Analysis Run

52e3d546-1b72-419d-8cbd-64bbc9fb1a82

complete

Chain ID

1

Address

0x23109458cfd469b98c07ef8d27f1f418806f27bb

Block Number

—

Created

Sun, Jan 4, 2026 5:26 AM

Review Summary

What survived the funnel

Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?

back to vulns open contract

Confirmed

0

Validated

0

Source

Bytecode only

Review Backing

Not yet

Best current signal

Untrusted CALL target/value reachable

crit 0 high 0 direct contract

Review Checklist

1. Read the findings table first. Ignore raw jobs until the result looks real.

2. Confirm attacker control, not just the existence of a sink.

3. Confirm money or privilege impact.

4. Keep it if the behavior is real. Kill it if this is normal proxy, admin, or upgrade plumbing.

Processing Jobs

Status & attempts

ID	Type	Status	Attempts	Heartbeat
31567	report.consolidate	complete	1 / 1	3 months ago
78029	artifact.fetch	complete	1 / 3	1 week ago
78030	tool.cast_disasm	complete	1 / 3	1 week ago
78031	analysis.bundle	complete	1 / 3	1 week ago
78032	capability.graph	complete	1 / 3	1 week ago
78033	detector.run	complete	1 / 3	1 week ago
78034	validation.fork	complete	1 / 3	1 week ago

Artifact

Runtime bytecode: available

Creation TX: —

Deployer: —

Proxy: no

Implementation:

—

Verified Source: no

Slither

tool.slither

No slither job recorded yet.

Codex

report.consolidate

Job Status

complete

Attempts

1 / 1

Findings

0

No findings?

yes

Summary

Reviewed BYTECODE_BUNDLE.txt runtime bytecode; external value-transfer paths (ETH call, ERC20 transfer, burn) are gated by owner/operator/authorized checks, and public functions only emit events or call burn(uint256) on fixed token addresses. No unprotected CALL/DELEGATECALL or controllable SELFDESTRUCT patterns observed, so no concrete profit-extraction path is evident from bytecode alone.

