81601f600093116001146200266b575055565b9080839182526200268c601f60208420940160051c84016001850162002628565b5555565b6002600091620026a08162002641565b620026ae6001820162002641565b0155565b15620026ba57565b60405162461bcd60e51b815260206004820152602560248201527f576d624170703a2043616e6e6f742072657363756520746f207a65726f206164604482015264647265737360d81b6064820152608490fd5b156200271557565b60405162461bcd60e51b815260206004820152602a60248201527f576d624170703a20557365207265736375654e617469766520666f72206e617460448201526969766520746f6b656e7360b01b6064820152608490fd5b90816020910312620002e0575162000c708162001624565b9190601f81116200279557505050565b62001ba7926000526020600020906020601f840160051c83019310620027c4575b601f0160051c019062002628565b9091508190620027b6565b91909182516001600160401b0381116200191057620027fb81620027f484546200180b565b8462002785565b602080601f831160011462002842575081906200283293949560009262002836575b50508160011b916000199060031b1c19161790565b9055565b0151905038806200281d565b90601f198316956200285985600052602060002090565b926000905b88821062002899575050836001959697106200287f575b505050811b019055565b015160001960f88460031b161c1916905538808062002875565b806001859682949686015181550195019301906200285e565b91909182519283516001600160401b0381116200191057620028e181620028da85546200180b565b8562002785565b602080601f83116001146200295357506002926200292483620029429460409462001ba7999a600092620028365750508160011b916000199060031b1c19161790565b85555b6200293a602082015160018701620027cf565b015160ff1690565b91019060ff1660ff19825416179055565b90601f198316966200296a86600052602060002090565b926000905b898210620029be5750508360409360029693600193620029429762001ba79b9c10620029a4575b505050811b01855562002927565b015160001960f88460031b161c1916905538808062002996565b806001859682949686015181550195019301906200296f565b9490602060ff93856080979a9996620029fa879560a08c5260a08c019062001979565b928a8403858c0152818452848401376000838284010152601f80199101160101971660408601521660608401521515910152565b6001600160a01b0390811690811562002a8b576000805160206200456e83398151915280546001600160a01b031981168417909155167f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e0600080a3565b604051631e4fbdf760e01b815260006004820152602490fd5b91908201809211620021c957565b9062002abe8262001e16565b62002acd604051918262001932565b828152809262002ae0601f199162001e16565b0190602036910137565b908151811015620025a8570160200190565b6000198114620021c95760010190565b805182518101809111620021c95762002b259062002ab2565b90600093845b825186101562002b795762002b7060019162002b5a62002b4c898762002aea565b516001600160f81b03191690565b60001a62002b69828862002aea565b5362002afc565b95019462002b2b565b94509290506000935b815185101562002bbb5762002bb260019162002ba362002b4c888662002aea565b60001a62002b69828762002aea565b94019362002b82565b5090925050565b6000805160206200458e833981519152600281541462002be25760029055565b604051633ee5aeb560e01b8152600490fd5b60ff601b9116019060ff8211620021c957565b604182510362002c91576020916000918291848101519260606040830151920151901a92601b841062002c76575b9062002c6191604051948594859094939260ff6060936080840197845216602083015260408201520152565b838052039060015afa15620002da5760005190565b929062002c8762002c619262002bf4565b9390915062002c35565b60405162461bcd60e51b815260206004820152602560248201527f536869646f4272696467653a20696e76616c6964207369676e6174757265206c6044820152640cadccee8d60db1b6064820152608490fd5b6040516323b872dd60e01b60208201526001600160a01b039283166024820152929091166044830152606482019290925262001ba79162002d3382608481015b03601f19810184528362001932565b6200364f565b60405163a9059cbb60e01b60208201526001600160a01b039092166024830152604482019290925262001ba79162002d33826064810162002d24565b3d1562002da5573d9062002d898262001e16565b9162002d99604051938462001932565b82523d6000602084013e565b606090565b81471062002deb576000918291829182916001600160a01b03165af162002dd062002d75565b501562002dd957565b604051630a12f52160e11b8152600490fd5b60405163cd78605960e01b8152306004820152602490fd5b6000805460405163993a34ed60e01b815260048101939093526001600160a01b0393841660248401526044830194909452608060648301529093602093859316918391829062002e5890608483019062001979565b03925af1908115620002da5760009162002e70575090565b62000c70915060203d602011620002d257620002c2818362001932565b6000805160206200456e833981519152546001600160a01b0316330362002eb057565b60405163118cdaa760e01b8152336004820152602490fd5b62002ef5919492939462002edb62002bc2565b62002eec60ff600254161562001f1f565b8101906200347a565b604080516001600160a01b039788169991989196881695929492916020908b8e8385018562002f25828662003515565b039562002f3b601f199788810183528262001932565b5190208d516663726f7373546f60c81b8682019081529062002f6981600784015b0389810183528262001932565b519020036200318b5750505062002fb262002fbf8a938c9362002fa38a62002f9062001de7565b968a88528b8489015287019060ff169052565b8d51938491820195866200352e565b0390810183528262001932565b5190208a8d62002fdd620006eb846000526006602052604060002090565b9284841615620030e3575b50906200158c836200126262003008946000526005602052604060002090565b1694853b15620002e05788516340c10f1960e01b81526001600160a01b038216600482015260248101839052956000908790604490829084905af1988915620002da57620030938b620012628f620030b09a7f464a539db78987e852a99acbf1cae6bb6beabe3a24dadb926627bfd280dbcf849e620030cc575b506000526008602052604060002090565b620030a084825462002aa4565b90555b5197889716998762003603565b0390a462001ba760016000805160206200458e83398151915255565b8062001421620030dc92620018fc565b3862003082565b93505050508851610e1c8082018281106001600160401b03821117620019105787878762003119938695620037528739620019a0565b03906000f0908115620002da57620030088b6200158c8f93620012626200158c95620031568f809916809881956000526006602052604060002090565b6001600160a01b03831660009081526004602052604090206200318090805460ff19166001179055565b939450505062002fe8565b620030b099948d94928a7f464a539db78987e852a99acbf1cae6bb6beabe3a24dadb926627bfd280dbcf849f808b95888e9351620031d28162002f5c8c8201809562003515565b51902082516863726f73734261636b60b81b8a820190815290620031fa81600984016200106c565b519020036200333657505062003293965062003289926200323962002fb2959362003253936200322962001de7565b9889528989015260ff168a880152565b6001600160a01b0316600090815260076020526040902090565b8751620032768162003269898201948562003573565b0384810183528262001932565b519020948751938491820195866200352e565b51902014620035b7565b6001600160a01b038b166000908152600360205260409020620032c190620032bb9062000684565b62001f62565b620033118b620006cb620006c46200330a620033036200068b620006ad620006916200068b620006848960018060a01b03166000526009602052604060002090565b936200221b565b876200222a565b8b620033295762003323908362002daa565b620030a3565b6200332390838d62002d39565b93959096929787516200335f8162003352878201809562003515565b0388810183528262001932565b51902087516a3932b6b7bb32aa37b5b2b760a91b858201908152906200338981600b840162002f5c565b51902014620033a1575b5050505050505050620030a3565b62002fb2620033ee62001262966200345b95620033df60009c6200346b9c620015c798620033ce62001de7565b9889528489015287019060ff169052565b8c51938491820195866200352e565b51902062003423620015c762003412620006eb846000526006602052604060002090565b926000526006602052604060002090565b6001600160a01b03811660009081526004602052604090206200344690620017f8565b62001262846000526005602052604060002090565b6000526008602052604060002090565b5585818c8f80388a8a62003393565b909160e082840312620002e0576001600160401b038235818111620002e05784620034a791850162001e6e565b936020840135620034b8816200031c565b936040810135620034c9816200031c565b936060820135936080830135818111620002e05784620034eb91850162001e6e565b9360a0840135918211620002e0576200350d60c09162000c7093860162001e6e565b930162001b9a565b906200352a6020928281519485920162001954565b0190565b60208152606060ff604062003569620035538651856020880152608087019062001979565b6020870151868203601f19018488015262001979565b9401511691015290565b6020815260606020820152606060ff6002620035ad62003597608086018762001848565b858103601f190160408701526001870162001848565b9401541691015290565b15620035bf57565b606460405162461bcd60e51b815260206004820152602060248201527f536869646f4272696467653a20746f6b656e206e616d65206d69736d617463686044820152fd5b949060a09460ff946200364092620019d0959a999a6001808a1b038092168a52166020890152604088015260c0606088015260c087019062001979565b90858203608087015262001979565b6000806200367c9260018060a01b03169360208151910182865af16200367462002d75565b9083620036fb565b8051908115159182620036ac575b5050620036945750565b60249060405190635274afe760e01b82526004820152fd5b620036c192506020809183010191016200276d565b1538806200368a565b60ff600080516020620045ae8339815191525460401c1615620036e957565b604051631afcd79f60e31b8152600490fd5b9062003712575080511562002dd957805190602001fd5b8151158062003747575b62003725575090565b604051639996b31560e01b81526001600160a01b039091166004820152602490fd5b50803b156200371c56fe608060405234620003a85762000e1c803803806200001d81620003ad565b9283398101606082820312620003a85781516001600160401b0390818111620003a857826200004e918501620003d3565b9060209283850151828111620003a8576040916200006e918701620003d3565b9401519360ff85168503620003a8578251828111620002a8576003918254916001958684811c941680156200039d575b8885101462000387578190601f9485811162000331575b508890858311600114620002ca57600092620002be575b505060001982861b1c191690861b1783555b8051938411620002a85760049586548681811c911680156200029d575b8282101462000288578381116200023d575b5080928511600114620001cf5750938394918492600095620001c3575b50501b92600019911b1c19161781555b3315620001ab575060055460405191336001600160a01b0383167f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e0600080a36001600160a81b03199091163360ff60a01b19161760a09190911b60ff60a01b16176005556109d69081620004468239f35b602490600060405191631e4fbdf760e01b8352820152fd5b0151935038806200012a565b92919084601f1981168860005285600020956000905b8983831062000222575050501062000207575b50505050811b0181556200013a565b01519060f884600019921b161c1916905538808080620001f8565b858701518955909701969485019488935090810190620001e5565b87600052816000208480880160051c8201928489106200027e575b0160051c019087905b828110620002715750506200010d565b6000815501879062000261565b9250819262000258565b602288634e487b7160e01b6000525260246000fd5b90607f1690620000fb565b634e487b7160e01b600052604160045260246000fd5b015190503880620000cc565b90889350601f19831691876000528a6000209260005b8c8282106200031a575050841162000301575b505050811b018355620000de565b015160001983881b60f8161c19169055388080620002f3565b8385015186558c97909501949384019301620002e0565b90915085600052886000208580850160051c8201928b86106200037d575b918a91869594930160051c01915b8281106200036d575050620000b5565b600081558594508a91016200035d565b925081926200034f565b634e487b7160e01b600052602260045260246000fd5b93607f16936200009e565b600080fd5b6040519190601f01601f191682016001600160401b03811183821017620002a857604052565b919080601f84011215620003a85782516001600160401b038111620002a85760209062000409601f8201601f19168301620003ad565b92818452828287010111620003a85760005b8181106200043157508260009394955001015290565b85810183015184820184015282016200041b56fe6080604081815260048036101561001557600080fd5b600092833560e01c90816306fdde031461072557508063095ea7b31461067c57806318160ddd1461065d57806323b872dd1461056a578063313ce5671461054557806332424aa31461054557806340c10f191461049657806370a082311461045f578063715018a6146103ff5780638da5cb5b146103d657806395d89b41146102b45780639dc29fac146101d8578063a9059cbb146101a7578063dd62ed3e1461015a5763f2fde38b146100c857600080fd5b34610156576020366003190112610156576100e1610865565b906100ea610974565b6001600160a01b03918216928315610140575050600554826bffffffffffffffffffffffff60a01b821617600555167f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e08380a380f35b51631e4fbdf760e01b8152908101849052602490fd5b8280fd5b5050346101a357806003193601126101a35780602092610178610865565b610180610880565b6001600160a01b0391821683526001865283832091168252845220549051908152f35b5080fd5b5050346101a357806003193601126101a3576020906101d16101c7610865565b6024359033610896565b5160018152f35b508290346101a357826003193601126101a3576101f3610865565b9060243590610200610974565b6001600160a01b03831692831561029d578385528460205285852054918383106102695750508184957fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef936020938688528785520381872055816002540360025551908152a380f35b865163391434e360e21b81526001600160a01b03909216908201908152602081018390526040810184905281906060010390fd5b8551634b637e8f60e11b8152808301869052602490fd5b509190346101a357816003193601126101a35780519082845460018160011c90600183169283156103cc575b60209384841081146103b95783885290811561039d5750600114610348575b505050829003601f01601f191682019267ffffffffffffffff841183851017610335575082918261033192528261081c565b0390f35b634e487b7160e01b815260418552602490fd5b8787529192508591837f8a35acfbc15ff81a39ae7d344fd709f28e8600b4aa8c65c6b64bfe7fe36bd19b5b83851061038957505050508301013880806102ff565b805488860183015293019284908201610373565b60ff1916878501525050151560051b84010190503880806102ff565b634e487b7160e01b895260228a52602489fd5b91607f16916102e0565b5050346101a357816003193601126101a35760055490516001600160a01b039091168152602090f35b833461045c578060031936011261045c57610418610974565b600580546001600160a01b0319811690915581906001600160a01b03167f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e08280a380f35b80fd5b5050346101a35760203660031901126101a35760209181906001600160a01b03610487610865565b16815280845220549051908152f35b5090346101565780600319360112610156576104b0610865565b90602435916104bd610974565b6001600160a01b0316928315610530576002549083820180921161051d575084927fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef9260209260025585855284835280852082815401905551908152a380f35b634e487b7160e01b865260119052602485fd5b84602492519163ec442f0560e01b8352820152fd5b5050346101a357816003193601126101a35760209060ff60055460a01c169051908152f35b50823461045c57606036600319011261045c57610585610865565b61058d610880565b916044359360018060a01b0383168083526001602052868320338452602052868320549160001983036105c9575b6020886101d1898989610896565b86831061063157811561061a573315610603575082526001602090815286832033845281529186902090859003905582906101d1876105bb565b8751634a1406b160e11b8152908101849052602490fd5b875163e602df0560e01b8152908101849052602490fd5b8751637dc7a0d960e11b8152339181019182526020820193909352604081018790528291506060010390fd5b5050346101a357816003193601126101a3576020906002549051908152f35b5034610156578160031936011261015657610695610865565b60243590331561070e576001600160a01b03169182156106f757508083602095338152600187528181208582528752205582519081527f8c5be1e5ebec7d5bd14f71427d1e84f3dd0314c0f7b2291e5b200ac8c7c3b925843392a35160018152f35b8351634a1406b160e11b8152908101859052602490fd5b835163e602df0560e01b8152808401869052602490fd5b84915083346101565782600319360112610156578260035460018160011c9060018316928315610812575b60209384841081146103b9578388529081156107f657506001146107a057505050829003601f01601f191682019267ffffffffffffffff841183851017610335575082918261033192528261081c565b600387529192508591837fc2575a0e9e593c00f959f8c92f12db2869c3395a3b0502d05e2516446f71f85b5b8385106107e257505050508301018580806102ff565b8054888601830152930192849082016107cc565b60ff1916878501525050151560051b84010190508580806102ff565b91607f1691610750565b6020808252825181830181905290939260005b82811061085157505060409293506000838284010152601f8019910116010190565b81810186015184820160400152850161082f565b600435906001600160a01b038216820361087b57565b600080fd5b602435906001600160a01b038216820361087b57565b916001600160a01b0380841692831561095b57169283156109425760009083825281602052604082205490838210610910575091604082827fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef958760209652828652038282205586815220818154019055604051908152a3565b60405163391434e360e21b81526001600160a01b03919091166004820152602481019190915260448101839052606490fd5b60405163ec442f0560e01b815260006004820152602490fd5b604051634b637e8f60e11b815260006004820152602490fd5b6005546001600160a01b0316330361098857565b60405163118cdaa760e01b8152336004820152602490fdfea26469706673582212204d9bb82cff36a497907f7f5a03a9ead5b8b1bb6ee1c8880af43ff565fd2108d164736f6c634300081800339016d09d72d40fdae2fd8ceac6b6234c7706214fd39c1cd1e609a0528c1993009b779b17422d0df92223018b32b4d1fa46e071723d6817e2486d003becc55f00f0c57e16840df040f15088dc2f81fe391c3923bec73e23a9662efc9c229c6a00a264697066735822122064f09c3f689fc00785a752b3f2c7d5f5ae70b1eb7a234e4b6efe99fd3d3980d264736f6c63430008180033",
41565:          "from": "fn:0x8da5cb5b",
41590:          "from": "fn:0xf2fde38b",
41620:          "from": "fn:0x40c10f19",
41635:          "from": "fn:0x9dc29fac",
49004:          "id": "fn:0x8da5cb5b",
49005:          "selector": "0x8da5cb5b",
49034:          "id": "fn:0xf2fde38b",

