019c0ea9-0729-710d-aaed-64fc4dafe23a
Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?
| ID | Type | Status | Attempts | Heartbeat |
|---|---|---|---|---|
| 41529 | artifact.fetch | complete | 1 / 3 | 2 months ago |
| 41530 | proxy.resolve | complete | 1 / 3 | 2 months ago |
| 41531 | tool.cast_disasm | complete | 1 / 3 | 2 months ago |
| 41532 | analysis.bundle | complete | 1 / 3 | 2 months ago |
| 41533 | capability.graph | complete | 1 / 3 | 2 months ago |
| 41534 | detector.run | complete | 1 / 3 | 2 months ago |
| 41535 | validation.fork | complete | 1 / 3 | 2 months ago |
| 42193 | report.consolidate | complete | 1 / 6 | 2 months ago |
| 42194 | tool.slither | complete | 1 / 2 | 2 months ago |
{
"status": "not_proxy"
}
'forge clean' running (wd: /tmp/slither-0elelb1m) 'forge config --json' running 'forge build --build-info --skip ./test/** ./script/** --force' running (wd: /tmp/slither-0elelb1m) HDX20.payWithToken(uint256,address) (contracts/Contract.sol#395-431) sends eth to arbitrary user Dangerous calls: - _game_contract.transfer(_eth) (contracts/Contract.sol#429-430) Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#functions-that-send-ether-to-arbitrary-destinations HDX20.buyTokenFromGame(address,address) (contracts/Contract.sol#263-303) performs a multiplication on the result of a division: - _devfee = (_eth.mul(devFee)) / 100 (contracts/Contract.sol#269-272) - buyTokenSub((_devfee.mul(100 - buyInFee)) / 100,owner) (contracts/Contract.sol#290-291) HDX20.buyTokenFromGame(address,address) (contracts/Contract.sol#263-303) performs a multiplication on the result of a division: - _fee = (_eth.mul(buyInFee)) / 100 (contracts/Contract.sol#272) - _ethReferrer = (_fee.mul(referrerFee + superReferrerRate[_referrer_address])) / 100 (contracts/Contract.sol#278-281) HDX20.buyToken(address) (contracts/Contract.sol#304-349) performs a multiplication on the result of a division: - _devfee = (_eth.mul(devFee)) / 100 (contracts/Contract.sol#311-315) - buyTokenSub((_devfee.mul(100 - buyInFee)) / 100,owner) (contracts/Contract.sol#336) HDX20.buyToken(address) (contracts/Contract.sol#304-349) performs a multiplication on the result of a division: - _fee = (_eth.mul(buyInFee)) / 100 (contracts/Contract.sol#315-320) - _ethReferrer = (_fee.mul(referrerFee + superReferrerRate[_referrer_address])) / 100 (contracts/Contract.sol#324-328) HDX20.sellToken(uint256) (contracts/Contract.sol#349-392) performs a multiplication on the result of a division: - _eth = (_amount.mul(tokenPrice)) / magnitude (contracts/Contract.sol#357-361) - _fee = (_eth.mul(sellOutFee)) / 100 (contracts/Contract.sol#361-365) HDX20.sellToken(uint256) (contracts/Contract.sol#349-392) performs a multiplication on the result of a division: - _eth = (_amount.mul(tokenPrice)) / magnitude (contracts/Contract.sol#357-361) - _devfee = (_eth.mul(devFee)) / 100 (contracts/Contract.sol#365-367) HDX20.sellToken(uint256) (contracts/Contract.sol#349-392) performs a multiplication on the result of a division: - _devfee = (_eth.mul(devFee)) / 100 (contracts/Contract.sol#365-367) - buyTokenSub((_devfee.mul(100 - buyInFee)) / 100,owner) (contracts/Contract.sol#378-380) HDX20.payWithToken(uint256,address) (contracts/Contract.sol#395-431) performs a multiplication on the result of a division: - _nb_token = (_eth.mul(magnitude)) / tokenPrice (contracts/Contract.sol#410) - _eth = (_nb_token.mul(tokenPrice)) / magnitude (contracts/Contract.sol#413-416) HDX20.transferSub(address,address,uint256) (contracts/Contract.sol#504-553) performs a multiplication on the result of a division: - _token_fee /= 2 (contracts/Contract.sol#521-523) - tokenBalanceLedger[_toAddress] = tokenBalanceLedger[_toAddress].add(_amountOfTokens - (_token_fee * 2)) (contracts/Contract.sol#532-535) Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#divide-before-multiply HDX20.sellToken(uint256)._customerAddress (contracts/Contract.sol#351-352) lacks a zero-check on : - _customerAddress.transfer(_eth) (contracts/Contract.sol#391-392) HDX20.payWithToken(uint256,address)._game_contract (contracts/Contract.sol#403-405) lacks a zero-check on : - _game_contract.transfer(_eth) (contracts/Contract.sol#429-430) Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#missing-zero-address-validation HDX20.onlyFromGameWhiteListed() (contracts/Contract.sol#101-108) compares to a boolean constant: -require(bool)(gameWhiteListed[msg.sender] == true) (contracts/Contract.sol#104-106) HDX20.onlyGameWhiteListed(address) (contracts/Contract.sol#108-116) compares to a boolean constant: -require(bool)(gameWhiteListed[who] == true) (contracts/Contract.sol#110-113) Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#boolean-equality Version constraint ^0.4.25 contains known severe issues (https://solidity.readthedocs.io/en/latest/bugs.html) - DirtyBytesArrayToStorage - ABIDecodeTwoDimensionalArrayMemory - KeccakCaching - EmptyByteArrayCopy - DynamicArrayCleanup - ImplicitConstructorCallvalueCheck - TupleAssignmentMultiStackSlotComponents - MemoryArrayCreationOverflow - privateCanBeOverridden - SignedArrayStorageCopy - ABIEncoderV2StorageArrayWithMultiSlotElement - DynamicConstructorArgumentsClippedABIV2 - UninitializedFunctionPointerInConstructor_0.4.x - IncorrectEventSignatureInLibraries_0.4.x - ABIEncoderV2PackedStorage_0.4.x. It is used by: - ^0.4.25 (contracts/Contract.sol#26-28) solc-0.4.25 is an outdated solc version. Use a more recent version (at least 0.8.0), if possible. Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-versions-of-solidity HDX20 (contracts/Contract.sol#36-712) should inherit from HDX20Interface (contracts/Contract.sol#29-36) Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#missing-inheritance Event HDX20.onBuyEvent(address,uint256) (contracts/Contract.sol#60-66) is not in CapWords Event HDX20.onSellEvent(address,uint256) (contracts/Contract.sol#66-71) is not in CapWords Event HDX20.onAccountMovedOut(address,address,uint256,uint256) (contracts/Contract.sol#72-79) is not in CapWords Event HDX20.onAccountMovedIn(address,address,uint256,uint256) (contracts/Contract.sol#80-86) is not in CapWords Parameter HDX20.changeOwner(address)._nextOwner (contracts/Contract.sol#187-188) is not in mixedCase Parameter HDX20.changeName(string)._name (contracts/Contract.sol#202-203) is not in mixedCase Parameter HDX20.changeSymbol(string)._symbol (contracts/Contract.sol#205) is not in mixedCase Parameter HDX20.addGame(address)._contractAddress (contracts/Contract.sol#213) is not in mixedCase Parameter HDX20.addSuperReferrer(address,uint8)._contractAddress (contracts/Contract.sol#221-223) is not in mixedCase Parameter HDX20.addSuperReferrer(address,uint8).extra_rate (contracts/Contract.sol#223-224) is not in mixedCase Parameter HDX20.removeGame(address)._contractAddress (contracts/Contract.sol#230-231) is not in mixedCase Parameter HDX20.changeNewHDX20Contract(address)._next (contracts/Contract.sol#236) is not in mixedCase Parameter HDX20.buyTokenSub(uint256,address)._eth (contracts/Contract.sol#248) is not in mixedCase Parameter HDX20.buyTokenSub(uint256,address)._customerAddress (contracts/Contract.sol#248-249) is not in mixedCase Parameter HDX20.buyTokenFromGame(address,address)._customerAddress (contracts/Contract.sol#263) is not in mixedCase Parameter HDX20.buyTokenFromGame(address,address)._referrer_address (contracts/Contract.sol#263) is not in mixedCase Parameter HDX20.buyToken(address)._referrer_address (contracts/Contract.sol#304-305) is not in mixedCase Parameter HDX20.sellToken(uint256)._amount (contracts/Contract.sol#349) is not in mixedCase Parameter HDX20.payWithToken(uint256,address)._eth (contracts/Contract.sol#397) is not in mixedCase Parameter HDX20.payWithToken(uint256,address)._player_address (contracts/Contract.sol#397-398) is not in mixedCase Parameter HDX20.moveAccountIn(address)._customerAddress (contracts/Contract.sol#472-473) is not in mixedCase Parameter HDX20.transferSub(address,address,uint256)._customerAddress (contracts/Contract.sol#504-505) is not in mixedCase Parameter HDX20.transferSub(address,address,uint256)._toAddress (contracts/Contract.sol#505-508) is not in mixedCase Parameter HDX20.transferSub(address,address,uint256)._amountOfTokens (contracts/Contract.sol#508-509) is not in mixedCase Parameter HDX20.transfer(address,uint256)._toAddress (contracts/Contract.sol#553) is not in mixedCase Parameter HDX20.transfer(address,uint256)._amountOfTokens (contracts/Contract.sol#553-554) is not in mixedCase Parameter HDX20.balanceOf(address)._customerAddress (contracts/Contract.sol#595-596) is not in mixedCase Parameter HDX20.ethBalanceOf(address)._customerAddress (contracts/Contract.sol#647-649) is not in mixedCase Parameter HDX20.ethBalanceOfNoFee(address)._customerAddress (contracts/Contract.sol#671) is not in mixedCase Parameter HDX20.checkGameListed(address)._contract (contracts/Contract.sol#698) is not in mixedCase Parameter HDX20.getSuperReferrerRate(address)._customerAddress (contracts/Contract.sol#705-706) is not in mixedCase Variable HDX20.NewHDX20Contract (contracts/Contract.sol#44-45) is not in mixedCase Constant HDX20.magnitude (contracts/Contract.sol#151-153) is not in UPPER_CASE_WITH_UNDERSCORES Constant HDX20.referrerFee (contracts/Contract.sol#153-154) is not in UPPER_CASE_WITH_UNDERSCORES Constant HDX20.transferFee (contracts/Contract.sol#155-156) is not in UPPER_CASE_WITH_UNDERSCORES Constant HDX20.buyInFee (contracts/Contract.sol#160) is not in UPPER_CASE_WITH_UNDERSCORES Constant HDX20.sellOutFee (contracts/Contract.sol#160-161) is not in UPPER_CASE_WITH_UNDERSCORES Constant HDX20.devFee (contracts/Contract.sol#161) is not in UPPER_CASE_WITH_UNDERSCORES Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions changeName(string) should be declared external: - HDX20.changeName(string) (contracts/Contract.sol#202-205) changeSymbol(string) should be declared external: - HDX20.changeSymbol(string) (contracts/Contract.sol#205-210) Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#public-function-that-could-be-declared-external . analyzed (3 contracts with 100 detectors), 57 result(s) found
{
"solc": {
"status": "ok",
"use_rc": 0,
"version": "0.4.25",
"strategy": "solc-select",
"solc_path": "/var/www/tripwire/.venv/bin/solc",
"install_rc": 0,
"use_stderr": null,
"use_stdout": "Switched global version to 0.4.25",
"install_stderr": null,
"install_stdout": "Version '0.4.25' is already installed, skipping..."
},
"solc_args": "--base-path /tmp/slither-0elelb1m --allow-paths /tmp/slither-0elelb1m,/tmp/slither-0elelb1m/lib,/tmp/slither-0elelb1m/src",
"remappings": [],
"source_files": [
"contracts/Contract.sol"
],
"contract_count": 0,
"contract_names": [],
"detector_count": 57,
"workspace_hash": "75e022366e148fecc6688bd2bca1e0741b0d59cdf2e33db33d39334dff34c250",
"duration_seconds": 0.9305179119110107,
"solc_version_requested": "0.4.25"
}
{"no_findings":false,"summary":"Found 3 issues: whitelisted games can drain user balances, migration target can redirect funds, and referrer rate misconfiguration can break buys.","findings":[{"severity":"high","category":"access_control","title":"Whitelisted game can unilaterally drain any holder’s tokens/ETH via payWithToken","exploit_scenario":"An attacker convinces the owner to whitelist (or compromises) a game address. That address can call payWithToken with a victim’s address and an amount up to the victim’s full balance, which burns the victim’s tokens and transfers ETH to the attacker-controlled game address without any approval from the victim.","recommendation":"Require per-user authorization for spending (e.g., allowances or EIP-712 signed permits) or restrict payWithToken so only the token holder can initiate the spend. Consider adding per-game limits or revocable approvals.","evidence":"payWithToken only checks onlyFromGameWhiteListed and accepts an arbitrary _player_address, then debits that address and transfers ETH to msg.sender.","locations":["contracts/Contract.sol:412","contracts/Contract.sol:416","contracts/Contract.sol:429","contracts/Contract.sol:445"]},{"severity":"medium","category":"upgradeability","title":"Owner can set migration target to arbitrary address, redirecting moveAccountOut funds","exploit_scenario":"If the owner sets NewHDX20Contract to an EOA or malicious contract, users calling moveAccountOut will transfer their ETH to that address. If the target does not correctly credit the user, funds are lost. A compromised owner key can exploit this to siphon user funds during migration.","recommendation":"Enforce that NewHDX20Contract is a vetted contract (e.g., code size check and interface check), add a time-delayed two-step upgrade, and require explicit user opt-in or claim process for migrations.","evidence":"changeNewHDX20Contract allows any address; moveAccountOut forwards ETH to NewHDX20Contract without validation.","locations":["contracts/Contract.sol:245","contracts/Contract.sol:253","contracts/Contract.sol:451","contracts/Contract.sol:480"]},{"severity":"low","category":"math","title":"Unbounded superReferrerRate can revert buys or wrap fee calculation","exploit_scenario":"The owner can set superReferrerRate > 50. Then referrerFee + superReferrerRate exceeds 100, making _ethReferrer greater than _fee and causing SafeMath underflow in _fee.sub(_ethReferrer), reverting buys with a referrer. If superReferrerRate exceeds 205, uint8 addition wraps, producing unexpected referrer payout percentages.","recommendation":"Cap superReferrerRate to a safe maximum (<= 50) and perform the addition in uint256 with explicit bounds checks in addSuperReferrer.","evidence":"addSuperReferrer has no bounds; buyToken/buyTokenFromGame use referrerFee + superReferrerRate without range checks.","locations":["contracts/Contract.sol:233","contracts/Contract.sol:236","contracts/Contract.sol:287","contracts/Contract.sol:292","contracts/Contract.sol:334","contracts/Contract.sol:339"]}]}
OpenAI Codex v0.77.0 (research preview)
--------
workdir: /tmp/codex-v6hyxjbg
model: gpt-5.2-codex
provider: openai
approval: never
sandbox: read-only
reasoning effort: high
reasoning summaries: auto
session id: 019c0eba-75d7-7110-aac6-645880002c5e
--------
user
You are a security auditor. Audit this Solidity codebase for exploitable vulnerabilities.
Focus on: reentrancy, access control, upgradeability/proxy issues, signature validation, oracle manipulation,
accounting/invariant breaks, external call patterns, unchecked return values, and dangerous delegatecall.
Scope rules:
- You MUST fully read `AUDIT_BUNDLE.txt` before concluding. It contains the complete contents of all first-party Solidity sources in this workspace.
- Treat `lib/` and `@openzeppelin/` as third-party dependencies; skip them unless there is a concrete misuse angle in first-party code.
- If there are only dependency files and no first-party sources, set no_findings=true and explain in summary.
Output MUST be valid JSON matching the provided schema.
- If you find nothing meaningful: set no_findings=true and findings=[].
- Otherwise: set no_findings=false and include findings with severity/category/title and file/line locations when possible.
Output constraints (IMPORTANT):
- severity MUST be exactly one of: info, low, medium, high, critical (lowercase).
- category MUST be exactly one of: access_control, reentrancy, math, oracle, upgradeability, auth, other.
Keep summary short and concrete.
mcp startup: no servers
exec
/bin/bash -lc ls in /tmp/codex-v6hyxjbg succeeded in 5ms:
AUDIT_BUNDLE.txt
codex-output-schema.json
contracts
exec
/bin/bash -lc 'cat AUDIT_BUNDLE.txt' in /tmp/codex-v6hyxjbg succeeded in 5ms:
This file concatenates the full contents of first-party Solidity sources for auditing.
Do not treat dependency code under lib/ or @openzeppelin/ as first-party.
================================================================================
FILE: contracts/Contract.sol
================================================================================
/*
'We are a gaming and entertainment network our blockChain launch product is HDX20 (http://hdx20.io)'
HDX20 tokens can be bought & sold on our exchange and are distributed every time someone is playing a HDX20 POWERED GAME.
With 4% IN and 4% OUT fee only, price of the HDX20 can only go up by design, cannot be dumped on holders and is fueled
by both the volume of transactions and HDX20 POWERED GAMES.
The 4 principles of the HDX20 are :
1) Buy it, its price will increase.
2) Sell it, its price will increase.
3) Transfer it, its price will increase.
4) Play our HDX20 powered games, its price will increase.
exec
/bin/bash -lc "nl -ba contracts/Contract.sol | sed -n '200,320p'" in /tmp/codex-v6hyxjbg succeeded in 9ms:
200 onlyOwner
201 {
202 require (_nextOwner != owner);
203 require(_nextOwner != address(0));
204
205 emit OwnershipTransferred(owner, _nextOwner);
206
207 owner = _nextOwner;
208 }
209
210
211
212
213 function changeName(string _name) public
214 onlyOwner
215 {
216 name = _name;
217 }
218
219
exec
/bin/bash -lc "nl -ba contracts/Contract.sol | sed -n '320,520p'" in /tmp/codex-v6hyxjbg succeeded in 7ms:
320 function buyToken( address _referrer_address ) public payable
321 returns(uint256)
322 {
323 uint256 _eth = msg.value;
324 address _customerAddress = msg.sender;
325
326 require( _eth>0);
327
328 uint256 _devfee = (_eth.mul( devFee )) / 100;
329
330 uint256 _fee = (_eth.mul( buyInFee )) / 100;
331
332 if (_referrer_address != address(0) && _referrer_address != _customerAddress )
333 {
334 uint256 _ethReferrer = (_fee.mul(referrerFee + superReferrerRate[_referrer_address])) / 100;
335
336 buyTokenSub( _ethReferrer , _referrer_address);
337
338 //substract what is given to referrer
339 _fee = _fee.sub( _ethReferrer );
exec
/bin/bash -lc "nl -ba contracts/Contract.sol | sed -n '520,720p'" in /tmp/codex-v6hyxjbg succeeded in 25ms:
520 }
521
522
523 }
524
525
526
527 function transferSub(address _customerAddress, address _toAddress, uint256 _amountOfTokens)
528 private
529 returns(bool)
530 {
531
532 require( _amountOfTokens <= tokenBalanceLedger[_customerAddress] );
533
534 //actually a transfer of 0 token is valid in ERC20
535 if (_amountOfTokens>0)
536 {
537
538
539 {
codex
{"no_findings":false,"summary":"Found 3 issues: whitelisted games can drain user balances, migration target can redirect funds, and referrer rate misconfiguration can break buys.","findings":[{"severity":"high","category":"access_control","title":"Whitelisted game can unilaterally drain any holder’s tokens/ETH via payWithToken","exploit_scenario":"An attacker convinces the owner to whitelist (or compromises) a game address. That address can call payWithToken with a victim’s address and an amount up to the victim’s full balance, which burns the victim’s tokens and transfers ETH to the attacker-controlled game address without any approval from the victim.","recommendation":"Require per-user authorization for spending (e.g., allowances or EIP-712 signed permits) or restrict payWithToken so only the token holder can initiate the spend. Consider adding per-game limits or revocable approvals.","evidence":"payWithToken only checks onlyFromGameWhiteListed and accepts an arbitrary _player_address, then debits that address and transfers ETH to msg.sender.","locations":["contracts/Contract.sol:412","contracts/Contract.sol:416","contracts/Contract.sol:429","contracts/Contract.sol:445"]},{"severity":"medium","category":"upgradeability","title":"Owner can set migration target to arbitrary address, redirecting moveAccountOut funds","exploit_scenario":"If the owner sets NewHDX20Contract to an EOA or malicious contract, users calling moveAccountOut will transfer their ETH to that address. If the target does not correctly credit the user, funds are lost. A compromised owner key can exploit this to siphon user funds during migration.","recommendation":"Enforce that NewHDX20Contract is a vetted contract (e.g., code size check and interface check), add a time-delayed two-step upgrade, and require explicit user opt-in or claim process for migrations.","evidence":"changeNewHDX20Contract allows any address; moveAccountOut forwards ETH to NewHDX20Contract without validation.","locations":["contracts/Contract.sol:245","contracts/Contract.sol:253","contracts/Contract.sol:451","contracts/Contract.sol:480"]},{"severity":"low","category":"math","title":"Unbounded superReferrerRate can revert buys or wrap fee calculation","exploit_scenario":"The owner can set superReferrerRate > 50. Then referrerFee + superReferrerRate exceeds 100, making _ethReferrer greater than _fee and causing SafeMath underflow in _fee.sub(_ethReferrer), reverting buys with a referrer. If superReferrerRate exceeds 205, uint8 addition wraps, producing unexpected referrer payout percentages.","recommendation":"Cap superReferrerRate to a safe maximum (<= 50) and perform the addition in uint256 with explicit bounds checks in addSuperReferrer.","evidence":"addSuperReferrer has no bounds; buyToken/buyTokenFromGame use referrerFee + superReferrerRate without range checks.","locations":["contracts/Contract.sol:233","contracts/Contract.sol:236","contracts/Contract.sol:287","contracts/Contract.sol:292","contracts/Contract.sol:334","contracts/Contract.sol:339"]}]}
tokens used
25,254
{
"codex": {
"ran_at": "2026-01-30T11:50:01.014915+00:00",
"returncode": 0
},
"project": {
"mode": "source",
"file_count": 1,
"import_count": 0,
"first_party_contracts_count": 1
},
"summary": "Found 3 issues: whitelisted games can drain user balances, migration target can redirect funds, and referrer rate misconfiguration can break buys.",
"raw_final": {
"summary": "Found 3 issues: whitelisted games can drain user balances, migration target can redirect funds, and referrer rate misconfiguration can break buys.",
"findings": [
{
"title": "Whitelisted game can unilaterally drain any holder\u2019s tokens/ETH via payWithToken",
"category": "access_control",
"evidence": "payWithToken only checks onlyFromGameWhiteListed and accepts an arbitrary _player_address, then debits that address and transfers ETH to msg.sender.",
"severity": "high",
"locations": [
"contracts/Contract.sol:412",
"contracts/Contract.sol:416",
"contracts/Contract.sol:429",
"contracts/Contract.sol:445"
],
"recommendation": "Require per-user authorization for spending (e.g., allowances or EIP-712 signed permits) or restrict payWithToken so only the token holder can initiate the spend. Consider adding per-game limits or revocable approvals.",
"exploit_scenario": "An attacker convinces the owner to whitelist (or compromises) a game address. That address can call payWithToken with a victim\u2019s address and an amount up to the victim\u2019s full balance, which burns the victim\u2019s tokens and transfers ETH to the attacker-controlled game address without any approval from the victim."
