b7ce8ac8-0ea4-495f-80fb-6e8e679e5468
Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?
| ID | Type | Status | Attempts | Heartbeat |
|---|---|---|---|---|
| 31195 | report.consolidate | complete | 1 / 1 | 3 months ago |
| 76984 | artifact.fetch | complete | 1 / 3 | 1 week ago |
| 76985 | tool.cast_disasm | complete | 1 / 3 | 1 week ago |
| 76986 | analysis.bundle | complete | 1 / 3 | 1 week ago |
| 76987 | capability.graph | complete | 1 / 3 | 1 week ago |
| 76988 | detector.run | complete | 1 / 3 | 1 week ago |
| 76989 | validation.fork | complete | 1 / 3 | 1 week ago |
No slither job recorded yet.
[codex:1212186] OpenAI Codex v0.77.0 (research preview)
[codex:1212186] --------
[codex:1212186] workdir: /tmp/codex-multi-pq5rq34b
[codex:1212186] model: gpt-5.2-codex
[codex:1212186] provider: openai
[codex:1212186] approval: never
[codex:1212186] sandbox: read-only
[codex:1212186] reasoning effort: xhigh
[codex:1212186] reasoning summaries: auto
[codex:1212186] session id: 019b7c94-1806-7700-9e3d-a30d4610d748
[codex:1212186] --------
[codex:1212186] user
[codex:1212186] You are a profit-focused exploit hunter analyzing EVM bytecode. Your ONLY goal is finding ways to extract value (ETH, tokens, NFTs) from this contract.
[codex:1212186]
[codex:1212186] Read `BYTECODE_BUNDLE.txt` completely before concluding.
[codex:1212186]
[codex:1212186] ONLY REPORT if you find a CONCRETE, EXPLOITABLE path to profit. We do NOT care about:
[codex:1212186] - Gas inefficiency, code quality, or best practices
[codex:1212186] - Theoretical vulnerabilities without a clear extraction path
[codex:1212186] - Generic footguns (unchecked return values, etc.) unless they enable theft
[codex:1212186] - Issues requiring social engineering or off-chain coordination
[codex:1212186]
[codex:1212186] PATTERNS WORTH INVESTIGATING in bytecode:
[codex:1212186] - CALL/DELEGATECALL with controllable destination or calldata
[codex:1212186] - Value transfers (CALL with non-zero value) without prior CALLER/ORIGIN checks
[codex:1212186] - SSTORE to low slots (0-10) that might be owner/admin storage
[codex:1212186] - ecrecover (signature validation) - look for missing nonce/replay protection
[codex:1212186] - External calls before state updates (reentrancy)
[codex:1212186] - SELFDESTRUCT with controllable beneficiary
[codex:1212186] - Proxy patterns (DELEGATECALL to storage slot) with unprotected upgrade paths
[codex:1212186]
[codex:1212186] For each finding, you MUST explain:
[codex:1212186] 1. The specific bytecode pattern/offsets that indicate the vulnerability
[codex:1212186] 2. The concrete sequence of transactions to extract value
[codex:1212186] 3. Why you believe this is exploitable (not just suspicious)
[codex:1212186]
[codex:1212186] If you cannot identify a concrete profit path from bytecode alone: set no_findings=true.
[codex:1212186] Do NOT hallucinate. Bytecode-only analysis is limited - be honest about uncertainty.
[codex:1212186]
[codex:1212186] Output MUST be valid JSON matching the provided schema.
[codex:1212186] - severity: info, low, medium, high, critical (use high/critical ONLY for clear extraction paths)
[codex:1212186] - category: access_control, reentrancy, math, oracle, upgradeability, auth, other
[codex:1212186] mcp startup: no servers
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Reading bytecode file using shell**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc ls in /tmp/codex-multi-pq5rq34b succeeded in 6ms:
[codex:1212186] BYTECODE_BUNDLE.txt
[codex:1212186] codex-output-schema.json
[codex:1212186] exec
[codex:1212186] /bin/bash -lc 'cat BYTECODE_BUNDLE.txt' in /tmp/codex-multi-pq5rq34b succeeded in 5ms:
[codex:1212186] Runtime bytecode bundle for best-effort auditing.
[codex:1212186] Note: without verified source, conclusions are low-confidence unless a concrete pattern is visible.
