019d5666-71d8-7367-a31c-57a89e3fae33
Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?
| ID | Type | Status | Attempts | Heartbeat |
|---|---|---|---|---|
| 42792 | artifact.fetch | complete | 1 / 3 | 1 week ago |
| 42793 | proxy.resolve | complete | 1 / 3 | 1 week ago |
| 42794 | tool.cast_disasm | complete | 1 / 3 | 1 week ago |
| 42795 | analysis.bundle | complete | 1 / 3 | 1 week ago |
| 42796 | capability.graph | complete | 1 / 3 | 1 week ago |
| 42797 | detector.run | complete | 1 / 3 | 1 week ago |
| 42798 | validation.fork | complete | 1 / 3 | 1 week ago |
| 42930 | report.consolidate | complete | 1 / 6 | 1 week ago |
| 42931 | tool.slither | complete | 1 / 2 | 1 week ago |
{
"status": "not_proxy"
}
'forge clean' running (wd: /tmp/slither-tk5eft00)
'forge config --json' running
'forge build --build-info --skip ./test/** ./script/** --force' running (wd: /tmp/slither-tk5eft00)
ActivePool.setAddresses(address,address,address,address)._borrowerOperationsAddress (contracts/ActivePool.sol#32) lacks a zero-check on :
- borrowerOperationsAddress = _borrowerOperationsAddress (contracts/ActivePool.sol#42)
ActivePool.setAddresses(address,address,address,address)._troveManagerAddress (contracts/ActivePool.sol#33) lacks a zero-check on :
- troveManagerAddress = _troveManagerAddress (contracts/ActivePool.sol#43)
ActivePool.setAddresses(address,address,address,address)._stabilityPoolAddress (contracts/ActivePool.sol#34) lacks a zero-check on :
- stabilityPoolAddress = _stabilityPoolAddress (contracts/ActivePool.sol#44)
ActivePool.setAddresses(address,address,address,address)._defaultPoolAddress (contracts/ActivePool.sol#35) lacks a zero-check on :
- defaultPoolAddress = _defaultPoolAddress (contracts/ActivePool.sol#45)
ActivePool.sendETH(address,uint256)._account (contracts/ActivePool.sol#72) lacks a zero-check on :
- (success,None) = _account.call{value: _amount}() (contracts/ActivePool.sol#78)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#missing-zero-address-validation
CheckContract.checkContract(address) (contracts/Dependencies/CheckContract.sol#10-19) uses assembly
- INLINE ASM (contracts/Dependencies/CheckContract.sol#15-17)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#assembly-usage
Version constraint 0.8.0 contains known severe issues (https://solidity.readthedocs.io/en/latest/bugs.html)
- FullInlinerNonExpressionSplitArgumentEvaluationOrder
- MissingSideEffectsOnSelectorAccess
- AbiReencodingHeadOverflowWithStaticArrayCleanup
- DirtyBytesArrayToStorage
- DataLocationChangeInInternalOverride
- NestedCalldataArrayAbiReencodingSizeValidation
- SignedImmutables
- ABIDecodeTwoDimensionalArrayMemory
- KeccakCaching.
It is used by:
- 0.8.0 (contracts/ActivePool.sol#3)
- 0.8.0 (contracts/Dependencies/CheckContract.sol#3)
- 0.8.0 (contracts/Dependencies/Ownable.sol#3)
- 0.8.0 (contracts/Dependencies/SafeMath.sol#3)
- 0.8.0 (contracts/Interfaces/IActivePool.sol#3)
- 0.8.0 (contracts/Interfaces/IPool.sol#3)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#incorrect-versions-of-solidity
Low level call in ActivePool.sendETH(address,uint256) (contracts/ActivePool.sol#72-80):
- (success,None) = _account.call{value: _amount}() (contracts/ActivePool.sol#78)
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#low-level-calls
Parameter ActivePool.setAddresses(address,address,address,address)._borrowerOperationsAddress (contracts/ActivePool.sol#32) is not in mixedCase
Parameter ActivePool.setAddresses(address,address,address,address)._troveManagerAddress (contracts/ActivePool.sol#33) is not in mixedCase
Parameter ActivePool.setAddresses(address,address,address,address)._stabilityPoolAddress (contracts/ActivePool.sol#34) is not in mixedCase
Parameter ActivePool.setAddresses(address,address,address,address)._defaultPoolAddress (contracts/ActivePool.sol#35) is not in mixedCase
Parameter ActivePool.sendETH(address,uint256)._account (contracts/ActivePool.sol#72) is not in mixedCase
Parameter ActivePool.sendETH(address,uint256)._amount (contracts/ActivePool.sol#72) is not in mixedCase
Parameter ActivePool.increaseARTHDebt(uint256)._amount (contracts/ActivePool.sol#82) is not in mixedCase
Parameter ActivePool.decreaseARTHDebt(uint256)._amount (contracts/ActivePool.sol#88) is not in mixedCase
Variable ActivePool.ETH (contracts/ActivePool.sol#26) is not in mixedCase
Variable ActivePool.ARTHDebt (contracts/ActivePool.sol#27) is not in mixedCase
Parameter CheckContract.checkContract(address)._account (contracts/Dependencies/CheckContract.sol#10) is not in mixedCase
Reference: https://github.com/crytic/slither/wiki/Detector-Documentation#conformance-to-solidity-naming-conventions
. analyzed (6 contracts with 100 detectors), 19 result(s) found
{
"solc": {
"status": "ok",
"use_rc": 0,
"version": "0.8.0",
"strategy": "solc-select",
"solc_path": "/var/www/tripwire/.venv/bin/solc",
"install_rc": 0,
"use_stderr": null,
"use_stdout": "Switched global version to 0.8.0",
"install_stderr": null,
"install_stdout": "Version '0.8.0' is already installed, skipping..."
},
"solc_args": "--base-path /tmp/slither-tk5eft00 --allow-paths /tmp/slither-tk5eft00,/tmp/slither-tk5eft00/lib,/tmp/slither-tk5eft00/src",
"remappings": [],
"source_files": [
"contracts/ActivePool.sol",
"contracts/Interfaces/IActivePool.sol",
"contracts/Dependencies/SafeMath.sol",
"contracts/Dependencies/Ownable.sol",
"contracts/Dependencies/CheckContract.sol",
"contracts/Interfaces/IPool.sol"
],
"contract_count": 0,
"contract_names": [],
"detector_count": 19,
"workspace_hash": "bd17abc61ba437a49d7d179960527a1967168b43adc9d21daa9deb9967992d59",
"duration_seconds": 0.41466450691223145,
"solc_version_requested": "0.8.0"
}
{"no_findings":true,"summary":"Read the full `AUDIT_BUNDLE.txt`. The only stateful first-party contract in scope is `ActivePool`; its sensitive functions are gated to configured system contracts, ETH state is updated before the external value transfer, and there is no in-scope proxy, signature-validation, oracle, or delegatecall surface. No meaningful exploitable vulnerability was identified in the first-party code provided.","findings":[]}
OpenAI Codex v0.118.0 (research preview)
--------
workdir: /tmp/codex-5mbusfkl
model: gpt-5.4
provider: openai
approval: never
sandbox: read-only
reasoning effort: high
reasoning summaries: none
session id: 019d567e-f861-7190-a5b1-000838f13db0
--------
user
You are a security auditor. Audit this Solidity codebase for exploitable vulnerabilities.
Focus on: reentrancy, access control, upgradeability/proxy issues, signature validation, oracle manipulation,
accounting/invariant breaks, external call patterns, unchecked return values, and dangerous delegatecall.
Scope rules:
- You MUST fully read `AUDIT_BUNDLE.txt` before concluding. It contains the complete contents of all first-party Solidity sources in this workspace.
- Treat `lib/` and `@openzeppelin/` as third-party dependencies; skip them unless there is a concrete misuse angle in first-party code.
- If there are only dependency files and no first-party sources, set no_findings=true and explain in summary.
Output MUST be valid JSON matching the provided schema.
- If you find nothing meaningful: set no_findings=true and findings=[].
- Otherwise: set no_findings=false and include findings with severity/category/title and file/line locations when possible.
Output constraints (IMPORTANT):
- severity MUST be exactly one of: info, low, medium, high, critical (lowercase).
- category MUST be exactly one of: access_control, reentrancy, math, oracle, upgradeability, auth, other.
Keep summary short and concrete.
warning: Codex could not find system bubblewrap on PATH. Please install bubblewrap with your package manager. Codex will use the vendored bubblewrap in the meantime.
exec
/bin/bash -lc 'wc -l AUDIT_BUNDLE.txt 2>/dev/null || ls -la' in /tmp/codex-5mbusfkl
succeeded in 0ms:
472 AUDIT_BUNDLE.txt
exec
/bin/bash -lc "pwd && rg --files -g 'AUDIT_BUNDLE.txt' -g 'AGENTS.md' -g '*.sol'" in /tmp/codex-5mbusfkl
succeeded in 0ms:
/tmp/codex-5mbusfkl
AUDIT_BUNDLE.txt
contracts/Dependencies/SafeMath.sol
contracts/Dependencies/CheckContract.sol
contracts/Dependencies/Ownable.sol
contracts/ActivePool.sol
contracts/Interfaces/IActivePool.sol
contracts/Interfaces/IPool.sol
→ Read `AUDIT_BUNDLE.txt` in full and map the first-party contracts/interfaces in scope
• Analyze control flow, privileged actions, external calls, and accounting invariants for exploitable issues
• Produce JSON findings with concrete evidence and locations
exec
/bin/bash -lc "sed -n '1,200p' AUDIT_BUNDLE.txt" in /tmp/codex-5mbusfkl
succeeded in 0ms:
This file concatenates the full contents of first-party Solidity sources for auditing.
Do not treat dependency code under lib/ or @openzeppelin/ as first-party.
================================================================================
FILE: contracts/ActivePool.sol
================================================================================
// SPDX-License-Identifier: MIT
pragma solidity 0.8.0;
import "./Interfaces/IActivePool.sol";
import "./Dependencies/SafeMath.sol";
import "./Dependencies/Ownable.sol";
import "./Dependencies/CheckContract.sol";
/*
* The Active Pool holds the ETH collateral and ARTH debt (but not ARTH tokens) for all active troves.
*
* When a trove is liquidated, it's ETH and ARTH debt are transferred from the Active Pool, to either the
* Stability Pool, the Default Pool, or both, depending on the liquidation conditions.
*
*/
contract ActivePool is Ownable, CheckContract, IActivePool {
using SafeMath for uint256;
string public constant NAME = "ActivePool";
address public borrowerOperationsAddress;
address public troveManagerAddress;
address public stabilityPoolAddress;
address public defaultPoolAddress;
uint256 internal ETH; // deposited ether tracker
uint256 internal ARTHDebt;
// --- Contract setters ---
function setAddresses(
address _borrowerOperationsAddress,
address _troveManagerAddress,
address _stabilityPoolAddress,
address _defaultPoolAddress
) external onlyOwner {
checkContract(_borrowerOperationsAddress);
checkContract(_troveManagerAddress);
checkContract(_stabilityPoolAddress);
checkContract(_defaultPoolAddress);
borrowerOperationsAddress = _borrowerOperationsAddress;
troveManagerAddress = _troveManagerAddress;
stabilityPoolAddress = _stabilityPoolAddress;
defaultPoolAddress = _defaultPoolAddress;
emit BorrowerOperationsAddressChanged(_borrowerOperationsAddress);
emit TroveManagerAddressChanged(_troveManagerAddress);
emit StabilityPoolAddressChanged(_stabilityPoolAddress);
emit DefaultPoolAddressChanged(_defaultPoolAddress);
_renounceOwnership();
}
// --- Getters for public variables. Required by IPool interface ---
/*
* Returns the ETH state variable.