},
{
"title": "Owner can set migration target to arbitrary address, redirecting moveAccountOut funds",
"category": "upgradeability",
"evidence": "changeNewHDX20Contract allows any address; moveAccountOut forwards ETH to NewHDX20Contract without validation.",
"severity": "medium",
"locations": [
"contracts/Contract.sol:245",
"contracts/Contract.sol:253",
"contracts/Contract.sol:451",
"contracts/Contract.sol:480"
],
"recommendation": "Enforce that NewHDX20Contract is a vetted contract (e.g., code size check and interface check), add a time-delayed two-step upgrade, and require explicit user opt-in or claim process for migrations.",
"exploit_scenario": "If the owner sets NewHDX20Contract to an EOA or malicious contract, users calling moveAccountOut will transfer their ETH to that address. If the target does not correctly credit the user, funds are lost. A compromised owner key can exploit this to siphon user funds during migration."
},
{
"title": "Unbounded superReferrerRate can revert buys or wrap fee calculation",
"category": "math",
"evidence": "addSuperReferrer has no bounds; buyToken/buyTokenFromGame use referrerFee + superReferrerRate without range checks.",
"severity": "low",
"locations": [
"contracts/Contract.sol:233",
"contracts/Contract.sol:236",
"contracts/Contract.sol:287",
"contracts/Contract.sol:292",
"contracts/Contract.sol:334",
"contracts/Contract.sol:339"
],
"recommendation": "Cap superReferrerRate to a safe maximum (<= 50) and perform the addition in uint256 with explicit bounds checks in addSuperReferrer.",
"exploit_scenario": "The owner can set superReferrerRate > 50. Then referrerFee + superReferrerRate exceeds 100, making _ethReferrer greater than _fee and causing SafeMath underflow in _fee.sub(_ethReferrer), reverting buys with a referrer. If superReferrerRate exceeds 205, uint8 addition wraps, producing unexpected referrer payout percentages."
}
],
"no_findings": false
},
"no_findings": false,
"schema_version": 1
}
00000000: PUSH1 0x80 00000002: PUSH1 0x40 00000004: MSTORE 00000005: PUSH1 0x04 00000007: CALLDATASIZE 00000008: LT 00000009: PUSH2 0x0195 0000000c: JUMPI 0000000d: PUSH4 0xffffffff 00000012: PUSH29 0x0100000000000000000000000000000000000000000000000000000000 00000030: PUSH1 0x00 00000032: CALLDATALOAD 00000033: DIV 00000034: AND 00000035: PUSH4 0x06fdde03 0000003a: DUP2 0000003b: EQ 0000003c: PUSH2 0x01a2 0000003f: JUMPI 00000040: DUP1 00000041: PUSH4 0x1097b9ee 00000046: EQ 00000047: PUSH2 0x022c 0000004a: JUMPI 0000004b: DUP1 0000004c: PUSH4 0x16ff1c76 00000051: EQ 00000052: PUSH2 0x0258 00000055: JUMPI 00000056: DUP1 00000057: PUSH4 0x18160ddd 0000005c: EQ 0000005d: PUSH2 0x0262 00000060: JUMPI 00000061: DUP1 00000062: PUSH4 0x2397e4d7 00000067: EQ 00000068: PUSH2 0x0277 0000006b: JUMPI 0000006c: DUP1 0000006d: PUSH4 0x313ce567 00000072: EQ 00000073: PUSH2 0x028f 00000076: JUMPI 00000077: DUP1 00000078: PUSH4 0x3a9d8be8 0000007d: EQ 0000007e: PUSH2 0x02ba 00000081: JUMPI 00000082: DUP1 00000083: PUSH4 0x52dde1c3 00000088: EQ 00000089: PUSH2 0x02cf 0000008c: JUMPI 0000008d: DUP1 0000008e: PUSH4 0x5353a2d8 00000093: EQ 00000094: PUSH2 0x02f3 00000097: JUMPI 00000098: DUP1 00000099: PUSH4 0x6b2f4632 0000009e: EQ 0000009f: PUSH2 0x034c 000000a2: JUMPI 000000a3: DUP1 000000a4: PUSH4 0x70a08231 000000a9: EQ 000000aa: PUSH2 0x0361 000000ad: JUMPI 000000ae: DUP1 000000af: PUSH4 0x7252bbf2 000000b4: EQ 000000b5: PUSH2 0x0382 000000b8: JUMPI 000000b9: DUP1 000000ba: PUSH4 0x7e72fb52 000000bf: EQ 000000c0: PUSH2 0x03a3 000000c3: JUMPI 000000c4: DUP1 000000c5: PUSH4 0x7f630259 000000ca: EQ 000000cb: PUSH2 0x03b7 000000ce: JUMPI 000000cf: DUP1 000000d0: PUSH4 0x814487c4 000000d5: EQ 000000d6: PUSH2 0x03d8 000000d9: JUMPI 000000da: DUP1 000000db: PUSH4 0x87f5c846 000000e0: EQ 000000e1: PUSH2 0x03ff 000000e4: JUMPI 000000e5: DUP1 000000e6: PUSH4 0x8da5cb5b 000000eb: EQ 000000ec: PUSH2 0x0420 000000ef: JUMPI 000000f0: DUP1 000000f1: PUSH4 0x949e8acd 000000f6: EQ 000000f7: PUSH2 0x0451 000000fa: JUMPI 000000fb: DUP1 000000fc: PUSH4 0x95d89b41 00000101: EQ 00000102: PUSH2 0x0466 00000105: JUMPI 00000106: DUP1 00000107: PUSH4 0x9a74adda 0000010c: EQ 0000010d: PUSH2 0x047b 00000110: JUMPI 00000111: DUP1 00000112: PUSH4 0xa3895fff 00000117: EQ 00000118: PUSH2 0x048f 0000011b: JUMPI 0000011c: DUP1 0000011d: PUSH4 0xa546f2e7 00000122: EQ 00000123: PUSH2 0x04e8 00000126: JUMPI 00000127: DUP1 00000128: PUSH4 0xa6f9dae1 0000012d: EQ 0000012e: PUSH2 0x0509 00000131: JUMPI 00000132: DUP1 00000133: PUSH4 0xa9059cbb 00000138: EQ 00000139: PUSH2 0x052a 0000013c: JUMPI 0000013d: DUP1 0000013e: PUSH4 0xbac03cd7 00000143: EQ 00000144: PUSH2 0x0562 00000147: JUMPI 00000148: DUP1 00000149: PUSH4 0xbce24669 0000014e: EQ 0000014f: PUSH2 0x0577 00000152: JUMPI 00000153: DUP1 00000154: PUSH4 0xc53b12f9 00000159: EQ 0000015a: PUSH2 0x0598 0000015d: JUMPI 0000015e: DUP1 0000015f: PUSH4 0xc671b934 00000164: EQ 00000165: PUSH2 0x05ad 00000168: JUMPI 00000169: DUP1 0000016a: PUSH4 0xc9a7623a 0000016f: EQ 00000170: PUSH2 0x05c7 00000173: JUMPI 00000174: DUP1 00000175: PUSH4 0xd72d04db 0000017a: EQ 0000017b: PUSH2 0x05e1 0000017e: JUMPI 0000017f: DUP1 00000180: PUSH4 0xd784601a 00000185: EQ 00000186: PUSH2 0x0602 00000189: JUMPI 0000018a: DUP1 0000018b: PUSH4 0xdc62da61 00000190: EQ 00000191: PUSH2 0x0617 00000194: JUMPI 00000195: JUMPDEST 00000196: PUSH2 0x019f 00000199: PUSH1 0x00 0000019b: PUSH2 0x0638 0000019e: JUMP 0000019f: JUMPDEST 000001a0: POP 000001a1: STOP 000001a2: JUMPDEST 000001a3: CALLVALUE 000001a4: DUP1 000001a5: ISZERO 000001a6: PUSH2 0x01ae 000001a9: JUMPI 000001aa: PUSH1 0x00 000001ac: DUP1 000001ad: REVERT 000001ae: JUMPDEST 000001af: POP 000001b0: PUSH2 0x01b7 000001b3: PUSH2 0x07be 000001b6: JUMP 000001b7: JUMPDEST 000001b8: PUSH1 0x40 000001ba: DUP1 000001bb: MLOAD 000001bc: PUSH1 0x20 000001be: DUP1 000001bf: DUP3 000001c0: MSTORE 000001c1: DUP4 000001c2: MLOAD 000001c3: DUP2 000001c4: DUP4 000001c5: ADD 000001c6: MSTORE 000001c7: DUP4 000001c8: MLOAD 000001c9: SWAP2 000001ca: SWAP3 000001cb: DUP4 000001cc: SWAP3 000001cd: SWAP1 000001ce: DUP4 000001cf: ADD 000001d0: SWAP2 000001d1: DUP6 000001d2: ADD 000001d3: SWAP1 000001d4: DUP1 000001d5: DUP4 000001d6: DUP4 000001d7: PUSH1 0x00 000001d9: JUMPDEST 000001da: DUP4 000001db: DUP2 000001dc: LT 000001dd: ISZERO 000001de: PUSH2 0x01f1 000001e1: JUMPI 000001e2: DUP2 000001e3: DUP2 000001e4: ADD 000001e5: MLOAD 000001e6: DUP4 000001e7: DUP3 000001e8: ADD 000001e9: MSTORE 000001ea: PUSH1 0x20 000001ec: ADD 000001ed: PUSH2 0x01d9 000001f0: JUMP 000001f1: JUMPDEST 000001f2: POP 000001f3: POP 000001f4: POP 000001f5: POP 000001f6: SWAP1 000001f7: POP 000001f8: SWAP1 000001f9: DUP2 000001fa: ADD 000001fb: SWAP1 000001fc: PUSH1 0x1f 000001fe: AND 000001ff: DUP1 00000200: ISZERO 00000201: PUSH2 0x021e 00000204: JUMPI 00000205: DUP1 00000206: DUP3 00000207: SUB 00000208: DUP1 00000209: MLOAD 0000020a: PUSH1 0x01 0000020c: DUP4 0000020d: PUSH1 0x20 0000020f: SUB 00000210: PUSH2 0x0100 00000213: EXP 00000214: SUB 00000215: NOT 00000216: AND 00000217: DUP2 00000218: MSTORE 00000219: PUSH1 0x20 0000021b: ADD 0000021c: SWAP2 0000021d: POP 0000021e: JUMPDEST 0000021f: POP 00000220: SWAP3 00000221: POP 00000222: POP 00000223: POP 00000224: PUSH1 0x40 00000226: MLOAD 00000227: DUP1 00000228: SWAP2 00000229: SUB 0000022a: SWAP1 0000022b: RETURN 0000022c: JUMPDEST 0000022d: CALLVALUE 0000022e: DUP1 0000022f: ISZERO 00000230: PUSH2 0x0238 00000233: JUMPI 00000234: PUSH1 0x00 00000236: DUP1 00000237: REVERT 00000238: JUMPDEST 00000239: POP 0000023a: PUSH2 0x0246 0000023d: PUSH1 0x04 0000023f: CALLDATALOAD 00000240: ISZERO 00000241: ISZERO 00000242: PUSH2 0x0849 00000245: JUMP 00000246: JUMPDEST 00000247: PUSH1 0x40 00000249: DUP1 0000024a: MLOAD 0000024b: SWAP2 0000024c: DUP3 0000024d: MSTORE 0000024e: MLOAD 0000024f: SWAP1 00000250: DUP2 00000251: SWAP1 00000252: SUB 00000253: PUSH1 0x20 00000255: ADD 00000256: SWAP1 00000257: RETURN 00000258: JUMPDEST 00000259: PUSH2 0x0260 0000025c: PUSH2 0x08aa 0000025f: JUMP 00000260: JUMPDEST 00000261: STOP 00000262: JUMPDEST 00000263: CALLVALUE 00000264: DUP1 00000265: ISZERO 00000266: PUSH2 0x026e 00000269: JUMPI 0000026a: PUSH1 0x00 0000026c: DUP1 0000026d: REVERT 0000026e: JUMPDEST 0000026f: POP 00000270: PUSH2 0x0246 00000273: PUSH2 0x0925 00000276: JUMP 00000277: JUMPDEST 00000278: CALLVALUE 00000279: DUP1 0000027a: ISZERO 0000027b: PUSH2 0x0283 0000027e: JUMPI 0000027f: PUSH1 0x00 00000281: DUP1 00000282: REVERT 00000283: JUMPDEST 00000284: POP 00000285: PUSH2 0x0260 00000288: PUSH1 0x04 0000028a: CALLDATALOAD 0000028b: PUSH2 0x092c 0000028e: JUMP 0000028f: JUMPDEST 00000290: CALLVALUE 00000291: DUP1 00000292: ISZERO 00000293: PUSH2 0x029b 00000296: JUMPI 00000297: PUSH1 0x00 00000299: DUP1 0000029a: REVERT 0000029b: JUMPDEST 0000029c: POP 0000029d: PUSH2 0x02a4 000002a0: PUSH2 0x0b0c 000002a3: JUMP 000002a4: JUMPDEST 000002a5: PUSH1 0x40 000002a7: DUP1 000002a8: MLOAD 000002a9: PUSH1 0xff 000002ab: SWAP1 000002ac: SWAP3 000002ad: AND 000002ae: DUP3 000002af: MSTORE 000002b0: MLOAD 000002b1: SWAP1 000002b2: DUP2 000002b3: SWAP1 000002b4: SUB 000002b5: PUSH1 0x20 000002b7: ADD 000002b8: SWAP1 000002b9: RETURN 000002ba: JUMPDEST 000002bb: CALLVALUE 000002bc: DUP1 000002bd: ISZERO 000002be: PUSH2 0x02c6 000002c1: JUMPI 000002c2: PUSH1 0x00 000002c4: DUP1 000002c5: REVERT 000002c6: JUMPDEST 000002c7: POP 000002c8: PUSH2 0x0260 000002cb: PUSH2 0x0b11 000002ce: JUMP 000002cf: JUMPDEST 000002d0: CALLVALUE 000002d1: DUP1 000002d2: ISZERO 000002d3: PUSH2 0x02db 000002d6: JUMPI 000002d7: PUSH1 0x00 000002d9: DUP1 000002da: REVERT 000002db: JUMPDEST 000002dc: POP 000002dd: PUSH2 0x0246 000002e0: PUSH1 0x04 000002e2: CALLDATALOAD 000002e3: PUSH1 0x01 000002e5: PUSH1 0xa0 000002e7: PUSH1 0x02 000002e9: EXP 000002ea: SUB 000002eb: PUSH1 0x24 000002ed: CALLDATALOAD 000002ee: AND 000002ef: PUSH2 0x0cf9 000002f2: JUMP 000002f3: JUMPDEST 000002f4: CALLVALUE 000002f5: DUP1 000002f6: ISZERO 000002f7: PUSH2 0x02ff 000002fa: JUMPI 000002fb: PUSH1 0x00 000002fd: DUP1 000002fe: REVERT 000002ff: JUMPDEST 00000300: POP 00000301: PUSH1 0x40 00000303: DUP1 00000304: MLOAD 00000305: PUSH1 0x20 00000307: PUSH1 0x04 00000309: DUP1 0000030a: CALLDATALOAD 0000030b: DUP1 0000030c: DUP3 0000030d: ADD 0000030e: CALLDATALOAD 0000030f: PUSH1 0x1f 00000311: DUP2 00000312: ADD 00000313: DUP5 00000314: SWAP1 00000315: DIV 00000316: DUP5 00000317: MUL 00000318: DUP6 00000319: ADD 0000031a: DUP5 0000031b: ADD 0000031c: SWAP1 0000031d: SWAP6 0000031e: MSTORE 0000031f: DUP5 00000320: DUP5 00000321: MSTORE 00000322: PUSH2 0x0260 00000325: SWAP5 00000326: CALLDATASIZE 00000327: SWAP5 00000328: SWAP3 00000329: SWAP4 0000032a: PUSH1 0x24 0000032c: SWAP4 0000032d: SWAP3 0000032e: DUP5 0000032f: ADD 00000330: SWAP2 00000331: SWAP1 00000332: DUP2 00000333: SWAP1 00000334: DUP5 00000335: ADD 00000336: DUP4 00000337: DUP3 00000338: DUP1 00000339: DUP3 0000033a: DUP5 0000033b: CALLDATACOPY 0000033c: POP 0000033d: SWAP5 0000033e: SWAP8 0000033f: POP 00000340: PUSH2 0x0e99 00000343: SWAP7 00000344: POP 00000345: POP 00000346: POP 00000347: POP 00000348: POP 00000349: POP 0000034a: POP 0000034b: JUMP 0000034c: JUMPDEST 0000034d: CALLVALUE 0000034e: DUP1 0000034f: ISZERO 00000350: PUSH2 0x0358 00000353: JUMPI 00000354: PUSH1 0x00 00000356: DUP1 00000357: REVERT 00000358: JUMPDEST 00000359: POP 0000035a: PUSH2 0x0246 0000035d: PUSH2 0x0ec7 00000360: JUMP 00000361: JUMPDEST 00000362: CALLVALUE 00000363: DUP1 00000364: ISZERO 00000365: PUSH2 0x036d 00000368: JUMPI 00000369: PUSH1 0x00 0000036b: DUP1 0000036c: REVERT 0000036d: JUMPDEST 0000036e: POP 0000036f: PUSH2 0x0246 00000372: PUSH1 0x01 00000374: PUSH1 0xa0 00000376: PUSH1 0x02 00000378: EXP 00000379: SUB 0000037a: PUSH1 0x04 0000037c: CALLDATALOAD 0000037d: AND 0000037e: PUSH2 0x0ecc 00000381: JUMP 00000382: JUMPDEST 00000383: CALLVALUE 00000384: DUP1 00000385: ISZERO 00000386: PUSH2 0x038e 00000389: JUMPI 0000038a: PUSH1 0x00 0000038c: DUP1 0000038d: REVERT 0000038e: JUMPDEST 0000038f: POP 00000390: PUSH2 0x0246 00000393: PUSH1 0x01 00000395: PUSH1 0xa0 00000397: PUSH1 0x02 00000399: EXP 0000039a: SUB 0000039b: PUSH1 0x04 0000039d: CALLDATALOAD 0000039e: AND 0000039f: PUSH2 0x0ee7 000003a2: JUMP 000003a3: JUMPDEST 000003a4: PUSH2 0x0246 000003a7: PUSH1 0x01 000003a9: PUSH1 0xa0 000003ab: PUSH1 0x02 000003ad: EXP 000003ae: SUB 000003af: PUSH1 0x04 000003b1: CALLDATALOAD 000003b2: AND 000003b3: PUSH2 0x0638 000003b6: JUMP 000003b7: JUMPDEST 000003b8: CALLVALUE 000003b9: DUP1 000003ba: ISZERO 000003bb: PUSH2 0x03c3 000003be: JUMPI 000003bf: PUSH1 0x00 000003c1: DUP1 000003c2: REVERT 000003c3: JUMPDEST 000003c4: POP 000003c5: PUSH2 0x02a4 000003c8: PUSH1 0x01 000003ca: PUSH1 0xa0 