View stderr

[codex:300603] OpenAI Codex v0.77.0 (research preview)
[codex:300603] --------
[codex:300603] workdir: /tmp/codex-multi-wbxpo37j
[codex:300603] model: gpt-5.2-codex
[codex:300603] provider: openai
[codex:300603] approval: never
[codex:300603] sandbox: read-only
[codex:300603] reasoning effort: xhigh
[codex:300603] reasoning summaries: auto
[codex:300603] session id: 019b876f-0d9c-7e60-b229-87269737ec49
[codex:300603] --------
[codex:300603] user
[codex:300603] You are a profit-focused exploit hunter analyzing EVM bytecode. Your ONLY goal is finding ways to extract value (ETH, tokens, NFTs) from this contract.
[codex:300603] 
[codex:300603] Read `BYTECODE_BUNDLE.txt` completely before concluding.
[codex:300603] 
[codex:300603] ONLY REPORT if you find a CONCRETE, EXPLOITABLE path to profit. We do NOT care about:
[codex:300603] - Gas inefficiency, code quality, or best practices
[codex:300603] - Theoretical vulnerabilities without a clear extraction path
[codex:300603] - Generic footguns (unchecked return values, etc.) unless they enable theft
[codex:300603] - Issues requiring social engineering or off-chain coordination
[codex:300603] 
[codex:300603] PATTERNS WORTH INVESTIGATING in bytecode:
[codex:300603] - CALL/DELEGATECALL with controllable destination or calldata
[codex:300603] - Value transfers (CALL with non-zero value) without prior CALLER/ORIGIN checks
[codex:300603] - SSTORE to low slots (0-10) that might be owner/admin storage
[codex:300603] - ecrecover (signature validation) - look for missing nonce/replay protection
[codex:300603] - External calls before state updates (reentrancy)
[codex:300603] - SELFDESTRUCT with controllable beneficiary
[codex:300603] - Proxy patterns (DELEGATECALL to storage slot) with unprotected upgrade paths
[codex:300603] 
[codex:300603] For each finding, you MUST explain:
[codex:300603] 1. The specific bytecode pattern/offsets that indicate the vulnerability
[codex:300603] 2. The concrete sequence of transactions to extract value
[codex:300603] 3. Why you believe this is exploitable (not just suspicious)
[codex:300603] 
[codex:300603] If you cannot identify a concrete profit path from bytecode alone: set no_findings=true.
[codex:300603] Do NOT hallucinate. Bytecode-only analysis is limited - be honest about uncertainty.
[codex:300603] 
[codex:300603] Output MUST be valid JSON matching the provided schema.
[codex:300603] - severity: info, low, medium, high, critical (use high/critical ONLY for clear extraction paths)
[codex:300603] - category: access_control, reentrancy, math, oracle, upgradeability, auth, other
[codex:300603] mcp startup: no servers
[codex:300603] 
[codex:300603] thinking
[codex:300603] **Preparing to read file**
[codex:300603] exec
[codex:300603] /bin/bash -lc ls in /tmp/codex-multi-wbxpo37j succeeded in 6ms:
[codex:300603] BYTECODE_BUNDLE.txt
[codex:300603] codex-output-schema.json
[codex:300603] exec
[codex:300603] /bin/bash -lc 'cat BYTECODE_BUNDLE.txt' in /tmp/codex-multi-wbxpo37j succeeded in 5ms:
[codex:300603] Runtime bytecode bundle for best-effort auditing.
[codex:300603] Note: without verified source, conclusions are low-confidence unless a concrete pattern is visible.
[codex:300603] 
[codex:300603] FILE: runtime_bytecode.hex
[codex:300603] 0x6080604052600436106100da5763ffffffff7c010000000000000000000000000000000000000000000000000000000060003504166316c38b3c81146100df57806326767f90146100fb578063424e81cc146101215780635280212114610139578063529189701461014d57806355a373d6146101795780637128ee10146101aa5780637adbf973146101c25780637b052f23146101e35780639c908f611461020d578063b71f90741461023a578063c83c505f14610242578063c843b33a1461025a578063d33871581461027b578063f3ae24151461029f575b600080fd5b3480156100eb57600080fd5b506100f960043515156102c0565b005b34801561010757600080fd5b506100f9600160a060020a0360043516602435151561031b565b34801561012d57600080fd5b506100f960043561035d565b6100f9600160a060020a03600435166103e2565b34801561015957600080fd5b50610165600435610440565b604080519115158252519081900360200190f35b34801561018557600080fd5b5061018e610455565b60408051600160a060020a039092168252519081900360200190f35b3480156101b657600080fd5b506100f9600435610464565b3480156101ce57600080fd5b506100f9600160a060020a036004351661052d565b3480156101ef57600080fd5b506100f9600435600160a060020a0360243516604435606435610573565b34801561021957600080fd5b506100f9600160a060020a03600435166024356044356064356084356107c6565b6100f9610842565b34801561024e57600080fd5b506100f960043561088c565b34801561026657600080fd5b506100f9600160a060020a0360043516610940565b34801561028757600080fd5b506100f9600160a060020a036004351660243561098c565b3480156102ab57600080fd5b50610165600160a060020a0360043516610a7b565b600254600160a060020a03163314806102e35750600054600160a060020a031633145b806102fd57503360009081526001602052604090205460ff165b151561030857600080fd5b6005805460ff1916911515919091179055565b600054600160a060020a0316331461033257600080fd5b600160a060020a03919091166000908152600160205260409020805460ff1916911515919091179055565b600254600160a060020a03163314806103805750600054600160a060020a031633145b8061039a57503360009081526001602052604090205460ff165b15156103a557600080fd5b60008054604051600160a060020a039091169183156108fc02918491818181858888f193505050501580156103de573d6000803e3d6000fd5b5050565b60055460ff16156103f257600080fd5b60408051600160a060020a0383168152600160208201523481830152905133917f41ec40ce90c55c916c536c2282be01a66799ab827484d471ccb8948532208959919081900360600190a250565b60046020526000908152604090205460ff1681565b600354600160a060020a031681565b600254600160a060020a03163314806104875750600054600160a060020a031633145b806104a157503360009081526001602052604090205460ff165b15156104ac57600080fd5b600354604080517f42966c68000000000000000000000000000000000000000000000000000000008152600481018490529051600160a060020a03909216916342966c689160248082019260009290919082900301818387803b15801561051257600080fd5b505af1158015610526573d6000803e3d6000fd5b5050505050565b600054600160a060020a0316331461054457600080fd5b6002805473ffffffffffffffffffffffffffffffffffffffff1916600160a060020a0392909216919091179055565b600254600160a060020a03163314806105965750600054600160a060020a031633145b806105b057503360009081526001602052604090205460ff165b15156105bb57600080fd5b60008481526004602052604090205460ff16156105d757600080fd5b6000848152600460205260409020805460ff1916600190811790915582141561063657604051600160a060020a0384169082156108fc029083906000818181858888f19350505050158015610630573d6000803e3d6000fd5b50610776565b81600214156106e057600354604080517fa9059cbb000000000000000000000000000000000000000000000000000000008152600160a060020a038681166004830152602482018590529151919092169163a9059cbb9160448083019260209291908290030181600087803b1580156106ae57600080fd5b505af11580156106c2573d6000803e3d6000fd5b505050506040513d60208110156106d857600080fd5b506107769050565b81600314156100da57600554604080517fa80b92e9000000000000000000000000000000000000000000000000000000008152600160a060020a0386811660048301526024820185905291516101009093049091169163a80b92e99160448082019260009290919082900301818387803b15801561075d57600080fd5b505af1158015610771573d6000803e3d6000fd5b505050505b82600160a060020a0316847f13d23b66b80073e6fb9522c31eac92141f2ba60d122edde49609d5cb9383aae28484604051808381526020018281526020019250505060405180910390a350505050565b600354600160a060020a031633146107dd57600080fd5b60055460ff16156107ed57600080fd5b60408051600160a060020a038581168252600260208301528183018790529151918716917f41ec40ce90c55c916c536c2282be01a66799ab827484d471ccb89485322089599181900360600190a25050505050565b600254600160a060020a03163314806108655750600054600160a060020a031633145b8061087f57503360009081526001602052604090205460ff165b151561088a57600080fd5b565b600254600160a060020a03163314806108af5750600054600160a060020a031633145b806108c957503360009081526001602052604090205460ff165b15156108d457600080fd5b600354604080517f81a4af15000000000000000000000000000000000000000000000000000000008152306004820152602481018490529051600160a060020a03909216916381a4af159160448082019260009290919082900301818387803b15801561051257600080fd5b600054600160a060020a0316331461095757600080fd5b60058054600160a060020a039092166101000274ffffffffffffffffffffffffffffffffffffffff0019909216919091179055565b60055460ff161561099c57600080fd5b600560019054906101000a9004600160a060020a0316600160a060020a03166342966c68826040518263ffffffff167c010000000000000000000000000000000000000000000000000000000002815260040180828152602001915050600060405180830381600087803b158015610a1357600080fd5b505af1158015610a27573d6000803e3d6000fd5b505060408051600160a060020a03861681526003602082015280820185905290513393507f41ec40ce90c55c916c536c2282be01a66799ab827484d471ccb894853220895992509081900360600190a25050565b60016020526000908152604090205460ff16815600a165627a7a72305820d8568ccde95b414ad69094716d2620ad0e4a8ae341a684827ab9ff2838982ec10029
[codex:300603] 
[codex:300603] 
[codex:300603] 
[codex:300603] 
[codex:300603] thinking
[codex:300603] **Parsing and mapping bytecode functions**
[codex:300603] 
[codex:300603] This is a deep dive into EVM bytecode to identify functions, their arguments, access controls, and storage mappings. I’m working through decoding dispatch selectors and examining storage slots usage to understand potential privileged functions and whether they control token transfers, pausing, or admin settings. The goal is to spot vulnerabilities like unprotected value transfers or delegatecalls that could lead to exploit paths.
[codex:300603] thinking
[codex:300603] **Analyzing EVM bytecode control flow and storage access**
[codex:300603] 
[codex:300603] I'm parsing complex EVM bytecode to understand how function arguments and storage slots interact, especially focusing on access control checks, mapping lookups by arg0, and branching logic for different token types like ETH, ERC20, and NFTs based on those args. The stack manipulations and jump instructions indicate careful checks on authorization and conditional calls to token contracts. It's intricate but this lets me decode how the contract handles different withdrawals and permissions.
[codex:300603] thinking
[codex:300603] **Examining conditional execution and argument usage in bytecode**
[codex:300603] 
[codex:300603] I'm piecing together how the contract uses argument comparisons and mapping states to enforce single-use nonces and decide between ETH or token transfers. The conditional jumps and stack dup instructions clarify which branches trigger calls with value or token calls, revealing how arguments map to roles like recipient, amount, and token type. This helps me understand the nuanced control flow around authorized withdrawals and prevention of replay attacks.
[codex:300603] thinking
[codex:300603] **Mapping out function purposes and authorization checks**
[codex:300603] 
[codex:300603] I'm identifying key contract functions by their selectors and analyzing which require authorization, which are public, and how they interact with stored addresses and tokens. This helps me pinpoint where state changes or value transfers happen, and which calls depend on owner, admin, or external contracts—shedding light on the contract's access control and potential user entry points.
[codex:300603] exec
[codex:300603] /bin/bash -lc "python - <<'PY'
[codex:300603] import sys,hashlib
[codex:300603] try:
[codex:300603]     import sha3
[codex:300603]     k=sha3.keccak_256()
[codex:300603]     k.update(b'deposit(uint256)')
[codex:300603]     print('keccak',k.hexdigest()[:8])
[codex:300603] except Exception as e:
[codex:300603]     print('no sha3',e)
[codex:300603]     print('sha3_256',hashlib.sha3_256(b'deposit(uint256)').hexdigest()[:8])
[codex:300603] PY" in /tmp/codex-multi-wbxpo37j succeeded in 40ms:
[codex:300603] no sha3 No module named 'sha3'
[codex:300603] sha3_256 a5df5779
[codex:300603] 
[codex:300603] thinking
[codex:300603] **Analyzing contract security and auth logic**
[codex:300603] 
[codex:300603] There's a lot here! I'm unpacking this contract's design, focusing on access control and potential vulnerabilities around fund withdrawals and external calls. I'm breaking down storage slots, auth checks, and call sequences to see if any logic errors or missing checks could let unauthorized users drain funds or bypass restrictions. I'll consider the opcode flow carefully and may write a simple disassembler to verify complex require statements.
[codex:300603] exec
[codex:300603] /bin/bash -lc "python - <<'PY'
[codex:300603] import binascii
[codex:300603] from textwrap import wrap
[codex:300603] 
[codex:300603] hexstr=open('BYTECODE_BUNDLE.txt').read().split('0x')[1].strip()
[codex:300603] # remove non-hex after? file contains only hex after 0x... ensure until end
[codex:300603] hexstr=''.join(c for c in hexstr if c in '0123456789abcdef')
[codex:300603] code=bytes.fromhex(hexstr)
[codex:300603] 
[codex:300603] # opcodes map
[codex:300603] opcodes = {0x00:'STOP',0x01:'ADD',0x02:'MUL',0x03:'SUB',0x04:'DIV',0x05:'SDIV',0x06:'MOD',0x07:'SMOD',0x08:'ADDMOD',0x09:'MULMOD',0x0a:'EXP',0x0b:'SIGNEXTEND',
[codex:300603] 0x10:'LT',0x11:'GT',0x12:'SLT',0x13:'SGT',0x14:'EQ',0x15:'ISZERO',0x16:'AND',0x17:'OR',0x18:'XOR',0x19:'NOT',0x1a:'BYTE',0x1b:'SHL',0x1c:'SHR',0x1d:'SAR',
[codex:300603] 0x20:'SHA3',0x30:'ADDRESS',0x31:'BALANCE',0x32:'ORIGIN',0x33:'CALLER',0x34:'CALLVALUE',0x35:'CALLDATALOAD',0x36:'CALLDATASIZE',0x37:'CALLDATACOPY',0x38:'CODESIZE',0x39:'CODECOPY',0x3a:'GASPRICE',0x3b:'EXTCODESIZE',0x3c:'EXTCODECOPY',0x3d:'RETURNDATASIZE',0x3e:'RETURNDATACOPY',0x3f:'EXTCODEHASH',
[codex:300603] 0x40:'BLOCKHASH',0x41:'COINBASE',0x42:'TIMESTAMP',0x43:'NUMBER',0x44:'DIFFICULTY',0x45:'GASLIMIT',0x46:'CHAINID',0x47:'SELFBALANCE',0x48:'BASEFEE',
[codex:300603] 0x50:'POP',0x51:'MLOAD',0x52:'MSTORE',0x53:'MSTORE8',0x54:'SLOAD',0x55:'SSTORE',0x56:'JUMP',0x57:'JUMPI',0x58:'PC',0x59:'MSIZE',0x5a:'GAS',0x5b:'JUMPDEST',
[codex:300603] 0x60:'PUSH1',0x61:'PUSH2',0x62:'PUSH3',0x63:'PUSH4',0x64:'PUSH5',0x65:'PUSH6',0x66:'PUSH7',0x67:'PUSH8',0x68:'PUSH9',0x69:'PUSH10',0x6a:'PUSH11',0x6b:'PUSH12',0x6c:'PUSH13',0x6d:'PUSH14',0x6e:'PUSH15',0x6f:'PUSH16',0x70:'PUSH17',0x71:'PUSH18',0x72:'PUSH19',0x73:'PUSH20',0x74:'PUSH21',0x75:'PUSH22',0x76:'PUSH23',0x77:'PUSH24',0x78:'PUSH25',0x79:'PUSH26',0x7a:'PUSH27',0x7b:'PUSH28',0x7c:'PUSH29',0x7d:'PUSH30',0x7e:'PUSH31',0x7f:'PUSH32',
[codex:300603] 0x80:'DUP1',0x81:'DUP2',0x82:'DUP3',0x83:'DUP4',0x84:'DUP5',0x85:'DUP6',0x86:'DUP7',0x87:'DUP8',0x88:'DUP9',0x89:'DUP10',0x8a:'DUP11',0x8b:'DUP12',0x8c:'DUP13',0x8d:'DUP14',0x8e:'DUP15',0x8f:'DUP16',
[codex:300603] 0x90:'SWAP1',0x91:'SWAP2',0x92:'SWAP3',0x93:'SWAP4',0x94:'SWAP5',0x95:'SWAP6',0x96:'SWAP7',0x97:'SWAP8',0x98:'SWAP9',0x99:'SWAP10',0x9a:'SWAP11',0x9b:'SWAP12',0x9c:'SWAP13',0x9d:'SWAP14',0x9e:'SWAP15',0x9f:'SWAP16',
[codex:300603] 0xa0:'LOG0',0xa1:'LOG1',0xa2:'LOG2',0xa3:'LOG3',0xa4:'LOG4',0xf0:'CREATE',0xf1:'CALL',0xf2:'CALLCODE',0xf3:'RETURN',0xf4:'DELEGATECALL',0xf5:'CREATE2',0xfa:'STATICCALL',0xfd:'REVERT',0xfe:'INVALID',0xff:'SELFDESTRUCT'}
[codex:300603] 
[codex:300603] # disassemble around offsets of interest
[codex:300603] 
[codex:300603] def disasm(start, end):
[codex:300603]     i=start
[codex:300603]     while i<end:
[codex:300603]         op=code[i]
[codex:300603]         name=opcodes.get(op, f'UNKNOWN_{op:02x}')
[codex:300603]         if name.startswith('PUSH'):
[codex:300603]             n=op-0x5f
[codex:300603]             data=code[i+1:i+1+n]
[codex:300603]             print(f'{i:04x}: {name} 0x{data.hex()}')
[codex:300603]             i+=1+n
[codex:300603]         else:
[codex:300603]             print(f'{i:04x}: {name}')
[codex:300603]             i+=1
[codex:300603] 
[codex:300603] # pick ranges
[codex:300603] for start,end in [(0x02c0,0x0320),(0x0350,0x03f0),(0x0560,0x0770),(0x0980,0x0a80)]:
[codex:300603]     print('\\n==',hex(start),hex(end))
[codex:300603]     disasm(start,end)
[codex:300603] PY" in /tmp/codex-multi-wbxpo37j succeeded in 26ms:
[codex:300603] 
[codex:300603] == 0x2c0 0x320
[codex:300603] 02c0: JUMPDEST
[codex:300603] 02c1: PUSH1 0x02
[codex:300603] 02c3: SLOAD
[codex:300603] 02c4: PUSH1 0x01
[codex:300603] 02c6: PUSH1 0xa0
[codex:300603] 02c8: PUSH1 0x02
[codex:300603] 02ca: EXP
[codex:300603] 02cb: SUB
[codex:300603] 02cc: AND
[codex:300603] 02cd: CALLER
[codex:300603] 02ce: EQ
[codex:300603] 02cf: DUP1
[codex:300603] 02d0: PUSH2 0x02e3
[codex:300603] 02d3: JUMPI
[codex:300603] 02d4: POP
[codex:300603] 02d5: PUSH1 0x00
[codex:300603] 02d7: SLOAD
[codex:300603] 02d8: PUSH1 0x01
[codex:300603] 
[codex:300603] thinking
[codex:300603] **Analyzing suspicious SELFDESTRUCT opcode**
[codex:300603] exec
[codex:300603] /bin/bash -lc "python - <<'PY'
[codex:300603] import binascii
[codex:300603] hexstr=open('BYTECODE_BUNDLE.txt').read().split('0x')[1].strip()
[codex:300603] hexstr=''.join(c for c in hexstr if c in '0123456789abcdef')
[codex:300603] code=bytes.fromhex(hexstr)
[codex:300603] 
[codex:300603] opcodes={0x00:'STOP',0x01:'ADD',0x02:'MUL',0x03:'SUB',0x04:'DIV',0x05:'SDIV',0x06:'MOD',0x07:'SMOD',0x08:'ADDMOD',0x09:'MULMOD',0x0a:'EXP',0x0b:'SIGNEXTEND',0x10:'LT',0x11:'GT',0x12:'SLT',0x13:'SGT',0x14:'EQ',0x15:'ISZERO',0x16:'AND',0x17:'OR',0x18:'XOR',0x19:'NOT',0x1a:'BYTE',0x1b:'SHL',0x1c:'SHR',0x1d:'SAR',0x20:'SHA3',0x30:'ADDRESS',0x31:'BALANCE',0x32:'ORIGIN',0x33:'CALLER',0x34:'CALLVALUE',0x35:'CALLDATALOAD',0x36:'CALLDATASIZE',0x37:'CALLDATACOPY',0x38:'CODESIZE',0x39:'CODECOPY',0x3a:'GASPRICE',0x3b:'EXTCODESIZE',0x3c:'EXTCODECOPY',0x3d:'RETURNDATASIZE',0x3e:'RETURNDATACOPY',0x3f:'EXTCODEHASH',0x40:'BLOCKHASH',0x41:'COINBASE',0x42:'TIMESTAMP',0x43:'NUMBER',0x44:'DIFFICULTY',0x45:'GASLIMIT',0x46:'CHAINID',0x47:'SELFBALANCE',0x48:'BASEFEE',0x50:'POP',0x51:'MLOAD',0x52:'MSTORE',0x53:'MSTORE8',0x54:'SLOAD',0x55:'SSTORE',0x56:'JUMP',0x57:'JUMPI',0x58:'PC',0x59:'MSIZE',0x5a:'GAS',0x5b:'JUMPDEST',0x60:'PUSH1',0x61:'PUSH2',0x62:'PUSH3',0x63:'PUSH4',0x64:'PUSH5',0x65:'PUSH6',0x66:'PUSH7',0x67:'PUSH8',0x68:'PUSH9',0x69:'PUSH10',0x6a:'PUSH11',0x6b:'PUSH12',0x6c:'PUSH13',0x6d:'PUSH14',0x6e:'PUSH15',0x6f:'PUSH16',0x70:'PUSH17',0x71:'PUSH18',0x72:'PUSH19',0x73:'PUSH20',0x74:'PUSH21',0x75:'PUSH22',0x76:'PUSH23',0x77:'PUSH24',0x78:'PUSH25',0x79:'PUSH26',0x7a:'PUSH27',0x7b:'PUSH28',0x7c:'PUSH29',0x7d:'PUSH30',0x7e:'PUSH31',0x7f:'PUSH32',0x80:'DUP1',0x81:'DUP2',0x82:'DUP3',0x83:'DUP4',0x84:'DUP5',0x85:'DUP6',0x86:'DUP7',0x87:'DUP8',0x88:'DUP9',0x89:'DUP10',0x8a:'DUP11',0x8b:'DUP12',0x8c:'DUP13',0x8d:'DUP14',0x8e:'DUP15',0x8f:'DUP16',0x90:'SWAP1',0x91:'SWAP2',0x92:'SWAP3',0x93:'SWAP4',0x94:'SWAP5',0x95:'SWAP6',0x96:'SWAP7',0x97:'SWAP8',0x98:'SWAP9',0x99:'SWAP10',0x9a:'SWAP11',0x9b:'SWAP12',0x9c:'SWAP13',0x9d:'SWAP14',0x9e:'SWAP15',0x9f:'SWAP16',0xa0:'LOG0',0xa1:'LOG1',0xa2:'LOG2',0xa3:'LOG3',0xa4:'LOG4',0xf0:'CREATE',0xf1:'CALL',0xf2:'CALLCODE',0xf3:'RETURN',0xf4:'DELEGATECALL',0xf5:'CREATE2',0xfa:'STATICCALL',0xfd:'REVERT',0xfe:'INVALID',0xff:'SELFDESTRUCT'}
[codex:300603] 
[codex:300603] def disasm(start, end):
[codex:300603]     i=start
[codex:300603]     while i<end:
[codex:300603]         op=code[i]
[codex:300603]         name=opcodes.get(op, f'UNKNOWN_{op:02x}')
[codex:300603]         if name.startswith('PUSH'):
[codex:300603]             n=op-0x5f
[codex:300603]             data=code[i+1:i+1+n]
[codex:300603]             print(f'{i:04x}: {name} 0x{data.hex()}')
[codex:300603]             i+=1+n
[codex:300603]         else:
[codex:300603]             print(f'{i:04x}: {name}')
[codex:300603]             i+=1
[codex:300603] 
[codex:300603] print('len',len(code))
[codex:300603] print('JUMPDESTs around 0x0310-0x0360:')
[codex:300603] for i in range(0x0310,0x0365):
[codex:300603]     if code[i]==0x5b:
[codex:300603]         print(hex(i))
[codex:300603] 
[codex:300603] print('\\nDisasm 0x0310-0x0365')
[codex:300603] disasm(0x0310,0x0365)
[codex:300603] PY" in /tmp/codex-multi-wbxpo37j succeeded in 24ms:
[codex:300603] len 2748
[codex:300603] JUMPDESTs around 0x0310-0x0360:
[codex:300603] 0x31b
[codex:300603] 0x332
[codex:300603] 0x35d
[codex:300603] 
[codex:300603] Disasm 0x0310-0x0365
[codex:300603] 0310: AND
[codex:300603] 0311: SWAP2
[codex:300603] 0312: ISZERO
[codex:300603] 0313: ISZERO
[codex:300603] 0314: SWAP2
[codex:300603] 0315: SWAP1
[codex:300603] 0316: SWAP2
[codex:300603] 0317: OR
[codex:300603] 0318: SWAP1
[codex:300603] 0319: SSTORE
[codex:300603] 031a: JUMP
[codex:300603] 031b: JUMPDEST
[codex:300603] 031c: PUSH1 0x00
[codex:300603] 
[codex:300603] 
[codex:300603] thinking
[codex:300603] **Clarifying function argument roles**
[codex:300603] thinking
[codex:300603] **Verifying access control logic**
[codex:300603] exec
[codex:300603] /bin/bash -lc "python - <<'PY'
[codex:300603] import binascii
[codex:300603] hexstr=open('BYTECODE_BUNDLE.txt').read().split('0x')[1].strip()
[codex:300603] hexstr=''.join(c for c in hexstr if c in '0123456789abcdef')
[codex:300603] code=bytes.fromhex(hexstr)
[codex:300603] 
[codex:300603] opcodes={0xff:'SELFDESTRUCT',0xf4:'DELEGATECALL',0xf2:'CALLCODE'}
[codex:300603] 
[codex:300603] for i,b in enumerate(code):
[codex:300603]     if b in opcodes:
[codex:300603]         print(hex(i),opcodes[b])
[codex:300603] PY" in /tmp/codex-multi-wbxpo37j succeeded in 17ms:
[codex:300603] 0xe SELFDESTRUCT
[codex:300603] 0xf SELFDESTRUCT
[codex:300603] 0x10 SELFDESTRUCT
[codex:300603] 0x11 SELFDESTRUCT
[codex:300603] 0x2fb SELFDESTRUCT
[codex:300603] 0x30e SELFDESTRUCT
[codex:300603] 0x350 SELFDESTRUCT
[codex:300603] 0x398 SELFDESTRUCT
[codex:300603] 0x3e7 SELFDESTRUCT
[codex:300603] 0x3ec CALLCODE
[codex:300603] 0x451 SELFDESTRUCT
[codex:300603] 0x49f SELFDESTRUCT
[codex:300603] 0x54a SELFDESTRUCT
[codex:300603] 0x54b SELFDESTRUCT
[codex:300603] 0x54c SELFDESTRUCT
[codex:300603] 0x54d SELFDESTRUCT
[codex:300603] 0x54e SELFDESTRUCT
[codex:300603] 0x54f SELFDESTRUCT
[codex:300603] 0x550 SELFDESTRUCT
[codex:300603] 0x551 SELFDESTRUCT
[codex:300603] 
[codex:300603] thinking
[codex:300603] **Analyzing potential token function selectors**
[codex:300603] exec
[codex:300603] /bin/bash -lc "python - <<'PY'
[codex:300603] try:
[codex:300603]     from Crypto.Hash import keccak
[codex:300603]     k=keccak.new(digest_bits=256)
[codex:300603]     k.update(b'deposit(uint256)')
[codex:300603]     print('keccak',k.hexdigest()[:8])
[codex:300603] except Exception as e:
[codex:300603]     print('no',e)
[codex:300603] PY" in /tmp/codex-multi-wbxpo37j succeeded in 45ms:
[codex:300603] keccak b6b55f25
[codex:300603] 
[codex:300603] thinking
[codex:300603] **Computing function selectors**
[codex:300603] exec
[codex:300603] /bin/bash -lc "python - <<'PY'
[codex:300603] from Crypto.Hash import keccak
[codex:300603] 
[codex:300603] def sig(s):
[codex:300603]     k=keccak.new(digest_bits=256)
[codex:300603]     k.update(s.encode())
[codex:300603]     return k.hexdigest()[:8]
[codex:300603] 
[codex:300603] sigs=[
[codex:300603]     'deposit(uint256)',
[codex:300603]     'withdraw(uint256)',
[codex:300603]     'burn(uint256)',