*
*Not necessarily equal to the the contract's raw ETH balance - ether can be forcibly sent to contracts.
*/
function getETH() external view override returns (uint256) {
return ETH;
}
function getARTHDebt() external view override returns (uint256) {
return ARTHDebt;
}
// --- Pool functionality ---
function sendETH(address _account, uint256 _amount) external override {
_requireCallerIsBOorTroveMorSP();
ETH = ETH.sub(_amount);
emit ActivePoolETHBalanceUpdated(ETH);
emit EtherSent(_account, _amount);
(bool success, ) = _account.call{value: _amount}("");
require(success, "ActivePool: sending ETH failed");
}
function increaseARTHDebt(uint256 _amount) external override {
_requireCallerIsBOorTroveM();
ARTHDebt = ARTHDebt.add(_amount);
ActivePoolARTHDebtUpdated(ARTHDebt);
}
function decreaseARTHDebt(uint256 _amount) external override {
_requireCallerIsBOorTroveMorSP();
ARTHDebt = ARTHDebt.sub(_amount);
ActivePoolARTHDebtUpdated(ARTHDebt);
}
// --- 'require' functions ---
function _requireCallerIsBorrowerOperationsOrDefaultPool() internal view {
require(
msg.sender == borrowerOperationsAddress || msg.sender == defaultPoolAddress,
"ActivePool: Caller is neither BO nor Default Pool"
);
}
function _requireCallerIsBOorTroveMorSP() internal view {
require(
msg.sender == borrowerOperationsAddress ||
msg.sender == troveManagerAddress ||
msg.sender == stabilityPoolAddress,
"ActivePool: Caller is neither BorrowerOperations nor TroveManager nor StabilityPool"
);
}
function _requireCallerIsBOorTroveM() internal view {
require(
msg.sender == borrowerOperationsAddress || msg.sender == troveManagerAddress,
"ActivePool: Caller is neither BorrowerOperations nor TroveManager"
);
}
// --- Fallback function ---
receive() external payable {
_requireCallerIsBorrowerOperationsOrDefaultPool();
ETH = ETH.add(msg.value);
emit ActivePoolETHBalanceUpdated(ETH);
}
}
================================================================================
FILE: contracts/Dependencies/CheckContract.sol
================================================================================
// SPDX-License-Identifier: MIT
pragma solidity 0.8.0;
contract CheckContract {
/**
* Check that the account is an already deployed non-destroyed contract.
* See: https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/utils/Address.sol#L12
*/
function checkContract(address _account) internal view {
require(_account != address(0), "Account cannot be zero address");
uint256 size;
// solhint-disable-next-line no-inline-assembly
assembly {
size := extcodesize(_account)
}
require(size > 0, "Account code size cannot be zero");
}
}
================================================================================
FILE: contracts/Dependencies/Ownable.sol
================================================================================
// SPDX-License-Identifier: MIT
pragma solidity 0.8.0;
/**
* Based on OpenZeppelin's Ownable contract:
* https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/access/Ownable.sol
*
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
contract Ownable {
address private _owner;
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the deployer as the initial owner.
*/
constructor() {
_owner = msg.sender;
emit OwnershipTransferred(address(0), msg.sender);
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view returns (address) {
return _owner;
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
exec
/bin/bash -lc "sed -n '201,400p' AUDIT_BUNDLE.txt" in /tmp/codex-5mbusfkl
succeeded in 0ms:
require(isOwner(), "Ownable: caller is not the owner");
_;
}
/**
* @dev Returns true if the caller is the current owner.
*/
function isOwner() public view returns (bool) {
return msg.sender == _owner;
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions anymore.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby removing any functionality that is only available to the owner.
*
* NOTE: This function is not safe, as it doesn’t check owner is calling it.
* Make sure you check it before calling it.
*/
function _renounceOwnership() internal {
emit OwnershipTransferred(_owner, address(0));
_owner = address(0);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
require(newOwner != address(0), "Ownable: new owner is the zero address");
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual {
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
}
================================================================================
FILE: contracts/Dependencies/SafeMath.sol
================================================================================
// SPDX-License-Identifier: MIT
pragma solidity 0.8.0;
/**
* Based on OpenZeppelin's SafeMath:
* https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/math/SafeMath.sol
*
* @dev Wrappers over Solidity's arithmetic operations with added overflow
* checks.
*
* Arithmetic operations in Solidity wrap on overflow. This can easily result
* in bugs, because programmers usually assume that an overflow raises an
* error, which is the standard behavior in high level programming languages.
* `SafeMath` restores this intuition by reverting the transaction when an
* operation overflows.
*
* Using this library instead of the unchecked operations eliminates an entire
* class of bugs, so it's recommended to use it always.
*/
library SafeMath {
/**
* @dev Returns the addition of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `+` operator.
*
* Requirements:
* - Addition cannot overflow.
*/
function add(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 c = a + b;
require(c >= a, "SafeMath: addition overflow");
return c;
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
* - Subtraction cannot overflow.
*/
function sub(uint256 a, uint256 b) internal pure returns (uint256) {
return sub(a, b, "SafeMath: subtraction overflow");
}
/**
* @dev Returns the subtraction of two unsigned integers, reverting with custom message on
* overflow (when the result is negative).
*
* Counterpart to Solidity's `-` operator.
*
* Requirements:
* - Subtraction cannot overflow.
*
* _Available since v2.4.0._
*/
function sub(
uint256 a,
uint256 b,
string memory errorMessage
) internal pure returns (uint256) {
require(b <= a, errorMessage);
uint256 c = a - b;
return c;
}
/**
* @dev Returns the multiplication of two unsigned integers, reverting on
* overflow.
*
* Counterpart to Solidity's `*` operator.
*
* Requirements:
* - Multiplication cannot overflow.
*/
function mul(uint256 a, uint256 b) internal pure returns (uint256) {
// Gas optimization: this is cheaper than requiring 'a' not being zero, but the
// benefit is lost if 'b' is also tested.
// See: https://github.com/OpenZeppelin/openzeppelin-contracts/pull/522
if (a == 0) {
return 0;
}
uint256 c = a * b;
require(c / a == b, "SafeMath: multiplication overflow");
return c;
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/
function div(uint256 a, uint256 b) internal pure returns (uint256) {
return div(a, b, "SafeMath: division by zero");
}
/**
* @dev Returns the integer division of two unsigned integers. Reverts with custom message on
* division by zero. The result is rounded towards zero.
*
* Counterpart to Solidity's `/` operator. Note: this function uses a
* `revert` opcode (which leaves remaining gas untouched) while Solidity
* uses an invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*
* _Available since v2.4.0._
*/
function div(
uint256 a,
uint256 b,
string memory errorMessage
) internal pure returns (uint256) {
// Solidity only automatically asserts when dividing by 0
require(b > 0, errorMessage);
uint256 c = a / b;
// assert(a == b * c + a % b); // There is no case in which this doesn't hold
return c;
}
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*/
function mod(uint256 a, uint256 b) internal pure returns (uint256) {
return mod(a, b, "SafeMath: modulo by zero");
}
exec
/bin/bash -lc "sed -n '401,472p' AUDIT_BUNDLE.txt" in /tmp/codex-5mbusfkl
succeeded in 0ms:
/**
* @dev Returns the remainder of dividing two unsigned integers. (unsigned integer modulo),
* Reverts with custom message when dividing by zero.
*
* Counterpart to Solidity's `%` operator. This function uses a `revert`
* opcode (which leaves remaining gas untouched) while Solidity uses an
* invalid opcode to revert (consuming all remaining gas).
*
* Requirements:
* - The divisor cannot be zero.
*
* _Available since v2.4.0._
*/
function mod(
uint256 a,
uint256 b,
string memory errorMessage
) internal pure returns (uint256) {
require(b != 0, errorMessage);
return a % b;
}
}
================================================================================
FILE: contracts/Interfaces/IActivePool.sol
================================================================================
// SPDX-License-Identifier: MIT
pragma solidity 0.8.0;
import "./IPool.sol";
interface IActivePool is IPool {
// --- Events ---
event BorrowerOperationsAddressChanged(address _newBorrowerOperationsAddress);
event TroveManagerAddressChanged(address _newTroveManagerAddress);
event ActivePoolARTHDebtUpdated(uint256 _ARTHDebt);
event ActivePoolETHBalanceUpdated(uint256 _ETH);
// --- Functions ---
function sendETH(address _account, uint256 _amount) external;
}
================================================================================
FILE: contracts/Interfaces/IPool.sol
================================================================================
// SPDX-License-Identifier: MIT
pragma solidity 0.8.0;
// Common interface for the Pools.
interface IPool {
// --- Events ---
event ETHBalanceUpdated(uint256 _newBalance);
event ARTHBalanceUpdated(uint256 _newBalance);
event ActivePoolAddressChanged(address _newActivePoolAddress);
event DefaultPoolAddressChanged(address _newDefaultPoolAddress);
event StabilityPoolAddressChanged(address _newStabilityPoolAddress);
event EtherSent(address _to, uint256 _amount);
// --- Functions ---
function getETH() external view returns (uint256);
function getARTHDebt() external view returns (uint256);
function increaseARTHDebt(uint256 _amount) external;
function decreaseARTHDebt(uint256 _amount) external;
}
exec
/bin/bash -lc 'nl -ba contracts/ActivePool.sol' in /tmp/codex-5mbusfkl
succeeded in 0ms:
1 // SPDX-License-Identifier: MIT
2
3 pragma solidity 0.8.0;
4
5 import "./Interfaces/IActivePool.sol";
6 import "./Dependencies/SafeMath.sol";
7 import "./Dependencies/Ownable.sol";
8 import "./Dependencies/CheckContract.sol";
9
10 /*
11 * The Active Pool holds the ETH collateral and ARTH debt (but not ARTH tokens) for all active troves.
12 *
13 * When a trove is liquidated, it's ETH and ARTH debt are transferred from the Active Pool, to either the
14 * Stability Pool, the Default Pool, or both, depending on the liquidation conditions.
15 *
16 */
17 contract ActivePool is Ownable, CheckContract, IActivePool {
18 using SafeMath for uint256;
19
20 string public constant NAME = "ActivePool";
21
22 address public borrowerOperationsAddress;
23 address public troveManagerAddress;
24 address public stabilityPoolAddress;
25 address public defaultPoolAddress;
26 uint256 internal ETH; // deposited ether tracker
27 uint256 internal ARTHDebt;
28
29 // --- Contract setters ---
30
31 function setAddresses(
32 address _borrowerOperationsAddress,
33 address _troveManagerAddress,
34 address _stabilityPoolAddress,
35 address _defaultPoolAddress
36 ) external onlyOwner {
37 checkContract(_borrowerOperationsAddress);
38 checkContract(_troveManagerAddress);
39 checkContract(_stabilityPoolAddress);
40 checkContract(_defaultPoolAddress);
41
42 borrowerOperationsAddress = _borrowerOperationsAddress;
43 troveManagerAddress = _troveManagerAddress;
44 stabilityPoolAddress = _stabilityPoolAddress;
45 defaultPoolAddress = _defaultPoolAddress;
46
47 emit BorrowerOperationsAddressChanged(_borrowerOperationsAddress);
48 emit TroveManagerAddressChanged(_troveManagerAddress);
49 emit StabilityPoolAddressChanged(_stabilityPoolAddress);
50 emit DefaultPoolAddressChanged(_defaultPoolAddress);
51
52 _renounceOwnership();
53 }
54
55 // --- Getters for public variables. Required by IPool interface ---
56
57 /*
58 * Returns the ETH state variable.