[codex:1212186]
[codex:1212186] FILE: runtime_bytecode.hex
[codex:1212186] 0x6080604052600436106100c75760003560e01c8063843b1a0911610074578063c0ee0b8a1161004e578063c0ee0b8a1461077e578063c1278cc514610846578063f0b9e5ba1461088d576100c7565b8063843b1a091461054857806398ad68a71461055d578063bba85f2814610735576100c7565b8063158ef93e116100a5578063158ef93e1461044657806360b5bb3f1461046f5780637db218b714610521576100c7565b806308405166146101505780630adcf4641461019a578063150b7a0214610373575b361561011a576040805162461bcd60e51b815260206004820152601660248201527f6d73672e64617461206973206e6f7420656d7074792e00000000000000000000604482015290519081900360640190fd5b604080513031815290517fc4c14883ae9fd8e26d5d59e3485ed29fd126d781d7e498a4ca5c54c8268e49369181900360200190a1005b34801561015c57600080fd5b5061016561091f565b604080517fffffffff000000000000000000000000000000000000000000000000000000009092168252519081900360200190f35b3480156101a657600080fd5b50610371600480360360c08110156101bd57600080fd5b6001600160a01b0382358116926020810135926040820135909216918101906080810160608201356401000000008111156101f757600080fd5b82018360208201111561020957600080fd5b8035906020019184602083028401116401000000008311171561022b57600080fd5b919080806020026020016040519081016040528093929190818152602001838360200280828437600092019190915250929594936020810193503591505064010000000081111561027b57600080fd5b82018360208201111561028d57600080fd5b803590602001918460208302840111640100000000831117156102af57600080fd5b91908080602002602001604051908101604052809392919081815260200183836020028082843760009201919091525092959493602081019350359150506401000000008111156102ff57600080fd5b82018360208201111561031157600080fd5b8035906020019184602083028401116401000000008311171561033357600080fd5b919080806020026020016040519081016040528093929190818152602001838360200280828437600092019190915250929550610943945050505050565b005b34801561037f57600080fd5b506101656004803603608081101561039657600080fd5b6001600160a01b038235811692602081013590911691604082013591908101906080810160608201356401000000008111156103d157600080fd5b8201836020820111156103e357600080fd5b8035906020019184600183028401116401000000008311171561040557600080fd5b91908080601f016020809104026020016040519081016040528093929190818152602001838380828437600092019190915250929550610b7f945050505050565b34801561045257600080fd5b5061045b610ba8565b604080519115158252519081900360200190f35b34801561047b57600080fd5b506103716004803603604081101561049257600080fd5b8101906020810181356401000000008111156104ad57600080fd5b8201836020820111156104bf57600080fd5b803590602001918460208302840111640100000000831117156104e157600080fd5b9190808060200260200160405190810160405280939291908181526020018383602002808284376000920191909152509295505091359250610bb1915050565b34801561052d57600080fd5b50610536610de0565b60408051918252519081900360200190f35b34801561055457600080fd5b50610536610de6565b34801561056957600080fd5b50610371600480360360c081101561058057600080fd5b6001600160a01b038235811692602081013590911691604082013591908101906080810160608201356401000000008111156105bb57600080fd5b8201836020820111156105cd57600080fd5b803590602001918460208302840111640100000000831117156105ef57600080fd5b919080806020026020016040519081016040528093929190818152602001838360200280828437600092019190915250929594936020810193503591505064010000000081111561063f57600080fd5b82018360208201111561065157600080fd5b8035906020019184602083028401116401000000008311171561067357600080fd5b91908080602002602001604051908101604052809392919081815260200183836020028082843760009201919091525092959493602081019350359150506401000000008111156106c357600080fd5b8201836020820111156106d557600080fd5b803590602001918460208302840111640100000000831117156106f757600080fd5b919080806020026020016040519081016040528093929190818152602001838360200280828437600092019190915250929550610dec945050505050565b34801561074157600080fd5b506105366004803603608081101561075857600080fd5b506001600160a01b03813581169160208101359091169060408101359060600135610f26565b34801561078a57600080fd5b50610371600480360360608110156107a157600080fd5b6001600160a01b03823516916020810135918101906060810160408201356401000000008111156107d157600080fd5b8201836020820111156107e357600080fd5b8035906020019184600183028401116401000000008311171561080557600080fd5b91908080601f016020809104026020016040519081016040528093929190818152602001838380828437600092019190915250929550610fd1945050505050565b34801561085257600080fd5b506105366004803603608081101561086957600080fd5b506001600160a01b0381358116916020810135916040820135169060600135610fd6565b34801561089957600080fd5b50610165600480360360608110156108b057600080fd5b6001600