000003cc: PUSH1 0x02 000003ce: EXP 000003cf: SUB 000003d0: PUSH1 0x04 000003d2: CALLDATALOAD 000003d3: AND 000003d4: PUSH2 0x0f41 000003d7: JUMP 000003d8: JUMPDEST 000003d9: CALLVALUE 000003da: DUP1 000003db: ISZERO 000003dc: PUSH2 0x03e4 000003df: JUMPI 000003e0: PUSH1 0x00 000003e2: DUP1 000003e3: REVERT 000003e4: JUMPDEST 000003e5: POP 000003e6: PUSH2 0x0260 000003e9: PUSH1 0x01 000003eb: PUSH1 0xa0 000003ed: PUSH1 0x02 000003ef: EXP 000003f0: SUB 000003f1: PUSH1 0x04 000003f3: CALLDATALOAD 000003f4: AND 000003f5: PUSH1 0xff 000003f7: PUSH1 0x24 000003f9: CALLDATALOAD 000003fa: AND 000003fb: PUSH2 0x0f62 000003fe: JUMP 000003ff: JUMPDEST 00000400: CALLVALUE 00000401: DUP1 00000402: ISZERO 00000403: PUSH2 0x040b 00000406: JUMPI 00000407: PUSH1 0x00 00000409: DUP1 0000040a: REVERT 0000040b: JUMPDEST 0000040c: POP 0000040d: PUSH2 0x0246 00000410: PUSH1 0x01 00000412: PUSH1 0xa0 00000414: PUSH1 0x02 00000416: EXP 00000417: SUB 00000418: PUSH1 0x04 0000041a: CALLDATALOAD 0000041b: AND 0000041c: PUSH2 0x0fa6 0000041f: JUMP 00000420: JUMPDEST 00000421: CALLVALUE 00000422: DUP1 00000423: ISZERO 00000424: PUSH2 0x042c 00000427: JUMPI 00000428: PUSH1 0x00 0000042a: DUP1 0000042b: REVERT 0000042c: JUMPDEST 0000042d: POP 0000042e: PUSH2 0x0435 00000431: PUSH2 0x0fb6 00000434: JUMP 00000435: JUMPDEST 00000436: PUSH1 0x40 00000438: DUP1 00000439: MLOAD 0000043a: PUSH1 0x01 0000043c: PUSH1 0xa0 0000043e: PUSH1 0x02 00000440: EXP 00000441: SUB 00000442: SWAP1 00000443: SWAP3 00000444: AND 00000445: DUP3 00000446: MSTORE 00000447: MLOAD 00000448: SWAP1 00000449: DUP2 0000044a: SWAP1 0000044b: SUB 0000044c: PUSH1 0x20 0000044e: ADD 0000044f: SWAP1 00000450: RETURN 00000451: JUMPDEST 00000452: CALLVALUE 00000453: DUP1 00000454: ISZERO 00000455: PUSH2 0x045d 00000458: JUMPI 00000459: PUSH1 0x00 0000045b: DUP1 0000045c: REVERT 0000045d: JUMPDEST 0000045e: POP 0000045f: PUSH2 0x0246 00000462: PUSH2 0x0fc5 00000465: JUMP 00000466: JUMPDEST 00000467: CALLVALUE 00000468: DUP1 00000469: ISZERO 0000046a: PUSH2 0x0472 0000046d: JUMPI 0000046e: PUSH1 0x00 00000470: DUP1 00000471: REVERT 00000472: JUMPDEST 00000473: POP 00000474: PUSH2 0x01b7 00000477: PUSH2 0x0fd8 0000047a: JUMP 0000047b: JUMPDEST 0000047c: PUSH2 0x0260 0000047f: PUSH1 0x01 00000481: PUSH1 0xa0 00000483: PUSH1 0x02 00000485: EXP 00000486: SUB 00000487: PUSH1 0x04 00000489: CALLDATALOAD 0000048a: AND 0000048b: PUSH2 0x1033 0000048e: JUMP 0000048f: JUMPDEST 00000490: CALLVALUE 00000491: DUP1 00000492: ISZERO 00000493: PUSH2 0x049b 00000496: JUMPI 00000497: PUSH1 0x00 00000499: DUP1 0000049a: REVERT 0000049b: JUMPDEST 0000049c: POP 0000049d: PUSH1 0x40 0000049f: DUP1 000004a0: MLOAD 000004a1: PUSH1 0x20 000004a3: PUSH1 0x04 000004a5: DUP1 000004a6: CALLDATALOAD 000004a7: DUP1 000004a8: DUP3 000004a9: ADD 000004aa: CALLDATALOAD 000004ab: PUSH1 0x1f 000004ad: DUP2 000004ae: ADD 000004af: DUP5 000004b0: SWAP1 000004b1: DIV 000004b2: DUP5 000004b3: MUL 000004b4: DUP6 000004b5: ADD 000004b6: DUP5 000004b7: ADD 000004b8: SWAP1 000004b9: SWAP6 000004ba: MSTORE 000004bb: DUP5 000004bc: DUP5 000004bd: MSTORE 000004be: PUSH2 0x0260 000004c1: SWAP5 000004c2: CALLDATASIZE 000004c3: SWAP5 000004c4: SWAP3 000004c5: SWAP4 000004c6: PUSH1 0x24 000004c8: SWAP4 000004c9: SWAP3 000004ca: DUP5 000004cb: ADD 000004cc: SWAP2 000004cd: SWAP1 000004ce: DUP2 000004cf: SWAP1 000004d0: DUP5 000004d1: ADD 000004d2: DUP4 000004d3: DUP3 000004d4: DUP1 000004d5: DUP3 000004d6: DUP5 000004d7: CALLDATACOPY 000004d8: POP 000004d9: SWAP5 000004da: SWAP8 000004db: POP 000004dc: PUSH2 0x110b 000004df: SWAP7 000004e0: POP 000004e1: POP 000004e2: POP 000004e3: POP 000004e4: POP 000004e5: POP 000004e6: POP 000004e7: JUMP 000004e8: JUMPDEST 000004e9: CALLVALUE 000004ea: DUP1 000004eb: ISZERO 000004ec: PUSH2 0x04f4 000004ef: JUMPI 000004f0: PUSH1 0x00 000004f2: DUP1 000004f3: REVERT 000004f4: JUMPDEST 000004f5: POP 000004f6: PUSH2 0x0260 000004f9: PUSH1 0x01 000004fb: PUSH1 0xa0 000004fd: PUSH1 0x02 000004ff: EXP 00000500: SUB 00000501: PUSH1 0x04 00000503: CALLDATALOAD 00000504: AND 00000505: PUSH2 0x1135 00000508: JUMP 00000509: JUMPDEST 0000050a: CALLVALUE 0000050b: DUP1 0000050c: ISZERO 0000050d: PUSH2 0x0515 00000510: JUMPI 00000511: PUSH1 0x00 00000513: DUP1 00000514: REVERT 00000515: JUMPDEST 00000516: POP 00000517: PUSH2 0x0260 0000051a: PUSH1 0x01 0000051c: PUSH1 0xa0 0000051e: PUSH1 0x02 00000520: EXP 00000521: SUB 00000522: PUSH1 0x04 00000524: CALLDATALOAD 00000525: AND 00000526: PUSH2 0x11f7 00000529: JUMP 0000052a: JUMPDEST 0000052b: CALLVALUE 0000052c: DUP1 0000052d: ISZERO 0000052e: PUSH2 0x0536 00000531: JUMPI 00000532: PUSH1 0x00 00000534: DUP1 00000535: REVERT 00000536: JUMPDEST 00000537: POP 00000538: PUSH2 0x054e 0000053b: PUSH1 0x01 0000053d: PUSH1 0xa0 0000053f: PUSH1 0x02 00000541: EXP 00000542: SUB 00000543: PUSH1 0x04 00000545: CALLDATALOAD 00000546: AND 00000547: PUSH1 0x24 00000549: CALLDATALOAD 0000054a: PUSH2 0x12a7 0000054d: JUMP 0000054e: JUMPDEST 0000054f: PUSH1 0x40 00000551: DUP1 00000552: MLOAD 00000553: SWAP2 00000554: ISZERO 00000555: ISZERO 00000556: DUP3 00000557: MSTORE 00000558: MLOAD 00000559: SWAP1 0000055a: DUP2 0000055b: SWAP1 0000055c: SUB 0000055d: PUSH1 0x20 0000055f: ADD 00000560: SWAP1 00000561: RETURN 00000562: JUMPDEST 00000563: CALLVALUE 00000564: DUP1 00000565: ISZERO 00000566: PUSH2 0x056e 00000569: JUMPI 0000056a: PUSH1 0x00 0000056c: DUP1 0000056d: REVERT 0000056e: JUMPDEST 0000056f: POP 00000570: PUSH2 0x0246 00000573: PUSH2 0x12bd 00000576: JUMP 00000577: JUMPDEST 00000578: CALLVALUE 00000579: DUP1 0000057a: ISZERO 0000057b: PUSH2 0x0583 0000057e: JUMPI 0000057f: PUSH1 0x00 00000581: DUP1 00000582: REVERT 00000583: JUMPDEST 00000584: POP 00000585: PUSH2 0x0260 00000588: PUSH1 0x01 0000058a: PUSH1 0xa0 0000058c: PUSH1 0x02 0000058e: EXP 0000058f: SUB 00000590: PUSH1 0x04 00000592: CALLDATALOAD 00000593: AND 00000594: PUSH2 0x12c3 00000597: JUMP 00000598: JUMPDEST 00000599: CALLVALUE 0000059a: DUP1 0000059b: ISZERO 0000059c: PUSH2 0x05a4 0000059f: JUMPI 000005a0: PUSH1 0x00 000005a2: DUP1 000005a3: REVERT 000005a4: JUMPDEST 000005a5: POP 000005a6: PUSH2 0x0246 000005a9: PUSH2 0x12fb 000005ac: JUMP 000005ad: JUMPDEST 000005ae: PUSH2 0x0246 000005b1: PUSH1 0x01 000005b3: PUSH1 0xa0 000005b5: PUSH1 0x02 000005b7: EXP 000005b8: SUB 000005b9: PUSH1 0x04 000005bb: CALLDATALOAD 000005bc: DUP2 000005bd: AND 000005be: SWAP1 000005bf: PUSH1 0x24 000005c1: CALLDATALOAD 000005c2: AND 000005c3: PUSH2 0x1307 000005c6: JUMP 000005c7: JUMPDEST 000005c8: CALLVALUE 000005c9: DUP1 000005ca: ISZERO 000005cb: PUSH2 0x05d3 000005ce: JUMPI 000005cf: PUSH1 0x00 000005d1: DUP1 000005d2: REVERT 000005d3: JUMPDEST 000005d4: POP 000005d5: PUSH2 0x0246 000005d8: PUSH1 0x04 000005da: CALLDATALOAD 000005db: ISZERO 000005dc: ISZERO 000005dd: PUSH2 0x149d 000005e0: JUMP 000005e1: JUMPDEST 000005e2: CALLVALUE 000005e3: DUP1 000005e4: ISZERO 000005e5: PUSH2 0x05ed 000005e8: JUMPI 000005e9: PUSH1 0x00 000005eb: DUP1 000005ec: REVERT 000005ed: JUMPDEST 000005ee: POP 000005ef: PUSH2 0x0260 000005f2: PUSH1 0x01 000005f4: PUSH1 0xa0 000005f6: PUSH1 0x02 000005f8: EXP 000005f9: SUB 000005fa: PUSH1 0x04 000005fc: CALLDATALOAD 000005fd: AND 000005fe: PUSH2 0x14fd 00000601: JUMP 00000602: JUMPDEST 00000603: CALLVALUE 00000604: DUP1 00000605: ISZERO 00000606: PUSH2 0x060e 00000609: JUMPI 0000060a: PUSH1 0x00 0000060c: DUP1 0000060d: REVERT 0000060e: JUMPDEST 0000060f: POP 00000610: PUSH2 0x0246 00000613: PUSH2 0x1538 00000616: JUMP 00000617: JUMPDEST 00000618: CALLVALUE 00000619: DUP1 0000061a: ISZERO 0000061b: PUSH2 0x0623 0000061e: JUMPI 0000061f: PUSH1 0x00 00000621: DUP1 00000622: REVERT 00000623: JUMPDEST 00000624: POP 00000625: PUSH2 0x054e 00000628: PUSH1 0x01 0000062a: PUSH1 0xa0 0000062c: PUSH1 0x02 0000062e: EXP 0000062f: SUB 00000630: PUSH1 0x04 00000632: CALLDATALOAD 00000633: AND 00000634: PUSH2 0x1544 00000637: JUMP 00000638: JUMPDEST 00000639: PUSH1 0x00 0000063b: CALLVALUE 0000063c: CALLER 0000063d: DUP3 0000063e: DUP1 0000063f: DUP1 00000640: DUP1 00000641: DUP1 00000642: DUP7 00000643: GT 00000644: PUSH2 0x064c 00000647: JUMPI 00000648: PUSH1 0x00 0000064a: DUP1 0000064b: REVERT 0000064c: JUMPDEST 0000064d: PUSH1 0x64 0000064f: PUSH2 0x065f 00000652: DUP8 00000653: PUSH1 0x01 00000655: PUSH4 0xffffffff 0000065a: PUSH2 0x1562 0000065d: AND 0000065e: JUMP 0000065f: JUMPDEST 00000660: DUP2 00000661: ISZERO 00000662: ISZERO 00000663: PUSH2 0x0668 00000666: JUMPI 00000667: INVALID 00000668: JUMPDEST 00000669: DIV 0000066a: SWAP4 0000066b: POP 0000066c: PUSH1 0x64 0000066e: PUSH2 0x067e 00000671: DUP8 00000672: PUSH1 0x03 00000674: PUSH4 0xffffffff 00000679: PUSH2 0x1562 0000067c: AND 0000067d: JUMP 0000067e: JUMPDEST 0000067f: DUP2 00000680: ISZERO 00000681: ISZERO 00000682: PUSH2 0x0687 00000685: JUMPI 00000686: INVALID 00000687: JUMPDEST 00000688: DIV 00000689: SWAP3 0000068a: POP 0000068b: PUSH1 0x01 0000068d: PUSH1 0xa0 0000068f: PUSH1 0x02 00000691: EXP 00000692: SUB 00000693: DUP9 00000694: AND 00000695: ISZERO 00000696: DUP1 00000697: ISZERO 00000698: SWAP1 00000699: PUSH2 0x06b4 0000069c: JUMPI 0000069d: POP 0000069e: DUP5 0000069f: PUSH1 0x01 000006a1: PUSH1 0xa0 000006a3: PUSH1 0x02 000006a5: EXP 000006a6: SUB 000006a7: AND 000006a8: DUP9 000006a9: PUSH1 0x01 000006ab: PUSH1 0xa0 000006ad: PUSH1 0x02 000006af: EXP 000006b0: SUB 000006b1: AND 000006b2: EQ 000006b3: ISZERO 000006b4: JUMPDEST 000006b5: ISZERO 000006b6: PUSH2 0x0719 000006b9: JUMPI 000006ba: PUSH1 0x01 000006bc: PUSH1 0xa0 000006be: PUSH1 0x02 000006c0: EXP 000006c1: SUB 000006c2: DUP9 000006c3: AND 000006c4: PUSH1 0x00 000006c6: SWAP1 000006c7: DUP2 000006c8: MSTORE 000006c9: PUSH1 0x09 000006cb: PUSH1 0x20 000006cd: MSTORE 000006ce: PUSH1 0x40 000006d0: SWAP1 000006d1: KECCAK256 000006d2: SLOAD 000006d3: PUSH1 0x64 000006d5: SWAP1 000006d6: PUSH2 0x06ef 000006d9: SWAP1 000006da: DUP6 000006db: SWAP1 000006dc: PUSH1 0x32 000006de: PUSH1 0xff 000006e0: SWAP2 000006e1: DUP3 000006e2: AND 000006e3: ADD 000006e4: AND 000006e5: PUSH4 0xffffffff 000006ea: PUSH2 0x1562 000006ed: AND 000006ee: JUMP 000006ef: JUMPDEST 000006f0: DUP2 000006f1: ISZERO 000006f2: ISZERO 000006f3: PUSH2 0x06f8 000006f6: JUMPI 000006f7: INVALID 000006f8: JUMPDEST 000006f9: DIV 000006fa: SWAP2 000006fb: POP 000006fc: PUSH2 0x0705 000006ff: DUP3 00000700: DUP10 00000701: PUSH2 0x158e 00000704: JUMP 00000705: JUMPDEST 00000706: POP 00000707: PUSH2 0x0716 0000070a: DUP4 0000070b: DUP4 0000070c: PUSH4 0xffffffff 00000711: PUSH2 0x165f 00000714: AND 00000715: JUMP 00000716: JUMPDEST 00000717: SWAP3 00000718: POP 00000719: JUMPDEST 0000071a: PUSH2 0x074d 0000071d: PUSH1 0x64 0000071f: PUSH2 0x072f 00000722: DUP7 00000723: PUSH1 0x61 00000725: PUSH4 0xffffffff 0000072a: PUSH2 0x1562 0000072d: AND 0000072e: JUMP 0000072f: JUMPDEST 00000730: DUP2 00000731: ISZERO 00000732: ISZERO 00000733: PUSH2 0x0738 00000736: JUMPI 00000737: INVALID 00000738: JUMPDEST 00000739: PUSH1 0x01 0000073b: SLOAD 0000073c: SWAP2 0000073d: SWAP1 0000073e: DIV 0000073f: SWAP1 00000740: PUSH1 0x01 00000742: PUSH1 0xa0 00000744: PUSH1 0x02 00000746: EXP 00000747: SUB 00000748: AND 00000749: PUSH2 0x158e 0000074c: JUMP 0000074d: JUMPDEST 0000074e: POP 0000074f: PUSH2 0x075c 00000752: DUP5 00000753: DUP5 00000754: DUP9 00000755: SUB 00000756: SUB 00000757: DUP7 00000758: PUSH2 0x158e 0000075b: JUMP 0000075c: JUMPDEST 0000075d: PUSH1 0x06 0000075f: SLOAD 00000760: SWAP1 00000761: SWAP2 00000762: POP 00000763: PUSH2 0x0772 00000766: SWAP1 00000767: DUP8 00000768: PUSH4 0xffffffff 0000076d: PUSH2 0x1674 00000770: AND 00000771: JUMP 00000772: JUMPDEST 00000773: PUSH1 0x06 00000775: SSTORE 00000776: PUSH1 0x05 00000778: SLOAD 00000779: PUSH8 0x0de0b6b3a7640000 00000782: LT 00000783: ISZERO 00000784: PUSH2 0x07b3 00000787: JUMPI 00000788: PUSH1 0x05 0000078a: SLOAD 0000078b: PUSH1 0x06 0000078d: SLOAD 0000078e: PUSH2 0x07a5 00000791: SWAP1 00000792: PUSH8 0x0de0b6b3a7640000 0000079b: PUSH4 0xffffffff 000007a0: PUSH2 0x1562 000007a3: AND 000007a4: JUMP 000007a5: JUMPDEST 000007a6: DUP2 000007a7: ISZERO 000007a8: ISZERO 000007a9: PUSH2 0x07ae 000007ac: JUMPI 000007ad: INVALID 000007ae: JUMPDEST 000007af: DIV 000007b0: PUSH1 0x07 000007b2: SSTORE 000007b3: JUMPDEST 000007b4: SWAP8 000007b5: SWAP7 000007b6: POP 000007b7: POP 000007b8: POP 000007b9: POP 000007ba: POP 000007bb: POP 000007bc: POP 000007bd: JUMP 000007be: JUMPDEST 000007bf: PUSH1 0x02 000007c1: DUP1 000007c2: SLOAD 000007c3: PUSH1 0x40 000007c5: DUP1 000007c6: MLOAD 000007c7: PUSH1 0x20 000007c9: PUSH1 0x01 000007cb: DUP5 000007cc: AND 000007cd: ISZERO 000007ce: PUSH2 0x0100 000007d1: MUL 000007d2: PUSH1 0x00 000007d4: NOT 000007d5: ADD 000007d6: SWAP1 000007d7: SWAP4 000007d8: AND 