thinking
**Analyzing bytecode for security risks**

I'm reviewing the full bytecode and disassembly of a bridging contract with token transfers, ownership checks, and signature validation to identify potential vulnerabilities such as untrusted calls and reentrancy risks. I'll focus on critical functions, callsites, and access controls by mapping program counters to basic blocks using a Python script to better understand the contract's behavior.
exec
/bin/bash -lc "python - <<'PY'
import json
from bisect import bisect

with open('BYTECODE_BUNDLE.json') as f:
    data=json.load(f)

bbs=data['analysis_artifact']['artifact_json']['basic_blocks']
call_pcs=[4453,6904,11718,11868,12355,13930]

for pc in call_pcs:
    bb=None
    for b in bbs:
        if b.get('start_pc')<=pc<=b.get('end_pc'):
            bb=b
            break
    print('pc',pc,'bb',bb.get('start_pc'),bb.get('end_pc'))
    print(bb.get('opcodes'))
    print('---')
PY" in /tmp/codex-p8jeuz72 succeeded in 41ms:
pc 4453 bb 4417 4461
['OP_81', 'MLOAD', 'PUSH4', 'PUSH1', 'SHL', 'OP_81', 'MSTORE', 'ADDRESS', 'PUSH1', 'OP_82', 'ADD', 'MSTORE', 'PUSH1', 'OP_81', 'ADD', 'OP_84', 'OP_90', 'MSTORE', 'PUSH1', 'OP_9B', 'OP_8C', 'OP_82', 'PUSH1', 'OP_81', 'OP_83', 'OP_8F', 'GAS', 'CALL', 'OP_91', 'OP_82', 'ISZERO', 'PUSH3', 'JUMPI']
---
pc 6904 bb 6853 6912
['JUMPDEST', 'PUSH1', 'MLOAD', 'PUSH4', 'PUSH1', 'SHL', 'OP_81', 'MSTORE', 'PUSH1', 'PUSH1', 'PUSH1', 'SHL', 'SUB', 'OP_84', 'AND', 'PUSH1', 'OP_82', 'ADD', 'MSTORE', 'PUSH1', 'OP_81', 'ADD', 'OP_82', 'OP_90', 'MSTORE', 'OP_93', 'PUSH1', 'OP_90', 'OP_85', 'OP_90', 'PUSH1', 'OP_90', 'OP_82', 'OP_90', 'PUSH1', 'OP_90', 'GAS', 'CALL', 'OP_90', 'OP_81', 'ISZERO', 'PUSH3', 'JUMPI']
---
pc 11718 bb 11699 11727
['PUSH1', 'OP_91', 'OP_82', 'OP_91', 'OP_82', 'OP_91', 'OP_82', 'OP_91', 'PUSH1', 'PUSH1', 'PUSH1', 'SHL', 'SUB', 'AND', 'GAS', 'CALL', 'PUSH3', 'PUSH3', 'JUMP']
---
pc 11868 bb 11864 11876
['JUMPDEST', 'SUB', 'OP_92', 'GAS', 'CALL', 'OP_90', 'OP_81', 'ISZERO', 'PUSH3', 'JUMPI']
---
pc 12355 bb 12307 12363
['OP_88', 'MLOAD', 'PUSH4', 'PUSH1', 'SHL', 'OP_81', 'MSTORE', 'PUSH1', 'PUSH1', 'PUSH1', 'SHL', 'SUB', 'OP_82', 'AND', 'PUSH1', 'OP_82', 'ADD', 'MSTORE', 'PUSH1', 'OP_81', 'ADD', 'OP_83', 'OP_90', 'MSTORE', 'OP_95', 'PUSH1', 'OP_90', 'OP_87', 'OP_90', 'PUSH1', 'OP_90', 'OP_82', 'OP_90', 'OP_84', 'OP_90', 'GAS', 'CALL', 'OP_98', 'OP_89', 'ISZERO', 'PUSH3', 'JUMPI']
---
pc 13930 bb 13903 13939
['JUMPDEST', 'PUSH1', 'OP_80', 'PUSH3', 'OP_92', 'PUSH1', 'OP_80', 'PUSH1', 'SHL', 'SUB', 'AND', 'OP_93', 'PUSH1', 'OP_81', 'MLOAD', 'OP_91', 'ADD', 'OP_82', 'OP_86', 'GAS', 'CALL', 'PUSH3', 'PUSH3', 'JUMP']
---

thinking
**Analyzing callsite context and checks**
exec
/bin/bash -lc 'rg -n "callsites|callgraph|call_graph|callsite" BYTECODE_BUNDLE.json | head -n 20' in /tmp/codex-p8jeuz72 succeeded in 10ms:
17854:      "callsites": [
48794:          "type": "callsite"
48800:          "type": "callsite"
48806:          "type": "callsite"
48812:          "type": "callsite"
48818:          "type": "callsite"
48824:          "type": "callsite"
48830:          "type": "callsite"
48836:          "type": "callsite"
48842:          "type": "callsite"
48848:          "type": "callsite"
48854:          "type": "callsite"
48860:          "type": "callsite"
48866:          "type": "callsite"
exec
/bin/bash -lc "sed -n '17840,17940p' BYTECODE_BUNDLE.json" in /tmp/codex-p8jeuz72 succeeded in 11ms:
            "OP_C5",
            "PUSH31",
            "PUSH10",
            "EXTCODEHASH",
            "PUSH9",
            "OP_D5",
            "CREATE2",
            "OP_AE",
            "PUSH17",
            "PUSH13"
          ],
          "start_pc": 17838
        }
      ],
      "callsites": [
        {
          "opcode": "STATICCALL",
          "pc": 634,
          "returndata_checked": null,
          "target_expression_category": "computed",
exec
/bin/bash -lc "sed -n '17940,18040p' BYTECODE_BUNDLE.json" in /tmp/codex-p8jeuz72 succeeded in 8ms:
          "opcode": "CALL",
          "pc": 13930,
          "returndata_checked": null,
          "target_expression_category": "computed",
          "value_expression_category": "computed"
        }
      ],
      "cfg_edges": [
        {
          "from": "bb:0",
          "to": "bb:19",
          "type": "control_flow"
        },
        {
          "from": "bb:0",
          "to": "bb:15",
          "type": "control_flow_fallthrough"
        },
        {
          "from": "bb:19",

thinking
**Analyzing external calls and reentrancy guards**
exec
/bin/bash -lc 'rg -n "storage" BYTECODE_BUNDLE.json | head -n 50' in /tmp/codex-p8jeuz72 succeeded in 8ms:
22935:          "storage": {
23259:          "storage": {
23583:          "storage": {
23907:          "storage": {
24231:          "storage": {
24555:          "storage": {
24879:          "storage": {
25203:          "storage": {
25527:          "storage": {
25851:          "storage": {
26175:          "storage": {
26499:          "storage": {
26823:          "storage": {
27147:          "storage": {
27471:          "storage": {
27795:          "storage": {
28119:          "storage": {
28443:          "storage": {
28767:          "storage": {
29091:          "storage": {

thinking
**Examining function storage snapshot**
exec
/bin/bash -lc "sed -n '22920,22980p' BYTECODE_BUNDLE.json" in /tmp/codex-p8jeuz72 succeeded in 14ms:
        }
      ],
      "functions": [
        {
          "auth": {
            "guards": []
          },
          "entry_pc": 139331341,
          "selector": "0x017e7e58",
          "sinks": {
            "call": 6,
            "delegatecall": 0,
            "selfdestruct": 1,
            "staticcall": 7
          },
          "storage": {
            "reads": 87,
            "slots": [
              {
                "op": "SLOAD",

thinking
**Investigating function sink data**
exec
/bin/bash -lc "python - <<'PY'
import json
with open('BYTECODE_BUNDLE.json') as f:
    data=json.load(f)
funcs=data['analysis_artifact']['artifact_json']['functions']
# print some function selectors with sinks
for f in funcs:
    sel=f.get('selector')
    sinks=f.get('sinks',{})
    if sinks.get('call') or sinks.get('selfdestruct') or sinks.get('delegatecall') or sinks.get('create'):
        print(sel, 'call', sinks.get('call'), 'static', sinks.get('staticcall'), 'selfdestruct', sinks.get('selfdestruct'))
PY" in /tmp/codex-p8jeuz72 succeeded in 86ms:
0x017e7e58 call 6 static 7 selfdestruct 1
0x084e070d call 6 static 7 selfdestruct 1
0x0ce49a23 call 6 static 7 selfdestruct 1
0x1075d47f call 6 static 7 selfdestruct 1
0x13adf854 call 6 static 7 selfdestruct 1
0x162c0700 call 6 static 7 selfdestruct 1
0x2a1c537c call 6 static 7 selfdestruct 1
0x3088a5f9 call 6 static 7 selfdestruct 1
0x370e8de7 call 6 static 7 selfdestruct 1
0x3a1a5b76 call 6 static 7 selfdestruct 1
0x485cc955 call 6 static 7 selfdestruct 1
0x500b19e7 call 6 static 7 selfdestruct 1
0x5c975abb call 6 static 7 selfdestruct 1
0x62ceb3a1 call 6 static 7 selfdestruct 1
0x633662ec call 6 static 7 selfdestruct 1
0x64fb065b call 6 static 7 selfdestruct 1
0x6b449506 call 6 static 7 selfdestruct 1
0x715018a6 call 6 static 7 selfdestruct 1
0x777609ff call 6 static 7 selfdestruct 1
0x7f34071d call 6 static 7 selfdestruct 1

thinking
**Analyzing storage slots for ownership and reentrancy**
exec
/bin/bash -lc "python - <<'PY'
import json
from collections import Counter
with open('BYTECODE_BUNDLE.json') as f:
    data=json.load(f)
slots=Counter()
for f in data['analysis_artifact']['artifact_json']['functions']:
    for s in f.get('storage',{}).get('slots',[]):
        slots[s['slot']] += 1
print('unique slots',len(slots))
for slot,count in slots.most_common(20):
    print(slot,count)
PY" in /tmp/codex-p8jeuz72 succeeded in 42ms:
unique slots 14
0x0000000000000000000000000000000000000000000000000000000000000000 615
0x0000000000000000000000000000000000000000000000000000000000000020 410
0x0000000000000000000000000000000000000000000000000000000000000002 369
0x000000000000000000000000000000000000000000000000000000000000000a 328
0x0000000000000000000000000000000000000000000000000000000000000005 246
0x000000000000000000000000000000000000000000000000000000000000000b 164
0x0000000000000000000000000000000000000000000000000000000000000003 82
0x00000000000000000000000000000000000000000000000000000000000012dc 41
0x000000000000000000000000000000000000000000000000000000000000264d 41
0x00000000000000000000000000000000000000000000000000000000000027f4 41
0x00000000000000000000000000000000000000000000000000000000000028da 41
0x00000000000000000000000000000000000000000000000000000000000030a0 41
0x0000000000000000000000000000000000000000000000000000000000003180 41
0x0000000000000000000000000000000000000000000000000000000000000004 41

thinking
**Analyzing storage slot usage and patterns**
exec
/bin/bash -lc "python - <<'PY'
import json
from collections import defaultdict
with open('BYTECODE_BUNDLE.json') as f:
    data=json.load(f)