59 *
60 *Not necessarily equal to the the contract's raw ETH balance - ether can be forcibly sent to contracts.
61 */
62 function getETH() external view override returns (uint256) {
63 return ETH;
64 }
65
66 function getARTHDebt() external view override returns (uint256) {
67 return ARTHDebt;
68 }
69
70 // --- Pool functionality ---
71
72 function sendETH(address _account, uint256 _amount) external override {
73 _requireCallerIsBOorTroveMorSP();
74 ETH = ETH.sub(_amount);
75 emit ActivePoolETHBalanceUpdated(ETH);
76 emit EtherSent(_account, _amount);
77
78 (bool success, ) = _account.call{value: _amount}("");
79 require(success, "ActivePool: sending ETH failed");
80 }
81
82 function increaseARTHDebt(uint256 _amount) external override {
83 _requireCallerIsBOorTroveM();
84 ARTHDebt = ARTHDebt.add(_amount);
85 ActivePoolARTHDebtUpdated(ARTHDebt);
86 }
87
88 function decreaseARTHDebt(uint256 _amount) external override {
89 _requireCallerIsBOorTroveMorSP();
90 ARTHDebt = ARTHDebt.sub(_amount);
91 ActivePoolARTHDebtUpdated(ARTHDebt);
92 }
93
94 // --- 'require' functions ---
95
96 function _requireCallerIsBorrowerOperationsOrDefaultPool() internal view {
97 require(
98 msg.sender == borrowerOperationsAddress || msg.sender == defaultPoolAddress,
99 "ActivePool: Caller is neither BO nor Default Pool"
100 );
101 }
102
103 function _requireCallerIsBOorTroveMorSP() internal view {
104 require(
105 msg.sender == borrowerOperationsAddress ||
106 msg.sender == troveManagerAddress ||
107 msg.sender == stabilityPoolAddress,
108 "ActivePool: Caller is neither BorrowerOperations nor TroveManager nor StabilityPool"
109 );
110 }
111
112 function _requireCallerIsBOorTroveM() internal view {
113 require(
114 msg.sender == borrowerOperationsAddress || msg.sender == troveManagerAddress,
115 "ActivePool: Caller is neither BorrowerOperations nor TroveManager"
116 );
117 }
118
119 // --- Fallback function ---
120
121 receive() external payable {
122 _requireCallerIsBorrowerOperationsOrDefaultPool();
123 ETH = ETH.add(msg.value);
124 emit ActivePoolETHBalanceUpdated(ETH);
125 }
126 }
exec
/bin/bash -lc 'nl -ba contracts/Dependencies/Ownable.sol' in /tmp/codex-5mbusfkl
succeeded in 0ms:
1 // SPDX-License-Identifier: MIT
2
3 pragma solidity 0.8.0;
4
5 /**
6 * Based on OpenZeppelin's Ownable contract:
7 * https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/access/Ownable.sol
8 *
9 * @dev Contract module which provides a basic access control mechanism, where
10 * there is an account (an owner) that can be granted exclusive access to
11 * specific functions.
12 *
13 * This module is used through inheritance. It will make available the modifier
14 * `onlyOwner`, which can be applied to your functions to restrict their use to
15 * the owner.
16 */
17 contract Ownable {
18 address private _owner;
19
20 event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
21
22 /**
23 * @dev Initializes the contract setting the deployer as the initial owner.
24 */
25 constructor() {
26 _owner = msg.sender;
27 emit OwnershipTransferred(address(0), msg.sender);
28 }
29
30 /**
31 * @dev Returns the address of the current owner.
32 */
33 function owner() public view returns (address) {
34 return _owner;
35 }
36
37 /**
38 * @dev Throws if called by any account other than the owner.
39 */
40 modifier onlyOwner() {
41 require(isOwner(), "Ownable: caller is not the owner");
42 _;
43 }
44
45 /**
46 * @dev Returns true if the caller is the current owner.
47 */
48 function isOwner() public view returns (bool) {
49 return msg.sender == _owner;
50 }
51
52 /**
53 * @dev Leaves the contract without owner. It will not be possible to call
54 * `onlyOwner` functions anymore.
55 *
56 * NOTE: Renouncing ownership will leave the contract without an owner,
57 * thereby removing any functionality that is only available to the owner.
58 *
59 * NOTE: This function is not safe, as it doesn’t check owner is calling it.
60 * Make sure you check it before calling it.
61 */
62 function _renounceOwnership() internal {
63 emit OwnershipTransferred(_owner, address(0));
64 _owner = address(0);
65 }
66
67 /**
68 * @dev Transfers ownership of the contract to a new account (`newOwner`).
69 * Can only be called by the current owner.
70 */
71 function transferOwnership(address newOwner) public virtual onlyOwner {
72 require(newOwner != address(0), "Ownable: new owner is the zero address");
73 _transferOwnership(newOwner);
74 }
75
76 /**
77 * @dev Transfers ownership of the contract to a new account (`newOwner`).
78 * Internal function without access restriction.
79 */
80 function _transferOwnership(address newOwner) internal virtual {
81 address oldOwner = _owner;
82 _owner = newOwner;
83 emit OwnershipTransferred(oldOwner, newOwner);
84 }
85 }
exec
/bin/bash -lc 'nl -ba contracts/Interfaces/IActivePool.sol' in /tmp/codex-5mbusfkl
succeeded in 0ms:
1 // SPDX-License-Identifier: MIT
2
3 pragma solidity 0.8.0;
4
5 import "./IPool.sol";
6
7 interface IActivePool is IPool {
8 // --- Events ---
9 event BorrowerOperationsAddressChanged(address _newBorrowerOperationsAddress);
10 event TroveManagerAddressChanged(address _newTroveManagerAddress);
11 event ActivePoolARTHDebtUpdated(uint256 _ARTHDebt);
12 event ActivePoolETHBalanceUpdated(uint256 _ETH);
13
14 // --- Functions ---
15 function sendETH(address _account, uint256 _amount) external;
16 }
Read the full bundle and reviewed the only stateful first-party contract (`ActivePool`) for caller gating, external call sequencing, accounting, and upgrade/auth/oracle surfaces. No exploitable issue emerged from the in-scope code alone.
✓ Read `AUDIT_BUNDLE.txt` in full and map the first-party contracts/interfaces in scope
✓ Analyze control flow, privileged actions, external calls, and accounting invariants for exploitable issues
→ Produce JSON findings with concrete evidence and locations
codex
{"no_findings":true,"summary":"Read the full `AUDIT_BUNDLE.txt`. The only stateful first-party contract in scope is `ActivePool`; its sensitive functions are gated to configured system contracts, ETH state is updated before the external value transfer, and there is no in-scope proxy, signature-validation, oracle, or delegatecall surface. No meaningful exploitable vulnerability was identified in the first-party code provided.","findings":[]}
tokens used
32,359
{
"codex": {
"ran_at": "2026-04-04T03:18:15.808620+00:00",
"returncode": 0
},
"project": {
"mode": "source",
"file_count": 6,
"import_count": 5,
"first_party_contracts_count": 6
},
"summary": "Read the full `AUDIT_BUNDLE.txt`. The only stateful first-party contract in scope is `ActivePool`; its sensitive functions are gated to configured system contracts, ETH state is updated before the external value transfer, and there is no in-scope proxy, signature-validation, oracle, or delegatecall surface. No meaningful exploitable vulnerability was identified in the first-party code provided.",
"raw_final": {
"summary": "Read the full `AUDIT_BUNDLE.txt`. The only stateful first-party contract in scope is `ActivePool`; its sensitive functions are gated to configured system contracts, ETH state is updated before the external value transfer, and there is no in-scope proxy, signature-validation, oracle, or delegatecall surface. No meaningful exploitable vulnerability was identified in the first-party code provided.",
"findings": [],
"no_findings": true
},
"no_findings": true,
"schema_version": 1
}