[codex:300603]     'burnFrom(address,uint256)',
[codex:300603]     'mint(address,uint256)',
[codex:300603]     'transfer(address,uint256)',
[codex:300603]     'transferFrom(address,address,uint256)',
[codex:300603]     'approve(address,uint256)',
[codex:300603]     'safeTransferFrom(address,address,uint256)',
[codex:300603]     'safeTransferFrom(address,address,uint256,bytes)',
[codex:300603]     'redeem(uint256)',
[codex:300603]     'claim(uint256)',
[codex:300603]     'lock(address,uint256)',
[codex:300603]     'unlock(address,uint256)',
[codex:300603]     'withdraw(address,uint256)',
[codex:300603]     'deposit(address,uint256)',
[codex:300603]     'withdraw(address,address,uint256)',
[codex:300603]     'deposit(address,address,uint256)',
[codex:300603]     'withdrawTo(address,uint256)',
[codex:300603]     'release(address,uint256)',
[codex:300603]     'release(uint256)',
[codex:300603] ]
[codex:300603] for s in sigs:
[codex:300603]     print(s, sig(s))
[codex:300603] 
[codex:300603] # try to find common signatures that match 42966c68 etc from a list
[codex:300603] 
[codex:300603] PY" in /tmp/codex-multi-wbxpo37j succeeded in 41ms:
[codex:300603] deposit(uint256) b6b55f25
[codex:300603] withdraw(uint256) 2e1a7d4d
[codex:300603] burn(uint256) 42966c68
[codex:300603] burnFrom(address,uint256) 79cc6790
[codex:300603] mint(address,uint256) 40c10f19
[codex:300603] transfer(address,uint256) a9059cbb
[codex:300603] transferFrom(address,address,uint256) 23b872dd
[codex:300603] approve(address,uint256) 095ea7b3
[codex:300603] safeTransferFrom(address,address,uint256) 42842e0e
[codex:300603] safeTransferFrom(address,address,uint256,bytes) b88d4fde
[codex:300603] redeem(uint256) db006a75
[codex:300603] claim(uint256) 379607f5
[codex:300603] lock(address,uint256) 282d3fdf
[codex:300603] unlock(address,uint256) 7eee288d
[codex:300603] withdraw(address,uint256) f3fef3a3
[codex:300603] deposit(address,uint256) 47e7ef24
[codex:300603] withdraw(address,address,uint256) d9caed12
[codex:300603] deposit(address,address,uint256) 8340f549
[codex:300603] withdrawTo(address,uint256) 205c2878
[codex:300603] release(address,uint256) 0357371d
[codex:300603] 
[codex:300603] thinking
[codex:300603] **Analyzing token burn functions and contract behavior**
[codex:300603] exec
[codex:300603] /bin/bash -lc "python - <<'PY'
[codex:300603] from Crypto.Hash import keccak
[codex:300603] 
[codex:300603] def sig(s):
[codex:300603]     k=keccak.new(digest_bits=256)
[codex:300603]     k.update(s.encode())
[codex:300603]     return k.hexdigest()[:8]
[codex:300603] 
[codex:300603] candidates=[
[codex:300603]     'burn(address,uint256)',
[codex:300603]     'burnFrom(address,uint256)',
[codex:300603]     'mint(address,uint256)',
[codex:300603]     'mint(address,uint256,uint256)',
[codex:300603]     'transferFrom(address,address,uint256)',
[codex:300603]     'safeTransferFrom(address,address,uint256)',
[codex:300603]     'safeTransferFrom(address,address,uint256,bytes)',
[codex:300603]     'transfer(address,uint256,uint256)',
[codex:300603]     'transfer(address,address,uint256)',
[codex:300603]     'transferFrom(address,address,uint256,bytes)',
[codex:300603]     'mint(address,uint256,uint256,bytes)',
[codex:300603]     'withdraw(address,uint256)',
[codex:300603]     'withdraw(address,address,uint256)',
[codex:300603]     'withdraw(uint256,address)',
[codex:300603]     'withdrawFrom(address,uint256)',
[codex:300603]     'redeem(address,uint256)',
[codex:300603]     'release(address,uint256)',
[codex:300603]     'release(address,address,uint256)',
[codex:300603]     'claim(address,uint256)',
[codex:300603]     'transferTo(address,uint256)',
[codex:300603]     'sendTo(address,uint256)',
[codex:300603]     'send(address,uint256)',
[codex:300603]     'withdraw(uint256)',
[codex:300603]     'withdraw(address)',
[codex:300603] ]
[codex:300603] 
[codex:300603] for s in candidates:
[codex:300603]     if sig(s) in ('a80b92e9','81a4af15'):
[codex:300603]         print('match',s,sig(s))
[codex:300603] 
[codex:300603] # brute search small set of common ERC721 functions
[codex:300603] erc721=['approve(address,uint256)','setApprovalForAll(address,bool)','isApprovedForAll(address,address)','ownerOf(uint256)','getApproved(uint256)','transferFrom(address,address,uint256)','safeTransferFrom(address,address,uint256)','safeTransferFrom(address,address,uint256,bytes)']
[codex:300603] for s in erc721:
[codex:300603]     if sig(s) in ('a80b92e9','81a4af15'):
[codex:300603]         print('erc721 match',s,sig(s))
[codex:300603] 
[codex:300603] # compute for 'burnFrom(address,uint256,uint256)' etc
[codex:300603] more=[
[codex:300603]     'burnFrom(address,uint256,uint256)',
[codex:300603]     'burn(address,uint256,uint256)',
[codex:300603]     'burnFrom(address,address,uint256)',
[codex:300603]     'safeTransferFrom(address,address,uint256,uint256,bytes)',
[codex:300603]     'safeTransferFrom(address,address,uint256,uint256)',
[codex:300603]     'transferFrom(address,address,uint256,uint256)',
[codex:300603] ]
[codex:300603] for s in more:
[codex:300603]     if sig(s) in ('a80b92e9','81a4af15'):
[codex:300603]         print('more match',s,sig(s))
[codex:300603] PY" in /tmp/codex-multi-wbxpo37j succeeded in 37ms:
[codex:300603] 
[codex:300603] 
[codex:300603] thinking
[codex:300603] **Analyzing unknown function selectors**
[codex:300603] exec
[codex:300603] /bin/bash -lc "python - <<'PY'
[codex:300603] from Crypto.Hash import keccak
[codex:300603] 
[codex:300603] names=['burn','burnFrom','transfer','transferFrom','safeTransferFrom','withdraw','redeem','claim','unlock','lock','mint','deposit','bridge','swap','release','send','move','withdrawTo','transferTo','take','give','safeTransfer','safeBurn','burnTo','withdrawFrom','releaseTo','redeemTo','claimTo','safeMint','mintTo','depositFor','withdrawFor']
[codex:300603] 
[codex:300603] types=['address','uint256','uint8','bytes','bytes32','bool']
[codex:300603] 
[codex:300603] # generate a limited set of parameter lists (length 1-4)
[codex:300603] param_lists=[]
[codex:300603] # typical combos
[codex:300603] param_lists += [
[codex:300603]     ['address'],['uint256'],['address','uint256'],['address','address','uint256'],['address','address','uint256','bytes'],
[codex:300603]     ['address','address','uint256','uint256'],['address','uint256','uint256'],['address','uint256','bytes'],['address','address','uint256','uint256','bytes'],
[codex:300603]     ['uint256','uint256'],['uint256','address'],['uint256','address','uint256'],['uint256','uint256','uint256'],['address','uint256','address'],
[codex:300603] ]
[codex:300603] # remove duplicates
[codex:300603] seen=set()
[codex:300603] param_lists=[pl for pl in param_lists if tuple(pl) not in seen and not seen.add(tuple(pl))]
[codex:300603] 
[codex:300603] 
[codex:300603] def sig(s):
[codex:300603]     k=keccak.new(digest_bits=256)
[codex:300603]     k.update(s.encode())
[codex:300603]     return k.hexdigest()[:8]
[codex:300603] 
[codex:300603] matches=[]
[codex:300603] for name in names:
[codex:300603]     for params in param_lists:
[codex:300603]         s=f\"{name}({','.join(params)})\"
[codex:300603]         h=sig(s)
[codex:300603]         if h in ('a80b92e9','81a4af15'):
[codex:300603]             matches.append((h,s))
[codex:300603] 
[codex:300603] print(matches)
[codex:300603] PY" in /tmp/codex-multi-wbxpo37j succeeded in 45ms:
[codex:300603] []
[codex:300603] 
[codex:300603] thinking
[codex:300603] **Checking function signature hints**
[codex:300603] exec
[codex:300603] /bin/bash -lc "python - <<'PY'
[codex:300603] from Crypto.Hash import keccak
[codex:300603] 
[codex:300603] def sig(s):
[codex:300603]     k=keccak.new(digest_bits=256)
[codex:300603]     k.update(s.encode())
[codex:300603]     return k.hexdigest()[:8]
[codex:300603] 
[codex:300603] for s in [
[codex:300603]     'safeTransferFrom(address,address,uint256,uint256)',
[codex:300603]     'safeTransferFrom(address,address,uint256,uint256,bytes)',
[codex:300603]     'safeBatchTransferFrom(address,address,uint256[],uint256[],bytes)',
[codex:300603]     'transferFrom(address,address,uint256,uint256)',
[codex:300603]     'transferFrom(address,address,uint256,uint256,bytes)',
[codex:300603]     'transfer(address,address,uint256,uint256)',
[codex:300603]     'transfer(address,address,uint256)',
[codex:300603]     'transfer(address,uint256,uint256)',
[codex:300603]     'transfer(address,uint256)',
[codex:300603]     'burn(address,address,uint256)',
[codex:300603]     'burnFrom(address,address,uint256)',
[codex:300603]     'burnFrom(address,address,uint256,uint256)',
[codex:300603]     'burn(address,uint256,uint256)',
[codex:300603]     'burn(address,address,uint256,uint256)',
[codex:300603]     'mint(address,uint256,uint256)',
[codex:300603]     'mint(address,address,uint256)',
[codex:300603]     'mint(address,address,uint256,uint256)',
[codex:300603]     'mint(address,uint256,uint256,bytes)',
[codex:300603] ]:
[codex:300603]     h=sig(s)
[codex:300603]     if h in ('a80b92e9','81a4af15'):
[codex:300603]         print('match',s,h)
[codex:300603] 
[codex:300603] # also check some NFT specific functions
[codex:300603] nft=['transferFrom(address,address,uint256)','safeTransferFrom(address,address,uint256)','safeTransferFrom(address,address,uint256,bytes)','approve(address,uint256)','setApprovalForAll(address,bool)','getApproved(uint256)','isApprovedForAll(address,address)','ownerOf(uint256)']
[codex:300603] for s in nft:
[codex:300603]     h=sig(s)
[codex:300603]     if h in ('a80b92e9','81a4af15'):
[codex:300603]         print('nft match',s,h)
[codex:300603] 
[codex:300603] PY" in /tmp/codex-multi-wbxpo37j succeeded in 50ms:
[codex:300603] 
[codex:300603] 
[codex:300603] thinking
[codex:300603] **Summarizing security analysis and findings**
[codex:300603] 
[codex:300603] I carefully analyzed each relevant function and access controls in the contract's bytecode to verify if there are any exploitable paths for profit extraction. The calls that transfer ETH or tokens require admin authorization, and public functions either only burn tokens (which is not profitable but could be used for griefing) or emit events without value transfer. I confirmed no delegatecalls or unchecked calls exist, and subtle access control logic appears sound. Overall, I found no concrete exploit paths, so I'll produce JSON output indicating no findings and include a concise summary of these points.
[codex:300603] codex
[codex:300603] {"no_findings":true,"summary":"Reviewed BYTECODE_BUNDLE.txt runtime bytecode; external value-transfer paths (ETH call, ERC20 transfer, burn) are gated by owner/operator/authorized checks, and public functions only emit events or call burn(uint256) on fixed token addresses. No unprotected CALL/DELEGATECALL or controllable SELFDESTRUCT patterns observed, so no concrete profit-extraction path is evident from bytecode alone.","findings":[]}
[codex:300603] tokens used
[codex:300603] 58,832
[codex:300603] {"no_findings":true,"summary":"Reviewed BYTECODE_BUNDLE.txt runtime bytecode; external value-transfer paths (ETH call, ERC20 transfer, burn) are gated by owner/operator/authorized checks, and public functions only emit events or call burn(uint256) on fixed token addresses. No unprotected CALL/DELEGATECALL or controllable SELFDESTRUCT patterns observed, so no concrete profit-extraction path is evident from bytecode alone.","findings":[]}