160a01b03823516916020810135918101906060810160408201356401000000008111156108e057600080fd5b8201836020820111156108f257600080fd5b8035906020019184600183028401116401000000008311171561091457600080fd5b509092509050611083565b7fc0ee0b8a0000000000000000000000000000000000000000000000000000000081565b6109518686868686866110ac565b610997576040805162461bcd60e51b815260206004820152601260248201527124b73b30b634b21039b4b3b730ba3ab9329760711b604482015290519081900360640190fd5b6003805460010190556001600160a01b03841673eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee1415610ad1573031851115610a1b576040805162461bcd60e51b815260206004820152601d60248201527f496e73756666696369656e742062616c616e636520746f2073656e642e000000604482015290519081900360640190fd5b6040516000906060906001600160a01b03891690614e2090899085818181858888f193505050503d8060008114610a6e576040519150601f19603f3d011682016040523d82523d6000602084013e610a73565b606091505b509150915081610aca576040805162461bcd60e51b815260206004820152601660248201527f4574686572207472616e73666572206661696c65642e00000000000000000000604482015290519081900360640190fd5b5050610b2d565b610adc848787611277565b610b2d576040805162461bcd60e51b815260206004820152601660248201527f546f6b656e207472616e73666572206661696c65642e00000000000000000000604482015290519081900360640190fd5b604080516001600160a01b0380891682526020820188905286168183015290517f5a41af68171a76546ae6bd5ae4bc21a429cf8704319e9a5bff7829f9cb959dd59181900360600190a1505050505050565b7f150b7a0200000000000000000000000000000000000000000000000000000000949350505050565b60005460ff1681565b60005460ff1615610bf35760405162461bcd60e51b815260040180806020018281038252602b81526020018061190a602b913960400191505060405180910390fd5b6000805b8351811015610d2257816001600160a01b0316848281518110610c1657fe5b60200260200101516001600160a01b03161415610c645760405162461bcd60e51b815260040180806020018281038252602581526020018061186b6025913960400191505060405180910390fd5b60016000858381518110610c7457fe5b6020908102919091018101516001600160a01b031682528101919091526040016000205460ff1615610cd75760405162461bcd60e51b81526004018080602001828103825260218152602001806117fe6021913960400191505060405180910390fd5b6001806000868481518110610ce857fe5b6020908102919091018101516001600160a01b03168252810191909152604001600020805460ff1916911515919091179055600101610bf7565b5060008211610d625760405162461bcd60e51b81526004018080602001828103825260268152602001806118c36026913960400191505060405180910390fd5b8251821115610da25760405162461bcd60e51b81526004018080602001828103825260288152602001806118436028913960400191505060405180910390fd5b60048290556000805460ff191660011781556040517f5daa87a0e9463431830481fd4b6e3403442dfb9a12b9c07597e9f61d50b633c89190a1505050565b60045481565b60035481565b610dfa86868686868661133d565b610e40576040805162461bcd60e51b815260206004820152601260248201527124b73b30b634b21039b4b3b730ba3ab9329760711b604482015290519081900360640190fd5b600380546001019055604080517f42842e0e0000000000000000000000000000000000000000000000000000000081523060048201526001600160a01b03888116602483015260448201879052915187928316916342842e0e91606480830192600092919082900301818387803b158015610eba57600080fd5b505af1158015610ece573d6000803e3d6000fd5b5050604080516001600160a01b03808c1682528a16602082015280820189905290517fc18352ae46a2296c951b2256c5ebc5b4546e6222fea2e4f36e824db9d44eb7ec9350908190036060019150a150505050505050565b60006001600160a01b038516301415610f705760405162461bcd60e51b815260040180806020018281038252602481526020018061181f6024913960400191505060405180910390fd5b506040805130606090811b6020808401919091526bffffffffffffffffffffffff1997821b8816603484015295901b9095166048860152605c850192909252607c8085019190915281518085039091018152609c9093019052815191012090565b505050565b60006001600160a01b0385163014156110205760405162461bcd60e51b815260040180806020018281038252602481526020018061181f6024913960400191505060405180910390fd5b506040805130606090811b6020808401919091526bffffffffffffffffffffffff1997821b8816603484015260488301969096529390931b9094166068830152607c8083019190915283518083039091018152609c909101909252815191012090565b7ff0b9e5ba00000000000000000000000000000000000000000000000000000000949350505050565b6000806110ba8888886114b4565b905060045485511480156110d057506004548451145b80156110de57506004548351145b6111195760405162461bcd60e51b81526004018080602001828103825260338152602001806118906033913960400191505060405180910390fd5b6060600454604051908082528060200260200182016040528015611147578160200160208202803883390190505b50905060005b6004548110156112235760018388838151811061116657fe5b602002602001015188848151811061117a57fe5b602002602001015188858151