000007d9: DUP5 000007da: SWAP1 000007db: DIV 000007dc: PUSH1 0x1f 000007de: DUP2 000007df: ADD 000007e0: DUP5 000007e1: SWAP1 000007e2: DIV 000007e3: DUP5 000007e4: MUL 000007e5: DUP3 000007e6: ADD 000007e7: DUP5 000007e8: ADD 000007e9: SWAP1 000007ea: SWAP3 000007eb: MSTORE 000007ec: DUP2 000007ed: DUP2 000007ee: MSTORE 000007ef: SWAP3 000007f0: SWAP2 000007f1: DUP4 000007f2: ADD 000007f3: DUP3 000007f4: DUP3 000007f5: DUP1 000007f6: ISZERO 000007f7: PUSH2 0x0841 000007fa: JUMPI 000007fb: DUP1 000007fc: PUSH1 0x1f 000007fe: LT 000007ff: PUSH2 0x0816 00000802: JUMPI 00000803: PUSH2 0x0100 00000806: DUP1 00000807: DUP4 00000808: SLOAD 00000809: DIV 0000080a: MUL 0000080b: DUP4 0000080c: MSTORE 0000080d: SWAP2 0000080e: PUSH1 0x20 00000810: ADD 00000811: SWAP2 00000812: PUSH2 0x0841 00000815: JUMP 00000816: JUMPDEST 00000817: DUP3 00000818: ADD 00000819: SWAP2 0000081a: SWAP1 0000081b: PUSH1 0x00 0000081d: MSTORE 0000081e: PUSH1 0x20 00000820: PUSH1 0x00 00000822: KECCAK256 00000823: SWAP1 00000824: JUMPDEST 00000825: DUP2 00000826: SLOAD 00000827: DUP2 00000828: MSTORE 00000829: SWAP1 0000082a: PUSH1 0x01 0000082c: ADD 0000082d: SWAP1 0000082e: PUSH1 0x20 00000830: ADD 00000831: DUP1 00000832: DUP4 00000833: GT 00000834: PUSH2 0x0824 00000837: JUMPI 00000838: DUP3 00000839: SWAP1 0000083a: SUB 0000083b: PUSH1 0x1f 0000083d: AND 0000083e: DUP3 0000083f: ADD 00000840: SWAP2 00000841: JUMPDEST 00000842: POP 00000843: POP 00000844: POP 00000845: POP 00000846: POP 00000847: DUP2 00000848: JUMP 00000849: JUMPDEST 0000084a: PUSH1 0x00 0000084c: DUP1 0000084d: DUP1 0000084e: DUP4 0000084f: ISZERO 00000850: PUSH2 0x089c 00000853: JUMPI 00000854: PUSH1 0x07 00000856: SLOAD 00000857: PUSH1 0x64 00000859: SWAP1 0000085a: PUSH2 0x086a 0000085d: SWAP1 0000085e: PUSH1 0x03 00000860: PUSH4 0xffffffff 00000865: PUSH2 0x1562 00000868: AND 00000869: JUMP 0000086a: JUMPDEST 0000086b: DUP2 0000086c: ISZERO 0000086d: ISZERO 0000086e: PUSH2 0x0873 00000871: JUMPI 00000872: INVALID 00000873: JUMPDEST 00000874: PUSH1 0x07 00000876: SLOAD 00000877: SWAP2 00000878: SWAP1 00000879: DIV 0000087a: SWAP3 0000087b: POP 0000087c: PUSH1 0x64 0000087e: SWAP1 0000087f: PUSH2 0x088f 00000882: SWAP1 00000883: PUSH1 0x01 00000885: PUSH4 0xffffffff 0000088a: PUSH2 0x1562 0000088d: AND 0000088e: JUMP 0000088f: JUMPDEST 00000890: DUP2 00000891: ISZERO 00000892: ISZERO 00000893: PUSH2 0x0898 00000896: JUMPI 00000897: INVALID 00000898: JUMPDEST 00000899: DIV 0000089a: SWAP1 0000089b: POP 0000089c: JUMPDEST 0000089d: PUSH1 0x07 0000089f: SLOAD 000008a0: SWAP2 000008a1: SWAP1 000008a2: SWAP2 000008a3: SUB 000008a4: SUB 000008a5: SWAP3 000008a6: SWAP2 000008a7: POP 000008a8: POP 000008a9: JUMP 000008aa: JUMPDEST 000008ab: CALLER 000008ac: PUSH1 0x00 000008ae: SWAP1 000008af: DUP2 000008b0: MSTORE 000008b1: PUSH1 0x08 000008b3: PUSH1 0x20 000008b5: MSTORE 000008b6: PUSH1 0x40 000008b8: DUP2 000008b9: KECCAK256 000008ba: SLOAD 000008bb: PUSH1 0xff 000008bd: AND 000008be: ISZERO 000008bf: ISZERO 000008c0: PUSH1 0x01 000008c2: EQ 000008c3: PUSH2 0x08cb 000008c6: JUMPI 000008c7: PUSH1 0x00 000008c9: DUP1 000008ca: REVERT 000008cb: JUMPDEST 000008cc: POP 000008cd: PUSH1 0x06 000008cf: SLOAD 000008d0: CALLVALUE 000008d1: SWAP1 000008d2: PUSH2 0x08e1 000008d5: SWAP1 000008d6: DUP3 000008d7: PUSH4 0xffffffff 000008dc: PUSH2 0x1674 000008df: AND 000008e0: JUMP 000008e1: JUMPDEST 000008e2: PUSH1 0x06 000008e4: SSTORE 000008e5: PUSH1 0x05 000008e7: SLOAD 000008e8: PUSH8 0x0de0b6b3a7640000 000008f1: LT 000008f2: ISZERO 000008f3: PUSH2 0x0922 000008f6: JUMPI 000008f7: PUSH1 0x05 000008f9: SLOAD 000008fa: PUSH1 0x06 000008fc: SLOAD 000008fd: PUSH2 0x0914 00000900: SWAP1 00000901: PUSH8 0x0de0b6b3a7640000 0000090a: PUSH4 0xffffffff 0000090f: PUSH2 0x1562 00000912: AND 00000913: JUMP 00000914: JUMPDEST 00000915: DUP2 00000916: ISZERO 00000917: ISZERO 00000918: PUSH2 0x091d 0000091b: JUMPI 0000091c: INVALID 0000091d: JUMPDEST 0000091e: DIV 0000091f: PUSH1 0x07 00000921: SSTORE 00000922: JUMPDEST 00000923: POP 00000924: JUMP 00000925: JUMPDEST 00000926: PUSH1 0x05 00000928: SLOAD 00000929: JUMPDEST 0000092a: SWAP1 0000092b: JUMP 0000092c: JUMPDEST 0000092d: PUSH1 0x00 0000092f: DUP1 00000930: PUSH1 0x00 00000932: DUP1 00000933: PUSH1 0x00 00000935: DUP1 00000936: PUSH2 0x093d 00000939: PUSH2 0x0fc5 0000093c: JUMP 0000093d: JUMPDEST 0000093e: GT 0000093f: PUSH2 0x0947 00000942: JUMPI 00000943: PUSH1 0x00 00000945: DUP1 00000946: REVERT 00000947: JUMPDEST 00000948: CALLER 00000949: PUSH1 0x00 0000094b: DUP2 0000094c: DUP2 0000094d: MSTORE 0000094e: PUSH1 0x04 00000950: PUSH1 0x20 00000952: MSTORE 00000953: PUSH1 0x40 00000955: SWAP1 00000956: KECCAK256 00000957: SLOAD 00000958: SWAP1 00000959: SWAP6 0000095a: POP 0000095b: SWAP4 0000095c: POP 0000095d: DUP4 0000095e: DUP7 0000095f: GT 00000960: ISZERO 00000961: PUSH2 0x0969 00000964: JUMPI 00000965: PUSH1 0x00 00000967: DUP1 00000968: REVERT 00000969: JUMPDEST 0000096a: PUSH8 0x0de0b6b3a7640000 00000973: PUSH2 0x0987 00000976: PUSH1 0x07 00000978: SLOAD 00000979: DUP9 0000097a: PUSH2 0x1562 0000097d: SWAP1 0000097e: SWAP2 0000097f: SWAP1 00000980: PUSH4 0xffffffff 00000985: AND 00000986: JUMP 00000987: JUMPDEST 00000988: DUP2 00000989: ISZERO 0000098a: ISZERO 0000098b: PUSH2 0x0990 0000098e: JUMPI 0000098f: INVALID 00000990: JUMPDEST 00000991: DIV 00000992: SWAP3 00000993: POP 00000994: PUSH1 0x64 00000996: PUSH2 0x09a6 00000999: DUP5 0000099a: PUSH1 0x03 0000099c: PUSH4 0xffffffff 000009a1: PUSH2 0x1562 000009a4: AND 000009a5: JUMP 000009a6: JUMPDEST 000009a7: DUP2 000009a8: ISZERO 000009a9: ISZERO 000009aa: PUSH2 0x09af 000009ad: JUMPI 000009ae: INVALID 000009af: JUMPDEST 000009b0: DIV 000009b1: SWAP2 000009b2: POP 000009b3: PUSH1 0x64 000009b5: PUSH2 0x09c5 000009b8: DUP5 000009b9: PUSH1 0x01 000009bb: PUSH4 0xffffffff 000009c0: PUSH2 0x1562 000009c3: AND 000009c4: JUMP 000009c5: JUMPDEST 000009c6: DUP2 000009c7: ISZERO 000009c8: ISZERO 000009c9: PUSH2 0x09ce 000009cc: JUMPI 000009cd: INVALID 000009ce: JUMPDEST 000009cf: DIV 000009d0: SWAP1 000009d1: POP 000009d2: PUSH2 0x09e6 000009d5: DUP7 000009d6: PUSH1 0x05 000009d8: SLOAD 000009d9: PUSH2 0x165f 000009dc: SWAP1 000009dd: SWAP2 000009de: SWAP1 000009df: PUSH4 0xffffffff 000009e4: AND 000009e5: JUMP 000009e6: JUMPDEST 000009e7: PUSH1 0x05 000009e9: SSTORE 000009ea: PUSH2 0x09f9 000009ed: DUP5 000009ee: DUP8 000009ef: PUSH4 0xffffffff 000009f4: PUSH2 0x165f 000009f7: AND 000009f8: JUMP 000009f9: JUMPDEST 000009fa: PUSH1 0x01 000009fc: PUSH1 0xa0 000009fe: PUSH1 0x02 00000a00: EXP 00000a01: SUB 00000a02: DUP7 00000a03: AND 00000a04: PUSH1 0x00 00000a06: SWAP1 00000a07: DUP2 00000a08: MSTORE 00000a09: PUSH1 0x04 00000a0b: PUSH1 0x20 00000a0d: MSTORE 00000a0e: PUSH1 0x40 00000a10: SWAP1 00000a11: KECCAK256 00000a12: DUP2 00000a13: SWAP1 00000a14: SSTORE 00000a15: SWAP4 00000a16: POP 00000a17: PUSH2 0x0a2c 00000a1a: PUSH1 0x64 00000a1c: PUSH2 0x072f 00000a1f: DUP4 00000a20: PUSH1 0x61 00000a22: PUSH4 0xffffffff 00000a27: PUSH2 0x1562 00000a2a: AND 00000a2b: JUMP 00000a2c: JUMPDEST 00000a2d: POP 00000a2e: PUSH1 0x06 00000a30: SLOAD 00000a31: SWAP3 00000a32: DUP3 00000a33: SWAP1 00000a34: SUB 00000a35: DUP2 00000a36: SWAP1 00000a37: SUB 00000a38: SWAP3 00000a39: PUSH2 0x0a48 00000a3c: SWAP1 00000a3d: DUP5 00000a3e: PUSH4 0xffffffff 00000a43: PUSH2 0x165f 00000a46: AND 00000a47: JUMP 00000a48: JUMPDEST 00000a49: PUSH1 0x06 00000a4b: SSTORE 00000a4c: PUSH1 0x05 00000a4e: SLOAD 00000a4f: PUSH8 0x0de0b6b3a7640000 00000a58: LT 00000a59: ISZERO 00000a5a: PUSH2 0x0a89 00000a5d: JUMPI 00000a5e: PUSH1 0x05 00000a60: SLOAD 00000a61: PUSH1 0x06 00000a63: SLOAD 00000a64: PUSH2 0x0a7b 00000a67: SWAP1 00000a68: PUSH8 0x0de0b6b3a7640000 00000a71: PUSH4 0xffffffff 00000a76: PUSH2 0x1562 00000a79: AND 00000a7a: JUMP 00000a7b: JUMPDEST 00000a7c: DUP2 00000a7d: ISZERO 00000a7e: ISZERO 00000a7f: PUSH2 0x0a84 00000a82: JUMPI 00000a83: INVALID 00000a84: JUMPDEST 00000a85: DIV 00000a86: PUSH1 0x07 00000a88: SSTORE 00000a89: JUMPDEST 00000a8a: PUSH1 0x40 00000a8c: DUP1 00000a8d: MLOAD 00000a8e: PUSH1 0x01 00000a90: PUSH1 0xa0 00000a92: PUSH1 0x02 00000a94: EXP 00000a95: SUB 00000a96: DUP8 00000a97: AND 00000a98: DUP2 00000a99: MSTORE 00000a9a: PUSH1 0x20 00000a9c: DUP2 00000a9d: ADD 00000a9e: DUP9 00000a9f: SWAP1 00000aa0: MSTORE 00000aa1: DUP2 00000aa2: MLOAD 00000aa3: PUSH32 0x6e4c04606163f3a400bad8588c8fe9e6cfa6c7aabbcfe66123d62730aa156270 00000ac4: SWAP3 00000ac5: SWAP2 00000ac6: DUP2 00000ac7: SWAP1 00000ac8: SUB 00000ac9: SWAP1 00000aca: SWAP2 00000acb: ADD 00000acc: SWAP1 00000acd: LOG1 00000ace: PUSH1 0x40 00000ad0: MLOAD 00000ad1: PUSH1 0x01 00000ad3: PUSH1 0xa0 00000ad5: PUSH1 0x02 00000ad7: EXP 00000ad8: SUB 00000ad9: DUP7 00000ada: AND 00000adb: SWAP1 00000adc: DUP5 00000add: ISZERO 00000ade: PUSH2 0x08fc 00000ae1: MUL 00000ae2: SWAP1 00000ae3: DUP6 00000ae4: SWAP1 00000ae5: PUSH1 0x00 00000ae7: DUP2 00000ae8: DUP2 00000ae9: DUP2 00000aea: DUP6 00000aeb: DUP9 00000aec: DUP9 00000aed: CALL 00000aee: SWAP4 00000aef: POP 00000af0: POP 00000af1: POP 00000af2: POP 00000af3: ISZERO 00000af4: DUP1 00000af5: ISZERO 00000af6: PUSH2 0x0b03 00000af9: JUMPI 00000afa: RETURNDATASIZE 00000afb: PUSH1 0x00 00000afd: DUP1 00000afe: RETURNDATACOPY 00000aff: RETURNDATASIZE 00000b00: PUSH1 0x00 00000b02: REVERT 00000b03: JUMPDEST 00000b04: POP 00000b05: POP 00000b06: POP 00000b07: POP 00000b08: POP 00000b09: POP 00000b0a: POP 00000b0b: JUMP 00000b0c: JUMPDEST 00000b0d: PUSH1 0x12 00000b0f: DUP2 00000b10: JUMP 00000b11: JUMPDEST 00000b12: PUSH1 0x00 00000b14: DUP1 00000b15: PUSH1 0x00 00000b17: DUP1 00000b18: PUSH2 0x0b1f 00000b1b: PUSH2 0x0fc5 00000b1e: JUMP 00000b1f: JUMPDEST 00000b20: GT 00000b21: PUSH2 0x0b29 00000b24: JUMPI 00000b25: PUSH1 0x00 00000b27: DUP1 00000b28: REVERT 00000b29: JUMPDEST 00000b2a: CALLER 00000b2b: SWAP3 00000b2c: POP 00000b2d: PUSH1 0x00 00000b2f: PUSH2 0x0b37 00000b32: DUP5 00000b33: PUSH2 0x0fa6 00000b36: JUMP 00000b37: JUMPDEST 00000b38: GT 00000b39: DUP1 00000b3a: ISZERO 00000b3b: PUSH2 0x0b4e 00000b3e: JUMPI 00000b3f: POP 00000b40: PUSH1 0x00 00000b42: SLOAD 00000b43: PUSH1 0x01 00000b45: PUSH1 0xa0 00000b47: PUSH1 0x02 00000b49: EXP 00000b4a: SUB 00000b4b: AND 00000b4c: ISZERO 00000b4d: ISZERO 00000b4e: JUMPDEST 00000b4f: ISZERO 00000b50: ISZERO 00000b51: PUSH2 0x0b59 00000b54: JUMPI 00000b55: PUSH1 0x00 00000b57: DUP1 00000b58: REVERT 00000b59: JUMPDEST 00000b5a: PUSH1 0x01 00000b5c: PUSH1 0xa0 00000b5e: PUSH1 0x02 00000b60: EXP 00000b61: SUB 00000b62: DUP4 00000b63: AND 00000b64: PUSH1 0x00 00000b66: SWAP1 00000b67: DUP2 00000b68: MSTORE 00000b69: PUSH1 0x04 00000b6b: PUSH1 0x20 00000b6d: MSTORE 00000b6e: PUSH1 0x40 00000b70: SWAP1 00000b71: KECCAK256 00000b72: SLOAD 00000b73: PUSH1 0x07 00000b75: SLOAD 00000b76: SWAP1 00000b77: SWAP3 00000b78: POP 00000b79: PUSH8 0x0de0b6b3a7640000 00000b82: SWAP1 00000b83: PUSH2 0x0b93 00000b86: SWAP1 00000b87: DUP5 00000b88: SWAP1 00000b89: PUSH4 0xffffffff 00000b8e: PUSH2 0x1562 00000b91: AND 00000b92: JUMP 00000b93: JUMPDEST 00000b94: DUP2 00000b95: ISZERO 00000b96: ISZERO 00000b97: PUSH2 0x0b9c 00000b9a: JUMPI 00000b9b: INVALID 00000b9c: JUMPDEST 00000b9d: DIV 00000b9e: SWAP1 00000b9f: POP 00000ba0: PUSH2 0x0bb4 00000ba3: DUP3 00000ba4: PUSH1 0x05 00000ba6: SLOAD 00000ba7: PUSH2 0x165f 00000baa: SWAP1 00000bab: SWAP2 00000bac: SWAP1 00000bad: PUSH4 0xffffffff 00000bb2: AND 00000bb3: JUMP 00000bb4: JUMPDEST 00000bb5: PUSH1 0x05 00000bb7: SSTORE 00000bb8: PUSH1 0x01 00000bba: PUSH1 0xa0 00000bbc: PUSH1 0x02 00000bbe: EXP 00000bbf: SUB 00000bc0: DUP4 00000bc1: AND 00000bc2: PUSH1 0x00 00000bc4: SWAP1 00000bc5: DUP2 00000bc6: MSTORE 00000bc7: PUSH1 0x04 00000bc9: PUSH1 0x20 00000bcb: MSTORE 00000bcc: PUSH1 0x40 00000bce: DUP2 00000bcf: KECCAK256 00000bd0: SSTORE 00000bd1: PUSH1 0x06 00000bd3: SLOAD 00000bd4: PUSH2 0x0be3 00000bd7: SWAP1 00000bd8: DUP3 00000bd9: PUSH4 0xffffffff 00000bde: PUSH2 0x165f 00000be1: AND 00000be2: JUMP 00000be3: JUMPDEST 00000be4: PUSH1 0x06 00000be6: SSTORE 00000be7: PUSH1 0x05 00000be9: SLOAD 00000bea: PUSH8 0x0de0b6b3a7640000 00000bf3: LT 00000bf4: ISZERO 00000bf5: PUSH2 0x0c24 00000bf8: JUMPI 00000bf9: PUSH1 0x05 00000bfb: SLOAD 00000bfc: PUSH1 0x06 00000bfe: SLOAD 00000bff: PUSH2 0x0c16 00000c02: SWAP1 00000c03: PUSH8 0x0de0b6b3a7640000 00000c0c: PUSH4 0xffffffff 00000c11: PUSH2 0x1562 00000c14: AND 00000c15: JUMP 00000c16: JUMPDEST 00000c17: DUP2 00000c18: ISZERO 00000c19: ISZERO 00000c1a: PUSH2 0x0c1f 00000c1d: JUMPI 00000c1e: INVALID 00000c1f: JUMPDEST 00000c20: DIV 00000c21: PUSH1 0x07 00000c23: SSTORE 00000c24: JUMPDEST 00000c25: PUSH1 0x00 00000c27: SLOAD 00000c28: PUSH1 0x40 00000c2a: DUP1 00000c2b: MLOAD 00000c2c: PUSH1 0x01 00000c2e: PUSH1 0xa0 