Metadata

{
    "codex": {
        "ran_at": "2026-01-04T05:26:50.223693+00:00",
        "returncode": 0
    },
    "summary": "Reviewed BYTECODE_BUNDLE.txt runtime bytecode; external value-transfer paths (ETH call, ERC20 transfer, burn) are gated by owner/operator/authorized checks, and public functions only emit events or call burn(uint256) on fixed token addresses. No unprotected CALL/DELEGATECALL or controllable SELFDESTRUCT patterns observed, so no concrete profit-extraction path is evident from bytecode alone.",
    "raw_final": {
        "summary": "Reviewed BYTECODE_BUNDLE.txt runtime bytecode; external value-transfer paths (ETH call, ERC20 transfer, burn) are gated by owner/operator/authorized checks, and public functions only emit events or call burn(uint256) on fixed token addresses. No unprotected CALL/DELEGATECALL or controllable SELFDESTRUCT patterns observed, so no concrete profit-extraction path is evident from bytecode alone.",
        "findings": [],
        "no_findings": true
    },
    "no_findings": true,
    "schema_version": 1
}

Opcode Heuristics

tool.cast_disasm

Delegatecall

0

Selfdestruct

0

CREATE2

0

CALL-family (heavy)

6

EXT*/BALANCE

5

Total opcodes

1729

Flags

heavy_ext_balance_usage

View cast disassembly output

00000000: PUSH1 0x80
00000002: PUSH1 0x40
00000004: MSTORE
00000005: PUSH1 0x04
00000007: CALLDATASIZE
00000008: LT
00000009: PUSH2 0x00da
0000000c: JUMPI
0000000d: PUSH4 0xffffffff
00000012: PUSH29 0x0100000000000000000000000000000000000000000000000000000000
00000030: PUSH1 0x00
00000032: CALLDATALOAD
00000033: DIV
00000034: AND
00000035: PUSH4 0x16c38b3c
0000003a: DUP2
0000003b: EQ
0000003c: PUSH2 0x00df
0000003f: JUMPI
00000040: DUP1
00000041: PUSH4 0x26767f90
00000046: EQ
00000047: PUSH2 0x00fb
0000004a: JUMPI
0000004b: DUP1
0000004c: PUSH4 0x424e81cc
00000051: EQ
00000052: PUSH2 0x0121
00000055: JUMPI
00000056: DUP1
00000057: PUSH4 0x52802121
0000005c: EQ
0000005d: PUSH2 0x0139
00000060: JUMPI
00000061: DUP1
00000062: PUSH4 0x52918970
00000067: EQ
00000068: PUSH2 0x014d
0000006b: JUMPI
0000006c: DUP1
0000006d: PUSH4 0x55a373d6
00000072: EQ
00000073: PUSH2 0x0179
00000076: JUMPI
00000077: DUP1
00000078: PUSH4 0x7128ee10
0000007d: EQ
0000007e: PUSH2 0x01aa
00000081: JUMPI
00000082: DUP1
00000083: PUSH4 0x7adbf973
00000088: EQ
00000089: PUSH2 0x01c2
0000008c: JUMPI
0000008d: DUP1
0000008e: PUSH4 0x7b052f23
00000093: EQ
00000094: PUSH2 0x01e3
00000097: JUMPI
00000098: DUP1
00000099: PUSH4 0x9c908f61
0000009e: EQ
0000009f: PUSH2 0x020d
000000a2: JUMPI
000000a3: DUP1
000000a4: PUSH4 0xb71f9074
000000a9: EQ
000000aa: PUSH2 0x023a
000000ad: JUMPI
000000ae: DUP1
000000af: PUSH4 0xc83c505f
000000b4: EQ
000000b5: PUSH2 0x0242
000000b8: JUMPI
000000b9: DUP1
000000ba: PUSH4 0xc843b33a
000000bf: EQ
000000c0: PUSH2 0x025a
000000c3: JUMPI
000000c4: DUP1
000000c5: PUSH4 0xd3387158
000000ca: EQ
000000cb: PUSH2 0x027b
000000ce: JUMPI
000000cf: DUP1
000000d0: PUSH4 0xf3ae2415
000000d5: EQ
000000d6: PUSH2 0x029f
000000d9: JUMPI
000000da: JUMPDEST
000000db: PUSH1 0x00
000000dd: DUP1
000000de: REVERT
000000df: JUMPDEST
000000e0: CALLVALUE
000000e1: DUP1
000000e2: ISZERO
000000e3: PUSH2 0x00eb
000000e6: JUMPI
000000e7: PUSH1 0x00
000000e9: DUP1
000000ea: REVERT
000000eb: JUMPDEST
000000ec: POP
000000ed: PUSH2 0x00f9
000000f0: PUSH1 0x04
000000f2: CALLDATALOAD
000000f3: ISZERO
000000f4: ISZERO
000000f5: PUSH2 0x02c0
000000f8: JUMP
000000f9: JUMPDEST
000000fa: STOP
000000fb: JUMPDEST
000000fc: CALLVALUE
000000fd: DUP1
000000fe: ISZERO
000000ff: PUSH2 0x0107
00000102: JUMPI
00000103: PUSH1 0x00
00000105: DUP1
00000106: REVERT
00000107: JUMPDEST
00000108: POP
00000109: PUSH2 0x00f9
0000010c: PUSH1 0x01
0000010e: PUSH1 0xa0
00000110: PUSH1 0x02
00000112: EXP
00000113: SUB
00000114: PUSH1 0x04
00000116: CALLDATALOAD
00000117: AND
00000118: PUSH1 0x24
0000011a: CALLDATALOAD
0000011b: ISZERO
0000011c: ISZERO
0000011d: PUSH2 0x031b
00000120: JUMP
00000121: JUMPDEST
00000122: CALLVALUE
00000123: DUP1
00000124: ISZERO
00000125: PUSH2 0x012d
00000128: JUMPI
00000129: PUSH1 0x00
0000012b: DUP1
0000012c: REVERT
0000012d: JUMPDEST
0000012e: POP
0000012f: PUSH2 0x00f9
00000132: PUSH1 0x04
00000134: CALLDATALOAD
00000135: PUSH2 0x035d
00000138: JUMP
00000139: JUMPDEST
0000013a: PUSH2 0x00f9
0000013d: PUSH1 0x01
0000013f: PUSH1 0xa0
00000141: PUSH1 0x02
00000143: EXP
00000144: SUB
00000145: PUSH1 0x04
00000147: CALLDATALOAD
00000148: AND
00000149: PUSH2 0x03e2
0000014c: JUMP
0000014d: JUMPDEST
0000014e: CALLVALUE
0000014f: DUP1
00000150: ISZERO
00000151: PUSH2 0x0159
00000154: JUMPI
00000155: PUSH1 0x00
00000157: DUP1
00000158: REVERT
00000159: JUMPDEST
0000015a: POP
0000015b: PUSH2 0x0165
0000015e: PUSH1 0x04
00000160: CALLDATALOAD
00000161: PUSH2 0x0440
00000164: JUMP
00000165: JUMPDEST
00000166: PUSH1 0x40
00000168: DUP1
00000169: MLOAD
0000016a: SWAP2
0000016b: ISZERO
0000016c: ISZERO
0000016d: DUP3
0000016e: MSTORE
0000016f: MLOAD
00000170: SWAP1
00000171: DUP2
00000172: SWAP1
00000173: SUB
00000174: PUSH1 0x20
00000176: ADD
00000177: SWAP1
00000178: RETURN
00000179: JUMPDEST
0000017a: CALLVALUE
0000017b: DUP1
0000017c: ISZERO
0000017d: PUSH2 0x0185
00000180: JUMPI
00000181: PUSH1 0x00
00000183: DUP1
00000184: REVERT
00000185: JUMPDEST
00000186: POP
00000187: PUSH2 0x018e
0000018a: PUSH2 0x0455
0000018d: JUMP
0000018e: JUMPDEST
0000018f: PUSH1 0x40
00000191: DUP1
00000192: MLOAD
00000193: PUSH1 0x01
00000195: PUSH1 0xa0
00000197: PUSH1 0x02
00000199: EXP
0000019a: SUB
0000019b: SWAP1
0000019c: SWAP3
0000019d: AND
0000019e: DUP3
0000019f: MSTORE
000001a0: MLOAD
000001a1: SWAP1
000001a2: DUP2
000001a3: SWAP1
000001a4: SUB
000001a5: PUSH1 0x20
000001a7: ADD
000001a8: SWAP1
000001a9: RETURN
000001aa: JUMPDEST
000001ab: CALLVALUE
000001ac: DUP1
000001ad: ISZERO
000001ae: PUSH2 0x01b6
000001b1: JUMPI
000001b2: PUSH1 0x00
000001b4: DUP1
000001b5: REVERT
000001b6: JUMPDEST
000001b7: POP
000001b8: PUSH2 0x00f9
000001bb: PUSH1 0x04
000001bd: CALLDATALOAD
000001be: PUSH2 0x0464
000001c1: JUMP
000001c2: JUMPDEST
000001c3: CALLVALUE
000001c4: DUP1
000001c5: ISZERO
000001c6: PUSH2 0x01ce
000001c9: JUMPI
000001ca: PUSH1 0x00
000001cc: DUP1
000001cd: REVERT
000001ce: JUMPDEST
000001cf: POP
000001d0: PUSH2 0x00f9
000001d3: PUSH1 0x01
000001d5: PUSH1 0xa0
000001d7: PUSH1 0x02
000001d9: EXP
000001da: SUB
000001db: PUSH1 0x04
000001dd: CALLDATALOAD
000001de: AND
000001df: PUSH2 0x052d
000001e2: JUMP
000001e3: JUMPDEST
000001e4: CALLVALUE
000001e5: DUP1
000001e6: ISZERO
000001e7: PUSH2 0x01ef
000001ea: JUMPI
000001eb: PUSH1 0x00
000001ed: DUP1
000001ee: REVERT
000001ef: JUMPDEST
000001f0: POP
000001f1: PUSH2 0x00f9
000001f4: PUSH1 0x04
000001f6: CALLDATALOAD
000001f7: PUSH1 0x01
000001f9: PUSH1 0xa0
000001fb: PUSH1 0x02
000001fd: EXP
000001fe: SUB
000001ff: PUSH1 0x24
00000201: CALLDATALOAD
00000202: AND
00000203: PUSH1 0x44
00000205: CALLDATALOAD
00000206: PUSH1 0x64
00000208: CALLDATALOAD
00000209: PUSH2 0x0573
0000020c: JUMP
0000020d: JUMPDEST
0000020e: CALLVALUE
0000020f: DUP1
00000210: ISZERO
00000211: PUSH2 0x0219
00000214: JUMPI
00000215: PUSH1 0x00
00000217: DUP1
00000218: REVERT
00000219: JUMPDEST
0000021a: POP
0000021b: PUSH2 0x00f9
0000021e: PUSH1 0x01
00000220: PUSH1 0xa0
00000222: PUSH1 0x02
00000224: EXP
00000225: SUB
00000226: PUSH1 0x04
00000228: CALLDATALOAD
00000229: AND
0000022a: PUSH1 0x24
0000022c: CALLDATALOAD
0000022d: PUSH1 0x44
0000022f: CALLDATALOAD
00000230: PUSH1 0x64
00000232: CALLDATALOAD
00000233: PUSH1 0x84
00000235: CALLDATALOAD
00000236: PUSH2 0x07c6
00000239: JUMP
0000023a: JUMPDEST
0000023b: PUSH2 0x00f9
0000023e: PUSH2 0x0842
00000241: JUMP
00000242: JUMPDEST
00000243: CALLVALUE
00000244: DUP1
00000245: ISZERO
00000246: PUSH2 0x024e
00000249: JUMPI
0000024a: PUSH1 0x00
0000024c: DUP1
0000024d: REVERT
0000024e: JUMPDEST
0000024f: POP
00000250: PUSH2 0x00f9
00000253: PUSH1 0x04
00000255: CALLDATALOAD
00000256: PUSH2 0x088c
00000259: JUMP
0000025a: JUMPDEST
0000025b: CALLVALUE
0000025c: DUP1
0000025d: ISZERO
0000025e: PUSH2 0x0266
00000261: JUMPI
00000262: PUSH1 0x00
00000264: DUP1
00000265: REVERT
00000266: JUMPDEST
00000267: POP
00000268: PUSH2 0x00f9
0000026b: PUSH1 0x01
0000026d: PUSH1 0xa0
0000026f: PUSH1 0x02
00000271: EXP
00000272: SUB
00000273: PUSH1 0x04
00000275: CALLDATALOAD
00000276: AND
00000277: PUSH2 0x0940
0000027a: JUMP
0000027b: JUMPDEST
0000027c: CALLVALUE
0000027d: DUP1
0000027e: ISZERO
0000027f: PUSH2 0x0287
00000282: JUMPI
00000283: PUSH1 0x00
00000285: DUP1
00000286: REVERT
00000287: JUMPDEST
00000288: POP
00000289: PUSH2 0x00f9
0000028c: PUSH1 0x01
0000028e: PUSH1 0xa0
00000290: PUSH1 0x02
00000292: EXP
00000293: SUB
00000294: PUSH1 0x04
00000296: CALLDATALOAD
00000297: AND
00000298: PUSH1 0x24
0000029a: CALLDATALOAD
0000029b: PUSH2 0x098c
0000029e: JUMP
0000029f: JUMPDEST
000002a0: CALLVALUE
000002a1: DUP1
000002a2: ISZERO
000002a3: PUSH2 0x02ab
000002a6: JUMPI
000002a7: PUSH1 0x00
000002a9: DUP1
000002aa: REVERT
000002ab: JUMPDEST
000002ac: POP
000002ad: PUSH2 0x0165
000002b0: PUSH1 0x01
000002b2: PUSH1 0xa0
000002b4: PUSH1 0x02
000002b6: EXP
000002b7: SUB
000002b8: PUSH1 0x04
000002ba: CALLDATALOAD
000002bb: AND
000002bc: PUSH2 0x0a7b
000002bf: JUMP
000002c0: JUMPDEST
000002c1: PUSH1 0x02
000002c3: SLOAD
000002c4: PUSH1 0x01
000002c6: PUSH1 0xa0
000002c8: PUSH1 0x02
000002ca: EXP
000002cb: SUB
000002cc: AND
000002cd: CALLER
000002ce: EQ
000002cf: DUP1
000002d0: PUSH2 0x02e3
000002d3: JUMPI
000002d4: POP
000002d5: PUSH1 0x00
000002d7: SLOAD
000002d8: PUSH1 0x01
000002da: PUSH1 0xa0
000002dc: PUSH1 0x02
000002de: EXP
000002df: SUB
000002e0: AND
000002e1: CALLER
000002e2: EQ
000002e3: JUMPDEST
000002e4: DUP1
000002e5: PUSH2 0x02fd
000002e8: JUMPI
000002e9: POP
000002ea: CALLER
000002eb: PUSH1 0x00
000002ed: SWAP1
000002ee: DUP2
000002ef: MSTORE
000002f0: PUSH1 0x01
000002f2: PUSH1 0x20
000002f4: MSTORE
000002f5: PUSH1 0x40
000002f7: SWAP1
000002f8: KECCAK256
000002f9: SLOAD
000002fa: PUSH1 0xff
000002fc: AND
000002fd: JUMPDEST
000002fe: ISZERO
000002ff: ISZERO
00000300: PUSH2 0x0308
00000303: JUMPI
00000304: PUSH1 0x00
00000306: DUP1
00000307: REVERT
00000308: JUMPDEST
00000309: PUSH1 0x05
0000030b: DUP1
0000030c: SLOAD
0000030d: PUSH1 0xff
0000030f: NOT
00000310: AND
00000311: SWAP2
00000312: ISZERO
00000313: ISZERO
00000314: SWAP2
00000315: SWAP1
00000316: SWAP2
00000317: OR
00000318: SWAP1
00000319: SSTORE
0000031a: JUMP
0000031b: JUMPDEST
0000031c: PUSH1 0x00
0000031e: SLOAD
0000031f: PUSH1 0x01
00000321: PUSH1 0xa0
00000323: PUSH1 0x02
00000325: EXP
00000326: SUB
00000327: AND
00000328: CALLER
00000329: EQ
0000032a: PUSH2 0x0332
0000032d: JUMPI
0000032e: PUSH1 0x00
00000330: DUP1
00000331: REVERT
00000332: JUMPDEST
00000333: PUSH1 0x01
00000335: PUSH1 0xa0
00000337: PUSH1 0x02
00000339: EXP
0000033a: SUB
0000033b: SWAP2
0000033c: SWAP1
0000033d: SWAP2