811061118e57fe5b602002602001015160405160008152602001604052604051808581526020018460ff1660ff1681526020018381526020018281526020019450505050506020604051602081039080840390855afa1580156111ed573d6000803e3d6000fd5b5050506020604051035182828151811061120357fe5b6001600160a01b039092166020928302919091019091015260010161114d565b5061122d81611577565b6112685760405162461bcd60e51b81526004018080602001828103825260218152602001806118e96021913960400191505060405180910390fd5b50600198975050505050505050565b604080517fa9059cbb0000000000000000000000000000000000000000000000000000000081526001600160a01b03848116600483015260248201849052915160009286929083169163a9059cbb91604480820192879290919082900301818387803b1580156112e657600080fd5b505af11580156112fa573d6000803e3d6000fd5b505050503d60008114611314576020811461131e57600080fd5b600019925061132a565b60206000803e60005192505b508161133557600080fd5b509392505050565b60008061134b8888886117ec565b9050600454855114801561136157506004548451145b801561136f57506004548351145b6113aa5760405162461bcd60e51b81526004018080602001828103825260338152602001806118906033913960400191505060405180910390fd5b60606004546040519080825280602002602001820160405280156113d8578160200160208202803883390190505b50905060005b600454811015611223576001838883815181106113f757fe5b602002602001015188848151811061140b57fe5b602002602001015188858151811061141f57fe5b602002602001015160405160008152602001604052604051808581526020018460ff1660ff1681526020018381526020018281526020019450505050506020604051602081039080840390855afa15801561147e573d6000803e3d6000fd5b5050506020604051035182828151811061149457fe5b6001600160a01b03909216602092830291909101909101526001016113de565b6000806114c5858585600354610fd6565b905060606040518060400160405280601c81526020017f19457468657265756d205369676e6564204d6573736167653a0a333200000000815250905080826040516020018083805190602001908083835b602083106115355780518252601f199092019160209182019101611516565b51815160209384036101000a60001901801990921691161790529201938452506040805180850381529382019052825192019190912098975050505050505050565b60006004548251146115d0576040805162461bcd60e51b815260206004820152601960248201527f496e76616c6964206e756d626572206f66207369676e65722e00000000000000604482015290519081900360640190fd5b60005b82518110156117935760006001600160a01b03168382815181106115f357fe5b60200260200101516001600160a01b0316141561164c576040805162461bcd60e51b815260206004820152601260248201527124b73b30b634b21039b4b3b730ba3ab9329760711b604482015290519081900360640190fd5b6001600084838151811061165c57fe5b6020908102919091018101516001600160a01b031682528101919091526040016000205460ff166116d4576040805162461bcd60e51b815260206004820152601960248201527f5369676e6572206d75737420626520746865206f776e65722e00000000000000604482015290519081900360640190fd5b600260008483815181106116e457fe5b6020908102919091018101516001600160a01b031682528101919091526040016000205460ff16156117475760405162461bcd60e51b81526004018080602001828103825260218152602001806118e96021913960400191505060405180910390fd5b60016002600085848151811061175957fe5b6020908102919091018101516001600160a01b03168252810191909152604001600020805460ff19169115159190911790556001016115d3565b5060005b82518110156117e357600260008483815181106117b057fe5b6020908102919091018101516001600160a01b03168252810191909152604001600020805460ff19169055600101611797565b50600192915050565b6000806114c5858585600354610f2656fe4f776e657273206d75737420626520646966666572656e7420616464726573732e44657374696e6174696f6e2063616e6e6f74206265207468697320636f6e74726163742e5369676e65724e756d2063616e6e6f742062652067726561746572207468616e206f776e6572732e4f776e657220616464726573732063616e6e6f74206265207a65726f20616464726573732e4d65737361676520776173206e6f74207369676e656420627920656e6f756768206e756d626572206f66207369676e6572732e5369676e65724e756d2068617320746f2062652067726561746572207468616e207a65726f2e5369676e696e67206f776e657273206d75737420626520646966666572656e742e5468697320636f6e74726163742068617320616c7265616479206265656e20696e697469616c697a65642ea265627a7a72315820cb8feb427f2d2d9f3a79b03f2628461ca9ad5c7f42b1339f9534a37128472ce264736f6c634300050c0032
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Investigating multisig bytecode for exploits**
[codex:1212186]
[codex:1212186] I’m parsing the multisig wallet bytecode to understand its functions and verify if there’s any concrete exploit. I’m examining error messages, signatures, storage slots, and opcode patterns to check for vulnerabilities like missing replay protection or unsafe calls, and I’m preparing a Python script to parse opcodes locally since network access isn’t available.