# collect SSTORE slots with pcs
sstore=defaultdict(list)
for f in data['analysis_artifact']['artifact_json']['functions']:
    for s in f.get('storage',{}).get('slots',[]):
        if s['op']=='SSTORE':
            sstore[s['slot']].append(s['pc'])

for slot, pcs in sorted(sstore.items()):
    print(slot, sorted(set(pcs))[:10], 'count', len(pcs))
PY" in /tmp/codex-p8jeuz72 succeeded in 43ms:
0x0000000000000000000000000000000000000000000000000000000000000000 [1978, 3311, 3362, 3452, 3921, 4996, 9206, 12490] count 328
0x0000000000000000000000000000000000000000000000000000000000000020 [16542] count 41

thinking
**Analyzing storage writes and call contexts**

I’m noticing only SSTORE operations to two slots, which seems incomplete given expected storage like totalSupply. The provided `storage` data might be partial, so I’ll focus on direct disassembly from the raw runtime bytecode in the `full` field and inspect opcode sequences from `basic_blocks` to understand call contexts, especially calls with value transfers and potential reentrancy guards. I plan to script opcode windows around call sites for deeper analysis.
exec
/bin/bash -lc "python - <<'PY'
import json

with open('BYTECODE_BUNDLE.json') as f:
    data=json.load(f)

bbs=sorted(data['analysis_artifact']['artifact_json']['basic_blocks'], key=lambda b: b['start_pc'])

call_pcs=[4453,6904,11718,11868,12355,13930]

# map pc to index
for pc in call_pcs:
    idx=None
    for i,b in enumerate(bbs):
        if b['start_pc']<=pc<=b['end_pc']:
            idx=i
            break
    print('=== call pc',pc,'block',bbs[idx]['start_pc'],bbs[idx]['end_pc'])
    for j in range(max(0, idx-2), min(len(bbs), idx+3)):
        b=bbs[j]
        print('bb',b['start_pc'],b['end_pc'],b.get('opcodes'))
    print()
PY" in /tmp/codex-p8jeuz72 succeeded in 37ms:
=== call pc 4453 block 4417 4461
bb 4402 4406 ['PUSH3', 'JUMP']
bb 4407 4416 ['JUMPDEST', 'OP_91', 'OP_88', 'EXTCODESIZE', 'ISZERO', 'PUSH3', 'JUMPI']
bb 4417 4461 ['OP_81', 'MLOAD', 'PUSH4', 'PUSH1', 'SHL', 'OP_81', 'MSTORE', 'ADDRESS', 'PUSH1', 'OP_82', 'ADD', 'MSTORE', 'PUSH1', 'OP_81', 'ADD', 'OP_84', 'OP_90', 'MSTORE', 'PUSH1', 'OP_9B', 'OP_8C', 'OP_82', 'PUSH1', 'OP_81', 'OP_83', 'OP_8F', 'GAS', 'CALL', 'OP_91', 'OP_82', 'ISZERO', 'PUSH3', 'JUMPI']
bb 4462 4469 ['PUSH1', 'OP_92', 'PUSH3', 'JUMPI']
bb 4470 4499 ['JUMPDEST', 'POP', 'OP_83', 'MLOAD', 'PUSH4', 'PUSH1', 'SHL', 'OP_81', 'MSTORE', 'OP_91', 'OP_8D', 'OP_90', 'OP_83', 'OP_90', 'OP_81', 'OP_8E', 'GAS', 'STATICCALL', 'OP_80', 'ISZERO', 'PUSH3', 'JUMPI']

=== call pc 6904 block 6853 6912
bb 6814 6836 ['JUMPDEST', 'PUSH1', 'PUSH1', 'PUSH1', 'SHL', 'SUB', 'PUSH3', 'OP_83', 'OP_82', 'AND', 'ISZERO', 'ISZERO', 'PUSH3', 'JUMP']
bb 6837 6852 ['JUMPDEST', 'OP_81', 'AND', 'OP_92', 'PUSH3', 'OP_84', 'ISZERO', 'ISZERO', 'PUSH3', 'JUMP']
bb 6853 6912 ['JUMPDEST', 'PUSH1', 'MLOAD', 'PUSH4', 'PUSH1', 'SHL', 'OP_81', 'MSTORE', 'PUSH1', 'PUSH1', 'PUSH1', 'SHL', 'SUB', 'OP_84', 'AND', 'PUSH1', 'OP_82', 'ADD', 'MSTORE', 'PUSH1', 'OP_81', 'ADD', 'OP_82', 'OP_90', 'MSTORE', 'OP_93', 'PUSH1', 'OP_90', 'OP_85', 'OP_90', 'PUSH1', 'OP_90', 'OP_82', 'OP_90', 'PUSH1', 'OP_90', 'GAS', 'CALL', 'OP_90', 'OP_81', 'ISZERO', 'PUSH3', 'JUMPI']
bb 6913 6956 ['PUSH32', 'OP_94', 'PUSH3', 'OP_92', 'PUSH3', 'JUMPI']
bb 6957 6999 ['JUMPDEST', 'POP', 'PUSH1', 'OP_80', 'MLOAD', 'PUSH1', 'PUSH1', 'PUSH1', 'SHL', 'SUB', 'OP_94', 'OP_85', 'AND', 'OP_81', 'MSTORE', 'OP_94', 'OP_90', 'OP_93', 'AND', 'PUSH1', 'OP_85', 'ADD', 'MSTORE', 'OP_91', 'OP_83', 'ADD', 'OP_91', 'OP_90', 'OP_91', 'MSTORE', 'OP_81', 'OP_90', 'PUSH1', 'OP_82', 'ADD', 'OP_90', 'JUMP']

=== call pc 11718 block 11699 11727
bb 11685 11689 ['JUMPDEST', 'PUSH1', 'OP_90', 'JUMP']
bb 11690 11698 ['JUMPDEST', 'OP_81', 'SELFBALANCE', 'LT', 'PUSH3', 'JUMPI']
bb 11699 11727 ['PUSH1', 'OP_91', 'OP_82', 'OP_91', 'OP_82', 'OP_91', 'OP_82', 'OP_91', 'PUSH1', 'PUSH1', 'PUSH1', 'SHL', 'SUB', 'AND', 'GAS', 'CALL', 'PUSH3', 'PUSH3', 'JUMP']
bb 11728 11735 ['JUMPDEST', 'POP', 'ISZERO', 'PUSH3', 'JUMPI']
bb 11736 11736 ['JUMP']

thinking
**Analyzing bytecode for state updates**
exec
/bin/bash -lc "python - <<'PY'
import json
with open('BYTECODE_BUNDLE.json') as f:
    data=json.load(f)
full = data['analysis_artifact']['artifact_json'].get('full')
print('full len', len(full) if full else None)
print(full[:40])
PY" in /tmp/codex-p8jeuz72 exited 1 in 45ms:
full len None
Traceback (most recent call last):
  File "<stdin>", line 6, in <module>
TypeError: 'NoneType' object is not subscriptable