0000033e: AND
0000033f: PUSH1 0x00
00000341: SWAP1
00000342: DUP2
00000343: MSTORE
00000344: PUSH1 0x01
00000346: PUSH1 0x20
00000348: MSTORE
00000349: PUSH1 0x40
0000034b: SWAP1
0000034c: KECCAK256
0000034d: DUP1
0000034e: SLOAD
0000034f: PUSH1 0xff
00000351: NOT
00000352: AND
00000353: SWAP2
00000354: ISZERO
00000355: ISZERO
00000356: SWAP2
00000357: SWAP1
00000358: SWAP2
00000359: OR
0000035a: SWAP1
0000035b: SSTORE
0000035c: JUMP
0000035d: JUMPDEST
0000035e: PUSH1 0x02
00000360: SLOAD
00000361: PUSH1 0x01
00000363: PUSH1 0xa0
00000365: PUSH1 0x02
00000367: EXP
00000368: SUB
00000369: AND
0000036a: CALLER
0000036b: EQ
0000036c: DUP1
0000036d: PUSH2 0x0380
00000370: JUMPI
00000371: POP
00000372: PUSH1 0x00
00000374: SLOAD
00000375: PUSH1 0x01
00000377: PUSH1 0xa0
00000379: PUSH1 0x02
0000037b: EXP
0000037c: SUB
0000037d: AND
0000037e: CALLER
0000037f: EQ
00000380: JUMPDEST
00000381: DUP1
00000382: PUSH2 0x039a
00000385: JUMPI
00000386: POP
00000387: CALLER
00000388: PUSH1 0x00
0000038a: SWAP1
0000038b: DUP2
0000038c: MSTORE
0000038d: PUSH1 0x01
0000038f: PUSH1 0x20
00000391: MSTORE
00000392: PUSH1 0x40
00000394: SWAP1
00000395: KECCAK256
00000396: SLOAD
00000397: PUSH1 0xff
00000399: AND
0000039a: JUMPDEST
0000039b: ISZERO
0000039c: ISZERO
0000039d: PUSH2 0x03a5
000003a0: JUMPI
000003a1: PUSH1 0x00
000003a3: DUP1
000003a4: REVERT
000003a5: JUMPDEST
000003a6: PUSH1 0x00
000003a8: DUP1
000003a9: SLOAD
000003aa: PUSH1 0x40
000003ac: MLOAD
000003ad: PUSH1 0x01
000003af: PUSH1 0xa0
000003b1: PUSH1 0x02
000003b3: EXP
000003b4: SUB
000003b5: SWAP1
000003b6: SWAP2
000003b7: AND
000003b8: SWAP2
000003b9: DUP4
000003ba: ISZERO
000003bb: PUSH2 0x08fc
000003be: MUL
000003bf: SWAP2
000003c0: DUP5
000003c1: SWAP2
000003c2: DUP2
000003c3: DUP2
000003c4: DUP2
000003c5: DUP6
000003c6: DUP9
000003c7: DUP9
000003c8: CALL
000003c9: SWAP4
000003ca: POP
000003cb: POP
000003cc: POP
000003cd: POP
000003ce: ISZERO
000003cf: DUP1
000003d0: ISZERO
000003d1: PUSH2 0x03de
000003d4: JUMPI
000003d5: RETURNDATASIZE
000003d6: PUSH1 0x00
000003d8: DUP1
000003d9: RETURNDATACOPY
000003da: RETURNDATASIZE
000003db: PUSH1 0x00
000003dd: REVERT
000003de: JUMPDEST
000003df: POP
000003e0: POP
000003e1: JUMP
000003e2: JUMPDEST
000003e3: PUSH1 0x05
000003e5: SLOAD
000003e6: PUSH1 0xff
000003e8: AND
000003e9: ISZERO
000003ea: PUSH2 0x03f2
000003ed: JUMPI
000003ee: PUSH1 0x00
000003f0: DUP1
000003f1: REVERT
000003f2: JUMPDEST
000003f3: PUSH1 0x40
000003f5: DUP1
000003f6: MLOAD
000003f7: PUSH1 0x01
000003f9: PUSH1 0xa0
000003fb: PUSH1 0x02
000003fd: EXP
000003fe: SUB
000003ff: DUP4
00000400: AND
00000401: DUP2
00000402: MSTORE
00000403: PUSH1 0x01
00000405: PUSH1 0x20
00000407: DUP3
00000408: ADD
00000409: MSTORE
0000040a: CALLVALUE
0000040b: DUP2
0000040c: DUP4
0000040d: ADD
0000040e: MSTORE
0000040f: SWAP1
00000410: MLOAD
00000411: CALLER
00000412: SWAP2
00000413: PUSH32 0x41ec40ce90c55c916c536c2282be01a66799ab827484d471ccb8948532208959
00000434: SWAP2
00000435: SWAP1
00000436: DUP2
00000437: SWAP1
00000438: SUB
00000439: PUSH1 0x60
0000043b: ADD
0000043c: SWAP1
0000043d: LOG2
0000043e: POP
0000043f: JUMP
00000440: JUMPDEST
00000441: PUSH1 0x04
00000443: PUSH1 0x20
00000445: MSTORE
00000446: PUSH1 0x00
00000448: SWAP1
00000449: DUP2
0000044a: MSTORE
0000044b: PUSH1 0x40
0000044d: SWAP1
0000044e: KECCAK256
0000044f: SLOAD
00000450: PUSH1 0xff
00000452: AND
00000453: DUP2
00000454: JUMP
00000455: JUMPDEST
00000456: PUSH1 0x03
00000458: SLOAD
00000459: PUSH1 0x01
0000045b: PUSH1 0xa0
0000045d: PUSH1 0x02
0000045f: EXP
00000460: SUB
00000461: AND
00000462: DUP2
00000463: JUMP
00000464: JUMPDEST
00000465: PUSH1 0x02
00000467: SLOAD
00000468: PUSH1 0x01
0000046a: PUSH1 0xa0
0000046c: PUSH1 0x02
0000046e: EXP
0000046f: SUB
00000470: AND
00000471: CALLER
00000472: EQ
00000473: DUP1
00000474: PUSH2 0x0487
00000477: JUMPI
00000478: POP
00000479: PUSH1 0x00
0000047b: SLOAD
0000047c: PUSH1 0x01
0000047e: PUSH1 0xa0
00000480: PUSH1 0x02
00000482: EXP
00000483: SUB
00000484: AND
00000485: CALLER
00000486: EQ
00000487: JUMPDEST
00000488: DUP1
00000489: PUSH2 0x04a1
0000048c: JUMPI
0000048d: POP
0000048e: CALLER
0000048f: PUSH1 0x00
00000491: SWAP1
00000492: DUP2
00000493: MSTORE
00000494: PUSH1 0x01
00000496: PUSH1 0x20
00000498: MSTORE
00000499: PUSH1 0x40
0000049b: SWAP1
0000049c: KECCAK256
0000049d: SLOAD
0000049e: PUSH1 0xff
000004a0: AND
000004a1: JUMPDEST
000004a2: ISZERO
000004a3: ISZERO
000004a4: PUSH2 0x04ac
000004a7: JUMPI
000004a8: PUSH1 0x00
000004aa: DUP1
000004ab: REVERT
000004ac: JUMPDEST
000004ad: PUSH1 0x03
000004af: SLOAD
000004b0: PUSH1 0x40
000004b2: DUP1
000004b3: MLOAD
000004b4: PUSH32 0x42966c6800000000000000000000000000000000000000000000000000000000
000004d5: DUP2
000004d6: MSTORE
000004d7: PUSH1 0x04
000004d9: DUP2
000004da: ADD
000004db: DUP5
000004dc: SWAP1
000004dd: MSTORE
000004de: SWAP1
000004df: MLOAD
000004e0: PUSH1 0x01
000004e2: PUSH1 0xa0
000004e4: PUSH1 0x02
000004e6: EXP
000004e7: SUB
000004e8: SWAP1
000004e9: SWAP3
000004ea: AND
000004eb: SWAP2
000004ec: PUSH4 0x42966c68
000004f1: SWAP2
000004f2: PUSH1 0x24
000004f4: DUP1
000004f5: DUP3
000004f6: ADD
000004f7: SWAP3
000004f8: PUSH1 0x00
000004fa: SWAP3
000004fb: SWAP1
000004fc: SWAP2
000004fd: SWAP1
000004fe: DUP3
000004ff: SWAP1
00000500: SUB
00000501: ADD
00000502: DUP2
00000503: DUP4
00000504: DUP8
00000505: DUP1
00000506: EXTCODESIZE
00000507: ISZERO
00000508: DUP1
00000509: ISZERO
0000050a: PUSH2 0x0512
0000050d: JUMPI
0000050e: PUSH1 0x00
00000510: DUP1
00000511: REVERT
00000512: JUMPDEST
00000513: POP
00000514: GAS
00000515: CALL
00000516: ISZERO
00000517: DUP1
00000518: ISZERO
00000519: PUSH2 0x0526
0000051c: JUMPI
0000051d: RETURNDATASIZE
0000051e: PUSH1 0x00
00000520: DUP1
00000521: RETURNDATACOPY
00000522: RETURNDATASIZE
00000523: PUSH1 0x00
00000525: REVERT
00000526: JUMPDEST
00000527: POP
00000528: POP
00000529: POP
0000052a: POP
0000052b: POP
0000052c: JUMP
0000052d: JUMPDEST
0000052e: PUSH1 0x00
00000530: SLOAD
00000531: PUSH1 0x01
00000533: PUSH1 0xa0
00000535: PUSH1 0x02
00000537: EXP
00000538: SUB
00000539: AND
0000053a: CALLER
0000053b: EQ
0000053c: PUSH2 0x0544
0000053f: JUMPI
00000540: PUSH1 0x00
00000542: DUP1
00000543: REVERT
00000544: JUMPDEST
00000545: PUSH1 0x02
00000547: DUP1
00000548: SLOAD
00000549: PUSH20 0xffffffffffffffffffffffffffffffffffffffff
0000055e: NOT
0000055f: AND
00000560: PUSH1 0x01
00000562: PUSH1 0xa0
00000564: PUSH1 0x02
00000566: EXP
00000567: SUB
00000568: SWAP3
00000569: SWAP1
0000056a: SWAP3
0000056b: AND
0000056c: SWAP2
0000056d: SWAP1
0000056e: SWAP2
0000056f: OR
00000570: SWAP1
00000571: SSTORE
00000572: JUMP
00000573: JUMPDEST
00000574: PUSH1 0x02
00000576: SLOAD
00000577: PUSH1 0x01
00000579: PUSH1 0xa0
0000057b: PUSH1 0x02
0000057d: EXP
0000057e: SUB
0000057f: AND
00000580: CALLER
00000581: EQ
00000582: DUP1
00000583: PUSH2 0x0596
00000586: JUMPI
00000587: POP
00000588: PUSH1 0x00
0000058a: SLOAD
0000058b: PUSH1 0x01
0000058d: PUSH1 0xa0
0000058f: PUSH1 0x02
00000591: EXP
00000592: SUB
00000593: AND
00000594: CALLER
00000595: EQ
00000596: JUMPDEST
00000597: DUP1
00000598: PUSH2 0x05b0
0000059b: JUMPI
0000059c: POP
0000059d: CALLER
0000059e: PUSH1 0x00
000005a0: SWAP1
000005a1: DUP2
000005a2: MSTORE
000005a3: PUSH1 0x01
000005a5: PUSH1 0x20
000005a7: MSTORE
000005a8: PUSH1 0x40
000005aa: SWAP1
000005ab: KECCAK256
000005ac: SLOAD
000005ad: PUSH1 0xff
000005af: AND
000005b0: JUMPDEST
000005b1: ISZERO
000005b2: ISZERO
000005b3: PUSH2 0x05bb
000005b6: JUMPI
000005b7: PUSH1 0x00
000005b9: DUP1
000005ba: REVERT
000005bb: JUMPDEST
000005bc: PUSH1 0x00
000005be: DUP5
000005bf: DUP2
000005c0: MSTORE
000005c1: PUSH1 0x04
000005c3: PUSH1 0x20
000005c5: MSTORE
000005c6: PUSH1 0x40
000005c8: SWAP1
000005c9: KECCAK256
000005ca: SLOAD
000005cb: PUSH1 0xff
000005cd: AND
000005ce: ISZERO
000005cf: PUSH2 0x05d7
000005d2: JUMPI
000005d3: PUSH1 0x00
000005d5: DUP1
000005d6: REVERT
000005d7: JUMPDEST
000005d8: PUSH1 0x00
000005da: DUP5
000005db: DUP2
000005dc: MSTORE
000005dd: PUSH1 0x04
000005df: PUSH1 0x20
000005e1: MSTORE
000005e2: PUSH1 0x40
000005e4: SWAP1
000005e5: KECCAK256
000005e6: DUP1
000005e7: SLOAD
000005e8: PUSH1 0xff
000005ea: NOT
000005eb: AND
000005ec: PUSH1 0x01
000005ee: SWAP1
000005ef: DUP2
000005f0: OR
000005f1: SWAP1
000005f2: SWAP2
000005f3: SSTORE
000005f4: DUP3
000005f5: EQ
000005f6: ISZERO
000005f7: PUSH2 0x0636
000005fa: JUMPI
000005fb: PUSH1 0x40
000005fd: MLOAD
000005fe: PUSH1 0x01
00000600: PUSH1 0xa0
00000602: PUSH1 0x02
00000604: EXP
00000605: SUB
00000606: DUP5
00000607: AND
00000608: SWAP1
00000609: DUP3
0000060a: ISZERO
0000060b: PUSH2 0x08fc
0000060e: MUL
0000060f: SWAP1
00000610: DUP4
00000611: SWAP1
00000612: PUSH1 0x00
00000614: DUP2
00000615: DUP2
00000616: DUP2
00000617: DUP6
00000618: DUP9
00000619: DUP9
0000061a: CALL
0000061b: SWAP4
0000061c: POP
0000061d: POP
0000061e: POP
0000061f: POP
00000620: ISZERO
00000621: DUP1
00000622: ISZERO
00000623: PUSH2 0x0630
00000626: JUMPI
00000627: RETURNDATASIZE
00000628: PUSH1 0x00
0000062a: DUP1
0000062b: RETURNDATACOPY
0000062c: RETURNDATASIZE
0000062d: PUSH1 0x00
0000062f: REVERT
00000630: JUMPDEST
00000631: POP
00000632: PUSH2 0x0776
00000635: JUMP
00000636: JUMPDEST
00000637: DUP2
00000638: PUSH1 0x02
0000063a: EQ
0000063b: ISZERO
0000063c: PUSH2 0x06e0
0000063f: JUMPI
00000640: PUSH1 0x03
00000642: SLOAD
00000643: PUSH1 0x40
00000645: DUP1
00000646: MLOAD
00000647: PUSH32 0xa9059cbb00000000000000000000000000000000000000000000000000000000
00000668: DUP2
00000669: MSTORE
0000066a: PUSH1 0x01
0000066c: PUSH1 0xa0
0000066e: PUSH1 0x02
00000670: EXP
00000671: SUB
00000672: DUP7
00000673: DUP2
00000674: AND
00000675: PUSH1 0x04
00000677: DUP4
00000678: ADD
00000679: MSTORE
0000067a: PUSH1 0x24
0000067c: DUP3
0000067d: ADD
0000067e: DUP6
0000067f: SWAP1
00000680: MSTORE
00000681: SWAP2
00000682: MLOAD
00000683: SWAP2
00000684: SWAP1
00000685: SWAP3
00000686: AND
00000687: SWAP2
00000688: PUSH4 0xa9059cbb
0000068d: SWAP2
0000068e: PUSH1 0x44
00000690: DUP1
00000691: DUP4
00000692: ADD
00000693: SWAP3
00000694: PUSH1 0x20
00000696: SWAP3
00000697: SWAP2
00000698: SWAP1
00000699: DUP3
0000069a: SWAP1
0000069b: SUB
0000069c: ADD
0000069d: DUP2
0000069e: PUSH1 0x00
000006a0: DUP8
000006a1: DUP1
000006a2: EXTCODESIZE
000006a3: ISZERO
000006a4: DUP1
000006a5: ISZERO
000006a6: PUSH2 0x06ae
000006a9: JUMPI
000006aa: PUSH1 0x00
000006ac: DUP1
000006ad: REVERT
000006ae: JUMPDEST
000006af: POP
000006b0: GAS
000006b1: CALL
000006b2: ISZERO
000006b3: DUP1
000006b4: ISZERO
000006b5: PUSH2 0x06c2
000006b8: JUMPI
000006b9: RETURNDATASIZE
000006ba: PUSH1 0x00
000006bc: DUP1
000006bd: RETURNDATACOPY
000006be: RETURNDATASIZE
000006bf: PUSH1 0x00
000006c1: REVERT
000006c2: JUMPDEST
000006c3: POP
000006c4: POP
000006c5: POP
000006c6: POP
000006c7: PUSH1 0x40
000006c9: MLOAD
000006ca: RETURNDATASIZE