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import binascii
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] # extract hex after 0x
[codex:1212186] import re
[codex:1212186] m = re.search(r'0x[0-9a-fA-F]+', hexdata)
[codex:1212186] if not m:
[codex:1212186] raise SystemExit('no hex')
[codex:1212186] hexstr = m.group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186] # opcode map
[codex:1212186] opcodes = {
[codex:1212186] 0x00:'STOP',0x01:'ADD',0x02:'MUL',0x03:'SUB',0x04:'DIV',0x05:'SDIV',0x06:'MOD',0x07:'SMOD',0x08:'ADDMOD',0x09:'MULMOD',0x0a:'EXP',0x0b:'SIGNEXTEND',
[codex:1212186] 0x10:'LT',0x11:'GT',0x12:'SLT',0x13:'SGT',0x14:'EQ',0x15:'ISZERO',0x16:'AND',0x17:'OR',0x18:'XOR',0x19:'NOT',0x1a:'BYTE',0x1b:'SHL',0x1c:'SHR',0x1d:'SAR',
[codex:1212186] 0x20:'SHA3',
[codex:1212186] 0x30:'ADDRESS',0x31:'BALANCE',0x32:'ORIGIN',0x33:'CALLER',0x34:'CALLVALUE',0x35:'CALLDATALOAD',0x36:'CALLDATASIZE',0x37:'CALLDATACOPY',0x38:'CODESIZE',0x39:'CODECOPY',0x3a:'GASPRICE',0x3b:'EXTCODESIZE',0x3c:'EXTCODECOPY',0x3d:'RETURNDATASIZE',0x3e:'RETURNDATACOPY',0x3f:'EXTCODEHASH',
[codex:1212186] 0x40:'BLOCKHASH',0x41:'COINBASE',0x42:'TIMESTAMP',0x43:'NUMBER',0x44:'DIFFICULTY',0x45:'GASLIMIT',0x46:'CHAINID',0x47:'SELFBALANCE',0x48:'BASEFEE',
[codex:1212186] 0x50:'POP',0x51:'MLOAD',0x52:'MSTORE',0x53:'MSTORE8',0x54:'SLOAD',0x55:'SSTORE',0x56:'JUMP',0x57:'JUMPI',0x58:'PC',0x59:'MSIZE',0x5a:'GAS',0x5b:'JUMPDEST',
[codex:1212186] 0x60:'PUSH1',0x61:'PUSH2',0x62:'PUSH3',0x63:'PUSH4',0x64:'PUSH5',0x65:'PUSH6',0x66:'PUSH7',0x67:'PUSH8',0x68:'PUSH9',0x69:'PUSH10',0x6a:'PUSH11',0x6b:'PUSH12',0x6c:'PUSH13',0x6d:'PUSH14',0x6e:'PUSH15',0x6f:'PUSH16',
[codex:1212186] 0x70:'PUSH17',0x71:'PUSH18',0x72:'PUSH19',0x73:'PUSH20',0x74:'PUSH21',0x75:'PUSH22',0x76:'PUSH23',0x77:'PUSH24',0x78:'PUSH25',0x79:'PUSH26',0x7a:'PUSH27',0x7b:'PUSH28',0x7c:'PUSH29',0x7d:'PUSH30',0x7e:'PUSH31',0x7f:'PUSH32',
[codex:1212186] 0x80:'DUP1',0x81:'DUP2',0x82:'DUP3',0x83:'DUP4',0x84:'DUP5',0x85:'DUP6',0x86:'DUP7',0x87:'DUP8',0x88:'DUP9',0x89:'DUP10',0x8a:'DUP11',0x8b:'DUP12',0x8c:'DUP13',0x8d:'DUP14',0x8e:'DUP15',0x8f:'DUP16',
[codex:1212186] 0x90:'SWAP1',0x91:'SWAP2',0x92:'SWAP3',0x93:'SWAP4',0x94:'SWAP5',0x95:'SWAP6',0x96:'SWAP7',0x97:'SWAP8',0x98:'SWAP9',0x99:'SWAP10',0x9a:'SWAP11',0x9b:'SWAP12',0x9c:'SWAP13',0x9d:'SWAP14',0x9e:'SWAP15',0x9f:'SWAP16',