thinking
**Searching for "full" field occurrences**
exec
/bin/bash -lc "rg -n '\"full\"' BYTECODE_BUNDLE.json | head -n 20" in /tmp/codex-p8jeuz72 succeeded in 8ms:
36637:      "full": "0x608060405260043610156200001357600080fd5b60003560e01c8062e1d8d01462000232578063017e7e58146200022c578063084e070d14620002265780630ce49a2314620002205780631075d47f146200021a57806313adf8541462000214578063162c0700146200020e5780632a1c537c14620002085780633088a5f91462000202578063370e8de714620001fc5780633a1a5b7614620001f6578063485cc95514620001f0578063500b19e714620001ea5780635c975abb14620001e457806362ceb3a114620001de578063633662ec14620001d857806364fb065b14620001d25780636b44950614620001cc578063715018a614620001c6578063777609ff14620001c05780637f34071d14620001ba5780638ccc73b714620001b45780638da5cb5b14620001ae578063a23e3e8914620001a8578063ba46ae7214620001a2578063cea9d26f146200019c578063eb1e62371462000196578063f2fde38b1462000190578063f9eaee0d146200018a5763ff74927b146200018457600080fd5b62001e8c565b62001da1565b62001d6c565b62001ba9565b62001a61565b620019d7565b620016d0565b62001697565b6200162f565b62001493565b62000f86565b62000f13565b62000e9f565b62000e59565b62000e23565b62000e02565b62000ddd565b62000db2565b62000c73565b62000b3c565b62000a81565b62000a56565b62000a00565b620009ca565b62000958565b62000461565b6200037e565b6200032e565b620002f1565b34620002e0576040366003190112620002e057600054604051620e1d8d60e41b81526004803590820152602480359082015290602090829060449082906001600160a01b03165afa8015620002da57620002a091600091620002a4575b506040519081529081906020820190565b0390f35b620002cb915060203d602011620002d2575b620002c2818362001932565b81019062001f03565b386200028f565b503d620002b6565b62001f13565b600080fd5b6000910312620002e057565b34620002e0576000366003190112620002e057600a546040516001600160a01b039091168152602090f35b6001600160a01b03811603620002e057565b34620002e0576040366003190112620002e057602060243562000351816200031c565b60043560009081526005835260408082206001600160a01b03938416835260205290205416604051908152f35b34620002e0576020366003190112620002e0576004356200039f816200031c565b60018060a01b031660005260096020526040806000205460ff825191818116835260081c166020820152f35b9181601f84011215620002e0578235916001600160401b038311620002e05760208381860195010111620002e057565b90610100600319830112620002e05760043562000418816200031c565b91602435916044356200042b816200031c565b91606435916084359160a4359160c4359160e435906001600160401b038211620002e0576200045d91600401620003cb565b9091565b6200046c36620003fb565b6200047e989492989691959662002bc2565b60025460ff1615620004909062001f1f565b6001600160a01b03851660009081526003602052604090205460ff16620004b79062001f62565b6001600160a01b038281169990969083908a90620004d78d151562001faf565b620004e48b151562001ffc565b620004f5634000002083146200205c565b804211156200050490620020a9565b604080516001600160a01b038b8116602083019081529282018b9052606082019490945293909216608084015260a0808401919091528252906200054a60c08262001932565b5190206040518060208101926200058b9084603c917f19457468657265756d205369676e6564204d6573736167653a0a3332000000008252601c8201520190565b03601f19810182526200059f908262001932565b519020913690620005b09262001e32565b620005bb9162002c07565b600b54620005d79187166001600160a01b0390911614620020f6565b620005e483871162002143565b83851662000812579062000780839262000641620007a095896200062b7f9c423378cf27f0c8a3c114818ed506e08512bb659ae451a814734afb59c88afa9b3414620021cf565b81151580620007f2575b620007c7575b620021bb565b92620006d287620006cb620006c4620006bd620006b76200068b620006ad620006916200068b620006848960018060a01b03166000526009602052604060002090565b5460ff1690565b60ff1690565b6001600160a01b03909716600090815260096020526040902090565b5460081c60ff1690565b6200221b565b886200222a565b916200221b565b906200223e565b620006f8620006eb8c6000526001602052604060002090565b546001600160a01b031690565b888a821615620007be575b6200076a6200077992936200072a8360018060a01b03166000526007602052604060002090565b6001600160a01b038416600090815260076020526040902060018101919062000759906002905b015460ff1690565b92604051998a9660208801620022dc565b03601f19810185528462001932565b8a62002e03565b506040519485941696846040919493926060820195825260208201520152565b0390a3620007bc60016000805160206200458e83398151915255565b005b30915062000703565b600a546200063b908390620007ec906001600160a01b03165b6001600160a01b031690565b62002daa565b50600a546200080a906001600160a01b0316620007e0565b151562000635565b6040516370a0823160e01b808252306004830152909691939291602088602481898b165afa978815620002da576000986200092d575b506200085990303389891662002ce4565b604051908152306004820152602081602481888a165afa938415620002da576200064184620008bd7f9c423378cf27f0c8a3c114818ed506e08512bb659ae451a814734afb59c88afa9a620007a098620007809660009162000909575b50620021bb565b81151580620008e9575b15620021bb57600a546200063b9083906001600160a01b03168c8c1662002d39565b50600a5462000901906001600160a01b0316620007e0565b1515620008c7565b62000926915060203d602011620002d257620002c2818362001932565b38620008b6565b62000859919850620009509060203d602011620002d257620002c2818362001932565b979062000848565b34620002e0576020366003190112620002e05760043562000979816200031c565b6200098362002e8d565b600080546001600160a01b0319166001600160a01b03929092169182178155907fd064f30256bdcc26eea3e43e8841e129f5103b2f452b51f82ca744d8491ed2f88280a280f35b34620002e0576020366003190112620002e0576004356000526001602052602060018060a01b0360406000205416604051908152f35b34620002e0576040366003190112620002e057602062000a4d60243562000a27816200031c565b6004356000526008835260406000209060018060a01b0316600052602052604060002090565b54604051908152f35b34620002e0576000366003190112620002e0576000546040516001600160a01b039091168152602090f35b34620002e0576020366003190112620002e05760043562000aa2816200031c565b62000aac62002e8d565b6001600160a01b0316801562000af757600080546001600160a01b0319168217815590807f20b3e30ad6ccfd06f6c1189187387369397da6974bd36cf6fee3b44c1c08d45b8380a380f35b60405162461bcd60e51b815260206004820152601760248201527f576d624170703a20696e76616c696420676174657761790000000000000000006044820152606490fd5b34620002e0576080366003190112620002e0576004356001600160401b038111620002e05762000b71903690600401620003cb565b906044356064359162000b84836200031c565b6000546001600160a01b0394908516330362000be95762000bd4620007bc9562000bbc620006eb866000526001602052604060002090565b818716918291161490811562000bde575b5062002349565b6024359162002ec8565b905030143862000bcd565b60405162461bcd60e51b815260206004820152602f60248201527f576d624170703a204f6e6c7920574d4220676174657761792063616e2063616c60448201526e36103a3434b990333ab731ba34b7b760891b6064820152608490fd5b6040906003190112620002e05760043562000c61816200031c565b9060243562000c70816200031c565b90565b34620002e05762000c843662000c46565b90600080516020620045ae83398151915254916001600160401b0360ff8460401c161593168015908162000da9575b600114908162000d9e575b15908162000d94575b5062000d8257600080516020620045ae833981519152805467ffffffffffffffff1916600117905562000d00918362000d565762002396565b62000d0757005b600080516020620045ae833981519152805460ff60401b19169055604051600181527fc7f505b2f371ae2175ee4913f4499e1f2633a7b5936321eed1cdaeb6115181d29080602081015b0390a1005b600080516020620045ae833981519152805460ff60401b19166801000000000000000017905562002396565b60405163f92ee8a960e01b8152600490fd5b9050153862000cc7565b303b15915062000cbe565b84915062000cb3565b34620002e0576000366003190112620002e057600b546040516001600160a01b039091168152602090f35b34620002e0576000366003190112620002e057602060ff600254166040519015158152f35b34620002e0576000366003190112620002e057602060405163400000208152f35b34620002e0576020366003190112620002e0576004356000526006602052602060018060a01b0360406000205416604051908152f35b34620002e0576020366003190112620002e05760043562000e7a816200031c565b60018060a01b03166000526004602052602060ff604060002054166040519015158152f35b34620002e05762000eb03662000c46565b9062000ebb62002e8d565b60018060a01b03809116906bffffffffffffffffffffffff60a01b928284600a541617600a55168092600b541617600b557f0ece17eb3c7956200bc16430b1b4e21294c171c44e83c74aff3d681f39e9381a600080a3005b34620002e05760008060031936011262000f835762000f3162002e8d565b6000805160206200456e83398151915280546001600160a01b0319811690915581906001600160a01b03167f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e08280a380f35b80fd5b34620002e05762001085620010186200108c62000fa336620003fb565b909a869893949b62000fba9b969a93989b62002bc2565b62000fcb60ff600254161562001f1f565b62000fd989421115620020a9565b8b6040998a5198899160209d8e8401948b8b879195949360809360a084019760018060a01b038094168552602085015260408401521660608201520152565b03976200102e601f19998a810183528262001932565b51902089517f19457468657265756d205369676e6564204d6573736167653a0a333200000000818d01908152601c8101929092526200107981603c84015b038a810183528262001932565b51902092369162001e32565b9062002c07565b600b54909590620010bd90620010ab906001600160a01b0316620007e0565b6001600160a01b0397881614620020f6565b6001600160a01b0382166000908152600460205260409020620010eb90620010e59062000684565b620023f8565b620010f883891162002143565b6200110a63400000208a14156200205c565b6200113783878416996200112281308d339062002ce4565b8115158062001449575b6200142f57620021bb565b91883b15620002e0578151632770a7eb60e21b81523060048201526024810184905260009b8c82604481838f5af1918215620002da5760049262001411575b5083516306fdde0360e01b8152918d908390818e5afa8015620002da576004928e8092620013f2575b86516395d89b4160e01b8152949091508490818f5afa908115620002da576004938f8093620013c8575b50508b8d87519586809263313ce56760e01b82525afa988915620002da578f9c8f9a8d937f1e374c0c31cae653a45e8fcb86aa5a976ad44ce6b88abdce4efd068b5817860b9f6200134e998f999e6200136a9f8e939562001392575b5062001298836200128f62001244846000526008602052604060002090565b62001279620006eb8762001262886000526005602052604060002090565b9060018060a01b0316600052602052604060002090565b60018060a01b0316600052602052604060002090565b541015620024c5565b620012cf620012b1826000526008602052604060002090565b62001279620006eb8562001262866000526005602052604060002090565b620012dc848254620021bb565b9055620012f7620006eb826000526001602052604060002090565b9788161562001389575b916200132c620006eb6200133a96959362001262620013479b9c966000526005602052604060002090565b9a8d519b8c97880162002512565b0390810185528462001932565b8c62002e03565b5051978852602088015260408701529116939081906060820190565b0390a36200138660016000805160206200458e83398151915255565b80f35b30975062001301565b620013b8919550863d8811620013c0575b620013af818362001932565b810190620024ad565b933862001225565b503d620013a3565b620013e99293503d8091833e620013e0818362001932565b81019062002445565b90388f620011c9565b6200140992503d8091833e620013e0818362001932565b388e6200119f565b80620014216200142892620018fc565b80620002e5565b3862001176565b600a546200063b9083906001600160a01b03168d62002d39565b50600a5489166001600160a01b031615156200112c565b9181601f84011215620002e0578235916001600160401b038311620002e0576020808501948460051b010111620002e057565b34620002e0576060366003190112620002e0576001600160401b03600435818111620002e057620014c990369060040162001460565b602492919235828111620002e057620014e790369060040162001460565b939092604435908111620002e0576200150590369060040162001460565b9290946200151262002e8d565b808214806200161a575b15620015dd5760005b8281106200152f57005b806200154962001543600193888b62002597565b620025ae565b15620015b257620015ab6200156a6200156483868b62002597565b620025ba565b6200158c6200157b84888a62002597565b356000526001602052604060002090565b80546001600160a01b0319166001600160a01b03909216919091179055565b0162001525565b620015d7620015c76200157b83878962002597565b80546001600160a01b0319169055565b620015ab565b60405162461bcd60e51b815260206004820152601560248201527415db58905c1c0e881a5b9d985b1a59081a5b9c1d5d605a1b6044820152606490fd5b508381146200151c565b80151503620002e057565b34620002e0576020366003190112620002e0577ffb9c4e6a4456a56cbc992fcdf3fec2dabe1329db41981bc0b6d9ed43bb8fdb3a6020600435620016738162001624565b6200167d62002e8d565b151560ff196002541660ff821617600255604051908152a1005b34620002e0576000366003190112620002e0576000805160206200456e833981519152546040516001600160a01b039091168152602090f35b34620002e0576060366003190112620002e057620007bc620017f8600435620016f9816200031c565b6024356200170662002e8d565b6200178662001723620006eb836000526001602052604060002090565b6001600160a01b03928184161562001802575b6001600160a01b03851660009081526007602052604090206001810192906200177c906200076a6200176a60028362000751565b604051968793308c60208701620025c6565b6044359162002e03565b5081167f4eb129c82dcd3eedb52df2b0e6fb4cfa41ac64ee9d63ff081acbb1877e85d79b600080a26001600160a01b0381166000908152600760205260409020620017d19062002690565b6001600160a01b031660009081526009602090815260408083208390556003909152902090565b805460ff19169055565b30915062001736565b90600182811c921680156200183d575b60208310146200182757565b634e487b7160e01b600052602260045260246000fd5b91607f16916200181b565b80546000939262001859826200180b565b91828252602093600191600181169081600014620018c6575060011462001882575b5050505050565b90939495506000929192528360002092846000945b838610620018b1575050505001019038808080806200187b565b80548587018301529401938590820162001897565b60ff19168685015250505090151560051b0101915038808080806200187b565b634e487b7160e01b600052604160045260246000fd5b6001600160401b0381116200191057604052565b620018e6565b604081019081106001600160401b038211176200191057604052565b90601f801991011681019081106001600160401b038211176200191057604052565b60005b838110620019685750506000910152565b818101518382015260200162001957565b90602091620019948151809281855285808601910162001954565b601f01601f1916010190565b91620019d060ff91620019c160409497969760608752606087019062001979565b90858203602087015262001979565b9416910152565b34620002e0576020366003190112620002e057600435620019f8816200031c565b60018060a01b03166000526007602052604060002060405162001a298162001a21818562001848565b038262001932565b620002a060ff60026040519462001a518662001a49816001850162001848565b038762001932565b01541660405193849384620019a0565b34620002e0576060366003190112620002e05760043562001a82816200031c565b60243562001a90816200031c565b6044359162001a9e62002e8d565b6001600160a01b0362001ab58382161515620026b2565b81169262001ac58415156200270d565b60405163a9059cbb60e01b81526001600160a01b03841660048201526024810182905293602090859060449082906000905af1908115620002da577f77023e19c7343ad491fd706c36335ca0e738340a91f29b1fd81e2673d44896c49462000d519262001b58575b50604080516001600160a01b0394851681529490931660208501529183019190915281906060820190565b62001b7e9060203d60201162001b86575b62001b75818362001932565b8101906200276d565b503862001b2d565b503d62001b69565b60ff811603620002e057565b359062001ba78262001b8e565b565b34620002e05760a0366003190112620002e05760043562001bca816200031c565b6024356001600160401b038111620002e05762001c0d7f91b749c3abeebc44a2d17b5872302f6e35b9d93f738119c3e772ba82aca85d72913690600401620003cb565b9262001d6760443562001c208162001b8e565b60643562001c2e8162001b8e565b6084359162001c3d8362001624565b62001c4762002e8d565b6001600160a01b0385166000818152600360205260409020805460ff191660ff861515161790559762001d5a62001cae62001c8436848b62001e32565b6040519062001c938262001916565b6008825267205b534849444f5d60c01b602083015262002b0c565b9662001cf962001cbd62001de7565b89815262001ccd36868d62001e32565b602082015260ff871660408201526001600160a01b0383166000908152600760205260409020620028b2565b62001d3162001d0762001e07565b60ff861681529160ff871660208401526001600160a01b0316600090815260096020526040902090565b8151815460209093015161ffff1990931660ff9091161760089290921b61ff0016919091179055565b60405196879687620029d7565b0390a2005b34620002e0576020366003190112620002e057620007bc60043562001d91816200031c565b62001d9b62002e8d565b62002a2e565b34620002e0576020366003190112620002e05760043562001dc2816200031c565b60018060a01b03166000526003602052602060ff604060002054166040519015158152f35b60405190606082018281106001600160401b038211176200191057604052565b6040519062001ba78262001916565b6001600160401b0381116200191057601f01601f191660200190565b92919262001e408262001e16565b9162001e50604051938462001932565b829481845281830111620002e0578281602093846000960137010152565b9080601f83011215620002e05781602062000c709335910162001e32565b34620002e0576040366003190112620002e0576001600160401b03600435818111620002e05762001ec290369060040162001e6e565b90602435908111620002e057620002a09162001ee762001eee92369060040162001e6e565b9062002b0c565b60405191829160208352602083019062001979565b90816020910312620002e0575190565b6040513d6000823e3d90fd5b1562001f2757565b60405162461bcd60e51b815260206004820152601360248201527214da1a591bd09c9a5919d94e881c185d5cd959606a1b6044820152606490fd5b1562001f6a57565b60405162461bcd60e51b815260206004820152601e60248201527f536869646f4272696467653a20746f6b656e206e6f7420616c6c6f77656400006044820152606490fd5b1562001fb757565b60405162461bcd60e51b815260206004820152601e60248201527f536869646f4272696467653a20696e76616c696420726563697069656e7400006044820152606490fd5b156200200457565b60405162461bcd60e51b815260206004820152602a60248201527f536869646f4272696467653a20616d6f756e74206d75737420626520677265616044820152690746572207468616e20360b41b6064820152608490fd5b156200206457565b60405162461bcd60e51b815260206004820152601e60248201527f536869646f4272696467653a20696e76616c696420746f436861696e496400006044820152606490fd5b15620020b157565b60405162461bcd60e51b815260206004820152601e60248201527f536869646f4272696467653a207369676e6174757265206578706972656400006044820152606490fd5b15620020fe57565b60405162461bcd60e51b815260206004820152601e60248201527f536869646f4272696467653a20696e76616c6964207369676e617475726500006044820152606490fd5b156200214b57565b60405162461bcd60e51b815260206004820152602c60248201527f536869646f4272696467653a20616d6f756e74206d757374206265206772656160448201526b746572207468616e2066656560a01b6064820152608490fd5b634e487b7160e01b600052601160045260246000fd5b91908203918211620021c957565b620021a5565b15620021d757565b606460405162461bcd60e51b815260206004820152602060248201527f536869646f4272696467653a20696e73756666696369656e7420616d6f756e746044820152fd5b604d8111620021c957600a0a90565b81810292918115918404141715620021c957565b811562002249570490565b634e487b7160e01b600052601260045260246000fd5b80546000939262002270826200180b565b91828252602093600191600181169081600014620018c6575060011462002298575050505050565b90939495506000929192528360002092846000945b838610620022c7575050505001019038808080806200187b