00000000: PUSH1 0x80 00000002: PUSH1 0x40 00000004: MSTORE 00000005: PUSH1 0x04 00000007: CALLDATASIZE 00000008: LT 00000009: PUSH2 0x00c1 0000000c: JUMPI 0000000d: PUSH1 0x00 0000000f: CALLDATALOAD 00000010: PUSH1 0xe0 00000012: SHR 00000013: DUP1 00000014: PUSH4 0x72cc6c4a 00000019: GT 0000001a: PUSH2 0x006f 0000001d: JUMPI 0000001e: DUP1 0000001f: PUSH4 0x72cc6c4a 00000024: EQ 00000025: PUSH2 0x0201 00000028: JUMPI 00000029: DUP1 0000002a: PUSH4 0x8da5cb5b 0000002f: EQ 00000030: PUSH2 0x0216 00000033: JUMPI 00000034: DUP1 00000035: PUSH4 0x8f32d59b 0000003a: EQ 0000003b: PUSH2 0x022b 0000003e: JUMPI 0000003f: DUP1 00000040: PUSH4 0xa3f4df7e 00000045: EQ 00000046: PUSH2 0x024d 00000049: JUMPI 0000004a: DUP1 0000004b: PUSH4 0xaac1846f 00000050: EQ 00000051: PUSH2 0x026f 00000054: JUMPI 00000055: DUP1 00000056: PUSH4 0xb7f8cf9b 0000005b: EQ 0000005c: PUSH2 0x0284 0000005f: JUMPI 00000060: DUP1 00000061: PUSH4 0xf2fde38b 00000066: EQ 00000067: PUSH2 0x0299 0000006a: JUMPI 0000006b: PUSH2 0x0118 0000006e: JUMP 0000006f: JUMPDEST 00000070: DUP1 00000071: PUSH4 0x0b622ab2 00000076: EQ 00000077: PUSH2 0x011d 0000007a: JUMPI 0000007b: DUP1 0000007c: PUSH4 0x14f6c3be 00000081: EQ 00000082: PUSH2 0x0148 00000085: JUMPI 00000086: DUP1 00000087: PUSH4 0x3fc52c92 0000008c: EQ 0000008d: PUSH2 0x016a 00000090: JUMPI 00000091: DUP1 00000092: PUSH4 0x4a945f8d 00000097: EQ 00000098: PUSH2 0x018c 0000009b: JUMPI 0000009c: DUP1 0000009d: PUSH4 0x5a4d28bb 000000a2: EQ 000000a3: PUSH2 0x01ac 000000a6: JUMPI 000000a7: DUP1 000000a8: PUSH4 0x64a197f3 000000ad: EQ 000000ae: PUSH2 0x01c1 000000b1: JUMPI 000000b2: DUP1 000000b3: PUSH4 0x713af214 000000b8: EQ 000000b9: PUSH2 0x01e1 000000bc: JUMPI 000000bd: PUSH2 0x0118 000000c0: JUMP 000000c1: JUMPDEST 000000c2: CALLDATASIZE 000000c3: PUSH2 0x0118 000000c6: JUMPI 000000c7: PUSH2 0x00ce 000000ca: PUSH2 0x02b9 000000cd: JUMP 000000ce: JUMPDEST 000000cf: PUSH1 0x05 000000d1: SLOAD 000000d2: PUSH2 0x00db 000000d5: SWAP1 000000d6: CALLVALUE 000000d7: PUSH2 0x0303 000000da: JUMP 000000db: JUMPDEST 000000dc: PUSH1 0x05 000000de: DUP2 000000df: SWAP1 000000e0: SSTORE 000000e1: PUSH1 0x40 000000e3: MLOAD 000000e4: PUSH32 0xca232b5abb988c540b959ff6c3bfae3e97fff964fd098c508f9613c0a6bf1a80 00000105: SWAP2 00000106: PUSH2 0x010e 00000109: SWAP2 0000010a: PUSH2 0x0cdc 0000010d: JUMP 0000010e: JUMPDEST 0000010f: PUSH1 0x40 00000111: MLOAD 00000112: DUP1 00000113: SWAP2 00000114: SUB 00000115: SWAP1 00000116: LOG1 00000117: STOP 00000118: JUMPDEST 00000119: PUSH1 0x00 0000011b: DUP1 0000011c: REVERT 0000011d: JUMPDEST 0000011e: CALLVALUE 0000011f: DUP1 00000120: ISZERO 00000121: PUSH2 0x0129 00000124: JUMPI 00000125: PUSH1 0x00 00000127: DUP1 00000128: REVERT 00000129: JUMPDEST 0000012a: POP 0000012b: PUSH2 0x0132 0000012e: PUSH2 0x0339 00000131: JUMP 00000132: JUMPDEST 00000133: PUSH1 0x40 00000135: MLOAD 00000136: PUSH2 0x013f 00000139: SWAP2 0000013a: SWAP1 0000013b: PUSH2 0x09cb 0000013e: JUMP 0000013f: JUMPDEST 00000140: PUSH1 0x40 00000142: MLOAD 00000143: DUP1 00000144: SWAP2 00000145: SUB 00000146: SWAP1 00000147: RETURN 00000148: JUMPDEST 00000149: CALLVALUE 0000014a: DUP1 0000014b: ISZERO 0000014c: PUSH2 0x0154 0000014f: JUMPI 00000150: PUSH1 0x00 00000152: DUP1 00000153: REVERT 00000154: JUMPDEST 00000155: POP 00000156: PUSH2 0x015d 00000159: PUSH2 0x0348 0000015c: JUMP 0000015d: JUMPDEST 0000015e: PUSH1 0x40 00000160: MLOAD 00000161: PUSH2 0x013f 00000164: SWAP2 00000165: SWAP1 00000166: PUSH2 0x0cdc 00000169: JUMP 0000016a: JUMPDEST 0000016b: CALLVALUE 0000016c: DUP1 0000016d: ISZERO 0000016e: PUSH2 0x0176 00000171: JUMPI 00000172: PUSH1 0x00 00000174: DUP1 00000175: REVERT 00000176: JUMPDEST 00000177: POP 00000178: PUSH2 0x018a 0000017b: PUSH2 0x0185 0000017e: CALLDATASIZE 0000017f: PUSH1 0x04 00000181: PUSH2 0x09b0 00000184: JUMP 00000185: JUMPDEST 00000186: PUSH2 0x034e 00000189: JUMP 0000018a: JUMPDEST 0000018b: STOP 0000018c: JUMPDEST 0000018d: CALLVALUE 0000018e: DUP1 0000018f: ISZERO 00000190: PUSH2 0x0198 00000193: JUMPI 00000194: PUSH1 0x00 00000196: DUP1 00000197: REVERT 00000198: JUMPDEST 00000199: POP 0000019a: PUSH2 0x018a 0000019d: PUSH2 0x01a7 000001a0: CALLDATASIZE 000001a1: PUSH1 0x04 000001a3: PUSH2 0x0934 000001a6: JUMP 000001a7: JUMPDEST 000001a8: PUSH2 0x03a1 000001ab: JUMP 000001ac: JUMPDEST 000001ad: CALLVALUE 000001ae: DUP1 000001af: ISZERO 000001b0: PUSH2 0x01b8 000001b3: JUMPI 000001b4: PUSH1 0x00 000001b6: DUP1 000001b7: REVERT 000001b8: JUMPDEST 000001b9: POP 000001ba: PUSH2 0x0132 000001bd: PUSH2 0x051e 000001c0: JUMP 000001c1: JUMPDEST 000001c2: CALLVALUE 000001c3: DUP1 000001c4: ISZERO 000001c5: PUSH2 0x01cd 000001c8: JUMPI 000001c9: PUSH1 0x00 000001cb: DUP1 000001cc: REVERT 000001cd: JUMPDEST 000001ce: POP 000001cf: PUSH2 0x018a 000001d2: PUSH2 0x01dc 000001d5: CALLDATASIZE 000001d6: PUSH1 0x04 000001d8: PUSH2 0x0987 000001db: JUMP 000001dc: JUMPDEST 000001dd: PUSH2 0x052d 000001e0: JUMP 000001e1: JUMPDEST 000001e2: CALLVALUE 000001e3: DUP1 000001e4: ISZERO 000001e5: PUSH2 0x01ed 000001e8: JUMPI 000001e9: PUSH1 0x00 000001eb: DUP1 000001ec: REVERT 000001ed: JUMPDEST 000001ee: POP 000001ef: PUSH2 0x018a 000001f2: PUSH2 0x01fc 000001f5: CALLDATASIZE 000001f6: PUSH1 0x04 000001f8: PUSH2 0x09b0 000001fb: JUMP 000001fc: JUMPDEST 000001fd: PUSH2 0x0637 00000200: JUMP 00000201: JUMPDEST 00000202: CALLVALUE 00000203: DUP1 00000204: ISZERO 00000205: PUSH2 0x020d 00000208: JUMPI 00000209: PUSH1 0x00 0000020b: DUP1 0000020c: REVERT 0000020d: JUMPDEST 0000020e: POP 0000020f: PUSH2 0x015d 00000212: PUSH2 0x064c 00000215: JUMP 00000216: JUMPDEST 00000217: CALLVALUE 00000218: DUP1 00000219: ISZERO 0000021a: PUSH2 0x0222 0000021d: JUMPI 0000021e: PUSH1 0x00 00000220: DUP1 00000221: REVERT 00000222: JUMPDEST 00000223: POP 00000224: PUSH2 0x0132 00000227: PUSH2 0x0652 0000022a: JUMP 0000022b: JUMPDEST 0000022c: CALLVALUE 0000022d: DUP1 0000022e: ISZERO 0000022f: PUSH2 0x0237 00000232: JUMPI 00000233: PUSH1 0x00 00000235: DUP1 00000236: REVERT 00000237: JUMPDEST 00000238: POP 00000239: PUSH2 0x0240 0000023c: PUSH2 0x0661 0000023f: JUMP 00000240: JUMPDEST 00000241: PUSH1 0x40 00000243: MLOAD 00000244: PUSH2 0x013f 00000247: SWAP2 00000248: SWAP1 00000249: PUSH2 0x09f8 0000024c: JUMP 0000024d: JUMPDEST 0000024e: CALLVALUE 0000024f: DUP1 00000250: ISZERO 00000251: PUSH2 0x0259 00000254: JUMPI 00000255: PUSH1 0x00 00000257: DUP1 00000258: REVERT 00000259: JUMPDEST 0000025a: POP 0000025b: PUSH2 0x0262 0000025e: PUSH2 0x0672 00000261: JUMP 00000262: JUMPDEST 00000263: PUSH1 0x40 00000265: MLOAD 00000266: PUSH2 0x013f 00000269: SWAP2 0000026a: SWAP1 0000026b: PUSH2 0x0a03 0000026e: JUMP 0000026f: JUMPDEST 00000270: CALLVALUE 00000271: DUP1 00000272: ISZERO 00000273: PUSH2 0x027b 00000276: JUMPI 00000277: PUSH1 0x00 00000279: DUP1 0000027a: REVERT 0000027b: JUMPDEST 0000027c: POP 0000027d: PUSH2 0x0132 00000280: PUSH2 0x0698 00000283: JUMP 00000284: JUMPDEST 00000285: CALLVALUE 00000286: DUP1 00000287: ISZERO 00000288: PUSH2 0x0290 0000028b: JUMPI 0000028c: PUSH1 0x00 0000028e: DUP1 0000028f: REVERT 00000290: JUMPDEST 00000291: POP 00000292: PUSH2 0x0132 00000295: PUSH2 0x06a7 00000298: JUMP 00000299: JUMPDEST 0000029a: CALLVALUE 0000029b: DUP1 0000029c: ISZERO 0000029d: PUSH2 0x02a5 000002a0: JUMPI 000002a1: PUSH1 0x00 000002a3: DUP1 000002a4: REVERT 000002a5: JUMPDEST 000002a6: POP 000002a7: PUSH2 0x018a 000002aa: PUSH2 0x02b4 000002ad: CALLDATASIZE 000002ae: PUSH1 0x04 000002b0: PUSH2 0x091a 000002b3: JUMP 000002b4: JUMPDEST 000002b5: PUSH2 0x06b6 000002b8: JUMP 000002b9: JUMPDEST 000002ba: PUSH1 0x01 000002bc: SLOAD 000002bd: PUSH1 0x01 000002bf: PUSH1 0x01 000002c1: PUSH1 0xa0 000002c3: SHL 000002c4: SUB 000002c5: AND 000002c6: CALLER 000002c7: EQ 000002c8: DUP1 000002c9: PUSH2 0x02dc 000002cc: JUMPI 000002cd: POP 000002ce: PUSH1 0x04 000002d0: SLOAD 000002d1: PUSH1 0x01 000002d3: PUSH1 0x01 000002d5: PUSH1 0xa0 000002d7: SHL 000002d8: SUB 000002d9: AND 000002da: CALLER 000002db: EQ 000002dc: JUMPDEST 000002dd: PUSH2 0x0301 000002e0: JUMPI 000002e1: PUSH1 0x40 000002e3: MLOAD 000002e4: PUSH3 0x461bcd 000002e8: PUSH1 0xe5 000002ea: SHL 000002eb: DUP2 000002ec: MSTORE 000002ed: PUSH1 0x04 000002ef: ADD 000002f0: PUSH2 0x02f8 000002f3: SWAP1 000002f4: PUSH2 0x0c21 000002f7: JUMP 000002f8: JUMPDEST 000002f9: PUSH1 0x40 000002fb: MLOAD 000002fc: DUP1 000002fd: SWAP2 000002fe: SUB 000002ff: SWAP1 00000300: REVERT 00000301: JUMPDEST 00000302: JUMP 00000303: JUMPDEST 00000304: PUSH1 0x00 00000306: DUP1 00000307: PUSH2 0x0310 0000030a: DUP4 0000030b: DUP6 0000030c: PUSH2 0x0ce5 0000030f: JUMP 00000310: JUMPDEST 00000311: SWAP1 00000312: POP 00000313: DUP4 00000314: DUP2 00000315: LT 00000316: ISZERO 00000317: PUSH2 0x0332 0000031a: JUMPI 0000031b: PUSH1 0x40 0000031d: MLOAD 0000031e: PUSH3 0x461bcd 00000322: PUSH1 0xe5 00000324: SHL 00000325: DUP2 00000326: MSTORE 00000327: PUSH1 0x04 00000329: ADD 0000032a: PUSH2 0x02f8 0000032d: SWAP1 0000032e: PUSH2 0x0b03 00000331: JUMP 00000332: JUMPDEST 00000333: SWAP4 00000334: SWAP3 00000335: POP 00000336: POP 00000337: POP 00000338: JUMP 00000339: JUMPDEST 0000033a: PUSH1 0x03 0000033c: SLOAD 0000033d: PUSH1 0x01 0000033f: PUSH1 0x01 00000341: PUSH1 0xa0 00000343: SHL 00000344: SUB 00000345: AND 00000346: DUP2 00000347: JUMP 00000348: JUMPDEST 00000349: PUSH1 0x05 0000034b: SLOAD 0000034c: SWAP1 0000034d: JUMP 0000034e: JUMPDEST 0000034f: PUSH2 0x0356 00000352: PUSH2 0x070c 00000355: JUMP 00000356: JUMPDEST 00000357: PUSH1 0x06 00000359: SLOAD 0000035a: PUSH2 0x0363 0000035d: SWAP1 0000035e: DUP3 0000035f: PUSH2 0x0303 00000362: JUMP 00000363: JUMPDEST 00000364: PUSH1 0x06 00000366: DUP2 00000367: SWAP1 00000368: SSTORE 00000369: PUSH1 0x40 0000036b: MLOAD 0000036c: PUSH32 0xadcbd6fdcc03dd4a97960f8d17a14ad4554059cdf68b222933aa70b47d63d0fe 0000038d: SWAP2 0000038e: PUSH2 0x0396 00000391: SWAP2 00000392: PUSH2 0x0cdc 00000395: JUMP 00000396: JUMPDEST 00000397: PUSH1 0x40 00000399: MLOAD 0000039a: DUP1 0000039b: SWAP2 0000039c: SUB 0000039d: SWAP1 0000039e: LOG1 0000039f: POP 000003a0: JUMP 000003a1: JUMPDEST 000003a2: PUSH2 0x03a9 000003a5: PUSH2 0x0661 000003a8: JUMP 000003a9: JUMPDEST 000003aa: PUSH2 0x03c5 000003ad: JUMPI 000003ae: PUSH1 0x40 000003b0: MLOAD 000003b1: PUSH3 0x461bcd 000003b5: PUSH1 0xe5 000003b7: SHL 000003b8: DUP2 000003b9: MSTORE 000003ba: PUSH1 0x04 000003bc: ADD 000003bd: PUSH2 0x02f8 000003c0: SWAP1 000003c1: PUSH2 0x0c72 000003c4: JUMP 000003c5: JUMPDEST 000003c6: PUSH2 0x03ce 000003c9: DUP5 000003ca: PUSH2 0x074b 000003cd: JUMP 000003ce: JUMPDEST 000003cf: PUSH2 0x03d7 000003d2: DUP4 000003d3: PUSH2 0x074b 000003d6: JUMP 000003d7: JUMPDEST 000003d8: PUSH2 0x03e0 000003db: DUP3 000003dc: PUSH2 0x074b 000003df: JUMP 000003e0: JUMPDEST 000003e1: PUSH2 0x03e9 000003e4: DUP2 000003e5: PUSH2 0x074b 000003e8: JUMP 000003e9: JUMPDEST 000003ea: PUSH1 0x01 000003ec: DUP1 000003ed: SLOAD 000003ee: PUSH1 0x01 000003f0: PUSH1 0x01 000003f2: PUSH1 0xa0 000003f4: SHL 000003f5: SUB 000003f6: DUP1 000003f7: DUP8 000003f8: AND 000003f9: PUSH1 0x01 000003fb: PUSH1 0x01 000003fd: PUSH1 0xa0 000003ff: SHL 00000400: SUB 00000401: NOT 00000402: SWAP3 00000403: DUP4 00000404: AND 00000405: OR 00000406: SWAP1 00000407: SWAP3 00000408: SSTORE 00000409: PUSH1 0x02 0000040b: DUP1 0000040c: SLOAD 0000040d: DUP7 0000040e: DUP5 0000040f: AND 00000410: SWAP1 00000411: DUP4 00000412: AND 00000413: OR 00000414: SWAP1 00000415: SSTORE 00000416: PUSH1 0x03 00000418: DUP1 00000419: SLOAD 0000041a: DUP6 0000041b: DUP5 0000041c: AND 0000041d: SWAP1 0000041e: DUP4 0000041f: AND 00000420: OR 00000421: SWAP1 00000422: SSTORE 00000423: PUSH1 0x04 00000425: DUP1 00000426: SLOAD 00000427: SWAP3 00000428: DUP5 00000429: AND 0000042a: SWAP3 0000042b: SWAP1 0000042c: SWAP2 0000042d: AND 0000042e: SWAP2 0000042f: SWAP1 00000430: SWAP2 00000431: OR 00000432: SWAP1 00000433: SSTORE 00000434: PUSH1 0x40 00000436: MLOAD 00000437: PUSH32 0x3ca631ffcd2a9b5d9ae18543fc82f58eb4ca33af9e6ab01b7a8e95331e6ed985 00000458: SWAP1 00000459: PUSH2 0x0463 0000045c: SWAP1 0000045d: DUP7 0000045e: SWAP1 0000045f: PUSH2 0x09cb 00000462: JUMP 00000463: JUMPDEST 00000464: PUSH1 0x40 00000466: MLOAD 00000467: DUP1 00000468: SWAP2 00000469: SUB 0000046a: SWAP1 0000046b: LOG1 0000046c: PUSH32 0x143219c9e69b09e07e095fcc889b43d8f46ca892bba65f08dc3a0050869a5678 0000048d: DUP4 0000048e: PUSH1 0x40 00000490: MLOAD 00000491: PUSH2 0x049a 00000494: SWAP2 00000495: SWAP1 00000496: PUSH2 0x09cb 00000499: JUMP 0000049a: JUMPDEST 0000049b: PUSH1 0x40 0000049d: MLOAD 0000049e: DUP1 0000049f: SWAP2 000004a0: SUB 000004a1: SWAP1 000004a2: LOG1 000004a3: PUSH32 0x82966d27eea39b038ee0fa30cd16532bb24f6e65d31cb58fb227aa5766cdcc7f 000004c4: DUP3 000004c5: PUSH1 0x40 000004c7: MLOAD 000004c8: PUSH2 0x04d1 000004cb: SWAP2 000004cc: SWAP1 000004cd: PUSH2 0x09cb 000004d0: JUMP 000004d1: JUMPDEST 000004d2: PUSH1 0x40 000004d4: MLOAD 000004d5: DUP1 000004d6: SWAP2 000004d7: SUB 000004d8: SWAP1 000004d9: LOG1 000004da: PUSH32 0x5ee0cae2f063ed938bb55046f6a932fb6ae792bf43624806bb90abe68a50be9b 000004fb: DUP2 000004fc: PUSH1 0x40 000004fe: MLOAD 000004ff: PUSH2 0x0508 00000502: SWAP2 00000503: SWAP1 00000504: PUSH2 0x09cb 00000507: JUMP 00000508: JUMPDEST 00000509: PUSH1 0x40 0000050b: MLOAD 0000050c: DUP1 0000050d: SWAP2 0000050e: SUB 0000050f: SWAP1 00000510: LOG1 00000511: PUSH2 0x0518 00000514: PUSH2 0x0794 00000517: JUMP 00000518: JUMPDEST 00000519: POP 0000051a: POP 0000051b: POP 0000051c: POP 0000051d: JUMP 0000051e: JUMPDEST 0000051f: PUSH1 0x02 00000521: SLOAD 00000522: PUSH1 0x01 00000524: PUSH1 0x01 00000526: PUSH1 0xa0 00000528: SHL 00000529: SUB 0000052a: AND 0000052b: DUP2 0000052c: JUMP 0000052d: JUMPDEST 0000052e: PUSH2 0x0535 00000531: PUSH2 0x07de 00000534: JUMP 00000535: JUMPDEST 00000536: PUSH1 0x05 00000538: SLOAD 00000539: PUSH2 0x0542 0000053c: SWAP1 0000053d: DUP3 0000053e: PUSH2 0x0832 00000541: JUMP 00000542: JUMPDEST 00000543: PUSH1 0x05 00000545: DUP2 00000546: SWAP1 00000547: SSTORE 00000548: PUSH1 0x40 0000054a: MLOAD 0000054b: PUSH32 0xca232b5abb988c540b959ff6c3bfae3e97fff964fd098c508f9613c0a6bf1a80 0000056c: SWAP2 0000056d: PUSH2 0x0575 00000570: SWAP2 00000571: PUSH2 0x0cdc 00000574: JUMP 00000575: JUMPDEST 00000576: PUSH1 0x40 00000578: MLOAD 00000579: DUP1 0000057a: SWAP2 0000057b: SUB 0000057c: SWAP1 0000057d: LOG1 0000057e: PUSH32 0x6109e2559dfa766aaec7118351d48a523f0a4157f49c8d68749c8ac41318ad12 0000059f: DUP3 000005a0: DUP3 000005a1: PUSH1 0x40 000005a3: MLOAD 000005a4: PUSH2 0x05ae 000005a7: SWAP3 000005a8: SWAP2 000005a9: SWAP1 000005aa: PUSH2 0x09df 000005ad: JUMP 000005ae: JUMPDEST 000005af: PUSH1 0x40 000005b1: MLOAD 000005b2: DUP1 000005b3: SWAP2 000005b4: SUB 000005b5: SWAP1 000005b6: LOG1 000005b7: PUSH1 0x00 000005b9: DUP3 000005ba: PUSH1 0x01 000005bc: PUSH1 0x01 000005be: PUSH1 0xa0 000005c0: SHL 000005c1: SUB 000005c2: AND 000005c3: DUP3 000005c4: PUSH1 0x40 000005c6: MLOAD 000005c7: PUSH2 0x05cf 000005ca: SWAP1 000005cb: PUSH2 0x09c8 000005ce: JUMP 000005cf: JUMPDEST 000005d0: PUSH1 0x00 000005d2: PUSH1 0x40 000005d4: MLOAD 000005d5: DUP1 000005d6: DUP4 000005d7: SUB 000005d8: DUP2 000005d9: DUP6 000005da: DUP8 000005db: GAS 000005dc: CALL 000005dd: SWAP3 000005de: POP 000005df: POP 000005e0: POP 000005e1: RETURNDATASIZE 000005e2: DUP1 000005e3: PUSH1 0x00 000005e5: DUP2 000005e6: EQ 000005e7: PUSH2 0x060c 000005ea: JUMPI 000005eb: PUSH1 