00000c30: PUSH1 0x02 00000c32: EXP 00000c33: SUB 00000c34: SWAP3 00000c35: DUP4 00000c36: AND 00000c37: DUP2 00000c38: MSTORE 00000c39: PUSH1 0x20 00000c3b: DUP2 00000c3c: ADD 00000c3d: DUP6 00000c3e: SWAP1 00000c3f: MSTORE 00000c40: DUP1 00000c41: DUP3 00000c42: ADD 00000c43: DUP5 00000c44: SWAP1 00000c45: MSTORE 00000c46: SWAP1 00000c47: MLOAD 00000c48: SWAP2 00000c49: DUP6 00000c4a: AND 00000c4b: SWAP2 00000c4c: PUSH32 0x0613f3007a01cf0dc9b10750d673c7e934a1c83f14715bc21a835824408f0555 00000c6d: SWAP2 00000c6e: DUP2 00000c6f: SWAP1 00000c70: SUB 00000c71: PUSH1 0x60 00000c73: ADD 00000c74: SWAP1 00000c75: LOG2 00000c76: PUSH1 0x00 00000c78: DUP1 00000c79: SLOAD 00000c7a: PUSH1 0x40 00000c7c: DUP1 00000c7d: MLOAD 00000c7e: PUSH32 0x9a74adda00000000000000000000000000000000000000000000000000000000 00000c9f: DUP2 00000ca0: MSTORE 00000ca1: PUSH1 0x01 00000ca3: PUSH1 0xa0 00000ca5: PUSH1 0x02 00000ca7: EXP 00000ca8: SUB 00000ca9: DUP8 00000caa: DUP2 00000cab: AND 00000cac: PUSH1 0x04 00000cae: DUP4 00000caf: ADD 00000cb0: MSTORE 00000cb1: SWAP2 00000cb2: MLOAD 00000cb3: SWAP2 00000cb4: SWAP1 00000cb5: SWAP3 00000cb6: AND 00000cb7: SWAP3 00000cb8: PUSH4 0x9a74adda 00000cbd: SWAP3 00000cbe: DUP6 00000cbf: SWAP3 00000cc0: PUSH1 0x24 00000cc2: DUP1 00000cc3: DUP4 00000cc4: ADD 00000cc5: SWAP4 00000cc6: SWAP3 00000cc7: DUP3 00000cc8: SWAP1 00000cc9: SUB 00000cca: ADD 00000ccb: DUP2 00000ccc: DUP6 00000ccd: DUP9 00000cce: DUP1 00000ccf: EXTCODESIZE 00000cd0: ISZERO 00000cd1: DUP1 00000cd2: ISZERO 00000cd3: PUSH2 0x0cdb 00000cd6: JUMPI 00000cd7: PUSH1 0x00 00000cd9: DUP1 00000cda: REVERT 00000cdb: JUMPDEST 00000cdc: POP 00000cdd: GAS 00000cde: CALL 00000cdf: ISZERO 00000ce0: DUP1 00000ce1: ISZERO 00000ce2: PUSH2 0x0cef 00000ce5: JUMPI 00000ce6: RETURNDATASIZE 00000ce7: PUSH1 0x00 00000ce9: DUP1 00000cea: RETURNDATACOPY 00000ceb: RETURNDATASIZE 00000cec: PUSH1 0x00 00000cee: REVERT 00000cef: JUMPDEST 00000cf0: POP 00000cf1: POP 00000cf2: POP 00000cf3: POP 00000cf4: POP 00000cf5: POP 00000cf6: POP 00000cf7: POP 00000cf8: JUMP 00000cf9: JUMPDEST 00000cfa: CALLER 00000cfb: PUSH1 0x00 00000cfd: SWAP1 00000cfe: DUP2 00000cff: MSTORE 00000d00: PUSH1 0x08 00000d02: PUSH1 0x20 00000d04: MSTORE 00000d05: PUSH1 0x40 00000d07: DUP2 00000d08: KECCAK256 00000d09: SLOAD 00000d0a: DUP2 00000d0b: SWAP1 00000d0c: DUP2 00000d0d: SWAP1 00000d0e: DUP2 00000d0f: SWAP1 00000d10: PUSH1 0xff 00000d12: AND 00000d13: ISZERO 00000d14: ISZERO 00000d15: PUSH1 0x01 00000d17: EQ 00000d18: PUSH2 0x0d20 00000d1b: JUMPI 00000d1c: PUSH1 0x00 00000d1e: DUP1 00000d1f: REVERT 00000d20: JUMPDEST 00000d21: PUSH1 0x00 00000d23: DUP7 00000d24: GT 00000d25: DUP1 00000d26: ISZERO 00000d27: PUSH2 0x0d38 00000d2a: JUMPI 00000d2b: POP 00000d2c: PUSH2 0x0d34 00000d2f: DUP6 00000d30: PUSH2 0x0fa6 00000d33: JUMP 00000d34: JUMPDEST 00000d35: DUP7 00000d36: GT 00000d37: ISZERO 00000d38: JUMPDEST 00000d39: ISZERO 00000d3a: ISZERO 00000d3b: PUSH2 0x0d43 00000d3e: JUMPI 00000d3f: PUSH1 0x00 00000d41: DUP1 00000d42: REVERT 00000d43: JUMPDEST 00000d44: PUSH1 0x01 00000d46: PUSH1 0xa0 00000d48: PUSH1 0x02 00000d4a: EXP 00000d4b: SUB 00000d4c: DUP6 00000d4d: AND 00000d4e: PUSH1 0x00 00000d50: SWAP1 00000d51: DUP2 00000d52: MSTORE 00000d53: PUSH1 0x04 00000d55: PUSH1 0x20 00000d57: MSTORE 00000d58: PUSH1 0x40 00000d5a: SWAP1 00000d5b: KECCAK256 00000d5c: SLOAD 00000d5d: PUSH1 0x07 00000d5f: SLOAD 00000d60: CALLER 00000d61: SWAP5 00000d62: POP 00000d63: SWAP1 00000d64: SWAP3 00000d65: POP 00000d66: PUSH2 0x0d7d 00000d69: DUP8 00000d6a: PUSH8 0x0de0b6b3a7640000 00000d73: PUSH4 0xffffffff 00000d78: PUSH2 0x1562 00000d7b: AND 00000d7c: JUMP 00000d7d: JUMPDEST 00000d7e: DUP2 00000d7f: ISZERO 00000d80: ISZERO 00000d81: PUSH2 0x0d86 00000d84: JUMPI 00000d85: INVALID 00000d86: JUMPDEST 00000d87: DIV 00000d88: SWAP1 00000d89: POP 00000d8a: DUP2 00000d8b: DUP2 00000d8c: GT 00000d8d: ISZERO 00000d8e: PUSH2 0x0d96 00000d91: JUMPI 00000d92: PUSH1 0x00 00000d94: DUP1 00000d95: REVERT 00000d96: JUMPDEST 00000d97: PUSH8 0x0de0b6b3a7640000 00000da0: PUSH2 0x0db4 00000da3: PUSH1 0x07 00000da5: SLOAD 00000da6: DUP4 00000da7: PUSH2 0x1562 00000daa: SWAP1 00000dab: SWAP2 00000dac: SWAP1 00000dad: PUSH4 0xffffffff 00000db2: AND 00000db3: JUMP 00000db4: JUMPDEST 00000db5: DUP2 00000db6: ISZERO 00000db7: ISZERO 00000db8: PUSH2 0x0dbd 00000dbb: JUMPI 00000dbc: INVALID 00000dbd: JUMPDEST 00000dbe: DIV 00000dbf: SWAP6 00000dc0: POP 00000dc1: PUSH2 0x0dd0 00000dc4: DUP3 00000dc5: DUP3 00000dc6: PUSH4 0xffffffff 00000dcb: PUSH2 0x165f 00000dce: AND 00000dcf: JUMP 00000dd0: JUMPDEST 00000dd1: PUSH1 0x05 00000dd3: SLOAD 00000dd4: SWAP1 00000dd5: SWAP3 00000dd6: POP 00000dd7: PUSH2 0x0de6 00000dda: SWAP1 00000ddb: DUP3 00000ddc: PUSH4 0xffffffff 00000de1: PUSH2 0x165f 00000de4: AND 00000de5: JUMP 00000de6: JUMPDEST 00000de7: PUSH1 0x05 00000de9: SSTORE 00000dea: PUSH1 0x01 00000dec: PUSH1 0xa0 00000dee: PUSH1 0x02 00000df0: EXP 00000df1: SUB 00000df2: DUP6 00000df3: AND 00000df4: PUSH1 0x00 00000df6: SWAP1 00000df7: DUP2 00000df8: MSTORE 00000df9: PUSH1 0x04 00000dfb: PUSH1 0x20 00000dfd: MSTORE 00000dfe: PUSH1 0x40 00000e00: SWAP1 00000e01: KECCAK256 00000e02: DUP3 00000e03: SWAP1 00000e04: SSTORE 00000e05: PUSH1 0x06 00000e07: SLOAD 00000e08: PUSH2 0x0e17 00000e0b: SWAP1 00000e0c: DUP8 00000e0d: PUSH4 0xffffffff 00000e12: PUSH2 0x165f 00000e15: AND 00000e16: JUMP 00000e17: JUMPDEST 00000e18: PUSH1 0x06 00000e1a: SSTORE 00000e1b: PUSH1 0x05 00000e1d: SLOAD 00000e1e: PUSH8 0x0de0b6b3a7640000 00000e27: LT 00000e28: ISZERO 00000e29: PUSH2 0x0e58 00000e2c: JUMPI 00000e2d: PUSH1 0x05 00000e2f: SLOAD 00000e30: PUSH1 0x06 00000e32: SLOAD 00000e33: PUSH2 0x0e4a 00000e36: SWAP1 00000e37: PUSH8 0x0de0b6b3a7640000 00000e40: PUSH4 0xffffffff 00000e45: PUSH2 0x1562 00000e48: AND 00000e49: JUMP 00000e4a: JUMPDEST 00000e4b: DUP2 00000e4c: ISZERO 00000e4d: ISZERO 00000e4e: PUSH2 0x0e53 00000e51: JUMPI 00000e52: INVALID 00000e53: JUMPDEST 00000e54: DIV 00000e55: PUSH1 0x07 00000e57: SSTORE 00000e58: JUMPDEST 00000e59: PUSH1 0x40 00000e5b: MLOAD 00000e5c: PUSH1 0x01 00000e5e: PUSH1 0xa0 00000e60: PUSH1 0x02 00000e62: EXP 00000e63: SUB 00000e64: DUP5 00000e65: AND 00000e66: SWAP1 00000e67: DUP8 00000e68: ISZERO 00000e69: PUSH2 0x08fc 00000e6c: MUL 00000e6d: SWAP1 00000e6e: DUP9 00000e6f: SWAP1 00000e70: PUSH1 0x00 00000e72: DUP2 00000e73: DUP2 00000e74: DUP2 00000e75: DUP6 00000e76: DUP9 00000e77: DUP9 00000e78: CALL 00000e79: SWAP4 00000e7a: POP 00000e7b: POP 00000e7c: POP 00000e7d: POP 00000e7e: ISZERO 00000e7f: DUP1 00000e80: ISZERO 00000e81: PUSH2 0x0e8e 00000e84: JUMPI 00000e85: RETURNDATASIZE 00000e86: PUSH1 0x00 00000e88: DUP1 00000e89: RETURNDATACOPY 00000e8a: RETURNDATASIZE 00000e8b: PUSH1 0x00 00000e8d: REVERT 00000e8e: JUMPDEST 00000e8f: POP 00000e90: SWAP5 00000e91: SWAP6 00000e92: SWAP5 00000e93: POP 00000e94: POP 00000e95: POP 00000e96: POP 00000e97: POP 00000e98: JUMP 00000e99: JUMPDEST 00000e9a: PUSH1 0x01 00000e9c: SLOAD 00000e9d: PUSH1 0x01 00000e9f: PUSH1 0xa0 00000ea1: PUSH1 0x02 00000ea3: EXP 00000ea4: SUB 00000ea5: AND 00000ea6: CALLER 00000ea7: EQ 00000ea8: PUSH2 0x0eb0 00000eab: JUMPI 00000eac: PUSH1 0x00 00000eae: DUP1 00000eaf: REVERT 00000eb0: JUMPDEST 00000eb1: DUP1 00000eb2: MLOAD 00000eb3: PUSH2 0x0ec3 00000eb6: SWAP1 00000eb7: PUSH1 0x02 00000eb9: SWAP1 00000eba: PUSH1 0x20 00000ebc: DUP5 00000ebd: ADD 00000ebe: SWAP1 00000ebf: PUSH2 0x1814 00000ec2: JUMP 00000ec3: JUMPDEST 00000ec4: POP 00000ec5: POP 00000ec6: JUMP 00000ec7: JUMPDEST 00000ec8: ADDRESS 00000ec9: BALANCE 00000eca: SWAP1 00000ecb: JUMP 00000ecc: JUMPDEST 00000ecd: PUSH1 0x01 00000ecf: PUSH1 0xa0 00000ed1: PUSH1 0x02 00000ed3: EXP 00000ed4: SUB 00000ed5: AND 00000ed6: PUSH1 0x00 00000ed8: SWAP1 00000ed9: DUP2 00000eda: MSTORE 00000edb: PUSH1 0x04 00000edd: PUSH1 0x20 00000edf: MSTORE 00000ee0: PUSH1 0x40 00000ee2: SWAP1 00000ee3: KECCAK256 00000ee4: SLOAD 00000ee5: SWAP1 00000ee6: JUMP 00000ee7: JUMPDEST 00000ee8: PUSH1 0x00 00000eea: DUP1 00000eeb: PUSH1 0x00 00000eed: DUP1 00000eee: PUSH2 0x0ef7 00000ef1: PUSH1 0x01 00000ef3: PUSH2 0x0849 00000ef6: JUMP 00000ef7: JUMPDEST 00000ef8: PUSH1 0x01 00000efa: PUSH1 0xa0 00000efc: PUSH1 0x02 00000efe: EXP 00000eff: SUB 00000f00: DUP7 00000f01: AND 00000f02: PUSH1 0x00 00000f04: SWAP1 00000f05: DUP2 00000f06: MSTORE 00000f07: PUSH1 0x04 00000f09: PUSH1 0x20 00000f0b: MSTORE 00000f0c: PUSH1 0x40 00000f0e: SWAP1 00000f0f: KECCAK256 00000f10: SLOAD 00000f11: SWAP1 00000f12: SWAP4 00000f13: POP 00000f14: SWAP2 00000f15: POP 00000f16: PUSH8 0x0de0b6b3a7640000 00000f1f: PUSH2 0x0f2e 00000f22: DUP4 00000f23: DUP6 00000f24: PUSH4 0xffffffff 00000f29: PUSH2 0x1562 00000f2c: AND 00000f2d: JUMP 00000f2e: JUMPDEST 00000f2f: DUP2 00000f30: ISZERO 00000f31: ISZERO 00000f32: PUSH2 0x0f37 00000f35: JUMPI 00000f36: INVALID 00000f37: JUMPDEST 00000f38: DIV 00000f39: SWAP6 00000f3a: SWAP5 00000f3b: POP 00000f3c: POP 00000f3d: POP 00000f3e: POP 00000f3f: POP 00000f40: JUMP 00000f41: JUMPDEST 00000f42: PUSH1 0x01 00000f44: PUSH1 0xa0 00000f46: PUSH1 0x02 00000f48: EXP 00000f49: SUB 00000f4a: AND 00000f4b: PUSH1 0x00 00000f4d: SWAP1 00000f4e: DUP2 00000f4f: MSTORE 00000f50: PUSH1 0x09 00000f52: PUSH1 0x20 00000f54: MSTORE 00000f55: PUSH1 0x40 00000f57: SWAP1 00000f58: KECCAK256 00000f59: SLOAD 00000f5a: PUSH1 0xff 00000f5c: AND 00000f5d: PUSH1 0x32 00000f5f: ADD 00000f60: SWAP1 00000f61: JUMP 00000f62: JUMPDEST 00000f63: PUSH1 0x01 00000f65: SLOAD 00000f66: PUSH1 0x01 00000f68: PUSH1 0xa0 00000f6a: PUSH1 0x02 00000f6c: EXP 00000f6d: SUB 00000f6e: AND 00000f6f: CALLER 00000f70: EQ 00000f71: PUSH2 0x0f79 00000f74: JUMPI 00000f75: PUSH1 0x00 00000f77: DUP1 00000f78: REVERT 00000f79: JUMPDEST 00000f7a: PUSH1 0x01 00000f7c: PUSH1 0xa0 00000f7e: PUSH1 0x02 00000f80: EXP 00000f81: SUB 00000f82: SWAP2 00000f83: SWAP1 00000f84: SWAP2 00000f85: AND 00000f86: PUSH1 0x00 00000f88: SWAP1 00000f89: DUP2 00000f8a: MSTORE 00000f8b: PUSH1 0x09 00000f8d: PUSH1 0x20 00000f8f: MSTORE 00000f90: PUSH1 0x40 00000f92: SWAP1 00000f93: KECCAK256 00000f94: DUP1 00000f95: SLOAD 00000f96: PUSH1 0xff 00000f98: NOT 00000f99: AND 00000f9a: PUSH1 0xff 00000f9c: SWAP1 00000f9d: SWAP3 00000f9e: AND 00000f9f: SWAP2 00000fa0: SWAP1 00000fa1: SWAP2 00000fa2: OR 00000fa3: SWAP1 00000fa4: SSTORE 00000fa5: JUMP 00000fa6: JUMPDEST 00000fa7: PUSH1 0x00 00000fa9: DUP1 00000faa: PUSH1 0x00 00000fac: DUP1 00000fad: PUSH2 0x0ef7 00000fb0: PUSH1 0x00 00000fb2: PUSH2 0x0849 00000fb5: JUMP 00000fb6: JUMPDEST 00000fb7: PUSH1 0x01 00000fb9: SLOAD 00000fba: PUSH1 0x01 00000fbc: PUSH1 0xa0 00000fbe: PUSH1 0x02 00000fc0: EXP 00000fc1: SUB 00000fc2: AND 00000fc3: DUP2 00000fc4: JUMP 00000fc5: JUMPDEST 00000fc6: PUSH1 0x00 00000fc8: CALLER 00000fc9: PUSH2 0x0fd1 00000fcc: DUP2 00000fcd: PUSH2 0x0ecc 00000fd0: JUMP 00000fd1: JUMPDEST 00000fd2: SWAP2 00000fd3: POP 00000fd4: JUMPDEST 00000fd5: POP 00000fd6: SWAP1 00000fd7: JUMP 00000fd8: JUMPDEST 00000fd9: PUSH1 0x03 00000fdb: DUP1 00000fdc: SLOAD 00000fdd: PUSH1 0x40 00000fdf: DUP1 00000fe0: MLOAD 00000fe1: PUSH1 0x20 00000fe3: PUSH1 0x02 00000fe5: PUSH1 0x01 00000fe7: DUP6 00000fe8: AND 00000fe9: ISZERO 00000fea: PUSH2 0x0100 00000fed: MUL 00000fee: PUSH1 0x00 00000ff0: NOT 00000ff1: ADD 00000ff2: SWAP1 00000ff3: SWAP5 00000ff4: AND 00000ff5: SWAP4 00000ff6: SWAP1 00000ff7: SWAP4 00000ff8: DIV 00000ff9: PUSH1 0x1f 00000ffb: DUP2 00000ffc: ADD 00000ffd: DUP5 00000ffe: SWAP1 00000fff: DIV 00001000: DUP5 00001001: MUL 00001002: DUP3 00001003: ADD 00001004: DUP5 00001005: ADD 00001006: SWAP1 00001007: SWAP3 00001008: MSTORE 00001009: DUP2 0000100a: DUP2 0000100b: MSTORE 0000100c: SWAP3 0000100d: SWAP2 0000100e: DUP4 0000100f: ADD 00001010: DUP3 00001011: DUP3 00001012: DUP1 00001013: ISZERO 00001014: PUSH2 0x0841 00001017: JUMPI 00001018: DUP1 00001019: PUSH1 0x1f 0000101b: LT 0000101c: PUSH2 0x0816 0000101f: JUMPI 00001020: PUSH2 0x0100 00001023: DUP1 00001024: DUP4 00001025: SLOAD 00001026: DIV 00001027: MUL 00001028: DUP4 00001029: MSTORE 0000102a: SWAP2 0000102b: PUSH1 0x20 0000102d: ADD 0000102e: SWAP2 0000102f: PUSH2 0x0841 00001032: JUMP 00001033: JUMPDEST 00001034: CALLER 00001035: PUSH1 0x00 00001037: SWAP1 00001038: DUP2 00001039: MSTORE 0000103a: PUSH1 0x08 0000103c: PUSH1 0x20 0000103e: MSTORE 0000103f: PUSH1 0x40 00001041: DUP2 00001042: KECCAK256 00001043: SLOAD 00001044: DUP2 00001045: SWAP1 00001046: PUSH1 0xff 00001048: AND 00001049: ISZERO 0000104a: ISZERO 0000104b: PUSH1 0x01 0000104d: EQ 0000104e: PUSH2 0x1056 00001051: JUMPI 00001052: PUSH1 0x00 00001054: DUP1 00001055: REVERT 00001056: JUMPDEST 00001057: CALLVALUE 00001058: SWAP2 00001059: POP 0000105a: PUSH2 0x1063 0000105d: DUP3 0000105e: DUP5 0000105f: PUSH2 0x158e 00001062: JUMP 00001063: JUMPDEST 