565b805485870183015294019385908201620022ad565b949060c094620019d09360ff956200233a939a999a60e08a52600760e08b01526663726f7373546f60c81b6101008b01526101209260018060a01b0380921660208c01521660408a015260608901528060808901528701906200225f565b9085820360a08701526200225f565b156200235157565b60405162461bcd60e51b815260206004820152601d60248201527f576d624170703a2052656d6f7465206973206e6f7420747275737465640000006044820152606490fd5b620023cf9160018060a01b03166bffffffffffffffffffffffff60a01b6000541617600055620023c5620036ca565b62001d9b620036ca565b620023d9620036ca565b620023e3620036ca565b60016000805160206200458e83398151915255565b156200240057565b60405162461bcd60e51b815260206004820152601e60248201527f536869646f4272696467653a20746f6b656e206e6f74207772617070656400006044820152606490fd5b602081830312620002e0578051906001600160401b038211620002e0570181601f82011215620002e05780516200247c8162001e16565b926200248c604051948562001932565b81845260208284010111620002e05762000c70916020808501910162001954565b90816020910312620002e0575162000c708162001b8e565b15620024cd57565b60405162461bcd60e51b815260206004820152601f60248201527f536869646f4272696467653a20696e73756666696369656e742071756f7461006044820152606490fd5b949060c094620019d09360ff9562002572939a999a60e08a52600960e08b01526863726f73734261636b60b81b6101008b01526101209260018060a01b0380921660208c01521660408a0152606089015280608089015287019062001979565b9085820360a087015262001979565b634e487b7160e01b600052603260045260246000fd5b9190811015620025a85760051b0190565b62002581565b3562000c708162001624565b3562000c70816200031c565b936200233a60c09460ff94620019d09499989960e08952600b60e08a01526a3932b6b7bb32aa37b5b2b760a91b6101008a01526101209160018060a01b0380921660208b0152166040890152600060608901528060808901528701906200225f565b81811062002634575050565b6000815560010162002628565b6200264d81546200180b565b908162002658575050565b81601f600093116001146200266b575055565b9080839182526200268c601f60208420940160051c84016001850162002628565b5555565b6002600091620026a08162002641565b620026ae6001820162002641565b0155565b15620026ba57565b60405162461bcd60e51b815260206004820152602560248201527f576d624170703a2043616e6e6f742072657363756520746f207a65726f206164604482015264647265737360d81b6064820152608490fd5b156200271557565b60405162461bcd60e51b815260206004820152602a60248201527f576d624170703a20557365207265736375654e617469766520666f72206e617460448201526969766520746f6b656e7360b01b6064820152608490fd5b90816020910312620002e0575162000c708162001624565b9190601f81116200279557505050565b62001ba7926000526020600020906020601f840160051c83019310620027c4575b601f0160051c019062002628565b9091508190620027b6565b91909182516001600160401b0381116200191057620027fb81620027f484546200180b565b8462002785565b602080601f831160011462002842575081906200283293949560009262002836575b50508160011b916000199060031b1c19161790565b9055565b0151905038806200281d565b90601f198316956200285985600052602060002090565b926000905b88821062002899575050836001959697106200287f575b505050811b019055565b015160001960f88460031b161c1916905538808062002875565b806001859682949686015181550195019301906200285e565b91909182519283516001600160401b0381116200191057620028e181620028da85546200180b565b8562002785565b602080601f83116001146200295357506002926200292483620029429460409462001ba7999a600092620028365750508160011b916000199060031b1c19161790565b85555b6200293a602082015160018701620027cf565b015160ff1690565b91019060ff1660ff19825416179055565b90601f198316966200296a86600052602060002090565b926000905b898210620029be5750508360409360029693600193620029429762001ba79b9c10620029a4575b505050811b01855562002927565b015160001960f88460031b161c1916905538808062002996565b806001859682949686015181550195019301906200296f565b9490602060ff93856080979a9996620029fa879560a08c5260a08c019062001979565b928a8403858c0152818452848401376000838284010152601f80199101160101971660408601521660608401521515910152565b6001600160a01b0390811690811562002a8b576000805160206200456e83398151915280546001600160a01b031981168417909155167f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e0600080a3565b604051631e4fbdf760e01b815260006004820152602490fd5b91908201809211620021c957565b9062002abe8262001e16565b62002acd604051918262001932565b828152809262002ae0601f199162001e16565b0190602036910137565b908151811015620025a8570160200190565b6000198114620021c95760010190565b805182518101809111620021c95762002b259062002ab2565b90600093845b825186101562002b795762002b7060019162002b5a62002b4c898762002aea565b516001600160f81b03191690565b60001a62002b69828862002aea565b5362002afc565b95019462002b2b565b94509290506000935b815185101562002bbb5762002bb260019162002ba362002b4c888662002aea565b60001a62002b69828762002aea565b94019362002b82565b5090925050565b6000805160206200458e833981519152600281541462002be25760029055565b604051633ee5aeb560e01b8152600490fd5b60ff601b9116019060ff8211620021c957565b604182510362002c91576020916000918291848101519260606040830151920151901a92601b841062002c76575b9062002c6191604051948594859094939260ff6060936080840197845216602083015260408201520152565b838052039060015afa15620002da5760005190565b929062002c8762002c619262002bf4565b9390915062002c35565b60405162461bcd60e51b815260206004820152602560248201527f536869646f4272696467653a20696e76616c6964207369676e6174757265206c6044820152640cadccee8d60db1b6064820152608490fd5b6040516323b872dd60e01b60208201526001600160a01b039283166024820152929091166044830152606482019290925262001ba79162002d3382608481015b03601f19810184528362001932565b6200364f565b60405163a9059cbb60e01b60208201526001600160a01b039092166024830152604482019290925262001ba79162002d33826064810162002d24565b3d1562002da5573d9062002d898262001e16565b9162002d99604051938462001932565b82523d6000602084013e565b606090565b81471062002deb576000918291829182916001600160a01b03165af162002dd062002d75565b501562002dd957565b604051630a12f52160e11b8152600490fd5b60405163cd78605960e01b8152306004820152602490fd5b6000805460405163993a34ed60e01b815260048101939093526001600160a01b0393841660248401526044830194909452608060648301529093602093859316918391829062002e5890608483019062001979565b03925af1908115620002da5760009162002e70575090565b62000c70915060203d602011620002d257620002c2818362001932565b6000805160206200456e833981519152546001600160a01b0316330362002eb057565b60405163118cdaa760e01b8152336004820152602490fd5b62002ef5919492939462002edb62002bc2565b62002eec60ff600254161562001f1f565b8101906200347a565b604080516001600160a01b039788169991989196881695929492916020908b8e8385018562002f25828662003515565b039562002f3b601f199788810183528262001932565b5190208d516663726f7373546f60c81b8682019081529062002f6981600784015b0389810183528262001932565b519020036200318b5750505062002fb262002fbf8a938c9362002fa38a62002f9062001de7565b968a88528b8489015287019060ff169052565b8d51938491820195866200352e565b0390810183528262001932565b5190208a8d62002fdd620006eb846000526006602052604060002090565b9284841615620030e3575b50906200158c836200126262003008946000526005602052604060002090565b1694853b15620002e05788516340c10f1960e01b81526001600160a01b038216600482015260248101839052956000908790604490829084905af1988915620002da57620030938b620012628f620030b09a7f464a539db78987e852a99acbf1cae6bb6beabe3a24dadb926627bfd280dbcf849e620030cc575b506000526008602052604060002090565b620030a084825462002aa4565b90555b5197889716998762003603565b0390a462001ba760016000805160206200458e83398151915255565b8062001421620030dc92620018fc565b3862003082565b93505050508851610e1c8082018281106001600160401b03821117620019105787878762003119938695620037528739620019a0565b03906000f0908115620002da57620030088b6200158c8f93620012626200158c95620031568f809916809881956000526006602052604060002090565b6001600160a01b03831660009081526004602052604090206200318090805460ff19166001179055565b939450505062002fe8565b620030b099948d94928a7f464a539db78987e852a99acbf1cae6bb6beabe3a24dadb926627bfd280dbcf849f808b95888e9351620031d28162002f5c8c8201809562003515565b51902082516863726f73734261636b60b81b8a820190815290620031fa81600984016200106c565b519020036200333657505062003293965062003289926200323962002fb2959362003253936200322962001de7565b9889528989015260ff168a880152565b6001600160a01b0316600090815260076020526040902090565b8751620032768162003269898201948562003573565b0384810183528262001932565b519020948751938491820195866200352e565b51902014620035b7565b6001600160a01b038b166000908152600360205260409020620032c190620032bb9062000684565b62001f62565b620033118b620006cb620006c46200330a620033036200068b620006ad620006916200068b620006848960018060a01b03166000526009602052604060002090565b936200221b565b876200222a565b8b620033295762003323908362002daa565b620030a3565b6200332390838d62002d39565b93959096929787516200335f8162003352878201809562003515565b0388810183528262001932565b51902087516a3932b6b7bb32aa37b5b2b760a91b858201908152906200338981600b840162002f5c565b51902014620033a1575b5050505050505050620030a3565b62002fb2620033ee62001262966200345b95620033df60009c6200346b9c620015c798620033ce62001de7565b9889528489015287019060ff169052565b8c51938491820195866200352e565b51902062003423620015c762003412620006eb846000526006602052604060002090565b926000526006602052604060002090565b6001600160a01b03811660009081526004602052604090206200344690620017f8565b62001262846000526005602052604060002090565b6000526008602052604060002090565b5585818c8f80388a8a62003393565b909160e082840312620002e0576001600160401b038235818111620002e05784620034a791850162001e6e565b936020840135620034b8816200031c565b936040810135620034c9816200031c565b936060820135936080830135818111620002e05784620034eb91850162001e6e565b9360a0840135918211620002e0576200350d60c09162000c7093860162001e6e565b930162001b9a565b906200352a6020928281519485920162001954565b0190565b60208152606060ff604062003569620035538651856020880152608087019062001979565b6020870151868203601f19018488015262001979565b9401511691015290565b6020815260606020820152606060ff6002620035ad62003597608086018762001848565b858103601f190160408701526001870162001848565b9401541691015290565b15620035bf57565b606460405162461bcd60e51b815260206004820152602060248201527f536869646f4272696467653a20746f6b656e206e616d65206d69736d617463686044820152fd5b949060a09460ff946200364092620019d0959a999a6001808a1b038092168a52166020890152604088015260c0606088015260c087019062001979565b90858203608087015262001979565b6000806200367c9260018060a01b03169360208151910182865af16200367462002d75565b9083620036fb565b8051908115159182620036ac575b5050620036945750565b60249060405190635274afe760e01b82526004820152fd5b620036c192506020809183010191016200276d565b1538806200368a565b60ff600080516020620045ae8339815191525460401c1615620036e957565b604051631afcd79f60e31b8152600490fd5b9062003712575080511562002dd957805190602001fd5b8151158062003747575b62003725575090565b604051639996b31560e01b81526001600160a01b039091166004820152602490fd5b50803b156200371c56fe608060405234620003a85762000e1c803803806200001d81620003ad565b9283398101606082820312620003a85781516001600160401b0390818111620003a857826200004e918501620003d3565b9060209283850151828111620003a8576040916200006e918701620003d3565b9401519360ff85168503620003a8578251828111620002a8576003918254916001958684811c941680156200039d575b8885101462000387578190601f9485811162000331575b508890858311600114620002ca57600092620002be575b505060001982861b1c191690861b1783555b8051938411620002a85760049586548681811c911680156200029d575b8282101462000288578381116200023d575b5080928511600114620001cf5750938394918492600095620001c3575b50501b92600019911b1c19161781555b3315620001ab575060055460405191336001600160a01b0383167f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e0600080a36001600160a81b03199091163360ff60a01b19161760a09190911b60ff60a01b16176005556109d69081620004468239f35b602490600060405191631e4fbdf760e01b8352820152fd5b0151935038806200012a565b92919084601f1981168860005285600020956000905b8983831062000222575050501062000207575b50505050811b0181556200013a565b01519060f884600019921b161c1916905538808080620001f8565b858701518955909701969485019488935090810190620001e5565b87600052816000208480880160051c8201928489106200027e575b0160051c019087905b828110620002715750506200010d565b6000815501879062000261565b9250819262000258565b602288634e487b7160e01b6000525260246000fd5b90607f1690620000fb565b634e487b7160e01b600052604160045260246000fd5b015190503880620000cc565b90889350601f19831691876000528a6000209260005b8c8282106200031a575050841162000301575b505050811b018355620000de565b015160001983881b60f8161c19169055388080620002f3565b8385015186558c97909501949384019301620002e0565b90915085600052886000208580850160051c8201928b86106200037d575b918a91869594930160051c01915b8281106200036d575050620000b5565b600081558594508a91016200035d565b925081926200034f565b634e487b7160e01b600052602260045260246000fd5b93607f16936200009e565b600080fd5b6040519190601f01601f191682016001600160401b03811183821017620002a857604052565b919080601f84011215620003a85782516001600160401b038111620002a85760209062000409601f8201601f19168301620003ad565b92818452828287010111620003a85760005b8181106200043157508260009394955001015290565b85810183015184820184015282016200041b56fe6080604081815260048036101561001557600080fd5b600092833560e01c90816306fdde031461072557508063095ea7b31461067c57806318160ddd1461065d57806323b872dd1461056a578063313ce5671461054557806332424aa31461054557806340c10f191461049657806370a082311461045f578063715018a6146103ff5780638da5cb5b146103d657806395d89b41146102b45780639dc29fac146101d8578063a9059cbb146101a7578063dd62ed3e1461015a5763f2fde38b146100c857600080fd5b34610156576020366003190112610156576100e1610865565b906100ea610974565b6001600160a01b03918216928315610140575050600554826bffffffffffffffffffffffff60a01b821617600555167f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e08380a380f35b51631e4fbdf760e01b8152908101849052602490fd5b8280fd5b5050346101a357806003193601126101a35780602092610178610865565b610180610880565b6001600160a01b0391821683526001865283832091168252845220549051908152f35b5080fd5b5050346101a357806003193601126101a3576020906101d16101c7610865565b6024359033610896565b5160018152f35b508290346101a357826003193601126101a3576101f3610865565b9060243590610200610974565b6001600160a01b03831692831561029d578385528460205285852054918383106102695750508184957fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef936020938688528785520381872055816002540360025551908152a380f35b865163391434e360e21b81526001600160a01b03909216908201908152602081018390526040810184905281906060010390fd5b8551634b637e8f60e11b8152808301869052602490fd5b509190346101a357816003193601126101a35780519082845460018160011c90600183169283156103cc575b60209384841081146103b95783885290811561039d5750600114610348575b505050829003601f01601f191682019267ffffffffffffffff841183851017610335575082918261033192528261081c565b0390f35b634e487b7160e01b815260418552602490fd5b8787529192508591837f8a35acfbc15ff81a39ae7d344fd709f28e8600b4aa8c65c6b64bfe7fe36bd19b5b83851061038957505050508301013880806102ff565b805488860183015293019284908201610373565b60ff1916878501525050151560051b84010190503880806102ff565b634e487b7160e01b895260228a52602489fd5b91607f16916102e0565b5050346101a357816003193601126101a35760055490516001600160a01b039091168152602090f35b833461045c578060031936011261045c57610418610974565b600580546001600160a01b0319811690915581906001600160a01b03167f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e08280a380f35b80fd5b5050346101a35760203660031901126101a35760209181906001600160a01b03610487610865565b16815280845220549051908152f35b5090346101565780600319360112610156576104b0610865565b90602435916104bd610974565b6001600160a01b0316928315610530576002549083820180921161051d575084927fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef9260209260025585855284835280852082815401905551908152a380f35b634e487b7160e01b865260119052602485fd5b84602492519163ec442f0560e01b8352820152fd5b5050346101a357816003193601126101a35760209060ff60055460a01c169051908152f35b50823461045c57606036600319011261045c57610585610865565b61058d610880565b916044359360018060a01b0383168083526001602052868320338452602052868320549160001983036105c9575b6020886101d1898989610896565b86831061063157811561061a573315610603575082526001602090815286832033845281529186902090859003905582906101d1876105bb565b8751634a1406b160e11b8152908101849052602490fd5b875163e602df0560e01b8152908101849052602490fd5b8751637dc7a0d960e11b8152339181019182526020820193909352604081018790528291506060010390fd5b5050346101a357816003193601126101a3576020906002549051908152f35b5034610156578160031936011261015657610695610865565b60243590331561070e576001600160a01b03169182156106f757508083602095338152600187528181208582528752205582519081527f8c5be1e5ebec7d5bd14f71427d1e84f3dd0314c0f7b2291e5b200ac8c7c3b925843392a35160018152f35b8351634a1406b160e11b8152908101859052602490fd5b835163e602df0560e01b8152808401869052602490fd5b84915083346101565782600319360112610156578260035460018160011c9060018316928315610812575b60209384841081146103b9578388529081156107f657506001146107a057505050829003601f01601f191682019267ffffffffffffffff841183851017610335575082918261033192528261081c565b600387529192508591837fc2575a0e9e593c00f959f8c92f12db2869c3395a3b0502d05e2516446f71f85b5b8385106107e257505050508301018580806102ff565b8054888601830152930192849082016107cc565b60ff1916878501525050151560051b84010190508580806102ff565b91607f1691610750565b6020808252825181830181905290939260005b82811061085157505060409293506000838284010152601f8019910116010190565b81810186015184820160400152850161082f565b600435906001600160a01b038216820361087b57565b600080fd5b602435906001600160a01b038216820361087b57565b916001600160a01b0380841692831561095b57169283156109425760009083825281602052604082205490838210610910575091604082827fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef958760209652828652038282205586815220818154019055604051908152a3565b60405163391434e360e21b81526001600160a01b03919091166004820152602481019190915260448101839052606490fd5b60405163ec442f0560e01b815260006004820152602490fd5b604051634b637e8f60e11b815260006004820152602490fd5b6005546001600160a01b0316330361098857565b60405163118cdaa760e01b8152336004820152602490fdfea26469706673582212204d9bb82cff36a497907f7f5a03a9ead5b8b1bb6ee1c8880af43ff565fd2108d164736f6c634300081800339016d09d72d40fdae2fd8ceac6b6234c7706214fd39c1cd1e609a0528c1993009b779b17422d0df92223018b32b4d1fa46e071723d6817e2486d003becc55f00f0c57e16840df040f15088dc2f81fe391c3923bec73e23a9662efc9c229c6a00a264697066735822122064f09c3f689fc00785a752b3f2c7d5f5ae70b1eb7a234e4b6efe99fd3d3980d264736f6c63430008180033",