000006cb: PUSH1 0x20
000006cd: DUP2
000006ce: LT
000006cf: ISZERO
000006d0: PUSH2 0x06d8
000006d3: JUMPI
000006d4: PUSH1 0x00
000006d6: DUP1
000006d7: REVERT
000006d8: JUMPDEST
000006d9: POP
000006da: PUSH2 0x0776
000006dd: SWAP1
000006de: POP
000006df: JUMP
000006e0: JUMPDEST
000006e1: DUP2
000006e2: PUSH1 0x03
000006e4: EQ
000006e5: ISZERO
000006e6: PUSH2 0x00da
000006e9: JUMPI
000006ea: PUSH1 0x05
000006ec: SLOAD
000006ed: PUSH1 0x40
000006ef: DUP1
000006f0: MLOAD
000006f1: PUSH32 0xa80b92e900000000000000000000000000000000000000000000000000000000
00000712: DUP2
00000713: MSTORE
00000714: PUSH1 0x01
00000716: PUSH1 0xa0
00000718: PUSH1 0x02
0000071a: EXP
0000071b: SUB
0000071c: DUP7
0000071d: DUP2
0000071e: AND
0000071f: PUSH1 0x04
00000721: DUP4
00000722: ADD
00000723: MSTORE
00000724: PUSH1 0x24
00000726: DUP3
00000727: ADD
00000728: DUP6
00000729: SWAP1
0000072a: MSTORE
0000072b: SWAP2
0000072c: MLOAD
0000072d: PUSH2 0x0100
00000730: SWAP1
00000731: SWAP4
00000732: DIV
00000733: SWAP1
00000734: SWAP2
00000735: AND
00000736: SWAP2
00000737: PUSH4 0xa80b92e9
0000073c: SWAP2
0000073d: PUSH1 0x44
0000073f: DUP1
00000740: DUP3
00000741: ADD
00000742: SWAP3
00000743: PUSH1 0x00
00000745: SWAP3
00000746: SWAP1
00000747: SWAP2
00000748: SWAP1
00000749: DUP3
0000074a: SWAP1
0000074b: SUB
0000074c: ADD
0000074d: DUP2
0000074e: DUP4
0000074f: DUP8
00000750: DUP1
00000751: EXTCODESIZE
00000752: ISZERO
00000753: DUP1
00000754: ISZERO
00000755: PUSH2 0x075d
00000758: JUMPI
00000759: PUSH1 0x00
0000075b: DUP1
0000075c: REVERT
0000075d: JUMPDEST
0000075e: POP
0000075f: GAS
00000760: CALL
00000761: ISZERO
00000762: DUP1
00000763: ISZERO
00000764: PUSH2 0x0771
00000767: JUMPI
00000768: RETURNDATASIZE
00000769: PUSH1 0x00
0000076b: DUP1
0000076c: RETURNDATACOPY
0000076d: RETURNDATASIZE
0000076e: PUSH1 0x00
00000770: REVERT
00000771: JUMPDEST
00000772: POP
00000773: POP
00000774: POP
00000775: POP
00000776: JUMPDEST
00000777: DUP3
00000778: PUSH1 0x01
0000077a: PUSH1 0xa0
0000077c: PUSH1 0x02
0000077e: EXP
0000077f: SUB
00000780: AND
00000781: DUP5
00000782: PUSH32 0x13d23b66b80073e6fb9522c31eac92141f2ba60d122edde49609d5cb9383aae2
000007a3: DUP5
000007a4: DUP5
000007a5: PUSH1 0x40
000007a7: MLOAD
000007a8: DUP1
000007a9: DUP4
000007aa: DUP2
000007ab: MSTORE
000007ac: PUSH1 0x20
000007ae: ADD
000007af: DUP3
000007b0: DUP2
000007b1: MSTORE
000007b2: PUSH1 0x20
000007b4: ADD
000007b5: SWAP3
000007b6: POP
000007b7: POP
000007b8: POP
000007b9: PUSH1 0x40
000007bb: MLOAD
000007bc: DUP1
000007bd: SWAP2
000007be: SUB
000007bf: SWAP1
000007c0: LOG3
000007c1: POP
000007c2: POP
000007c3: POP
000007c4: POP
000007c5: JUMP
000007c6: JUMPDEST
000007c7: PUSH1 0x03
000007c9: SLOAD
000007ca: PUSH1 0x01
000007cc: PUSH1 0xa0
000007ce: PUSH1 0x02
000007d0: EXP
000007d1: SUB
000007d2: AND
000007d3: CALLER
000007d4: EQ
000007d5: PUSH2 0x07dd
000007d8: JUMPI
000007d9: PUSH1 0x00
000007db: DUP1
000007dc: REVERT
000007dd: JUMPDEST
000007de: PUSH1 0x05
000007e0: SLOAD
000007e1: PUSH1 0xff
000007e3: AND
000007e4: ISZERO
000007e5: PUSH2 0x07ed
000007e8: JUMPI
000007e9: PUSH1 0x00
000007eb: DUP1
000007ec: REVERT
000007ed: JUMPDEST
000007ee: PUSH1 0x40
000007f0: DUP1
000007f1: MLOAD
000007f2: PUSH1 0x01
000007f4: PUSH1 0xa0
000007f6: PUSH1 0x02
000007f8: EXP
000007f9: SUB
000007fa: DUP6
000007fb: DUP2
000007fc: AND
000007fd: DUP3
000007fe: MSTORE
000007ff: PUSH1 0x02
00000801: PUSH1 0x20
00000803: DUP4
00000804: ADD
00000805: MSTORE
00000806: DUP2
00000807: DUP4
00000808: ADD
00000809: DUP8
0000080a: SWAP1
0000080b: MSTORE
0000080c: SWAP2
0000080d: MLOAD
0000080e: SWAP2
0000080f: DUP8
00000810: AND
00000811: SWAP2
00000812: PUSH32 0x41ec40ce90c55c916c536c2282be01a66799ab827484d471ccb8948532208959
00000833: SWAP2
00000834: DUP2
00000835: SWAP1
00000836: SUB
00000837: PUSH1 0x60
00000839: ADD
0000083a: SWAP1
0000083b: LOG2
0000083c: POP
0000083d: POP
0000083e: POP
0000083f: POP
00000840: POP
00000841: JUMP
00000842: JUMPDEST
00000843: PUSH1 0x02
00000845: SLOAD
00000846: PUSH1 0x01
00000848: PUSH1 0xa0
0000084a: PUSH1 0x02
0000084c: EXP
0000084d: SUB
0000084e: AND
0000084f: CALLER
00000850: EQ
00000851: DUP1
00000852: PUSH2 0x0865
00000855: JUMPI
00000856: POP
00000857: PUSH1 0x00
00000859: SLOAD
0000085a: PUSH1 0x01
0000085c: PUSH1 0xa0
0000085e: PUSH1 0x02
00000860: EXP
00000861: SUB
00000862: AND
00000863: CALLER
00000864: EQ
00000865: JUMPDEST
00000866: DUP1
00000867: PUSH2 0x087f
0000086a: JUMPI
0000086b: POP
0000086c: CALLER
0000086d: PUSH1 0x00
0000086f: SWAP1
00000870: DUP2
00000871: MSTORE
00000872: PUSH1 0x01
00000874: PUSH1 0x20
00000876: MSTORE
00000877: PUSH1 0x40
00000879: SWAP1
0000087a: KECCAK256
0000087b: SLOAD
0000087c: PUSH1 0xff
0000087e: AND
0000087f: JUMPDEST
00000880: ISZERO
00000881: ISZERO
00000882: PUSH2 0x088a
00000885: JUMPI
00000886: PUSH1 0x00
00000888: DUP1
00000889: REVERT
0000088a: JUMPDEST
0000088b: JUMP
0000088c: JUMPDEST
0000088d: PUSH1 0x02
0000088f: SLOAD
00000890: PUSH1 0x01
00000892: PUSH1 0xa0
00000894: PUSH1 0x02
00000896: EXP
00000897: SUB
00000898: AND
00000899: CALLER
0000089a: EQ
0000089b: DUP1
0000089c: PUSH2 0x08af
0000089f: JUMPI
000008a0: POP
000008a1: PUSH1 0x00
000008a3: SLOAD
000008a4: PUSH1 0x01
000008a6: PUSH1 0xa0
000008a8: PUSH1 0x02
000008aa: EXP
000008ab: SUB
000008ac: AND
000008ad: CALLER
000008ae: EQ
000008af: JUMPDEST
000008b0: DUP1
000008b1: PUSH2 0x08c9
000008b4: JUMPI
000008b5: POP
000008b6: CALLER
000008b7: PUSH1 0x00
000008b9: SWAP1
000008ba: DUP2
000008bb: MSTORE
000008bc: PUSH1 0x01
000008be: PUSH1 0x20
000008c0: MSTORE
000008c1: PUSH1 0x40
000008c3: SWAP1
000008c4: KECCAK256
000008c5: SLOAD
000008c6: PUSH1 0xff
000008c8: AND
000008c9: JUMPDEST
000008ca: ISZERO
000008cb: ISZERO
000008cc: PUSH2 0x08d4
000008cf: JUMPI
000008d0: PUSH1 0x00
000008d2: DUP1
000008d3: REVERT
000008d4: JUMPDEST
000008d5: PUSH1 0x03
000008d7: SLOAD
000008d8: PUSH1 0x40
000008da: DUP1
000008db: MLOAD
000008dc: PUSH32 0x81a4af1500000000000000000000000000000000000000000000000000000000
000008fd: DUP2
000008fe: MSTORE
000008ff: ADDRESS
00000900: PUSH1 0x04
00000902: DUP3
00000903: ADD
00000904: MSTORE
00000905: PUSH1 0x24
00000907: DUP2
00000908: ADD
00000909: DUP5
0000090a: SWAP1
0000090b: MSTORE
0000090c: SWAP1
0000090d: MLOAD
0000090e: PUSH1 0x01
00000910: PUSH1 0xa0
00000912: PUSH1 0x02
00000914: EXP
00000915: SUB
00000916: SWAP1
00000917: SWAP3
00000918: AND
00000919: SWAP2
0000091a: PUSH4 0x81a4af15
0000091f: SWAP2
00000920: PUSH1 0x44
00000922: DUP1
00000923: DUP3
00000924: ADD
00000925: SWAP3
00000926: PUSH1 0x00
00000928: SWAP3
00000929: SWAP1
0000092a: SWAP2
0000092b: SWAP1
0000092c: DUP3
0000092d: SWAP1
0000092e: SUB
0000092f: ADD
00000930: DUP2
00000931: DUP4
00000932: DUP8
00000933: DUP1
00000934: EXTCODESIZE
00000935: ISZERO
00000936: DUP1
00000937: ISZERO
00000938: PUSH2 0x0512
0000093b: JUMPI
0000093c: PUSH1 0x00
0000093e: DUP1
0000093f: REVERT
00000940: JUMPDEST
00000941: PUSH1 0x00
00000943: SLOAD
00000944: PUSH1 0x01
00000946: PUSH1 0xa0
00000948: PUSH1 0x02
0000094a: EXP
0000094b: SUB
0000094c: AND
0000094d: CALLER
0000094e: EQ
0000094f: PUSH2 0x0957
00000952: JUMPI
00000953: PUSH1 0x00
00000955: DUP1
00000956: REVERT
00000957: JUMPDEST
00000958: PUSH1 0x05
0000095a: DUP1
0000095b: SLOAD
0000095c: PUSH1 0x01
0000095e: PUSH1 0xa0
00000960: PUSH1 0x02
00000962: EXP
00000963: SUB
00000964: SWAP1
00000965: SWAP3
00000966: AND
00000967: PUSH2 0x0100
0000096a: MUL
0000096b: PUSH21 0xffffffffffffffffffffffffffffffffffffffff00
00000981: NOT
00000982: SWAP1
00000983: SWAP3
00000984: AND
00000985: SWAP2
00000986: SWAP1
00000987: SWAP2
00000988: OR
00000989: SWAP1
0000098a: SSTORE
0000098b: JUMP
0000098c: JUMPDEST
0000098d: PUSH1 0x05
0000098f: SLOAD
00000990: PUSH1 0xff
00000992: AND
00000993: ISZERO
00000994: PUSH2 0x099c
00000997: JUMPI
00000998: PUSH1 0x00
0000099a: DUP1
0000099b: REVERT
0000099c: JUMPDEST
0000099d: PUSH1 0x05
0000099f: PUSH1 0x01
000009a1: SWAP1
000009a2: SLOAD
000009a3: SWAP1
000009a4: PUSH2 0x0100
000009a7: EXP
000009a8: SWAP1
000009a9: DIV
000009aa: PUSH1 0x01
000009ac: PUSH1 0xa0
000009ae: PUSH1 0x02
000009b0: EXP
000009b1: SUB
000009b2: AND
000009b3: PUSH1 0x01
000009b5: PUSH1 0xa0
000009b7: PUSH1 0x02
000009b9: EXP
000009ba: SUB
000009bb: AND
000009bc: PUSH4 0x42966c68
000009c1: DUP3
000009c2: PUSH1 0x40
000009c4: MLOAD
000009c5: DUP3
000009c6: PUSH4 0xffffffff
000009cb: AND
000009cc: PUSH29 0x0100000000000000000000000000000000000000000000000000000000
000009ea: MUL
000009eb: DUP2
000009ec: MSTORE
000009ed: PUSH1 0x04
000009ef: ADD
000009f0: DUP1
000009f1: DUP3
000009f2: DUP2
000009f3: MSTORE
000009f4: PUSH1 0x20
000009f6: ADD
000009f7: SWAP2
000009f8: POP
000009f9: POP
000009fa: PUSH1 0x00
000009fc: PUSH1 0x40
000009fe: MLOAD
000009ff: DUP1
00000a00: DUP4
00000a01: SUB
00000a02: DUP2
00000a03: PUSH1 0x00
00000a05: DUP8
00000a06: DUP1
00000a07: EXTCODESIZE
00000a08: ISZERO
00000a09: DUP1
00000a0a: ISZERO
00000a0b: PUSH2 0x0a13
00000a0e: JUMPI
00000a0f: PUSH1 0x00
00000a11: DUP1
00000a12: REVERT
00000a13: JUMPDEST
00000a14: POP
00000a15: GAS
00000a16: CALL
00000a17: ISZERO
00000a18: DUP1
00000a19: ISZERO
00000a1a: PUSH2 0x0a27
00000a1d: JUMPI
00000a1e: RETURNDATASIZE
00000a1f: PUSH1 0x00
00000a21: DUP1
00000a22: RETURNDATACOPY
00000a23: RETURNDATASIZE
00000a24: PUSH1 0x00
00000a26: REVERT
00000a27: JUMPDEST
00000a28: POP
00000a29: POP
00000a2a: PUSH1 0x40
00000a2c: DUP1
00000a2d: MLOAD
00000a2e: PUSH1 0x01
00000a30: PUSH1 0xa0
00000a32: PUSH1 0x02
00000a34: EXP
00000a35: SUB
00000a36: DUP7
00000a37: AND
00000a38: DUP2
00000a39: MSTORE
00000a3a: PUSH1 0x03
00000a3c: PUSH1 0x20
00000a3e: DUP3
00000a3f: ADD
00000a40: MSTORE
00000a41: DUP1
00000a42: DUP3
00000a43: ADD
00000a44: DUP6
00000a45: SWAP1
00000a46: MSTORE
00000a47: SWAP1
00000a48: MLOAD
00000a49: CALLER
00000a4a: SWAP4
00000a4b: POP
00000a4c: PUSH32 0x41ec40ce90c55c916c536c2282be01a66799ab827484d471ccb8948532208959
00000a6d: SWAP3
00000a6e: POP
00000a6f: SWAP1
00000a70: DUP2
00000a71: SWAP1
00000a72: SUB
00000a73: PUSH1 0x60
00000a75: ADD
00000a76: SWAP1
00000a77: LOG2
00000a78: POP
00000a79: POP
00000a7a: JUMP
00000a7b: JUMPDEST
00000a7c: PUSH1 0x01
00000a7e: PUSH1 0x20
00000a80: MSTORE
00000a81: PUSH1 0x00
00000a83: SWAP1
00000a84: DUP2
00000a85: MSTORE
00000a86: PUSH1 0x40
00000a88: SWAP1
00000a89: KECCAK256
00000a8a: SLOAD
00000a8b: PUSH1 0xff
00000a8d: AND
00000a8e: DUP2
00000a8f: JUMP
00000a90: STOP
00000a91: LOG1
00000a92: PUSH6 0x627a7a723058
00000a99: KECCAK256
00000a9a: UNKNOWN(0xD8)
00000a9b: JUMP
00000a9c: DUP13
00000a9d: UNKNOWN(0xCD)
00000a9e: UNKNOWN(0xE9)
00000a9f: JUMPDEST
00000aa0: COINBASE
00000aa1: BLOBBASEFEE
00000aa2: UNKNOWN(0xD6)
00000aa3: SWAP1
00000aa4: SWAP5
00000aa5: PUSH18 0x6d2620ad0e4a8ae341a684827ab9ff283898
00000ab8: UNKNOWN(0x2E)
00000ab9: UNKNOWN(0xC1)
00000aba: STOP
00000abb: UNKNOWN(0x29)