00001064: PUSH1 0x06 00001066: SLOAD 00001067: SWAP1 00001068: SWAP2 00001069: POP 0000106a: PUSH2 0x1079 0000106d: SWAP1 0000106e: DUP4 0000106f: PUSH4 0xffffffff 00001074: PUSH2 0x1674 00001077: AND 00001078: JUMP 00001079: JUMPDEST 0000107a: PUSH1 0x06 0000107c: SSTORE 0000107d: PUSH1 0x05 0000107f: SLOAD 00001080: PUSH8 0x0de0b6b3a7640000 00001089: LT 0000108a: ISZERO 0000108b: PUSH2 0x10ba 0000108e: JUMPI 0000108f: PUSH1 0x05 00001091: SLOAD 00001092: PUSH1 0x06 00001094: SLOAD 00001095: PUSH2 0x10ac 00001098: SWAP1 00001099: PUSH8 0x0de0b6b3a7640000 000010a2: PUSH4 0xffffffff 000010a7: PUSH2 0x1562 000010aa: AND 000010ab: JUMP 000010ac: JUMPDEST 000010ad: DUP2 000010ae: ISZERO 000010af: ISZERO 000010b0: PUSH2 0x10b5 000010b3: JUMPI 000010b4: INVALID 000010b5: JUMPDEST 000010b6: DIV 000010b7: PUSH1 0x07 000010b9: SSTORE 000010ba: JUMPDEST 000010bb: PUSH1 0x40 000010bd: DUP1 000010be: MLOAD 000010bf: PUSH1 0x01 000010c1: PUSH1 0xa0 000010c3: PUSH1 0x02 000010c5: EXP 000010c6: SUB 000010c7: DUP6 000010c8: AND 000010c9: DUP2 000010ca: MSTORE 000010cb: PUSH1 0x20 000010cd: DUP2 000010ce: ADD 000010cf: DUP4 000010d0: SWAP1 000010d1: MSTORE 000010d2: DUP1 000010d3: DUP3 000010d4: ADD 000010d5: DUP5 000010d6: SWAP1 000010d7: MSTORE 000010d8: SWAP1 000010d9: MLOAD 000010da: CALLER 000010db: SWAP2 000010dc: PUSH32 0xda094decb8661f6c0cb33392f53adf25d7e6bf6d15ba9f1aecde71620471ec5b 000010fd: SWAP2 000010fe: SWAP1 000010ff: DUP2 00001100: SWAP1 00001101: SUB 00001102: PUSH1 0x60 00001104: ADD 00001105: SWAP1 00001106: LOG2 00001107: POP 00001108: POP 00001109: POP 0000110a: JUMP 0000110b: JUMPDEST 0000110c: PUSH1 0x01 0000110e: SLOAD 0000110f: PUSH1 0x01 00001111: PUSH1 0xa0 00001113: PUSH1 0x02 00001115: EXP 00001116: SUB 00001117: AND 00001118: CALLER 00001119: EQ 0000111a: PUSH2 0x1122 0000111d: JUMPI 0000111e: PUSH1 0x00 00001120: DUP1 00001121: REVERT 00001122: JUMPDEST 00001123: DUP1 00001124: MLOAD 00001125: PUSH2 0x0ec3 00001128: SWAP1 00001129: PUSH1 0x03 0000112b: SWAP1 0000112c: PUSH1 0x20 0000112e: DUP5 0000112f: ADD 00001130: SWAP1 00001131: PUSH2 0x1814 00001134: JUMP 00001135: JUMPDEST 00001136: PUSH1 0x01 00001138: SLOAD 00001139: PUSH1 0x01 0000113b: PUSH1 0xa0 0000113d: PUSH1 0x02 0000113f: EXP 00001140: SUB 00001141: AND 00001142: CALLER 00001143: EQ 00001144: PUSH2 0x114c 00001147: JUMPI 00001148: PUSH1 0x00 0000114a: DUP1 0000114b: REVERT 0000114c: JUMPDEST 0000114d: PUSH1 0x00 0000114f: SLOAD 00001150: PUSH1 0x01 00001152: PUSH1 0xa0 00001154: PUSH1 0x02 00001156: EXP 00001157: SUB 00001158: DUP3 00001159: DUP2 0000115a: AND 0000115b: SWAP2 0000115c: AND 0000115d: EQ 0000115e: ISZERO 0000115f: PUSH2 0x1167 00001162: JUMPI 00001163: PUSH1 0x00 00001165: DUP1 00001166: REVERT 00001167: JUMPDEST 00001168: PUSH1 0x01 0000116a: PUSH1 0xa0 0000116c: PUSH1 0x02 0000116e: EXP 0000116f: SUB 00001170: DUP2 00001171: AND 00001172: ISZERO 00001173: ISZERO 00001174: PUSH2 0x117c 00001177: JUMPI 00001178: PUSH1 0x00 0000117a: DUP1 0000117b: REVERT 0000117c: JUMPDEST 0000117d: PUSH1 0x00 0000117f: SLOAD 00001180: PUSH1 0x40 00001182: DUP1 00001183: MLOAD 00001184: PUSH1 0x01 00001186: PUSH1 0xa0 00001188: PUSH1 0x02 0000118a: EXP 0000118b: SUB 0000118c: SWAP3 0000118d: DUP4 0000118e: AND 0000118f: DUP2 00001190: MSTORE 00001191: SWAP2 00001192: DUP4 00001193: AND 00001194: PUSH1 0x20 00001196: DUP4 00001197: ADD 00001198: MSTORE 00001199: TIMESTAMP 0000119a: DUP3 0000119b: DUP3 0000119c: ADD 0000119d: MSTORE 0000119e: MLOAD 0000119f: PUSH32 0x87ab77b91a9a6a5a04a748607e0ee38d580963c4e21fe45d2e79ffeef26bc55e 000011c0: SWAP2 000011c1: DUP2 000011c2: SWAP1 000011c3: SUB 000011c4: PUSH1 0x60 000011c6: ADD 000011c7: SWAP1 000011c8: LOG1 000011c9: PUSH1 0x00 000011cb: DUP1 000011cc: SLOAD 000011cd: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 000011e2: NOT 000011e3: AND 000011e4: PUSH1 0x01 000011e6: PUSH1 0xa0 000011e8: PUSH1 0x02 000011ea: EXP 000011eb: SUB 000011ec: SWAP3 000011ed: SWAP1 000011ee: SWAP3 000011ef: AND 000011f0: SWAP2 000011f1: SWAP1 000011f2: SWAP2 000011f3: OR 000011f4: SWAP1 000011f5: SSTORE 000011f6: JUMP 000011f7: JUMPDEST 000011f8: PUSH1 0x01 000011fa: SLOAD 000011fb: PUSH1 0x01 000011fd: PUSH1 0xa0 000011ff: PUSH1 0x02 00001201: EXP 00001202: SUB 00001203: AND 00001204: CALLER 00001205: EQ 00001206: PUSH2 0x120e 00001209: JUMPI 0000120a: PUSH1 0x00 0000120c: DUP1 0000120d: REVERT 0000120e: JUMPDEST 0000120f: PUSH1 0x01 00001211: SLOAD 00001212: PUSH1 0x01 00001214: PUSH1 0xa0 00001216: PUSH1 0x02 00001218: EXP 00001219: SUB 0000121a: DUP3 0000121b: DUP2 0000121c: AND 0000121d: SWAP2 0000121e: AND 0000121f: EQ 00001220: ISZERO 00001221: PUSH2 0x1229 00001224: JUMPI 00001225: PUSH1 0x00 00001227: DUP1 00001228: REVERT 00001229: JUMPDEST 0000122a: PUSH1 0x01 0000122c: PUSH1 0xa0 0000122e: PUSH1 0x02 00001230: EXP 00001231: SUB 00001232: DUP2 00001233: AND 00001234: ISZERO 00001235: ISZERO 00001236: PUSH2 0x123e 00001239: JUMPI 0000123a: PUSH1 0x00 0000123c: DUP1 0000123d: REVERT 0000123e: JUMPDEST 0000123f: PUSH1 0x01 00001241: SLOAD 00001242: PUSH1 0x40 00001244: MLOAD 00001245: PUSH1 0x01 00001247: PUSH1 0xa0 00001249: PUSH1 0x02 0000124b: EXP 0000124c: SUB 0000124d: DUP1 0000124e: DUP5 0000124f: AND 00001250: SWAP3 00001251: AND 00001252: SWAP1 00001253: PUSH32 0x8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e0 00001274: SWAP1 00001275: PUSH1 0x00 00001277: SWAP1 00001278: LOG3 00001279: PUSH1 0x01 0000127b: DUP1 0000127c: SLOAD 0000127d: PUSH20 0xffffffffffffffffffffffffffffffffffffffff 00001292: NOT 00001293: AND 00001294: PUSH1 0x01 00001296: PUSH1 0xa0 00001298: PUSH1 0x02 0000129a: EXP 0000129b: SUB 0000129c: SWAP3 0000129d: SWAP1 0000129e: SWAP3 0000129f: AND 000012a0: SWAP2 000012a1: SWAP1 000012a2: SWAP2 000012a3: OR 000012a4: SWAP1 000012a5: SSTORE 000012a6: JUMP 000012a7: JUMPDEST 000012a8: PUSH1 0x00 000012aa: PUSH2 0x12b4 000012ad: CALLER 000012ae: DUP5 000012af: DUP5 000012b0: PUSH2 0x1684 000012b3: JUMP 000012b4: JUMPDEST 000012b5: SWAP1 000012b6: POP 000012b7: JUMPDEST 000012b8: SWAP3 000012b9: SWAP2 000012ba: POP 000012bb: POP 000012bc: JUMP 000012bd: JUMPDEST 000012be: PUSH1 0x06 000012c0: SLOAD 000012c1: SWAP1 000012c2: JUMP 000012c3: JUMPDEST 000012c4: PUSH1 0x01 000012c6: SLOAD 000012c7: PUSH1 0x01 000012c9: PUSH1 0xa0 000012cb: PUSH1 0x02 000012cd: EXP 000012ce: SUB 000012cf: AND 000012d0: CALLER 000012d1: EQ 000012d2: PUSH2 0x12da 000012d5: JUMPI 000012d6: PUSH1 0x00 000012d8: DUP1 000012d9: REVERT 000012da: JUMPDEST 000012db: PUSH1 0x01 000012dd: PUSH1 0xa0 000012df: PUSH1 0x02 000012e1: EXP 000012e2: SUB 000012e3: AND 000012e4: PUSH1 0x00 000012e6: SWAP1 000012e7: DUP2 000012e8: MSTORE 000012e9: PUSH1 0x08 000012eb: PUSH1 0x20 000012ed: MSTORE 000012ee: PUSH1 0x40 000012f0: SWAP1 000012f1: KECCAK256 000012f2: DUP1 000012f3: SLOAD 000012f4: PUSH1 0xff 000012f6: NOT 000012f7: AND 000012f8: SWAP1 000012f9: SSTORE 000012fa: JUMP 000012fb: JUMPDEST 000012fc: PUSH1 0x00 000012fe: CALLER 000012ff: PUSH2 0x0fd1 00001302: DUP2 00001303: PUSH2 0x0ee7 00001306: JUMP 00001307: JUMPDEST 00001308: CALLER 00001309: PUSH1 0x00 0000130b: SWAP1 0000130c: DUP2 0000130d: MSTORE 0000130e: PUSH1 0x08 00001310: PUSH1 0x20 00001312: MSTORE 00001313: PUSH1 0x40 00001315: DUP2 00001316: KECCAK256 00001317: SLOAD 00001318: DUP2 00001319: SWAP1 0000131a: DUP2 0000131b: SWAP1 0000131c: DUP2 0000131d: SWAP1 0000131e: DUP2 0000131f: SWAP1 00001320: DUP2 00001321: SWAP1 00001322: PUSH1 0xff 00001324: AND 00001325: ISZERO 00001326: ISZERO 00001327: PUSH1 0x01 00001329: EQ 0000132a: PUSH2 0x1332 0000132d: JUMPI 0000132e: PUSH1 0x00 00001330: DUP1 00001331: REVERT 00001332: JUMPDEST 00001333: CALLVALUE 00001334: SWAP5 00001335: POP 00001336: DUP5 00001337: ISZERO 00001338: ISZERO 00001339: PUSH2 0x1345 0000133c: JUMPI 0000133d: PUSH1 0x00 0000133f: SWAP6 00001340: POP 00001341: PUSH2 0x1492 00001344: JUMP 00001345: JUMPDEST 00001346: PUSH1 0x64 00001348: PUSH2 0x1358 0000134b: DUP7 0000134c: PUSH1 0x01 0000134e: PUSH4 0xffffffff 00001353: PUSH2 0x1562 00001356: AND 00001357: JUMP 00001358: JUMPDEST 00001359: DUP2 0000135a: ISZERO 0000135b: ISZERO 0000135c: PUSH2 0x1361 0000135f: JUMPI 00001360: INVALID 00001361: JUMPDEST 00001362: DIV 00001363: SWAP4 00001364: POP 00001365: PUSH1 0x64 00001367: PUSH2 0x1377 0000136a: DUP7 0000136b: PUSH1 0x03 0000136d: PUSH4 0xffffffff 00001372: PUSH2 0x1562 00001375: AND 00001376: JUMP 00001377: JUMPDEST 00001378: DUP2 00001379: ISZERO 0000137a: ISZERO 0000137b: PUSH2 0x1380 0000137e: JUMPI 0000137f: INVALID 00001380: JUMPDEST 00001381: DIV 00001382: SWAP3 00001383: POP 00001384: PUSH1 0x01 00001386: PUSH1 0xa0 00001388: PUSH1 0x02 0000138a: EXP 0000138b: SUB 0000138c: DUP8 0000138d: AND 0000138e: ISZERO 0000138f: DUP1 00001390: ISZERO 00001391: SWAP1 00001392: PUSH2 0x13ad 00001395: JUMPI 00001396: POP 00001397: DUP8 00001398: PUSH1 0x01 0000139a: PUSH1 0xa0 0000139c: PUSH1 0x02 0000139e: EXP 0000139f: SUB 000013a0: AND 000013a1: DUP8 000013a2: PUSH1 0x01 000013a4: PUSH1 0xa0 000013a6: PUSH1 0x02 000013a8: EXP 000013a9: SUB 000013aa: AND 000013ab: EQ 000013ac: ISZERO 000013ad: JUMPDEST 000013ae: ISZERO 000013af: PUSH2 0x1412 000013b2: JUMPI 000013b3: PUSH1 0x01 000013b5: PUSH1 0xa0 000013b7: PUSH1 0x02 000013b9: EXP 000013ba: SUB 000013bb: DUP8 000013bc: AND 000013bd: PUSH1 0x00 000013bf: SWAP1 000013c0: DUP2 000013c1: MSTORE 000013c2: PUSH1 0x09 000013c4: PUSH1 0x20 000013c6: MSTORE 000013c7: PUSH1 0x40 000013c9: SWAP1 000013ca: KECCAK256 000013cb: SLOAD 000013cc: PUSH1 0x64 000013ce: SWAP1 000013cf: PUSH2 0x13e8 000013d2: SWAP1 000013d3: DUP6 000013d4: SWAP1 000013d5: PUSH1 0x32 000013d7: PUSH1 0xff 000013d9: SWAP2 000013da: DUP3 000013db: AND 000013dc: ADD 000013dd: AND 000013de: PUSH4 0xffffffff 000013e3: PUSH2 0x1562 000013e6: AND 000013e7: JUMP 000013e8: JUMPDEST 000013e9: DUP2 000013ea: ISZERO 000013eb: ISZERO 000013ec: PUSH2 0x13f1 000013ef: JUMPI 000013f0: INVALID 000013f1: JUMPDEST 000013f2: DIV 000013f3: SWAP2 000013f4: POP 000013f5: PUSH2 0x13fe 000013f8: DUP3 000013f9: DUP9 000013fa: PUSH2 0x158e 000013fd: JUMP 000013fe: JUMPDEST 000013ff: POP 00001400: PUSH2 0x140f 00001403: DUP4 00001404: DUP4 00001405: PUSH4 0xffffffff 0000140a: PUSH2 0x165f 0000140d: AND 0000140e: JUMP 0000140f: JUMPDEST 00001410: SWAP3 00001411: POP 00001412: JUMPDEST 00001413: PUSH2 0x1428 00001416: PUSH1 0x64 00001418: PUSH2 0x072f 0000141b: DUP7 0000141c: PUSH1 0x61 0000141e: PUSH4 0xffffffff 00001423: PUSH2 0x1562 00001426: AND 00001427: JUMP 00001428: JUMPDEST 00001429: POP 0000142a: PUSH2 0x1437 0000142d: DUP5 0000142e: DUP5 0000142f: DUP8 00001430: SUB 00001431: SUB 00001432: DUP10 00001433: PUSH2 0x158e 00001436: JUMP 00001437: JUMPDEST 00001438: PUSH1 0x06 0000143a: SLOAD 0000143b: SWAP1 0000143c: SWAP2 0000143d: POP 0000143e: PUSH2 0x144d 00001441: SWAP1 00001442: DUP7 00001443: PUSH4 0xffffffff 00001448: PUSH2 0x1674 0000144b: AND 0000144c: JUMP 0000144d: JUMPDEST 0000144e: PUSH1 0x06 00001450: SSTORE 00001451: PUSH1 0x05 00001453: SLOAD 00001454: PUSH8 0x0de0b6b3a7640000 0000145d: LT 0000145e: ISZERO 0000145f: PUSH2 0x148e 00001462: JUMPI 00001463: PUSH1 0x05 00001465: SLOAD 00001466: PUSH1 0x06 00001468: SLOAD 00001469: PUSH2 0x1480 0000146c: SWAP1 0000146d: PUSH8 0x0de0b6b3a7640000 00001476: PUSH4 0xffffffff 0000147b: PUSH2 0x1562 0000147e: AND 0000147f: JUMP 00001480: JUMPDEST 00001481: DUP2 00001482: ISZERO 00001483: ISZERO 00001484: PUSH2 0x1489 00001487: JUMPI 00001488: INVALID 00001489: JUMPDEST 0000148a: DIV 0000148b: PUSH1 0x07 0000148d: SSTORE 0000148e: JUMPDEST 0000148f: DUP1 00001490: SWAP6 00001491: POP 00001492: JUMPDEST 00001493: POP 00001494: POP 00001495: POP 00001496: POP 00001497: POP 00001498: SWAP3 00001499: SWAP2 0000149a: POP 0000149b: POP 0000149c: JUMP 0000149d: JUMPDEST 0000149e: PUSH1 0x00 000014a0: DUP1 000014a1: DUP1 000014a2: DUP4 000014a3: ISZERO 000014a4: PUSH2 0x14f0 000014a7: JUMPI 000014a8: PUSH1 0x07 000014aa: SLOAD 000014ab: PUSH1 0x64 000014ad: SWAP1 000014ae: PUSH2 0x14be 000014b1: SWAP1 000014b2: PUSH1 0x03 000014b4: PUSH4 0xffffffff 000014b9: PUSH2 0x1562 000014bc: AND 000014bd: JUMP 000014be: JUMPDEST 000014bf: DUP2 000014c0: ISZERO 000014c1: ISZERO 000014c2: PUSH2 0x14c7 000014c5: JUMPI 000014c6: INVALID 000014c7: JUMPDEST 000014c8: PUSH1 0x07 000014ca: SLOAD 000014cb: SWAP2 000014cc: SWAP1 000014cd: DIV 000014ce: SWAP3 000014cf: POP 000014d0: PUSH1 0x64 000014d2: SWAP1 000014d3: PUSH2 0x14e3 000014d6: SWAP1 000014d7: PUSH1 0x01 000014d9: PUSH4 0xffffffff 000014de: PUSH2 0x1562 000014e1: AND 000014e2: JUMP 000014e3: JUMPDEST 000014e4: DUP2 000014e5: ISZERO 000014e6: ISZERO 000014e7: PUSH2 0x14ec 000014ea: JUMPI 000014eb: INVALID 000014ec: JUMPDEST 000014ed: DIV 