thinking
**Analyzing concatenated contract bytecode and potential risks**
exec
/bin/bash -lc 'rg -n "ORIGIN" BYTECODE_BUNDLE.json' in /tmp/codex-p8jeuz72 exited 1 in 7ms:


thinking
**Analyzing bytecode for reentrancy guards**
exec
/bin/bash -lc "python - <<'PY'
import json
with open('BYTECODE_BUNDLE.json') as f:
    data=json.load(f)

bbs=sorted(data['analysis_artifact']['artifact_json']['basic_blocks'], key=lambda b: b['start_pc'])

for b in bbs:
    if 'SSTORE' in b.get('opcodes',[]):
        print('bb',b['start_pc'],b['end_pc'],b['opcodes'])
PY" in /tmp/codex-p8jeuz72 succeeded in 39ms:
bb 1952 1979 ['JUMPDEST', 'SUB', 'OP_90', 'OP_A3', 'PUSH3', 'PUSH1', 'PUSH1', 'OP_80', 'MLOAD', 'PUSH1', 'PUSH3', 'OP_83', 'CODECOPY', 'OP_81', 'MLOAD', 'OP_91', 'MSTORE', 'SSTORE', 'JUMP']
bb 2435 2505 ['JUMPDEST', 'PUSH1', 'OP_80', 'SLOAD', 'PUSH1', 'PUSH1', 'PUSH1', 'SHL', 'SUB', 'NOT', 'AND', 'PUSH1', 'PUSH1', 'PUSH1', 'SHL', 'SUB', 'OP_92', 'OP_90', 'OP_92', 'AND', 'OP_91', 'OP_82', 'OR', 'OP_81', 'SSTORE', 'OP_90', 'PUSH32', 'OP_82', 'OP_80', 'OP_A2', 'OP_80', 'RETURN']
bb 2749 2806 ['PUSH1', 'OP_80', 'SLOAD', 'PUSH1', 'PUSH1', 'PUSH1', 'SHL', 'SUB', 'NOT', 'AND', 'OP_82', 'OR', 'OP_81', 'SSTORE', 'OP_90', 'OP_80', 'PUSH32', 'OP_83', 'OP_80', 'OP_A3', 'OP_80', 'RETURN']
bb 3278 3322 ['PUSH1', 'OP_80', 'MLOAD', 'PUSH1', 'PUSH3', 'OP_83', 'CODECOPY', 'OP_81', 'MLOAD', 'OP_91', 'MSTORE', 'OP_80', 'SLOAD', 'PUSH8', 'NOT', 'AND', 'PUSH1', 'OR', 'OP_90', 'SSTORE', 'PUSH3', 'OP_91', 'OP_83', 'PUSH3', 'JUMPI']
bb 3335 3408 ['JUMPDEST', 'PUSH1', 'OP_80', 'MLOAD', 'PUSH1', 'PUSH3', 'OP_83', 'CODECOPY', 'OP_81', 'MLOAD', 'OP_91', 'MSTORE', 'OP_80', 'SLOAD', 'PUSH1', 'PUSH1', 'SHL', 'NOT', 'AND', 'OP_90', 'SSTORE', 'PUSH1', 'MLOAD', 'PUSH1', 'OP_81', 'MSTORE', 'PUSH32', 'OP_90', 'OP_80', 'PUSH1', 'OP_81', 'ADD']
bb 3414 3457 ['JUMPDEST', 'PUSH1', 'OP_80', 'MLOAD', 'PUSH1', 'PUSH3', 'OP_83', 'CODECOPY', 'OP_81', 'MLOAD', 'OP_91', 'MSTORE', 'OP_80', 'SLOAD', 'PUSH1', 'PUSH1', 'SHL', 'NOT', 'AND', 'PUSH9', 'OR', 'OP_90', 'SSTORE', 'PUSH3', 'JUMP']
bb 3771 3858 ['JUMPDEST', 'PUSH1', 'OP_80', 'PUSH1', 'SHL', 'SUB', 'OP_80', 'OP_91', 'AND', 'OP_90', 'PUSH12', 'PUSH1', 'SHL', 'OP_92', 'OP_82', 'OP_84', 'PUSH1', 'SLOAD', 'AND', 'OR', 'PUSH1', 'SSTORE', 'AND', 'OP_80', 'OP_92', 'PUSH1', 'SLOAD', 'AND', 'OR', 'PUSH1', 'SSTORE', 'PUSH32', 'PUSH1', 'OP_80', 'OP_A3', 'STOP']
bb 3889 3970 ['JUMPDEST', 'PUSH1', 'OP_80', 'MLOAD', 'PUSH1', 'PUSH3', 'OP_83', 'CODECOPY', 'OP_81', 'MLOAD', 'OP_91', 'MSTORE', 'OP_80', 'SLOAD', 'PUSH1', 'PUSH1', 'PUSH1', 'SHL', 'SUB', 'NOT', 'OP_81', 'AND', 'OP_90', 'OP_91', 'SSTORE', 'OP_81', 'OP_90', 'PUSH1', 'PUSH1', 'PUSH1', 'SHL', 'SUB', 'AND', 'PUSH32', 'OP_82', 'OP_80', 'OP_A3', 'OP_80', 'RETURN']
bb 4828 4854 ['JUMPDEST', 'OP_90', 'SSTORE', 'PUSH3', 'PUSH3', 'OP_82', 'PUSH1', 'MSTORE', 'PUSH1', 'PUSH1', 'MSTORE', 'PUSH1', 'PUSH1', 'SHA3', 'OP_90', 'JUMP']
bb 4970 4997 ['JUMPDEST', 'SUB', 'OP_90', 'OP_A3', 'PUSH3', 'PUSH1', 'PUSH1', 'OP_80', 'MLOAD', 'PUSH1', 'PUSH3', 'OP_83', 'CODECOPY', 'OP_81', 'MLOAD', 'OP_91', 'MSTORE', 'SSTORE', 'JUMP']
bb 5516 5546 ['JUMPDEST', 'OP_80', 'SLOAD', 'PUSH1', 'PUSH1', 'PUSH1', 'SHL', 'SUB', 'NOT', 'AND', 'PUSH1', 'PUSH1', 'PUSH1', 'SHL', 'SUB', 'OP_90', 'OP_92', 'AND', 'OP_91', 'OP_90', 'OP_91', 'OR', 'OP_90', 'SSTORE', 'JUMP']
bb 5575 5590 ['JUMPDEST', 'OP_80', 'SLOAD', 'PUSH1', 'PUSH1', 'PUSH1', 'SHL', 'SUB', 'NOT', 'AND', 'OP_90', 'SSTORE', 'JUMP']
bb 5757 5782 ['JUMPDEST', 'ISZERO', 'ISZERO', 'PUSH1', 'NOT', 'PUSH1', 'SLOAD', 'AND', 'PUSH1', 'OP_82', 'AND', 'OR', 'PUSH1', 'SSTORE', 'PUSH1', 'MLOAD', 'OP_90', 'OP_81', 'MSTORE', 'OP_A1', 'STOP']
bb 6097 6135 ['JUMPDEST', 'PUSH1', 'PUSH1', 'PUSH1', 'SHL', 'SUB', 'AND', 'PUSH1', 'OP_90', 'OP_81', 'MSTORE', 'PUSH1', 'PUSH1', 'OP_90', 'OP_81', 'MSTORE', 'PUSH1', 'OP_80', 'OP_83', 'SHA3', 'OP_83', 'OP_90', 'SSTORE', 'PUSH1', 'OP_90', 'OP_91', 'MSTORE', 'OP_90', 'SHA3', 'OP_90', 'JUMP']
bb 6136 6145 ['JUMPDEST', 'OP_80', 'SLOAD', 'PUSH1', 'NOT', 'AND', 'OP_90', 'SSTORE', 'JUMP']
bb 7239 7299 ['JUMPDEST', 'PUSH1', 'PUSH1', 'PUSH1', 'SHL', 'SUB', 'OP_85', 'AND', 'PUSH1', 'OP_81', 'OP_81', 'MSTORE', 'PUSH1', 'PUSH1', 'MSTORE', 'PUSH1', 'OP_90', 'SHA3', 'OP_80', 'SLOAD', 'PUSH1', 'NOT', 'AND', 'PUSH1', 'OP_86', 'ISZERO', 'ISZERO', 'AND', 'OR', 'OP_90', 'SSTORE', 'OP_97', 'PUSH3', 'PUSH3', 'PUSH3', 'CALLDATASIZE', 'OP_84', 'OP_8B', 'PUSH3', 'JUMP']
bb 7473 7513 ['JUMPDEST', 'OP_81', 'MLOAD', 'OP_81', 'SLOAD', 'PUSH1', 'OP_90', 'OP_93', 'ADD', 'MLOAD', 'PUSH2', 'NOT', 'OP_90', 'OP_93', 'AND', 'PUSH1', 'OP_90', 'OP_91', 'AND', 'OR', 'PUSH1', 'OP_92', 'OP_90', 'OP_92', 'SHL', 'PUSH2', 'AND', 'OP_91', 'OP_90', 'OP_91', 'OR', 'OP_90', 'SSTORE', 'JUMP']
bb 9110 9156 ['JUMPDEST', 'PUSH3', 'OP_91', 'PUSH1', 'OP_80', 'PUSH1', 'SHL', 'SUB', 'AND', 'PUSH12', 'PUSH1', 'SHL', 'PUSH1', 'SLOAD', 'AND', 'OR', 'PUSH1', 'SSTORE', 'PUSH3', 'PUSH3', 'JUMP']
bb 9187 9207 ['JUMPDEST', 'PUSH1', 'PUSH1', 'OP_80', 'MLOAD', 'PUSH1', 'PUSH3', 'OP_83', 'CODECOPY', 'OP_81', 'MLOAD', 'OP_91', 'MSTORE', 'SSTORE', 'JUMP']
bb 9780 9792 ['JUMPDEST', 'PUSH1', 'OP_81', 'SSTORE', 'PUSH1', 'ADD', 'PUSH3', 'JUMP']