Findings

validated = confirmed for call sinks; sink observed for others

Severity	Category	Tool	Title	Confidence	Validated	Confirmed	Details
high	other	detector	Untrusted CALL target/value reachable	60	no	no	view trace_id: 0xecbf1aac72448e73d72d0fda8145f00aa0ffae808cf33b3cf20be2b5d12fce5a call_targets: 0x23109458cfd469b98c07ef8d27f1f418806f27bb target_varies: no classification: constant_target validation_json { "sink": "CALL", "errors": 0, "status": "sink_reached", "attempts": 1, "trace_id": "0xecbf1aac72448e73d72d0fda8145f00aa0ffae808cf33b3cf20be2b5d12fce5a", "confirmed": false, "trace_mode": "callTracer", "call_targets": [ "0x23109458cfd469b98c07ef8d27f1f418806f27bb" ], "matched_probe": null, "target_varies": false, "classification": "constant_target" } witness_json { "notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata", "constraints": [], "entrypoints": [ { "calldata": "0x16c38b3c", "selector": "0x16c38b3c", "calldata_variants": [ "0x16c38b3c", "0x16c38b3c0000000000000000000000000000000000000000000000000000000000000000" ] }, { "calldata": "0x26767f90", "selector": "0x26767f90", "calldata_variants": [ "0x26767f90", "0x26767f900000000000000000000000000000000000000000000000000000000000000000" ] }, { "calldata": "0x424e81cc", "selector": "0x424e81cc", "calldata_variants": [ "0x424e81cc", "0x424e81cc0000000000000000000000000000000000000000000000000000000000000000" ] }, { "calldata": "0x52802121", "selector": "0x52802121", "calldata_variants": [ "0x52802121", "0x528021210000000000000000000000000000000000000000000000000000000000000000" ] }, { "calldata": "0x52918970", "selector": "0x52918970", "calldata_variants": [ "0x52918970", "0x529189700000000000000000000000000000000000000000000000000000000000000000" ] }, { "calldata": "0x55a373d6", "selector": "0x55a373d6", "calldata_variants": [ "0x55a373d6", "0x55a373d60000000000000000000000000000000000000000000000000000000000000000" ] }, { "calldata": "0x7128ee10", "selector": "0x7128ee10", "calldata_variants": [ "0x7128ee10", "0x7128ee100000000000000000000000000000000000000000000000000000000000000000" ] }, { "calldata": "0x7adbf973", "selector": "0x7adbf973", "calldata_variants": [ "0x7adbf973", "0x7adbf9730000000000000000000000000000000000000000000000000000000000000000" ] } ] } evidence_json { "examples": [ { "pc": 968, "opcode": "CALL", "returndata_checked": null, "value_expression_category": "computed", "target_expression_category": "computed" }, { "pc": 1301, "opcode": "CALL", "returndata_checked": null, "value_expression_category": "computed", "target_expression_category": "computed" }, { "pc": 1562, "opcode": "CALL", "returndata_checked": null, "value_expression_category": "computed", "target_expression_category": "computed" } ], "call_count": 6, "guards_detected": [], "untrusted_call_count": 6 }
high	other	detector	ETH value transfer possible	55	no	no	view trace_id: 0xecbf1aac72448e73d72d0fda8145f00aa0ffae808cf33b3cf20be2b5d12fce5a call_targets: 0x23109458cfd469b98c07ef8d27f1f418806f27bb target_varies: no classification: constant_target validation_json { "sink": "CALL", "errors": 0, "status": "sink_reached", "attempts": 1, "trace_id": "0xecbf1aac72448e73d72d0fda8145f00aa0ffae808cf33b3cf20be2b5d12fce5a", "confirmed": false, "trace_mode": "callTracer", "call_targets": [ "0x23109458cfd469b98c07ef8d27f1f418806f27bb" ], "matched_probe": null, "target_varies": false, "classification": "constant_target" } witness_json { "notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata", "constraints": [], "entrypoints": [ { "calldata": "0x16c38b3c", "selector": "0x16c38b3c", "calldata_variants": [ "0x16c38b3c", "0x16c38b3c0000000000000000000000000000000000000000000000000000000000000000" ] }, { "calldata": "0x26767f90", "selector": "0x26767f90", "calldata_variants": [ "0x26767f90", "0x26767f900000000000000000000000000000000000000000000000000000000000000000" ] }, { "calldata": "0x424e81cc", "selector": "0x424e81cc", "calldata_variants": [ "0x424e81cc", "0x424e81cc0000000000000000000000000000000000000000000000000000000000000000" ] }, { "calldata": "0x52802121", "selector": "0x52802121", "calldata_variants": [ "0x52802121", "0x528021210000000000000000000000000000000000000000000000000000000000000000" ] }, { "calldata": "0x52918970", "selector": "0x52918970", "calldata_variants": [ "0x52918970", "0x529189700000000000000000000000000000000000000000000000000000000000000000" ] }, { "calldata": "0x55a373d6", "selector": "0x55a373d6", "calldata_variants": [ "0x55a373d6", "0x55a373d60000000000000000000000000000000000000000000000000000000000000000" ] }, { "calldata": "0x7128ee10", "selector": "0x7128ee10", "calldata_variants": [ "0x7128ee10", "0x7128ee100000000000000000000000000000000000000000000000000000000000000000" ] }, { "calldata": "0x7adbf973", "selector": "0x7adbf973", "calldata_variants": [ "0x7adbf973", "0x7adbf9730000000000000000000000000000000000000000000000000000000000000000" ] } ] } evidence_json { "examples": [ { "pc": 968, "opcode": "CALL", "returndata_checked": null, "value_expression_category": "computed", "target_expression_category": "computed" }, { "pc": 1301, "opcode": "CALL", "returndata_checked": null, "value_expression_category": "computed", "target_expression_category": "computed" }, { "pc": 1562, "opcode": "CALL", "returndata_checked": null, "value_expression_category": "computed", "target_expression_category": "computed" } ], "eth_value_calls": 6, "guards_detected": [] }
info	other	cast	Heavy EXTCODE*/BALANCE usage	55	no	—	view evidence_json { "notes": "frequent external code or balance checks; may indicate introspection or validation logic", "ext_balance_count": 5 }

Severity