000014ee: SWAP1 000014ef: POP 000014f0: JUMPDEST 000014f1: PUSH1 0x07 000014f3: SLOAD 000014f4: SWAP1 000014f5: SWAP2 000014f6: ADD 000014f7: ADD 000014f8: SWAP3 000014f9: SWAP2 000014fa: POP 000014fb: POP 000014fc: JUMP 000014fd: JUMPDEST 000014fe: PUSH1 0x01 00001500: SLOAD 00001501: PUSH1 0x01 00001503: PUSH1 0xa0 00001505: PUSH1 0x02 00001507: EXP 00001508: SUB 00001509: AND 0000150a: CALLER 0000150b: EQ 0000150c: PUSH2 0x1514 0000150f: JUMPI 00001510: PUSH1 0x00 00001512: DUP1 00001513: REVERT 00001514: JUMPDEST 00001515: PUSH1 0x01 00001517: PUSH1 0xa0 00001519: PUSH1 0x02 0000151b: EXP 0000151c: SUB 0000151d: AND 0000151e: PUSH1 0x00 00001520: SWAP1 00001521: DUP2 00001522: MSTORE 00001523: PUSH1 0x08 00001525: PUSH1 0x20 00001527: MSTORE 00001528: PUSH1 0x40 0000152a: SWAP1 0000152b: KECCAK256 0000152c: DUP1 0000152d: SLOAD 0000152e: PUSH1 0xff 00001530: NOT 00001531: AND 00001532: PUSH1 0x01 00001534: OR 00001535: SWAP1 00001536: SSTORE 00001537: JUMP 00001538: JUMPDEST 00001539: PUSH1 0x00 0000153b: CALLER 0000153c: PUSH2 0x0fd1 0000153f: DUP2 00001540: PUSH2 0x0fa6 00001543: JUMP 00001544: JUMPDEST 00001545: PUSH1 0x01 00001547: PUSH1 0xa0 00001549: PUSH1 0x02 0000154b: EXP 0000154c: SUB 0000154d: AND 0000154e: PUSH1 0x00 00001550: SWAP1 00001551: DUP2 00001552: MSTORE 00001553: PUSH1 0x08 00001555: PUSH1 0x20 00001557: MSTORE 00001558: PUSH1 0x40 0000155a: SWAP1 0000155b: KECCAK256 0000155c: SLOAD 0000155d: PUSH1 0xff 0000155f: AND 00001560: SWAP1 00001561: JUMP 00001562: JUMPDEST 00001563: PUSH1 0x00 00001565: DUP3 00001566: ISZERO 00001567: ISZERO 00001568: PUSH2 0x1573 0000156b: JUMPI 0000156c: POP 0000156d: PUSH1 0x00 0000156f: PUSH2 0x12b7 00001572: JUMP 00001573: JUMPDEST 00001574: POP 00001575: DUP2 00001576: DUP2 00001577: MUL 00001578: DUP2 00001579: DUP4 0000157a: DUP3 0000157b: DUP2 0000157c: ISZERO 0000157d: ISZERO 0000157e: PUSH2 0x1583 00001581: JUMPI 00001582: INVALID 00001583: JUMPDEST 00001584: DIV 00001585: EQ 00001586: PUSH2 0x12b7 00001589: JUMPI 0000158a: PUSH1 0x00 0000158c: DUP1 0000158d: REVERT 0000158e: JUMPDEST 0000158f: PUSH1 0x07 00001591: SLOAD 00001592: PUSH1 0x00 00001594: SWAP1 00001595: DUP2 00001596: SWAP1 00001597: PUSH2 0x15ae 0000159a: DUP6 0000159b: PUSH8 0x0de0b6b3a7640000 000015a4: PUSH4 0xffffffff 000015a9: PUSH2 0x1562 000015ac: AND 000015ad: JUMP 000015ae: JUMPDEST 000015af: DUP2 000015b0: ISZERO 000015b1: ISZERO 000015b2: PUSH2 0x15b7 000015b5: JUMPI 000015b6: INVALID 000015b7: JUMPDEST 000015b8: PUSH1 0x01 000015ba: PUSH1 0xa0 000015bc: PUSH1 0x02 000015be: EXP 000015bf: SUB 000015c0: DUP6 000015c1: AND 000015c2: PUSH1 0x00 000015c4: SWAP1 000015c5: DUP2 000015c6: MSTORE 000015c7: PUSH1 0x04 000015c9: PUSH1 0x20 000015cb: MSTORE 000015cc: PUSH1 0x40 000015ce: SWAP1 000015cf: KECCAK256 000015d0: SLOAD 000015d1: SWAP2 000015d2: SWAP1 000015d3: DIV 000015d4: SWAP2 000015d5: POP 000015d6: PUSH2 0x15e5 000015d9: SWAP1 000015da: DUP3 000015db: PUSH4 0xffffffff 000015e0: PUSH2 0x1674 000015e3: AND 000015e4: JUMP 000015e5: JUMPDEST 000015e6: PUSH1 0x01 000015e8: PUSH1 0xa0 000015ea: PUSH1 0x02 000015ec: EXP 000015ed: SUB 000015ee: DUP5 000015ef: AND 000015f0: PUSH1 0x00 000015f2: SWAP1 000015f3: DUP2 000015f4: MSTORE 000015f5: PUSH1 0x04 000015f7: PUSH1 0x20 000015f9: MSTORE 000015fa: PUSH1 0x40 000015fc: SWAP1 000015fd: KECCAK256 000015fe: SSTORE 000015ff: PUSH1 0x05 00001601: SLOAD 00001602: PUSH2 0x1611 00001605: SWAP1 00001606: DUP3 00001607: PUSH4 0xffffffff 0000160c: PUSH2 0x1674 0000160f: AND 00001610: JUMP 00001611: JUMPDEST 00001612: PUSH1 0x05 00001614: SSTORE 00001615: PUSH1 0x40 00001617: DUP1 00001618: MLOAD 00001619: PUSH1 0x01 0000161b: PUSH1 0xa0 0000161d: PUSH1 0x02 0000161f: EXP 00001620: SUB 00001621: DUP6 00001622: AND 00001623: DUP2 00001624: MSTORE 00001625: PUSH1 0x20 00001627: DUP2 00001628: ADD 00001629: DUP4 0000162a: SWAP1 0000162b: MSTORE 0000162c: DUP2 0000162d: MLOAD 0000162e: PUSH32 0xcefe7397ae1d7fe6d78f1f266de1b158c817cf31bb141e8b9e441d82b51e43c4 0000164f: SWAP3 00001650: SWAP2 00001651: DUP2 00001652: SWAP1 00001653: SUB 00001654: SWAP1 00001655: SWAP2 00001656: ADD 00001657: SWAP1 00001658: LOG1 00001659: SWAP4 0000165a: SWAP3 0000165b: POP 0000165c: POP 0000165d: POP 0000165e: JUMP 0000165f: JUMPDEST 00001660: PUSH1 0x00 00001662: DUP3 00001663: DUP3 00001664: GT 00001665: ISZERO 00001666: PUSH2 0x166e 00001669: JUMPI 0000166a: PUSH1 0x00 0000166c: DUP1 0000166d: REVERT 0000166e: JUMPDEST 0000166f: POP 00001670: SWAP1 00001671: SUB 00001672: SWAP1 00001673: JUMP 00001674: JUMPDEST 00001675: DUP2 00001676: DUP2 00001677: ADD 00001678: DUP3 00001679: DUP2 0000167a: LT 0000167b: ISZERO 0000167c: PUSH2 0x12b7 0000167f: JUMPI 00001680: PUSH1 0x00 00001682: DUP1 00001683: REVERT 00001684: JUMPDEST 00001685: PUSH1 0x01 00001687: PUSH1 0xa0 00001689: PUSH1 0x02 0000168b: EXP 0000168c: SUB 0000168d: DUP4 0000168e: AND 0000168f: PUSH1 0x00 00001691: SWAP1 00001692: DUP2 00001693: MSTORE 00001694: PUSH1 0x04 00001696: PUSH1 0x20 00001698: MSTORE 00001699: PUSH1 0x40 0000169b: DUP2 0000169c: KECCAK256 0000169d: SLOAD 0000169e: DUP2 0000169f: SWAP1 000016a0: DUP4 000016a1: GT 000016a2: ISZERO 000016a3: PUSH2 0x16ab 000016a6: JUMPI 000016a7: PUSH1 0x00 000016a9: DUP1 000016aa: REVERT 000016ab: JUMPDEST 000016ac: PUSH1 0x00 000016ae: DUP4 000016af: GT 000016b0: ISZERO 000016b1: PUSH2 0x17be 000016b4: JUMPI 000016b5: PUSH1 0x64 000016b7: PUSH2 0x16c7 000016ba: DUP5 000016bb: PUSH1 0x02 000016bd: PUSH4 0xffffffff 000016c2: PUSH2 0x1562 000016c5: AND 000016c6: JUMP 000016c7: JUMPDEST 000016c8: DUP2 000016c9: ISZERO 000016ca: ISZERO 000016cb: PUSH2 0x16d0 000016ce: JUMPI 000016cf: INVALID 000016d0: JUMPDEST 000016d1: DIV 000016d2: SWAP1 000016d3: POP 000016d4: PUSH1 0x02 000016d6: DUP2 000016d7: PUSH1 0x01 000016d9: PUSH1 0xa0 000016db: PUSH1 0x02 000016dd: EXP 000016de: SUB 000016df: DUP8 000016e0: AND 000016e1: PUSH1 0x00 000016e3: SWAP1 000016e4: DUP2 000016e5: MSTORE 000016e6: PUSH1 0x04 000016e8: PUSH1 0x20 000016ea: MSTORE 000016eb: PUSH1 0x40 000016ed: SWAP1 000016ee: KECCAK256 000016ef: SLOAD 000016f0: SWAP2 000016f1: SWAP1 000016f2: DIV 000016f3: SWAP2 000016f4: POP 000016f5: PUSH2 0x1704 000016f8: SWAP1 000016f9: DUP5 000016fa: PUSH4 0xffffffff 000016ff: PUSH2 0x165f 00001702: AND 00001703: JUMP 00001704: JUMPDEST 00001705: PUSH1 0x01 00001707: PUSH1 0xa0 00001709: PUSH1 0x02 0000170b: EXP 0000170c: SUB 0000170d: DUP1 0000170e: DUP8 0000170f: AND 00001710: PUSH1 0x00 00001712: SWAP1 00001713: DUP2 00001714: MSTORE 00001715: PUSH1 0x04 00001717: PUSH1 0x20 00001719: MSTORE 0000171a: PUSH1 0x40 0000171c: DUP1 0000171d: DUP3 0000171e: KECCAK256 0000171f: SWAP4 00001720: SWAP1 00001721: SWAP4 00001722: SSTORE 00001723: SWAP1 00001724: DUP7 00001725: AND 00001726: DUP2 00001727: MSTORE 00001728: KECCAK256 00001729: SLOAD 0000172a: PUSH2 0x173e 0000172d: SWAP1 0000172e: PUSH1 0x02 00001730: DUP4 00001731: MUL 00001732: DUP6 00001733: SUB 00001734: PUSH4 0xffffffff 00001739: PUSH2 0x1674 0000173c: AND 0000173d: JUMP 0000173e: JUMPDEST 0000173f: PUSH1 0x01 00001741: PUSH1 0xa0 00001743: PUSH1 0x02 00001745: EXP 00001746: SUB 00001747: DUP1 00001748: DUP7 00001749: AND 0000174a: PUSH1 0x00 0000174c: SWAP1 0000174d: DUP2 0000174e: MSTORE 0000174f: PUSH1 0x04 00001751: PUSH1 0x20 00001753: MSTORE 00001754: PUSH1 0x40 00001756: DUP1 00001757: DUP3 00001758: KECCAK256 00001759: SWAP4 0000175a: SWAP1 0000175b: SWAP4 0000175c: SSTORE 0000175d: PUSH1 0x01 0000175f: SLOAD 00001760: SWAP1 00001761: SWAP2 00001762: AND 00001763: DUP2 00001764: MSTORE 00001765: KECCAK256 00001766: DUP1 00001767: SLOAD 00001768: DUP3 00001769: ADD 0000176a: SWAP1 0000176b: SSTORE 0000176c: PUSH1 0x05 0000176e: SLOAD 0000176f: PUSH2 0x177e 00001772: SWAP1 00001773: DUP3 00001774: PUSH4 0xffffffff 00001779: PUSH2 0x165f 0000177c: AND 0000177d: JUMP 0000177e: JUMPDEST 0000177f: PUSH1 0x05 00001781: DUP2 00001782: SWAP1 00001783: SSTORE 00001784: PUSH8 0x0de0b6b3a7640000 0000178d: LT 0000178e: ISZERO 0000178f: PUSH2 0x17be 00001792: JUMPI 00001793: PUSH1 0x05 00001795: SLOAD 00001796: PUSH1 0x06 00001798: SLOAD 00001799: PUSH2 0x17b0 0000179c: SWAP1 0000179d: PUSH8 0x0de0b6b3a7640000 000017a6: PUSH4 0xffffffff 000017ab: PUSH2 0x1562 000017ae: AND 000017af: JUMP 000017b0: JUMPDEST 000017b1: DUP2 000017b2: ISZERO 000017b3: ISZERO 000017b4: PUSH2 0x17b9 000017b7: JUMPI 000017b8: INVALID 000017b9: JUMPDEST 000017ba: DIV 000017bb: PUSH1 0x07 000017bd: SSTORE 000017be: JUMPDEST 000017bf: DUP4 000017c0: PUSH1 0x01 000017c2: PUSH1 0xa0 000017c4: PUSH1 0x02 000017c6: EXP 000017c7: SUB 000017c8: AND 000017c9: DUP6 000017ca: PUSH1 0x01 000017cc: PUSH1 0xa0 000017ce: PUSH1 0x02 000017d0: EXP 000017d1: SUB 000017d2: AND 000017d3: PUSH32 0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef 000017f4: DUP6 000017f5: PUSH1 0x40 000017f7: MLOAD 000017f8: DUP1 000017f9: DUP3 000017fa: DUP2 000017fb: MSTORE 000017fc: PUSH1 0x20 000017fe: ADD 000017ff: SWAP2 00001800: POP 00001801: POP 00001802: PUSH1 0x40 00001804: MLOAD 00001805: DUP1 00001806: SWAP2 00001807: SUB 00001808: SWAP1 00001809: LOG3 0000180a: POP 0000180b: PUSH1 0x01 0000180d: SWAP5 0000180e: SWAP4 0000180f: POP 00001810: POP 00001811: POP 00001812: POP 00001813: JUMP 00001814: JUMPDEST 00001815: DUP3 00001816: DUP1 00001817: SLOAD 00001818: PUSH1 0x01 0000181a: DUP2 0000181b: PUSH1 0x01 0000181d: AND 0000181e: ISZERO 0000181f: PUSH2 0x0100 00001822: MUL 00001823: SUB 00001824: AND 00001825: PUSH1 0x02 00001827: SWAP1 00001828: DIV 00001829: SWAP1 0000182a: PUSH1 0x00 0000182c: MSTORE 0000182d: PUSH1 0x20 0000182f: PUSH1 0x00 00001831: KECCAK256 00001832: SWAP1 00001833: PUSH1 0x1f 00001835: ADD 00001836: PUSH1 0x20 00001838: SWAP1 00001839: DIV 0000183a: DUP2 0000183b: ADD 0000183c: SWAP3 0000183d: DUP3 0000183e: PUSH1 0x1f 00001840: LT 00001841: PUSH2 0x1855 00001844: JUMPI 00001845: DUP1 00001846: MLOAD 00001847: PUSH1 0xff 00001849: NOT 0000184a: AND 0000184b: DUP4 0000184c: DUP1 0000184d: ADD 0000184e: OR 0000184f: DUP6 00001850: SSTORE 00001851: PUSH2 0x1882 00001854: JUMP 00001855: JUMPDEST 00001856: DUP3 00001857: DUP1 00001858: ADD 00001859: PUSH1 0x01 0000185b: ADD 0000185c: DUP6 0000185d: SSTORE 0000185e: DUP3 0000185f: ISZERO 00001860: PUSH2 0x1882 00001863: JUMPI 00001864: SWAP2 00001865: DUP3 00001866: ADD 00001867: JUMPDEST 00001868: DUP3 00001869: DUP2 0000186a: GT 0000186b: ISZERO 0000186c: PUSH2 0x1882 0000186f: JUMPI 00001870: DUP3 00001871: MLOAD 00001872: DUP3 00001873: SSTORE 00001874: SWAP2 00001875: PUSH1 0x20 00001877: ADD 00001878: SWAP2 00001879: SWAP1 0000187a: PUSH1 0x01 0000187c: ADD 0000187d: SWAP1 0000187e: PUSH2 0x1867 00001881: JUMP 00001882: JUMPDEST 00001883: POP 00001884: PUSH2 0x0fd4 00001887: SWAP3 00001888: PUSH2 0x0929 0000188b: SWAP3 0000188c: POP 0000188d: SWAP1 0000188e: JUMPDEST 0000188f: DUP1 00001890: DUP3 00001891: GT 00001892: ISZERO 00001893: PUSH2 0x0fd4 00001896: JUMPI 00001897: PUSH1 0x00 00001899: DUP2 0000189a: SSTORE 0000189b: PUSH1 0x01 0000189d: ADD 0000189e: PUSH2 0x188e 000018a1: JUMP 000018a2: STOP 000018a3: LOG1 000018a4: PUSH6 0x627a7a723058 000018ab: KECCAK256 000018ac: EQ 000018ad: SUB 000018ae: CALLCODE 000018af: DUP11 000018b0: UNKNOWN(0xD5) 000018b1: REVERT 000018b2: UNKNOWN(0xBE) 000018b3: UNKNOWN(0x28) 000018b4: CALL 000018b5: UNKNOWN(0xCC) 000018b6: UNKNOWN(0xAA) 000018b7: BYTE 000018b8: GASPRICE 000018b9: POP 000018ba: GASPRICE 000018bb: PUSH13 0x45920f0d2332635166dc622bed 000018c9: UNKNOWN(0xC4) 000018ca: SWAP3 000018cb: UNKNOWN(0xC7) 000018cc: STOP 000018cd: UNKNOWN(0x29)
| Severity | Category | Tool | Title | Confidence | Validated | Confirmed | Details |
|---|---|---|---|---|---|---|---|
| high | access_control | codex | Whitelisted game can unilaterally drain any holder’s tokens/ETH via payWithToken | 85 | no | — |
viewevidence_json{
"evidence": "payWithToken only checks onlyFromGameWhiteListed and accepts an arbitrary _player_address, then debits that address and transfers ETH to msg.sender.",
"locations": [
"contracts/Contract.sol:412",
"contracts/Contract.sol:416",
"contracts/Contract.sol:429",
"contracts/Contract.sol:445"
],
"recommendation": "Require per-user authorization for spending (e.g., allowances or EIP-712 signed permits) or restrict payWithToken so only the token holder can initiate the spend. Consider adding per-game limits or revocable approvals.",
"exploit_scenario": "An attacker convinces the owner to whitelist (or compromises) a game address. That address can call payWithToken with a victim\u2019s address and an amount up to the victim\u2019s full balance, which burns the victim\u2019s tokens and transfers ETH to the attacker-controlled game address without any approval from the victim."