thinking
**Summarizing contract security assessment**

I'm reviewing the contract for potential reentrancy risks, unguarded external calls, and bytecode features like CREATE2 and SELFDESTRUCT. I'm gathering evidence about detected callsites with computed targets and value lacking reentrancy guards, presence of selfdestruct opcode likely in data, and create operations that might allow deploying contracts. I'll package findings carefully with severity and exact bytecode locations, ensuring the output is a clear JSON report with conservative but informative conclusions.
codex
{"no_findings":false,"summary":"Bytecode shows multiple low-level CALLs with computed targets/values and CREATE/SELFDESTRUCT opcodes; guards and reachability are not proven in the artifacts, so risks are conditional on reachability and access control.","findings":[{"severity":"medium","category":"reentrancy","title":"Low-level CALLs to computed targets/values without detected guards","exploit_scenario":"The implementation performs multiple CALLs where both the target and value are computed. If any of these values are influenced by user input or cross-chain messages, a malicious target can reenter during external calls or redirect value transfers before state is finalized, potentially draining funds or corrupting accounting. The bytecode analysis did not detect any guard checks around these sinks, so safety depends on off-chain assumptions or unseen controls.","recommendation":"Add explicit reentrancy protection around external-call paths, update critical state before CALLs, and restrict/allowlist external targets where possible. Ensure return data is validated and enforce strict access control for any function that can trigger value-bearing CALLs.","evidence":"callsites list shows CALL at pcs 4453/6904/11718/11868/12355/13930 with target_expression_category/value_expression_category \"computed\" and returndata_checked null; detector findings \"Untrusted CALL target/value reachable\" and \"ETH value transfer possible\" report no guards detected.","locations":["pc:0x1165","pc:0x1af8","pc:0x2dc6","pc:0x2e5c","pc:0x3043","pc:0x366a"]},{"severity":"low","category":"other","title":"SELFDESTRUCT opcode present in runtime bytecode (reachability unclear)","exploit_scenario":"If the SELFDESTRUCT opcode is reachable from any externally callable path, an attacker (or compromised privileged role) could irreversibly destroy the implementation, and in a proxy setup this could brick the proxy logic. The opcode appears in a block without a JUMPDEST, which may indicate embedded data rather than executable code, so reachability is uncertain.","recommendation":"Confirm that the SELFDESTRUCT opcode is unreachable in executable code. If reachable, remove it or gate it behind strict, revocable admin controls and timelocks.","evidence":"basic_blocks include SELFDESTRUCT at start_pc 17721; heuristics_summary flags selfdestruct_present; detector finding \"SELFDESTRUCT reachable\" has status unknown.","locations":["pc:0x4539"]},{"severity":"low","category":"other","title":"CREATE/CREATE2 opcodes present (factory behavior)","exploit_scenario":"The bytecode includes CREATE and CREATE2. If these paths are externally reachable without strict access control, an attacker could deploy arbitrary contracts, squat deterministic addresses, or grief the system with storage/gas usage. This may be intended factory behavior, but access control is not proven in the artifacts.","recommendation":"Verify CREATE/CREATE2 are only reachable by authorized roles. If public deployment is intended, document the security model and enforce input validation (salt/code size) to avoid abuse.","evidence":"heuristics_summary reports create_count=2 and create2_count=1; a basic block includes CREATE2 at start_pc 17838.","locations":["pc:0x45ae"]}]}
tokens used
101,850
Metadata 
{
    "codex": {
        "ran_at": "2026-01-12T16:00:06.122106+00:00",
        "returncode": 0
    },
    "project": {
        "mode": "bytecode",
        "bytecode_length": 35848,
        "bytecode_truncated": false,
        "capability_graph_present": true,
        "analysis_artifact_present": true
    },
    "summary": "Bytecode shows multiple low-level CALLs with computed targets/values and CREATE/SELFDESTRUCT opcodes; guards and reachability are not proven in the artifacts, so risks are conditional on reachability and access control.",
    "raw_final": {
        "summary": "Bytecode shows multiple low-level CALLs with computed targets/values and CREATE/SELFDESTRUCT opcodes; guards and reachability are not proven in the artifacts, so risks are conditional on reachability and access control.",
        "findings": [
            {
                "title": "Low-level CALLs to computed targets/values without detected guards",
                "category": "reentrancy",
                "evidence": "callsites list shows CALL at pcs 4453/6904/11718/11868/12355/13930 with target_expression_category/value_expression_category \"computed\" and returndata_checked null; detector findings \"Untrusted CALL target/value reachable\" and \"ETH value transfer possible\" report no guards detected.",
                "severity": "medium",
                "locations": [
                    "pc:0x1165",
                    "pc:0x1af8",
                    "pc:0x2dc6",
                    "pc:0x2e5c",
                    "pc:0x3043",
                    "pc:0x366a"
                ],
                "recommendation": "Add explicit reentrancy protection around external-call paths, update critical state before CALLs, and restrict/allowlist external targets where possible. Ensure return data is validated and enforce strict access control for any function that can trigger value-bearing CALLs.",
                "exploit_scenario": "The implementation performs multiple CALLs where both the target and value are computed. If any of these values are influenced by user input or cross-chain messages, a malicious target can reenter during external calls or redirect value transfers before state is finalized, potentially draining funds or corrupting accounting. The bytecode analysis did not detect any guard checks around these sinks, so safety depends on off-chain assumptions or unseen controls."
            },
            {
                "title": "SELFDESTRUCT opcode present in runtime bytecode (reachability unclear)",
                "category": "other",
                "evidence": "basic_blocks include SELFDESTRUCT at start_pc 17721; heuristics_summary flags selfdestruct_present; detector finding \"SELFDESTRUCT reachable\" has status unknown.",
                "severity": "low",
                "locations": [
                    "pc:0x4539"
                ],
                "recommendation": "Confirm that the SELFDESTRUCT opcode is unreachable in executable code. If reachable, remove it or gate it behind strict, revocable admin controls and timelocks.",
                "exploit_scenario": "If the SELFDESTRUCT opcode is reachable from any externally callable path, an attacker (or compromised privileged role) could irreversibly destroy the implementation, and in a proxy setup this could brick the proxy logic. The opcode appears in a block without a JUMPDEST, which may indicate embedded data rather than executable code, so reachability is uncertain."
            },
            {
                "title": "CREATE/CREATE2 opcodes present (factory behavior)",
                "category": "other",
                "evidence": "heuristics_summary reports create_count=2 and create2_count=1; a basic block includes CREATE2 at start_pc 17838.",
                "severity": "low",
                "locations": [
                    "pc:0x45ae"
                ],
                "recommendation": "Verify CREATE/CREATE2 are only reachable by authorized roles. If public deployment is intended, document the security model and enforce input validation (salt/code size) to avoid abuse.",
                "exploit_scenario": "The bytecode includes CREATE and CREATE2. If these paths are externally reachable without strict access control, an attacker could deploy arbitrary contracts, squat deterministic addresses, or grief the system with storage/gas usage. This may be intended factory behavior, but access control is not proven in the artifacts."
            }
        ],
        "no_findings": false
    },
    "no_findings": false,
    "proxy_context": {
        "proxy_run_id": "019bb2d5-fd57-707f-a904-b2b419626a9c",
        "proxy_address": "0x3d64bd587300af85ae54007d350bfd293dc24581",
        "implementation_run_id": "019bb2d6-484b-7238-bacf-4345a50acc70",
        "implementation_address": "0x9ee44137984af40481663744d27c5ae79210991e"
    },
    "schema_version": 1
}