0x40 000005ed: MLOAD 000005ee: SWAP2 000005ef: POP 000005f0: PUSH1 0x1f 000005f2: NOT 000005f3: PUSH1 0x3f 000005f5: RETURNDATASIZE 000005f6: ADD 000005f7: AND 000005f8: DUP3 000005f9: ADD 000005fa: PUSH1 0x40 000005fc: MSTORE 000005fd: RETURNDATASIZE 000005fe: DUP3 000005ff: MSTORE 00000600: RETURNDATASIZE 00000601: PUSH1 0x00 00000603: PUSH1 0x20 00000605: DUP5 00000606: ADD 00000607: RETURNDATACOPY 00000608: PUSH2 0x0611 0000060b: JUMP 0000060c: JUMPDEST 0000060d: PUSH1 0x60 0000060f: SWAP2 00000610: POP 00000611: JUMPDEST 00000612: POP 00000613: POP 00000614: SWAP1 00000615: POP 00000616: DUP1 00000617: PUSH2 0x0632 0000061a: JUMPI 0000061b: PUSH1 0x40 0000061d: MLOAD 0000061e: PUSH3 0x461bcd 00000622: PUSH1 0xe5 00000624: SHL 00000625: DUP2 00000626: MSTORE 00000627: PUSH1 0x04 00000629: ADD 0000062a: PUSH2 0x02f8 0000062d: SWAP1 0000062e: PUSH2 0x0b3a 00000631: JUMP 00000632: JUMPDEST 00000633: POP 00000634: POP 00000635: POP 00000636: JUMP 00000637: JUMPDEST 00000638: PUSH2 0x063f 0000063b: PUSH2 0x07de 0000063e: JUMP 0000063f: JUMPDEST 00000640: PUSH1 0x06 00000642: SLOAD 00000643: PUSH2 0x0363 00000646: SWAP1 00000647: DUP3 00000648: PUSH2 0x0832 0000064b: JUMP 0000064c: JUMPDEST 0000064d: PUSH1 0x06 0000064f: SLOAD 00000650: SWAP1 00000651: JUMP 00000652: JUMPDEST 00000653: PUSH1 0x00 00000655: SLOAD 00000656: PUSH1 0x01 00000658: PUSH1 0x01 0000065a: PUSH1 0xa0 0000065c: SHL 0000065d: SUB 0000065e: AND 0000065f: SWAP1 00000660: JUMP 00000661: JUMPDEST 00000662: PUSH1 0x00 00000664: SLOAD 00000665: PUSH1 0x01 00000667: PUSH1 0x01 00000669: PUSH1 0xa0 0000066b: SHL 0000066c: SUB 0000066d: AND 0000066e: CALLER 0000066f: EQ 00000670: SWAP1 00000671: JUMP 00000672: JUMPDEST 00000673: PUSH1 0x40 00000675: MLOAD 00000676: DUP1 00000677: PUSH1 0x40 00000679: ADD 0000067a: PUSH1 0x40 0000067c: MSTORE 0000067d: DUP1 0000067e: PUSH1 0x0a 00000680: DUP2 00000681: MSTORE 00000682: PUSH1 0x20 00000684: ADD 00000685: PUSH10 0x1058dd1a5d99541bdbdb 00000690: PUSH1 0xb2 00000692: SHL 00000693: DUP2 00000694: MSTORE 00000695: POP 00000696: DUP2 00000697: JUMP 00000698: JUMPDEST 00000699: PUSH1 0x04 0000069b: SLOAD 0000069c: PUSH1 0x01 0000069e: PUSH1 0x01 000006a0: PUSH1 0xa0 000006a2: SHL 000006a3: SUB 000006a4: AND 000006a5: DUP2 000006a6: JUMP 000006a7: JUMPDEST 000006a8: PUSH1 0x01 000006aa: SLOAD 000006ab: PUSH1 0x01 000006ad: PUSH1 0x01 000006af: PUSH1 0xa0 000006b1: SHL 000006b2: SUB 000006b3: AND 000006b4: DUP2 000006b5: JUMP 000006b6: JUMPDEST 000006b7: PUSH2 0x06be 000006ba: PUSH2 0x0661 000006bd: JUMP 000006be: JUMPDEST 000006bf: PUSH2 0x06da 000006c2: JUMPI 000006c3: PUSH1 0x40 000006c5: MLOAD 000006c6: PUSH3 0x461bcd 000006ca: PUSH1 0xe5 000006cc: SHL 000006cd: DUP2 000006ce: MSTORE 000006cf: PUSH1 0x04 000006d1: ADD 000006d2: PUSH2 0x02f8 000006d5: SWAP1 000006d6: PUSH2 0x0c72 000006d9: JUMP 000006da: JUMPDEST 000006db: PUSH1 0x01 000006dd: PUSH1 0x01 000006df: PUSH1 0xa0 000006e1: SHL 000006e2: SUB 000006e3: DUP2 000006e4: AND 000006e5: PUSH2 0x0700 000006e8: JUMPI 000006e9: PUSH1 0x40 000006eb: MLOAD 000006ec: PUSH3 0x461bcd 000006f0: PUSH1 0xe5 000006f2: SHL 000006f3: DUP2 000006f4: MSTORE 000006f5: PUSH1 0x04 000006f7: ADD 000006f8: PUSH2 0x02f8 000006fb: SWAP1 000006fc: PUSH2 0x0abd 000006ff: JUMP 00000700: JUMPDEST 00000701: PUSH2 0x0709 00000704: DUP2 00000705: PUSH2 0x0874 00000708: JUMP 00000709: JUMPDEST 0000070a: POP 0000070b: JUMP 0000070c: JUMPDEST 0000070d: PUSH1 0x01 0000070f: SLOAD 00000710: PUSH1 0x01 00000712: PUSH1 0x01 00000714: PUSH1 0xa0 00000716: SHL 00000717: SUB 00000718: AND 00000719: CALLER 0000071a: EQ 0000071b: DUP1 0000071c: PUSH2 0x072f 0000071f: JUMPI 00000720: POP 00000721: PUSH1 0x02 00000723: SLOAD 00000724: PUSH1 0x01 00000726: PUSH1 0x01 00000728: PUSH1 0xa0 0000072a: SHL 0000072b: SUB 0000072c: AND 0000072d: CALLER 0000072e: EQ 0000072f: JUMPDEST 00000730: PUSH2 0x0301 00000733: JUMPI 00000734: PUSH1 0x40 00000736: MLOAD 00000737: PUSH3 0x461bcd 0000073b: PUSH1 0xe5 0000073d: SHL 0000073e: DUP2 0000073f: MSTORE 00000740: PUSH1 0x04 00000742: ADD 00000743: PUSH2 0x02f8 00000746: SWAP1 00000747: PUSH2 0x0a56 0000074a: JUMP 0000074b: JUMPDEST 0000074c: PUSH1 0x01 0000074e: PUSH1 0x01 00000750: PUSH1 0xa0 00000752: SHL 00000753: SUB 00000754: DUP2 00000755: AND 00000756: PUSH2 0x0771 00000759: JUMPI 0000075a: PUSH1 0x40 0000075c: MLOAD 0000075d: PUSH3 0x461bcd 00000761: PUSH1 0xe5 00000763: SHL 00000764: DUP2 00000765: MSTORE 00000766: PUSH1 0x04 00000768: ADD 00000769: PUSH2 0x02f8 0000076c: SWAP1 0000076d: PUSH2 0x0b71 00000770: JUMP 00000771: JUMPDEST 00000772: DUP1 00000773: EXTCODESIZE 00000774: DUP1 00000775: PUSH2 0x0790 00000778: JUMPI 00000779: PUSH1 0x40 0000077b: MLOAD 0000077c: PUSH3 0x461bcd 00000780: PUSH1 0xe5 00000782: SHL 00000783: DUP2 00000784: MSTORE 00000785: PUSH1 0x04 00000787: ADD 00000788: PUSH2 0x02f8 0000078b: SWAP1 0000078c: PUSH2 0x0ca7 0000078f: JUMP 00000790: JUMPDEST 00000791: POP 00000792: POP 00000793: JUMP 00000794: JUMPDEST 00000795: PUSH1 0x00 00000797: DUP1 00000798: SLOAD 00000799: PUSH1 0x40 0000079b: MLOAD 0000079c: PUSH1 0x01 0000079e: PUSH1 0x01 000007a0: PUSH1 0xa0 000007a2: SHL 000007a3: SUB 000007a4: SWAP1 000007a5: SWAP2 000007a6: AND 000007a7: SWAP1 000007a8: PUSH32 0x8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e0 000007c9: SWAP1 000007ca: DUP4 000007cb: SWAP1 000007cc: LOG3 000007cd: PUSH1 0x00 000007cf: DUP1 000007d0: SLOAD 000007d1: PUSH1 0x01 000007d3: PUSH1 0x01 000007d5: PUSH1 0xa0 000007d7: SHL 000007d8: SUB 000007d9: NOT 000007da: AND 000007db: SWAP1 000007dc: SSTORE 000007dd: JUMP 000007de: JUMPDEST 000007df: PUSH1 0x01 000007e1: SLOAD 000007e2: PUSH1 0x01 000007e4: PUSH1 0x01 000007e6: PUSH1 0xa0 000007e8: SHL 000007e9: SUB 000007ea: AND 000007eb: CALLER 000007ec: EQ 000007ed: DUP1 000007ee: PUSH2 0x0801 000007f1: JUMPI 000007f2: POP 000007f3: PUSH1 0x02 000007f5: SLOAD 000007f6: PUSH1 0x01 000007f8: PUSH1 0x01 000007fa: PUSH1 0xa0 000007fc: SHL 000007fd: SUB 000007fe: AND 000007ff: CALLER 00000800: EQ 00000801: JUMPDEST 00000802: DUP1 00000803: PUSH2 0x0816 00000806: JUMPI 00000807: POP 00000808: PUSH1 0x03 0000080a: SLOAD 0000080b: PUSH1 0x01 0000080d: PUSH1 0x01 0000080f: PUSH1 0xa0 00000811: SHL 00000812: SUB 00000813: AND 00000814: CALLER 00000815: EQ 00000816: JUMPDEST 00000817: PUSH2 0x0301 0000081a: JUMPI 0000081b: PUSH1 0x40 0000081d: MLOAD 0000081e: PUSH3 0x461bcd 00000822: PUSH1 0xe5 00000824: SHL 00000825: DUP2 00000826: MSTORE 00000827: PUSH1 0x04 00000829: ADD 0000082a: PUSH2 0x02f8 0000082d: SWAP1 0000082e: PUSH2 0x0ba8 00000831: JUMP 00000832: JUMPDEST 00000833: PUSH1 0x00 00000835: PUSH2 0x0332 00000838: DUP4 00000839: DUP4 0000083a: PUSH1 0x40 0000083c: MLOAD 0000083d: DUP1 0000083e: PUSH1 0x40 00000840: ADD 00000841: PUSH1 0x40 00000843: MSTORE 00000844: DUP1 00000845: PUSH1 0x1e 00000847: DUP2 00000848: MSTORE 00000849: PUSH1 0x20 0000084b: ADD 0000084c: PUSH32 0x536166654d6174683a207375627472616374696f6e206f766572666c6f770000 0000086d: DUP2 0000086e: MSTORE 0000086f: POP 00000870: PUSH2 0x08c4 00000873: JUMP 00000874: JUMPDEST 00000875: PUSH1 0x00 00000877: DUP1 00000878: SLOAD 00000879: PUSH1 0x01 0000087b: PUSH1 0x01 0000087d: PUSH1 0xa0 0000087f: SHL 00000880: SUB 00000881: DUP4 00000882: DUP2 00000883: AND 00000884: PUSH1 0x01 00000886: PUSH1 0x01 00000888: PUSH1 0xa0 0000088a: SHL 0000088b: SUB 0000088c: NOT 0000088d: DUP4 0000088e: AND 0000088f: DUP2 00000890: OR 00000891: DUP5 00000892: SSTORE 00000893: PUSH1 0x40 00000895: MLOAD 00000896: SWAP2 00000897: SWAP1 00000898: SWAP3 00000899: AND 0000089a: SWAP3 0000089b: DUP4 