}
|
| high | other | slither | HDX20.payWithToken(uint256,address) (contracts/Contract.sol#395-431) sends eth to arbitrary user | 85 | no | — |
viewevidence_json{
"impact": "High",
"detector": "arbitrary-send-eth",
"elements": [
{
"name": "payWithToken",
"type": "function",
"source_mapping": {
"lines": [
395,
396,
397,
398,
399,
400,
401,
402,
403,
404,
405,
406,
407,
408,
409,
410,
411,
412,
413,
414,
415,
416,
417,
418,
419,
420,
421,
422,
423,
424,
425,
426,
427,
428,
429,
430,
431
],
"start": 10929,
"length": 1080,
"ending_column": 42,
"is_dependency": false,
"filename_short": "contracts/Contract.sol",
"starting_column": 3,
"filename_absolute": "/tmp/slither-0elelb1m/contracts/Contract.sol",
"filename_relative": "contracts/Contract.sol"
},
"type_specific_fields": {
"parent": {
"name": "HDX20",
"type": "contract",
"source_mapping": {
"lines": [
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49,
50,
51,
52,
53,
54,
55,
56,
57,
58,
59,
60,
61,
62,
63,
64,
65,
66,
67,
68,
69,
70,
71,
72,
73,
74,
75,
76,
77,
78,
79,
80,
81,
82,
83,
84,
85,
86,
87,
88,
89,
90,
91,
92,
93,
94,
95,
96,
97,
98,
99,
100,
101,
102,
103,
104,
105,
106,
107,
108,
109,
110,
111,
112,
113,
114,
115,
116,
117,
118,
119,
120,
121,
122,
123,
124,
125,
126,
127,
128,
129,
130,
131,
132,
133,
134,
135,
136,
137,
138,
139,
140,
141,
142,
143,
144,
145,
146,
147,
148,
149,
150,
151,
152,
153,
154,
155,
156,
157,
158,
159,
160,
161,
162,
163,
164,
165,
166,
167,
168,
169,
170,
171,
172,
173,
174,
175,
176,
177,
178,
179,
180,
181,
182,
183,
184,
185,
186,
187,
188,
189,
190,
191,
192,
193,
194,
195,
196,
197,
198,
199,
200,
201,
202,
203,
204,
205,
206,
207,
208,
209,
210,
211,
212,
213,
214,
215,
216,
217,
218,
219,
220,
221,
222,
223,
224,
225,
226,
227,
228,
229,
230,
231,
232,
233,
234,
235,
236,
237,
238,
239,
240,
241,
242,
243,
244,
245,
246,
247,
248,
249,
250,
251,
252,
253,
254,
255,
256,
257,
258,
259,
260,
261,
262,
263,
264,
265,
266,
267,
268,
269,
270,
271,
272,
273,
274,
275,
276,
277,
278,
279,
280,
281,
282,
283,
284,
285,
286,
287,
288,
289,
290,
291,
292,
293,
294,
295,
296,
297,
298,
299,
300,
301,
302,
303,
304,
305,
306,
307,
308,
309,
310,
311,
312,
313,
314,
315,
316,
317,
318,
319,
320,
321,
322,
323,
324,
325,
326,
327,
328,
329,
330,
331,
332,
333,
334,
335,
336,
337,
338,
339,
340,
341,
342,
343,
344,
345,
346,
347,
348,
349,
350,
351,
352,
353,
354,
355,
356,
357,
358,
359,
360,
361,
362,
363,
364,
365,
366,
367,
368,
369,
370,
371,
372,
373,
374,
375,
376,
377,
378,
379,
380,
381,
382,
383,
384,
385,
386,
387,
388,
389,
390,
391,
392,
393,
394,
395,
396,
397,
398,
399,
400,
401,
402,
403,
404,
405,
406,
407,
408,
409,
410,
411,
412,
413,
414,
415,
416,
417,
418,
419,
420,
421,
422,
423,
424,
425,
426,
427,
428,
429,
430,
431,
432,
433,
434,
435,
436,
437,
438,
439,
440,
441,
442,
443,
444,
445,
446,
447,
448,
449,
450,
451,
452,
453,
454,
455,
456,
457,
458,
459,
460,
461,
462,
463,
464,
465,
466,
467,
468,
469,
470,
471,
472,
473,
474,
475,
476,
477,
478,
479,
480,
481,
482,
483,
484,
485,
486,
487,
488,
489,
490,
491,
492,
493,
494,
495,
496,
497,
498,
499,
500,
501,
502,
503,
504,
505,
506,
507,
508,
509,
510,
511,
512,
513,
514,
515,
516,
517,
518,
519,
520,
521,
522,
523,
524,
525,
526,
527,
528,
529,
530,
531,
532,
533,
534,
535,
536,
537,
538,
539,
540,
541,
542,
543,
544,
545,
546,
547,
548,
549,
550,
551,
552,
553,
554,
555,
556,
557,
558,
559,
560,
561,
562,
563,
564,
565,
566,
567,
568,
569,
570,
571,
572,
573,
574,
575,
576,
577,
578,
579,
580,
581,
582,
583,
584,
585,
586,
587,
588,
589,
590,
591,
592,
593,
594,
595,
596,
597,
598,
599,
600,
601,
602,
603,
604,
605,
606,
607,
608,
609,
610,
611,
612,
613,
614,
615,
616,
617,
618,
619,
620,
621,
622,
623,
624,
625,
626,
627,
628,
629,
630,
631,
632,
633,
634,
635,
636,
637,
638,
639,
640,
641,
642,
643,
644,
645,
646,
647,
648,
649,
650,
651,
652,
653,
654,
655,
656,
657,
658,
659,
660,
661,
662,
663,
664,
665,
666,
667,
668,
669,
670,
671,
672,
673,
674,
675,
676,
677,
678,
679,
680,
681,
682,
683,
684,
685,
686,
687,
688,
689,
690,
691,
692,
693,
694,
695,
696,
697,
698,
699,
700,
701,
702,
703,
704,
705,
706,
707,
708,
709,
710,
711,
712
],
"start": 1451,
"length": 17697,
"ending_column": 3,
"is_dependency": false,
"filename_short": "contracts/Contract.sol",
"starting_column": 45,
"filename_absolute": "/tmp/slither-0elelb1m/contracts/Contract.sol",
"filename_relative": "contracts/Contract.sol"
}
},
"signature": "payWithToken(uint256,address)"
}
},
{
"name": "_game_contract.transfer(_eth)",
"type": "node",
"source_mapping": {
"lines": [
429,
430
],
"start": 11933,
"length": 31,
"ending_column": 7,
"is_dependency": false,
"filename_short": "contracts/Contract.sol",
"starting_column": 19,
"filename_absolute": "/tmp/slither-0elelb1m/contracts/Contract.sol",
"filename_relative": "contracts/Contract.sol"
},
"type_specific_fields": {
"parent": {
"name": "payWithToken",
"type": "function",
"source_mapping": {
"lines": [
395,
396,
397,
398,
399,
400,
401,
402,
403,
404,
405,
406,
407,
408,
409,
410,
411,
412,
413,
414,
415,
416,
417,
418,
419,
420,
421,
422,
423,
424,
425,
426,
427,
428,
429,
430,
431
],
"start": 10929,
"length": 1080,
"ending_column": 42,
"is_dependency": false,
"filename_short": "contracts/Contract.sol",
"starting_column": 3,
"filename_absolute": "/tmp/slither-0elelb1m/contracts/Contract.sol",
"filename_relative": "contracts/Contract.sol"
},
"type_specific_fields": {
"parent": {
"name": "HDX20",
"type": "contract",
"source_mapping": {
"lines": [
36,
37,
38,
39,
40,
41,
42,
43,
44,
45,
46,
47,
48,
49,
50,
51,
52,
53,
54,
55,
56,
57,
58,
59,
60,
61,
62,
63,
64,
65,
66,
67,
68,
69,
70,
71,
72,
73,
74,
75,
76,
77,
78,
79,
80,
81,
82,
83,
84,
85,
86,
87,
88,
89,
90,
91,
92,
93,
94,
95,
96,
97,
98,
99,
100,
101,
102,
103,
104,
105,
106,
107,
108,
109,
110,
111,
112,
113,
114,
115,
116,
117,
118,
119,
120,
121,
122,
123,
124,
125,
126,
127,
128,
129,
130,
131,
132,
133,
134,
135,
136,
137,
138,
139,
140,
141,
142,
143,
144,
145,
146,
147,
148,
149,
150,
151,
152,
153,
154,
155,
156,
157,
158,
159,
160,
161,
162,
163,
164,
165,
166,
167,
168,
169,
170,
171,
172,
173,
174,
175,
176,
177,
178,
179,
180,
181,
182,
183,
184,
185,
186,
187,
188,
189,
190,
191,
192,
193,
194,
195,
196,
197,
198,
199,
200,
201,
202,
203,
204,
205,
206,
207,
208,
209,
210,
211,
212,
213,
214,
215,
216,
217,
218,
219,
220,
221,
222,
223,
224,
225,
226,
227,
228,
229,
230,
231,
232,
233,
234,
235,
236,
237,
238,
239,
240,
241,
242,
243,
244,
245,
246,
247,
248,
249,
250,
251,
252,
253,
254,
255,
256,
257,
258,
259,
260,
261,
262,
263,
264,
265,
266,
267,
268,
269,
270,
271,
272,
273,
274,
275,
276,
277,
278,
279,
280,
281,
282,
283,
284,
285,
286,
287,
288,
289,
290,
291,
292,
293,
294,
295,
296,
297,
298,
299,
300,
301,
302,
303,
304,
305,
306,
307,
308,
309,
310,
311,
312,
313,
314,
315,
316,
317,
318,
319,
320,
321,
322,
323,
324,
325,
326,
327,
328,
329,
330,
331,
332,
333,
334,
335,
336,
337,
338,
339,
340,
341,
342,
343,
344,
345,
346,
347,
348,
349,
350,
351,
352,
353,
354,
355,
356,
357,
358,
359,
360,
361,
362,
363,
364,
365,
366,
367,
368,
369,
370,
371,
372,
373,
374,
375,
376,
377,
378,
379,
380,
381,
382,
383,
384,
385,
386,
387,
388,
389,
390,
391,
392,
393,
394,
395,
396,
397,
398,
399,
400,
401,
402,
403,
404,
405,
406,
407,
408,
409,
410,
411,
412,
413,
414,
415,
416,
417,
418,
419,
420,
421,
422,
423,
424,
425,
426,
427,
428,
429,
430,
431,
432,
433,
434,
435,
436,
437,
438,
439,
440,
441,
442,
443,
444,
445,
446,
447,
448,
449,
450,
451,
452,
453,
454,
455,
456,
457,
458,
459,
460,
461,
462,
463,
464,
465,
466,
467,
468,
469,
470,
471,
472,
473,
474,
475,
476,
477,
478,
479,
480,
481,
482,
483,
484,
485,
486,
487,
488,
489,
490,
491,
492,
493,
494,
495,
496,
497,
498,
499,
500,
501,
502,
503,
504,
505,
506,
507,
508,
509,
510,
511,
512,
513,
514,
515,
516,
517,
518,
519,
520,
521,
522,
523,
524,
525,
526,
527,
528,
529,
530,
531,
532,
533,
534,
535,
536,
537,
538,
539,
540,
541,
542,
543,
544,
545,
546,
547,
548,
549,
550,
551,
552,
553,
554,
555,
556,
557,
558,
559,
560,
561,
562,
563,
564,
565,
566,
567,
568,
569,
570,
571,
572,
573,
574,
575,
576,
577,
578,
579,
580,
581,
582,
583,
584,
585,
586,
587,
588,
589,
590,
591,
592,
593,
594,
595,
596,
597,
598,
599,
600,
601,
602,
603,
604,
605,
606,
607,
608,
609,
610,
611,
612,
613,
614,
615,
616,
617,
618,
619,
620,
621,
622,
623,
624,
625,
626,
627,
628,
629,
630,
631,
632,
633,
634,
635,
636,
637,
638,
639,
640,
641,
642,
643,
644,
645,
646,
647,
648,
649,
650,
651,
652,
653,
654,
655,
656,
657,
658,
659,
660,
661,
662,
663,
664,
665,
666,
667,
668,
669,
670,
671,
672,
673,
674,
675,
676,
677,
678,
679,
680,
681,
682,
683,
684,
685,
686,
687,
688,
689,
690,
691,
692,
693,
694,
695,
696,
697,
698,
699,
700,
701,
702,
703,
704,
705,
706,
707,
708,
709,
710,
711,
712
],
"start": 1451,
"length": 17697,
"ending_column": 3,
"is_dependency": false,
"filename_short": "contracts/Contract.sol",
"starting_column": 45,
"filename_absolute": "/tmp/slither-0elelb1m/contracts/Contract.sol",
"filename_relative": "contracts/Contract.sol"
}
},
"signature": "payWithToken(uint256,address)"
}
}
}
}
],
"locations": [
{
"file": "contracts/Contract.sol",
"name": "payWithToken",
"type": "function",
"lines": [
395,
396,
397,
398,
399,
400,
401,
402,
403,
404,
405,
406,
407,
408,
409,
410,
411,
412,
413,
414,
415,
416,
417,
418,
419,
420,
421,
422,
423,
424,
425,
426,
427,
428,
429,
430,
431
]
},
{
"file": "contracts/Contract.sol",
"name": "_game_contract.transfer(_eth)",
"type": "node",
"lines": [
429,
430
]
}
],
"description": "HDX20.payWithToken(uint256,address) (contracts/Contract.sol#395-431) sends eth to arbitrary user\n\tDangerous calls:\n\t- _game_contract.transfer(_eth) (contracts/Contract.sol#429-430)"
}
|
| high | other | detector | Untrusted CALL target/value reachable | 60 | no | no |
viewtrace_id: 0xbcea2c4bc5d2c407e8467cc340dc08d06009f0a2aca13fce94eb3458820781f5
call_targets:
0x8942a5995bd168f347f7ec58f25a54a9a064f882
target_varies:
no
classification:
constant_target
validation_json{
"sink": "CALL",
"errors": 0,
"status": "sink_reached",
"attempts": 1,
"trace_id": "0xbcea2c4bc5d2c407e8467cc340dc08d06009f0a2aca13fce94eb3458820781f5",
"confirmed": false,
"trace_mode": "callTracer",
"call_targets": [
"0x8942a5995bd168f347f7ec58f25a54a9a064f882"
],
"matched_probe": null,
"target_varies": false,
"classification": "constant_target"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0x06fdde03",
"selector": "0x06fdde03",
"calldata_variants": [
"0x06fdde03",
"0x06fdde030000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x1097b9ee",
"selector": "0x1097b9ee",
"calldata_variants": [
"0x1097b9ee",
"0x1097b9ee0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x16ff1c76",
"selector": "0x16ff1c76",
"calldata_variants": [
"0x16ff1c76",
"0x16ff1c760000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x18160ddd",
"selector": "0x18160ddd",
"calldata_variants": [
"0x18160ddd",
"0x18160ddd0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x2397e4d7",
"selector": "0x2397e4d7",
"calldata_variants": [
"0x2397e4d7",
"0x2397e4d70000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x313ce567",
"selector": "0x313ce567",
"calldata_variants": [
"0x313ce567",
"0x313ce5670000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x3a9d8be8",
"selector": "0x3a9d8be8",
"calldata_variants": [
"0x3a9d8be8",
"0x3a9d8be80000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x52dde1c3",
"selector": "0x52dde1c3",
"calldata_variants": [
"0x52dde1c3",
"0x52dde1c30000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 2797,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 3294,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 3704,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
}
],
"call_count": 5,
"guards_detected": [],
"untrusted_call_count": 5
}
|
| high | other | detector | ETH value transfer possible | 55 | no | no |
viewtrace_id: 0xbcea2c4bc5d2c407e8467cc340dc08d06009f0a2aca13fce94eb3458820781f5
call_targets:
0x8942a5995bd168f347f7ec58f25a54a9a064f882
target_varies:
no
classification:
constant_target
validation_json{
"sink": "CALL",
"errors": 0,
"status": "sink_reached",
"attempts": 1,
"trace_id": "0xbcea2c4bc5d2c407e8467cc340dc08d06009f0a2aca13fce94eb3458820781f5",
"confirmed": false,
"trace_mode": "callTracer",
"call_targets": [
"0x8942a5995bd168f347f7ec58f25a54a9a064f882"
],
"matched_probe": null,
"target_varies": false,
"classification": "constant_target"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0x06fdde03",
"selector": "0x06fdde03",
"calldata_variants": [
"0x06fdde03",
"0x06fdde030000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x1097b9ee",
"selector": "0x1097b9ee",
"calldata_variants": [
"0x1097b9ee",
"0x1097b9ee0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x16ff1c76",
"selector": "0x16ff1c76",
"calldata_variants": [
"0x16ff1c76",
"0x16ff1c760000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x18160ddd",
"selector": "0x18160ddd",
"calldata_variants": [
"0x18160ddd",
"0x18160ddd0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x2397e4d7",
"selector": "0x2397e4d7",
"calldata_variants": [
"0x2397e4d7",
"0x2397e4d70000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x313ce567",
"selector": "0x313ce567",
"calldata_variants": [
"0x313ce567",
"0x313ce5670000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x3a9d8be8",
"selector": "0x3a9d8be8",
"calldata_variants": [
"0x3a9d8be8",
"0x3a9d8be80000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x52dde1c3",
"selector": "0x52dde1c3",
"calldata_variants": [
"0x52dde1c3",
"0x52dde1c30000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 2797,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 3294,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 3704,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
}
],
"eth_value_calls": 5,
"guards_detected": []
}
|
| medium | upgradeability | codex | Owner can set migration target to arbitrary address, redirecting moveAccountOut funds | 75 | no | — |
viewevidence_json{
"evidence": "changeNewHDX20Contract allows any address; moveAccountOut forwards ETH to NewHDX20Contract without validation.",
"locations": [
"contracts/Contract.sol:245",
"contracts/Contract.sol:253",
"contracts/Contract.sol:451",
"contracts/Contract.sol:480"
],
"recommendation": "Enforce that NewHDX20Contract is a vetted contract (e.g., code size check and interface check), add a time-delayed two-step upgrade, and require explicit user opt-in or claim process for migrations.",
"exploit_scenario": "If the owner sets NewHDX20Contract to an EOA or malicious contract, users calling moveAccountOut will transfer their ETH to that address. If the target does not correctly credit the user, funds are lost. A compromised owner key can exploit this to siphon user funds during migration."
}
|
| low | math | codex | Unbounded superReferrerRate can revert buys or wrap fee calculation | 65 | no | — |
viewevidence_json{
"evidence": "addSuperReferrer has no bounds; buyToken/buyTokenFromGame use referrerFee + superReferrerRate without range checks.",
"locations": [
"contracts/Contract.sol:233",
"contracts/Contract.sol:236",
"contracts/Contract.sol:287",
"contracts/Contract.sol:292",
"contracts/Contract.sol:334",
"contracts/Contract.sol:339"
],
"recommendation": "Cap superReferrerRate to a safe maximum (<= 50) and perform the addition in uint256 with explicit bounds checks in addSuperReferrer.",
"exploit_scenario": "The owner can set superReferrerRate > 50. Then referrerFee + superReferrerRate exceeds 100, making _ethReferrer greater than _fee and causing SafeMath underflow in _fee.sub(_ethReferrer), reverting buys with a referrer. If superReferrerRate exceeds 205, uint8 addition wraps, producing unexpected referrer payout percentages."
}
|