Opcode Heuristics

tool.cast_disasm
Delegatecall
2
Selfdestruct
0
CREATE2
0
CALL-family (heavy)
0
EXT*/BALANCE
2
Total opcodes
444
Flags
delegatecall_present
View cast disassembly output 
00000000: PUSH1 0x80
00000002: PUSH1 0x40
00000004: MSTORE
00000005: PUSH1 0x01
00000007: PUSH1 0x01
00000009: PUSH1 0xa0
0000000b: SHL
0000000c: SUB
0000000d: CALLER
0000000e: PUSH32 0x000000000000000000000000b2d43c872de4b2a5844bd229cf0dbce84fb54f92
0000002f: DUP3
00000030: AND
00000031: SUB
00000032: PUSH2 0x006b
00000035: JUMPI
00000036: PUSH1 0x00
00000038: CALLDATALOAD
00000039: PUSH1 0x01
0000003b: PUSH1 0x01
0000003d: PUSH1 0xe0
0000003f: SHL
00000040: SUB
00000041: NOT
00000042: AND
00000043: PUSH4 0x278f7943
00000048: PUSH1 0xe1
0000004a: SHL
0000004b: EQ
0000004c: PUSH2 0x0061
0000004f: JUMPI
00000050: PUSH1 0x40
00000052: MLOAD
00000053: PUSH4 0x34ad5dbb
00000058: PUSH1 0xe2
0000005a: SHL
0000005b: DUP2
0000005c: MSTORE
0000005d: PUSH1 0x04
0000005f: SWAP1
00000060: REVERT
00000061: JUMPDEST
00000062: PUSH2 0x0069
00000065: PUSH2 0x010a
00000068: JUMP
00000069: JUMPDEST
0000006a: STOP
0000006b: JUMPDEST
0000006c: PUSH32 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc
0000008d: SLOAD
0000008e: AND
0000008f: PUSH1 0x00
00000091: DUP1
00000092: DUP1
00000093: SWAP3
00000094: CALLDATASIZE
00000095: DUP3
00000096: DUP1
00000097: CALLDATACOPY
00000098: DUP2
00000099: CALLDATASIZE
0000009a: SWAP2
0000009b: GAS
0000009c: DELEGATECALL
0000009d: RETURNDATASIZE
0000009e: DUP3
0000009f: DUP1
000000a0: RETURNDATACOPY
000000a1: ISZERO
000000a2: PUSH2 0x00a9
000000a5: JUMPI
000000a6: RETURNDATASIZE
000000a7: SWAP1
000000a8: RETURN
000000a9: JUMPDEST
000000aa: RETURNDATASIZE
000000ab: SWAP1
000000ac: REVERT
000000ad: JUMPDEST
000000ae: PUSH4 0x4e487b71
000000b3: PUSH1 0xe0
000000b5: SHL
000000b6: PUSH1 0x00
000000b8: MSTORE
000000b9: PUSH1 0x41
000000bb: PUSH1 0x04
000000bd: MSTORE
000000be: PUSH1 0x24
000000c0: PUSH1 0x00
000000c2: REVERT
000000c3: JUMPDEST
000000c4: PUSH1 0x40
000000c6: MLOAD
000000c7: SWAP2
000000c8: SWAP1
000000c9: PUSH1 0x1f
000000cb: ADD
000000cc: PUSH1 0x1f
000000ce: NOT
000000cf: AND
000000d0: DUP3
000000d1: ADD
000000d2: PUSH8 0xffffffffffffffff
000000db: DUP2
000000dc: GT
000000dd: DUP4
000000de: DUP3
000000df: LT
000000e0: OR
000000e1: PUSH2 0x00e9
000000e4: JUMPI
000000e5: PUSH1 0x40
000000e7: MSTORE
000000e8: JUMP
000000e9: JUMPDEST
000000ea: PUSH2 0x00ad
000000ed: JUMP
000000ee: JUMPDEST
000000ef: PUSH8 0xffffffffffffffff
000000f8: DUP2
000000f9: GT
000000fa: PUSH2 0x00e9
000000fd: JUMPI
000000fe: PUSH1 0x1f
00000100: ADD
00000101: PUSH1 0x1f
00000103: NOT
00000104: AND
00000105: PUSH1 0x20
00000107: ADD
00000108: SWAP1
00000109: JUMP
0000010a: JUMPDEST
0000010b: CALLDATASIZE
0000010c: PUSH1 0x04
0000010e: GT
0000010f: PUSH2 0x0194
00000112: JUMPI
00000113: PUSH1 0x40
00000115: CALLDATASIZE
00000116: PUSH1 0x03
00000118: NOT
00000119: ADD
0000011a: SLT
0000011b: PUSH2 0x0194
0000011e: JUMPI
0000011f: PUSH1 0x04
00000121: CALLDATALOAD
00000122: PUSH1 0x01
00000124: PUSH1 0x01
00000126: PUSH1 0xa0
00000128: SHL
00000129: SUB
0000012a: DUP2
0000012b: AND
0000012c: SWAP1
0000012d: DUP2
0000012e: SWAP1
0000012f: SUB
00000130: PUSH2 0x0194
00000133: JUMPI
00000134: PUSH1 0x24
00000136: CALLDATALOAD
00000137: SWAP1
00000138: PUSH8 0xffffffffffffffff
00000141: DUP3
00000142: GT
00000143: PUSH2 0x0194
00000146: JUMPI
00000147: CALLDATASIZE
00000148: PUSH1 0x23
0000014a: DUP4
0000014b: ADD
0000014c: SLT
0000014d: ISZERO
0000014e: PUSH2 0x0194
00000151: JUMPI
00000152: DUP2
00000153: PUSH1 0x04
00000155: ADD
00000156: CALLDATALOAD
00000157: SWAP1
00000158: PUSH2 0x0168
0000015b: PUSH2 0x0163
0000015e: DUP4
0000015f: PUSH2 0x00ee
00000162: JUMP
00000163: JUMPDEST
00000164: PUSH2 0x00c3
00000167: JUMP
00000168: JUMPDEST
00000169: SWAP2
0000016a: DUP1
0000016b: DUP4
0000016c: MSTORE
0000016d: CALLDATASIZE
0000016e: PUSH1 0x24
00000170: DUP3
00000171: DUP7
00000172: ADD
00000173: ADD
00000174: GT
00000175: PUSH2 0x0194
00000178: JUMPI
00000179: PUSH1 0x20
0000017b: DUP2
0000017c: PUSH1 0x00
0000017e: SWAP3
0000017f: PUSH1 0x24
00000181: PUSH2 0x0192
00000184: SWAP8
00000185: ADD
00000186: DUP4
00000187: DUP8
00000188: ADD
00000189: CALLDATACOPY
0000018a: DUP5
0000018b: ADD
0000018c: ADD
0000018d: MSTORE
0000018e: PUSH2 0x0199
00000191: JUMP
00000192: JUMPDEST
00000193: JUMP
00000194: JUMPDEST
00000195: PUSH1 0x00
00000197: DUP1
00000198: REVERT
00000199: JUMPDEST
0000019a: SWAP1
0000019b: DUP2
0000019c: EXTCODESIZE
0000019d: ISZERO
0000019e: PUSH2 0x0231
000001a1: JUMPI
000001a2: PUSH32 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc
000001c3: DUP1
000001c4: SLOAD
000001c5: PUSH1 0x01
000001c7: PUSH1 0x01
000001c9: PUSH1 0xa0
000001cb: SHL
000001cc: SUB
000001cd: NOT
000001ce: AND
000001cf: PUSH1 0x01
000001d1: PUSH1 0x01
000001d3: PUSH1 0xa0
000001d5: SHL
000001d6: SUB
000001d7: DUP5
000001d8: AND
000001d9: SWAP1
000001da: DUP2
000001db: OR
000001dc: SWAP1
000001dd: SWAP2
000001de: SSTORE
000001df: PUSH32 0xbc7cd75a20ee27fd9adebab32041f755214dbc6bffa90cc0225b39da2e5c2d3b
00000200: PUSH1 0x00
00000202: DUP1
00000203: LOG2
00000204: DUP1
00000205: MLOAD
00000206: ISZERO
00000207: PUSH2 0x0216
0000020a: JUMPI
0000020b: PUSH2 0x0213
0000020e: SWAP2
0000020f: PUSH2 0x0252
00000212: JUMP
00000213: JUMPDEST
00000214: POP
00000215: JUMP
00000216: JUMPDEST
00000217: POP
00000218: POP
00000219: CALLVALUE
0000021a: PUSH2 0x021f
0000021d: JUMPI
0000021e: JUMP
0000021f: JUMPDEST
00000220: PUSH1 0x40
00000222: MLOAD
00000223: PUSH4 0xb398979f
00000228: PUSH1 0xe0
0000022a: SHL
0000022b: DUP2
0000022c: MSTORE
0000022d: PUSH1 0x04
0000022f: SWAP1
00000230: REVERT
00000231: JUMPDEST
00000232: PUSH1 0x40
00000234: MLOAD
00000235: PUSH4 0x4c9c8ce3
0000023a: PUSH1 0xe0
0000023c: SHL
0000023d: DUP2
0000023e: MSTORE
0000023f: PUSH1 0x01
00000241: PUSH1 0x01
00000243: PUSH1 0xa0
00000245: SHL
00000246: SUB
00000247: DUP4
00000248: AND
00000249: PUSH1 0x04
0000024b: DUP3
0000024c: ADD
0000024d: MSTORE
0000024e: PUSH1 0x24
00000250: SWAP1
00000251: REVERT
00000252: JUMPDEST
00000253: PUSH1 0x00
00000255: DUP1
00000256: PUSH2 0x0286
00000259: SWAP4
0000025a: PUSH1 0x20
0000025c: DUP2
0000025d: MLOAD
0000025e: SWAP2
0000025f: ADD
00000260: DUP5
00000261: GAS
00000262: DELEGATECALL
00000263: RETURNDATASIZE
00000264: ISZERO
00000265: PUSH2 0x0289
00000268: JUMPI
00000269: RETURNDATASIZE
0000026a: SWAP2
0000026b: PUSH2 0x0276
0000026e: PUSH2 0x0163
00000271: DUP5
00000272: PUSH2 0x00ee
00000275: JUMP
00000276: JUMPDEST
00000277: SWAP3
00000278: DUP4
00000279: MSTORE
0000027a: RETURNDATASIZE
0000027b: PUSH1 0x00
0000027d: PUSH1 0x20
0000027f: DUP6
00000280: ADD
00000281: RETURNDATACOPY
00000282: PUSH2 0x028d
00000285: JUMP
00000286: JUMPDEST
00000287: SWAP1
00000288: JUMP
00000289: JUMPDEST
0000028a: PUSH1 0x60
0000028c: SWAP2
0000028d: JUMPDEST
0000028e: SWAP1
0000028f: PUSH2 0x02b4
00000292: JUMPI
00000293: POP
00000294: DUP1
00000295: MLOAD
00000296: ISZERO
00000297: PUSH2 0x02a2
0000029a: JUMPI
0000029b: DUP1
0000029c: MLOAD
0000029d: SWAP1
0000029e: PUSH1 0x20
000002a0: ADD
000002a1: REVERT
000002a2: JUMPDEST
000002a3: PUSH1 0x40
000002a5: MLOAD
000002a6: PUSH4 0x0a12f521
000002ab: PUSH1 0xe1
000002ad: SHL
000002ae: DUP2
000002af: MSTORE
000002b0: PUSH1 0x04
000002b2: SWAP1
000002b3: REVERT
000002b4: JUMPDEST
000002b5: DUP2
000002b6: MLOAD
000002b7: ISZERO
000002b8: DUP1
000002b9: PUSH2 0x02e7
000002bc: JUMPI
000002bd: JUMPDEST
000002be: PUSH2 0x02c5
000002c1: JUMPI
000002c2: POP
000002c3: SWAP1
000002c4: JUMP
000002c5: JUMPDEST
000002c6: PUSH1 0x40
000002c8: MLOAD
000002c9: PUSH4 0x9996b315
000002ce: PUSH1 0xe0
000002d0: SHL
000002d1: DUP2
000002d2: MSTORE
000002d3: PUSH1 0x01
000002d5: PUSH1 0x01
000002d7: PUSH1 0xa0
000002d9: SHL
000002da: SUB
000002db: SWAP1
000002dc: SWAP2
000002dd: AND
000002de: PUSH1 0x04
000002e0: DUP3
000002e1: ADD
000002e2: MSTORE
000002e3: PUSH1 0x24
000002e5: SWAP1
000002e6: REVERT
000002e7: JUMPDEST
000002e8: POP
000002e9: DUP1
000002ea: EXTCODESIZE
000002eb: ISZERO
000002ec: PUSH2 0x02bd
000002ef: JUMP
000002f0: INVALID
000002f1: LOG2
000002f2: PUSH5 0x6970667358
000002f8: UNKNOWN(0x22)
000002f9: SLT
000002fa: KECCAK256
000002fb: PUSH3 0x9f89f8
000002ff: PUSH22 0x61e850ebccc2a395c48af55128bde3b63b61b7ff418e
00000316: MUL
00000317: UNKNOWN(0xB9)
00000318: SWAP9
00000319: UNKNOWN(0xA7)
0000031a: UNKNOWN(0xEF)
0000031b: PUSH5 0x736f6c6343
00000321: STOP
00000322: ADDMOD
00000323: XOR
00000324: STOP
00000325: CALLER

Findings

validated = confirmed for call sinks; sink observed for others
Severity Category Tool Title Confidence Validated Confirmed Details
critical upgradeability detector Untrusted DELEGATECALL target reachable 70 no no
view
trace_id: 0x8e17f82754746a448f51485dd14979379efd80aa10c5ebb0e79ec2f16fc60f67
call_targets: 0x9ee44137984af40481663744d27c5ae79210991e
target_varies: no
classification: constant_target
validation_json 
{
    "sink": "DELEGATECALL",
    "errors": 0,
    "status": "sink_reached",
    "attempts": 1,
    "trace_id": "0x8e17f82754746a448f51485dd14979379efd80aa10c5ebb0e79ec2f16fc60f67",
    "confirmed": false,
    "trace_mode": "callTracer",
    "call_targets": [
        "0x9ee44137984af40481663744d27c5ae79210991e"
    ],
    "matched_probe": null,
    "target_varies": false,
    "classification": "constant_target"
}
witness_json 
{
    "notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
    "constraints": [],
    "entrypoints": [
        {
            "calldata": "0x278f7943",
            "selector": "0x278f7943",
            "calldata_variants": [
                "0x278f7943",
                "0x278f79430000000000000000000000000000000000000000000000000000000000000000"
            ]
        }
    ]
}
evidence_json 
{
    "examples": [
        {
            "pc": 156,
            "opcode": "DELEGATECALL",
            "returndata_checked": null,
            "value_expression_category": "n/a",
            "target_expression_category": "computed"
        },
        {
            "pc": 610,
            "opcode": "DELEGATECALL",
            "returndata_checked": null,
            "value_expression_category": "n/a",
            "target_expression_category": "computed"
        }
    ],
    "guards_detected": [],
    "delegatecall_count": 2,
    "untrusted_delegatecall_count": 2
}
medium upgradeability cast DELEGATECALL present 80 no
view
evidence_json 
{
    "notes": "delegatecall enables execution in caller context; common in proxies/upgradeable patterns",
    "delegatecall_count": 2
}
medium reentrancy codex Low-level CALLs to computed targets/values without detected guards 75 no
view
evidence_json 
{
    "evidence": "callsites list shows CALL at pcs 4453/6904/11718/11868/12355/13930 with target_expression_category/value_expression_category \"computed\" and returndata_checked null; detector findings \"Untrusted CALL target/value reachable\" and \"ETH value transfer possible\" report no guards detected.",
    "locations": [
        "pc:0x1165",
        "pc:0x1af8",
        "pc:0x2dc6",
        "pc:0x2e5c",
        "pc:0x3043",
        "pc:0x366a"
    ],
    "recommendation": "Add explicit reentrancy protection around external-call paths, update critical state before CALLs, and restrict/allowlist external targets where possible. Ensure return data is validated and enforce strict access control for any function that can trigger value-bearing CALLs.",
    "exploit_scenario": "The implementation performs multiple CALLs where both the target and value are computed. If any of these values are influenced by user input or cross-chain messages, a malicious target can reenter during external calls or redirect value transfers before state is finalized, potentially draining funds or corrupting accounting. The bytecode analysis did not detect any guard checks around these sinks, so safety depends on off-chain assumptions or unseen controls."
}
low other codex SELFDESTRUCT opcode present in runtime bytecode (reachability unclear) 65 no
view
evidence_json 
{
    "evidence": "basic_blocks include SELFDESTRUCT at start_pc 17721; heuristics_summary flags selfdestruct_present; detector finding \"SELFDESTRUCT reachable\" has status unknown.",
    "locations": [
        "pc:0x4539"
    ],
    "recommendation": "Confirm that the SELFDESTRUCT opcode is unreachable in executable code. If reachable, remove it or gate it behind strict, revocable admin controls and timelocks.",
    "exploit_scenario": "If the SELFDESTRUCT opcode is reachable from any externally callable path, an attacker (or compromised privileged role) could irreversibly destroy the implementation, and in a proxy setup this could brick the proxy logic. The opcode appears in a block without a JUMPDEST, which may indicate embedded data rather than executable code, so reachability is uncertain."
}
low other codex CREATE/CREATE2 opcodes present (factory behavior) 65 no
view
evidence_json 
{
    "evidence": "heuristics_summary reports create_count=2 and create2_count=1; a basic block includes CREATE2 at start_pc 17838.",
    "locations": [
        "pc:0x45ae"
    ],
    "recommendation": "Verify CREATE/CREATE2 are only reachable by authorized roles. If public deployment is intended, document the security model and enforce input validation (salt/code size) to avoid abuse.",
    "exploit_scenario": "The bytecode includes CREATE and CREATE2. If these paths are externally reachable without strict access control, an attacker could deploy arbitrary contracts, squat deterministic addresses, or grief the system with storage/gas usage. This may be intended factory behavior, but access control is not proven in the artifacts."
}