0000089c: SWAP2 0000089d: PUSH32 0x8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e0 000008be: SWAP2 000008bf: SWAP1 000008c0: LOG3 000008c1: POP 000008c2: POP 000008c3: JUMP 000008c4: JUMPDEST 000008c5: PUSH1 0x00 000008c7: DUP2 000008c8: DUP5 000008c9: DUP5 000008ca: GT 000008cb: ISZERO 000008cc: PUSH2 0x08e8 000008cf: JUMPI 000008d0: PUSH1 0x40 000008d2: MLOAD 000008d3: PUSH3 0x461bcd 000008d7: PUSH1 0xe5 000008d9: SHL 000008da: DUP2 000008db: MSTORE 000008dc: PUSH1 0x04 000008de: ADD 000008df: PUSH2 0x02f8 000008e2: SWAP2 000008e3: SWAP1 000008e4: PUSH2 0x0a03 000008e7: JUMP 000008e8: JUMPDEST 000008e9: POP 000008ea: PUSH1 0x00 000008ec: PUSH2 0x08f5 000008ef: DUP5 000008f0: DUP7 000008f1: PUSH2 0x0cfd 000008f4: JUMP 000008f5: JUMPDEST 000008f6: SWAP6 000008f7: SWAP5 000008f8: POP 000008f9: POP 000008fa: POP 000008fb: POP 000008fc: POP 000008fd: JUMP 000008fe: JUMPDEST 000008ff: DUP1 00000900: CALLDATALOAD 00000901: PUSH1 0x01 00000903: PUSH1 0x01 00000905: PUSH1 0xa0 00000907: SHL 00000908: SUB 00000909: DUP2 0000090a: AND 0000090b: DUP2 0000090c: EQ 0000090d: PUSH2 0x0915 00000910: JUMPI 00000911: PUSH1 0x00 00000913: DUP1 00000914: REVERT 00000915: JUMPDEST 00000916: SWAP2 00000917: SWAP1 00000918: POP 00000919: JUMP 0000091a: JUMPDEST 0000091b: PUSH1 0x00 0000091d: PUSH1 0x20 0000091f: DUP3 00000920: DUP5 00000921: SUB 00000922: SLT 00000923: ISZERO 00000924: PUSH2 0x092b 00000927: JUMPI 00000928: DUP1 00000929: DUP2 0000092a: REVERT 0000092b: JUMPDEST 0000092c: PUSH2 0x0332 0000092f: DUP3 00000930: PUSH2 0x08fe 00000933: JUMP 00000934: JUMPDEST 00000935: PUSH1 0x00 00000937: DUP1 00000938: PUSH1 0x00 0000093a: DUP1 0000093b: PUSH1 0x80 0000093d: DUP6 0000093e: DUP8 0000093f: SUB 00000940: SLT 00000941: ISZERO 00000942: PUSH2 0x0949 00000945: JUMPI 00000946: DUP3 00000947: DUP4 00000948: REVERT 00000949: JUMPDEST 0000094a: PUSH2 0x0952 0000094d: DUP6 0000094e: PUSH2 0x08fe 00000951: JUMP 00000952: JUMPDEST 00000953: SWAP4 00000954: POP 00000955: PUSH2 0x0960 00000958: PUSH1 0x20 0000095a: DUP7 0000095b: ADD 0000095c: PUSH2 0x08fe 0000095f: JUMP 00000960: JUMPDEST 00000961: SWAP3 00000962: POP 00000963: PUSH2 0x096e 00000966: PUSH1 0x40 00000968: DUP7 00000969: ADD 0000096a: PUSH2 0x08fe 0000096d: JUMP 0000096e: JUMPDEST 0000096f: SWAP2 00000970: POP 00000971: PUSH2 0x097c 00000974: PUSH1 0x60 00000976: DUP7 00000977: ADD 00000978: PUSH2 0x08fe 0000097b: JUMP 0000097c: JUMPDEST 0000097d: SWAP1 0000097e: POP 0000097f: SWAP3 00000980: SWAP6 00000981: SWAP2 00000982: SWAP5 00000983: POP 00000984: SWAP3 00000985: POP 00000986: JUMP 00000987: JUMPDEST 00000988: PUSH1 0x00 0000098a: DUP1 0000098b: PUSH1 0x40 0000098d: DUP4 0000098e: DUP6 0000098f: SUB 00000990: SLT 00000991: ISZERO 00000992: PUSH2 0x0999 00000995: JUMPI 00000996: DUP2 00000997: DUP3 00000998: REVERT 00000999: JUMPDEST 0000099a: PUSH2 0x09a2 0000099d: DUP4 0000099e: PUSH2 0x08fe 000009a1: JUMP 000009a2: JUMPDEST 000009a3: SWAP5 000009a4: PUSH1 0x20 000009a6: SWAP4 000009a7: SWAP1 000009a8: SWAP4 000009a9: ADD 000009aa: CALLDATALOAD 000009ab: SWAP4 000009ac: POP 000009ad: POP 000009ae: POP 000009af: JUMP 000009b0: JUMPDEST 000009b1: PUSH1 0x00 000009b3: PUSH1 0x20 000009b5: DUP3 000009b6: DUP5 000009b7: SUB 000009b8: SLT 000009b9: ISZERO 000009ba: PUSH2 0x09c1 000009bd: JUMPI 000009be: DUP1 000009bf: DUP2 000009c0: REVERT 000009c1: JUMPDEST 000009c2: POP 000009c3: CALLDATALOAD 000009c4: SWAP2 000009c5: SWAP1 000009c6: POP 000009c7: JUMP 000009c8: JUMPDEST 000009c9: SWAP1 000009ca: JUMP 000009cb: JUMPDEST 000009cc: PUSH1 0x01 000009ce: PUSH1 0x01 000009d0: PUSH1 0xa0 000009d2: SHL 000009d3: SUB 000009d4: SWAP2 000009d5: SWAP1 000009d6: SWAP2 000009d7: AND 000009d8: DUP2 000009d9: MSTORE 000009da: PUSH1 0x20 000009dc: ADD 000009dd: SWAP1 000009de: JUMP 000009df: JUMPDEST 000009e0: PUSH1 0x01 000009e2: PUSH1 0x01 000009e4: PUSH1 0xa0 000009e6: SHL 000009e7: SUB 000009e8: SWAP3 000009e9: SWAP1 000009ea: SWAP3 000009eb: AND 000009ec: DUP3 000009ed: MSTORE 000009ee: PUSH1 0x20 000009f0: DUP3 000009f1: ADD 000009f2: MSTORE 000009f3: PUSH1 0x40 000009f5: ADD 000009f6: SWAP1 000009f7: JUMP 000009f8: JUMPDEST 000009f9: SWAP1 000009fa: ISZERO 000009fb: ISZERO 000009fc: DUP2 000009fd: MSTORE 000009fe: PUSH1 0x20 00000a00: ADD 00000a01: SWAP1 00000a02: JUMP 00000a03: JUMPDEST 00000a04: PUSH1 0x00 00000a06: PUSH1 0x20 00000a08: DUP1 00000a09: DUP4 00000a0a: MSTORE 00000a0b: DUP4 00000a0c: MLOAD 00000a0d: DUP1 00000a0e: DUP3 00000a0f: DUP6 00000a10: ADD 00000a11: MSTORE 00000a12: DUP3 00000a13: JUMPDEST 00000a14: DUP2 00000a15: DUP2 00000a16: LT 00000a17: ISZERO 00000a18: PUSH2 0x0a2f 00000a1b: JUMPI 00000a1c: DUP6 00000a1d: DUP2 00000a1e: ADD 00000a1f: DUP4 00000a20: ADD 00000a21: MLOAD 00000a22: DUP6 00000a23: DUP3 00000a24: ADD 00000a25: PUSH1 0x40 00000a27: ADD 00000a28: MSTORE 00000a29: DUP3 00000a2a: ADD 00000a2b: PUSH2 0x0a13 00000a2e: JUMP 00000a2f: JUMPDEST 00000a30: DUP2 00000a31: DUP2 00000a32: GT 00000a33: ISZERO 00000a34: PUSH2 0x0a40 00000a37: JUMPI 00000a38: DUP4 00000a39: PUSH1 0x40 00000a3b: DUP4 00000a3c: DUP8 00000a3d: ADD 00000a3e: ADD 00000a3f: MSTORE 00000a40: JUMPDEST 00000a41: POP 00000a42: PUSH1 0x1f 00000a44: ADD 00000a45: PUSH1 0x1f 00000a47: NOT 00000a48: AND 00000a49: SWAP3 00000a4a: SWAP1 00000a4b: SWAP3 00000a4c: ADD 00000a4d: PUSH1 0x40 00000a4f: ADD 00000a50: SWAP4 00000a51: SWAP3 00000a52: POP 00000a53: POP 00000a54: POP 00000a55: JUMP 00000a56: JUMPDEST 00000a57: PUSH1 0x20 00000a59: DUP1 00000a5a: DUP3 00000a5b: MSTORE 00000a5c: PUSH1 0x41 00000a5e: SWAP1 00000a5f: DUP3 00000a60: ADD 00000a61: MSTORE 00000a62: PUSH32 0x416374697665506f6f6c3a2043616c6c6572206973206e65697468657220426f 00000a83: PUSH1 0x40 00000a85: DUP3 00000a86: ADD 00000a87: MSTORE 00000a88: PUSH32 0x72726f7765724f7065726174696f6e73206e6f722054726f76654d616e616765 00000aa9: PUSH1 0x60 00000aab: DUP3 00000aac: ADD 00000aad: MSTORE 00000aae: PUSH1 0x39 00000ab0: PUSH1 0xf9 00000ab2: SHL 00000ab3: PUSH1 0x80 00000ab5: DUP3 00000ab6: ADD 00000ab7: MSTORE 00000ab8: PUSH1 0xa0 00000aba: ADD 00000abb: SWAP1 00000abc: JUMP 00000abd: JUMPDEST 00000abe: PUSH1 0x20 00000ac0: DUP1 00000ac1: DUP3 00000ac2: MSTORE 00000ac3: PUSH1 0x26 00000ac5: SWAP1 00000ac6: DUP3 00000ac7: ADD 00000ac8: MSTORE 00000ac9: PUSH32 0x4f776e61626c653a206e6577206f776e657220697320746865207a65726f2061 00000aea: PUSH1 0x40 00000aec: DUP3 00000aed: ADD 00000aee: MSTORE 00000aef: PUSH6 0x646472657373 00000af6: PUSH1 0xd0 00000af8: SHL 00000af9: PUSH1 0x60 00000afb: DUP3 00000afc: ADD 00000afd: MSTORE 00000afe: PUSH1 0x80 00000b00: ADD 00000b01: SWAP1 00000b02: JUMP 00000b03: JUMPDEST 00000b04: PUSH1 0x20 00000b06: DUP1 00000b07: DUP3 00000b08: MSTORE 00000b09: PUSH1 0x1b 00000b0b: SWAP1 00000b0c: DUP3 00000b0d: ADD 00000b0e: MSTORE 00000b0f: PUSH32 0x536166654d6174683a206164646974696f6e206f766572666c6f770000000000 00000b30: PUSH1 0x40 00000b32: DUP3 00000b33: ADD 00000b34: MSTORE 00000b35: PUSH1 0x60 00000b37: ADD 00000b38: SWAP1 00000b39: JUMP 00000b3a: JUMPDEST 00000b3b: PUSH1 0x20 00000b3d: DUP1 00000b3e: DUP3 00000b3f: MSTORE 00000b40: PUSH1 0x1e 00000b42: SWAP1 00000b43: DUP3 00000b44: ADD 00000b45: MSTORE 00000b46: PUSH32 0x416374697665506f6f6c3a2073656e64696e6720455448206661696c65640000 00000b67: PUSH1 0x40 00000b69: DUP3 00000b6a: ADD 00000b6b: MSTORE 00000b6c: PUSH1 0x60 00000b6e: ADD 00000b6f: SWAP1 00000b70: JUMP 00000b71: JUMPDEST 00000b72: PUSH1 0x20 00000b74: DUP1 00000b75: DUP3 00000b76: MSTORE 00000b77: PUSH1 0x1e 00000b79: SWAP1 00000b7a: DUP3 00000b7b: ADD 00000b7c: MSTORE 00000b7d: PUSH32 0x4163636f756e742063616e6e6f74206265207a65726f20616464726573730000 00000b9e: PUSH1 0x40 00000ba0: DUP3 00000ba1: ADD 00000ba2: MSTORE 00000ba3: PUSH1 0x60 00000ba5: ADD 00000ba6: SWAP1 00000ba7: JUMP 00000ba8: JUMPDEST 00000ba9: PUSH1 0x20 00000bab: DUP1 00000bac: DUP3 00000bad: MSTORE 00000bae: PUSH1 0x53 00000bb0: SWAP1 00000bb1: DUP3 00000bb2: ADD 00000bb3: MSTORE 00000bb4: PUSH32 0x416374697665506f6f6c3a2043616c6c6572206973206e65697468657220426f 00000bd5: PUSH1 0x40 00000bd7: DUP3 00000bd8: ADD 00000bd9: MSTORE 00000bda: PUSH32 0x72726f7765724f7065726174696f6e73206e6f722054726f76654d616e616765 00000bfb: PUSH1 0x60 00000bfd: DUP3 00000bfe: ADD 00000bff: MSTORE 00000c00: PUSH19 0x1c881b9bdc8814dd18589a5b1a5d1e541bdbdb 00000c14: PUSH1 0x6a 00000c16: SHL 00000c17: PUSH1 0x80 00000c19: DUP3 00000c1a: ADD 00000c1b: MSTORE 00000c1c: PUSH1 0xa0 00000c1e: ADD 00000c1f: SWAP1 00000c20: JUMP 00000c21: JUMPDEST 00000c22: PUSH1 0x20 00000c24: DUP1 00000c25: DUP3 00000c26: MSTORE 00000c27: PUSH1 0x31 00000c29: SWAP1 00000c2a: DUP3 00000c2b: ADD 00000c2c: MSTORE 00000c2d: PUSH32 0x416374697665506f6f6c3a2043616c6c6572206973206e65697468657220424f 00000c4e: PUSH1 0x40 00000c50: DUP3 00000c51: ADD 00000c52: MSTORE 00000c53: PUSH17 0x081b9bdc88111959985d5b1d08141bdbdb 00000c65: PUSH1 0x7a 00000c67: SHL 00000c68: PUSH1 0x60 00000c6a: DUP3 00000c6b: ADD 00000c6c: MSTORE 00000c6d: PUSH1 0x80 00000c6f: ADD 00000c70: SWAP1 00000c71: JUMP 00000c72: JUMPDEST 00000c73: PUSH1 0x20 00000c75: DUP1 00000c76: DUP3 00000c77: MSTORE 00000c78: DUP2 00000c79: DUP2 00000c7a: ADD 00000c7b: MSTORE 00000c7c: PUSH32 0x4f776e61626c653a2063616c6c6572206973206e6f7420746865206f776e6572 00000c9d: PUSH1 0x40 00000c9f: DUP3 00000ca0: ADD 00000ca1: MSTORE 00000ca2: PUSH1 0x60 00000ca4: ADD 00000ca5: SWAP1 00000ca6: JUMP 00000ca7: JUMPDEST 00000ca8: PUSH1 0x20 00000caa: DUP1 00000cab: DUP3 00000cac: MSTORE 00000cad: DUP2 00000cae: DUP2 00000caf: ADD 00000cb0: MSTORE 00000cb1: PUSH32 0x4163636f756e7420636f64652073697a652063616e6e6f74206265207a65726f 00000cd2: PUSH1 0x40 00000cd4: DUP3 00000cd5: ADD 00000cd6: MSTORE 00000cd7: PUSH1 0x60 00000cd9: ADD 00000cda: SWAP1 00000cdb: JUMP 00000cdc: JUMPDEST 00000cdd: SWAP1 00000cde: DUP2 00000cdf: MSTORE 00000ce0: PUSH1 0x20 00000ce2: ADD 00000ce3: SWAP1 00000ce4: JUMP 00000ce5: JUMPDEST 00000ce6: PUSH1 0x00 00000ce8: DUP3 00000ce9: NOT 00000cea: DUP3 00000ceb: GT 00000cec: ISZERO 00000ced: PUSH2 0x0cf8 00000cf0: JUMPI 00000cf1: PUSH2 0x0cf8 00000cf4: PUSH2 0x0d14 00000cf7: JUMP 00000cf8: JUMPDEST 00000cf9: POP 00000cfa: ADD 00000cfb: SWAP1 00000cfc: JUMP 00000cfd: JUMPDEST 00000cfe: PUSH1 0x00 00000d00: DUP3 00000d01: DUP3 00000d02: LT 00000d03: ISZERO 00000d04: PUSH2 0x0d0f 00000d07: JUMPI 00000d08: PUSH2 0x0d0f 00000d0b: PUSH2 0x0d14 00000d0e: JUMP 00000d0f: JUMPDEST 00000d10: POP 00000d11: SUB 00000d12: SWAP1 00000d13: JUMP 00000d14: JUMPDEST 00000d15: PUSH4 0x4e487b71 00000d1a: PUSH1 0xe0 00000d1c: SHL 00000d1d: PUSH1 0x00 00000d1f: MSTORE 00000d20: PUSH1 0x11 00000d22: PUSH1 0x04 00000d24: MSTORE 00000d25: PUSH1 0x24 00000d27: PUSH1 0x00 00000d29: REVERT 00000d2a: INVALID 00000d2b: LOG2 00000d2c: PUSH5 0x6970667358 00000d32: UNKNOWN(0x22) 00000d33: SLT 00000d34: KECCAK256 00000d35: UNKNOWN(0xE2) 00000d36: UNKNOWN(0xBD) 00000d37: UNKNOWN(0xE4) 00000d38: UNKNOWN(0x0F) 00000d39: EXTCODESIZE 00000d3a: PUSH14 0xf78c8272a4f23bd16d4ce05554e6 00000d49: UNKNOWN(0xE3) 00000d4a: UNKNOWN(0xBF) 00000d4b: SWAP3 00000d4c: UNKNOWN(0x25) 00000d4d: SWAP14 00000d4e: DUP11 00000d4f: UNKNOWN(0xEE) 00000d50: UNKNOWN(0xB7) 00000d51: UNKNOWN(0xDC) 00000d52: DUP13 00000d53: UNKNOWN(0xE8) 00000d54: PUSH14
| Severity | Category | Tool | Title | Confidence | Validated | Confirmed | Details |
|---|---|---|---|---|---|---|---|
| high | other | detector | Untrusted CALL target/value reachable | 60 | no | no |
viewtrace_id: 0xc3d197015cce12c177fa9fe0324d6f6070452782d74093d00d5f2c88aac3f5f6
call_targets:
0xa443129308556ab06e69a98e1c39c81080e01530
target_varies:
no
classification:
constant_target
validation_json{
"sink": "CALL",
"errors": 0,
"status": "sink_reached",
"attempts": 1,
"trace_id": "0xc3d197015cce12c177fa9fe0324d6f6070452782d74093d00d5f2c88aac3f5f6",
"confirmed": false,
"trace_mode": "callTracer",
"call_targets": [
"0xa443129308556ab06e69a98e1c39c81080e01530"
],
"matched_probe": null,
"target_varies": false,
"classification": "constant_target"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0x72cc6c4a",
"selector": "0x72cc6c4a",
"calldata_variants": [
"0x72cc6c4a",
"0x72cc6c4a0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x8da5cb5b",
"selector": "0x8da5cb5b",
"calldata_variants": [
"0x8da5cb5b",
"0x8da5cb5b0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x8f32d59b",
"selector": "0x8f32d59b",
"calldata_variants": [
"0x8f32d59b",
"0x8f32d59b0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xa3f4df7e",
"selector": "0xa3f4df7e",
"calldata_variants": [
"0xa3f4df7e",
"0xa3f4df7e0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xaac1846f",
"selector": "0xaac1846f",
"calldata_variants": [
"0xaac1846f",
"0xaac1846f0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xb7f8cf9b",
"selector": "0xb7f8cf9b",
"calldata_variants": [
"0xb7f8cf9b",
"0xb7f8cf9b0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xf2fde38b",
"selector": "0xf2fde38b",
"calldata_variants": [
"0xf2fde38b",
"0xf2fde38b0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x0b622ab2",
"selector": "0x0b622ab2",
"calldata_variants": [
"0x0b622ab2",
"0x0b622ab20000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 1500,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
}
],
"call_count": 1,
"guards_detected": [],
"untrusted_call_count": 1
}
|
| high | other | detector | ETH value transfer possible | 55 | no | no |
viewtrace_id: 0xc3d197015cce12c177fa9fe0324d6f6070452782d74093d00d5f2c88aac3f5f6
call_targets:
0xa443129308556ab06e69a98e1c39c81080e01530
target_varies:
no
classification:
constant_target
validation_json{
"sink": "CALL",
"errors": 0,
"status": "sink_reached",
"attempts": 1,
"trace_id": "0xc3d197015cce12c177fa9fe0324d6f6070452782d74093d00d5f2c88aac3f5f6",
"confirmed": false,
"trace_mode": "callTracer",
"call_targets": [
"0xa443129308556ab06e69a98e1c39c81080e01530"
],
"matched_probe": null,
"target_varies": false,
"classification": "constant_target"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0x72cc6c4a",
"selector": "0x72cc6c4a",
"calldata_variants": [
"0x72cc6c4a",
"0x72cc6c4a0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x8da5cb5b",
"selector": "0x8da5cb5b",
"calldata_variants": [
"0x8da5cb5b",
"0x8da5cb5b0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x8f32d59b",
"selector": "0x8f32d59b",
"calldata_variants": [
"0x8f32d59b",
"0x8f32d59b0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xa3f4df7e",
"selector": "0xa3f4df7e",
"calldata_variants": [
"0xa3f4df7e",
"0xa3f4df7e0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xaac1846f",
"selector": "0xaac1846f",
"calldata_variants": [
"0xaac1846f",
"0xaac1846f0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xb7f8cf9b",
"selector": "0xb7f8cf9b",
"calldata_variants": [
"0xb7f8cf9b",
"0xb7f8cf9b0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xf2fde38b",
"selector": "0xf2fde38b",
"calldata_variants": [
"0xf2fde38b",
"0xf2fde38b0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x0b622ab2",
"selector": "0x0b622ab2",
"calldata_variants": [
"0x0b622ab2",
"0x0b622ab20000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 1500,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
}
],
"eth_value_calls": 1,
"guards_detected": []
}
|