[codex:1212186] 0xa0:'LOG0',0xa1:'LOG1',0xa2:'LOG2',0xa3:'LOG3',0xa4:'LOG4',
[codex:1212186] 0xf0:'CREATE',0xf1:'CALL',0xf2:'CALLCODE',0xf3:'RETURN',0xf4:'DELEGATECALL',0xf5:'CREATE2',0xfa:'STATICCALL',0xfd:'REVERT',0xfe:'INVALID',0xff:'SELFDESTRUCT',
[codex:1212186] }
[codex:1212186]
[codex:1212186] def disasm(code):
[codex:1212186] i=0
[codex:1212186] ops=[]
[codex:1212186] while i<len(code):
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] ops.append((i,name,data.hex()))
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] ops.append((i,name,''))
[codex:1212186] i+=1
[codex:1212186] return ops
[codex:1212186]
[codex:1212186] ops=disasm(code)
[codex:1212186] # find all CALL/DELEGATECALL/SELFDESTRUCT
[codex:1212186] for idx,(pc,name,arg) in enumerate(ops):
[codex:1212186] if name in ('CALL','DELEGATECALL','STATICCALL','SELFDESTRUCT','CALLCODE'):
[codex:1212186] print(pc,name)
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 34ms:
[codex:1212186] 2621 CALL
[codex:1212186] 3773 CALL
[codex:1212186] 4572 STATICCALL
[codex:1212186] 4841 CALL
[codex:1212186] 5229 STATICCALL
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing CALL and STATICCALL instructions**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186] # opcode map
[codex:1212186] opcodes = {
[codex:1212186] 0x00:'STOP',0x01:'ADD',0x02:'MUL',0x03:'SUB',0x04:'DIV',0x05:'SDIV',0x06:'MOD',0x07:'SMOD',0x08:'ADDMOD',0x09:'MULMOD',0x0a:'EXP',0x0b:'SIGNEXTEND',
[codex:1212186] 0x10:'LT',0x11:'GT',0x12:'SLT',0x13:'SGT',0x14:'EQ',0x15:'ISZERO',0x16:'AND',0x17:'OR',0x18:'XOR',0x19:'NOT',0x1a:'BYTE',0x1b:'SHL',0x1c:'SHR',0x1d:'SAR',
[codex:1212186] 0x20:'SHA3',
[codex:1212186] 0x30:'ADDRESS',0x31:'BALANCE',0x32:'ORIGIN',0x33:'CALLER',0x34:'CALLVALUE',0x35:'CALLDATALOAD',0x36:'CALLDATASIZE',0x37:'CALLDATACOPY',0x38:'CODESIZE',0x39:'CODECOPY',0x3a:'GASPRICE',0x3b:'EXTCODESIZE',0x3c:'EXTCODECOPY',0x3d:'RETURNDATASIZE',0x3e:'RETURNDATACOPY',0x3f:'EXTCODEHASH',
[codex:1212186] 0x40:'BLOCKHASH',0x41:'COINBASE',0x42:'TIMESTAMP',0x43:'NUMBER',0x44:'DIFFICULTY',0x45:'GASLIMIT',0x46:'CHAINID',0x47:'SELFBALANCE',0x48:'BASEFEE',
[codex:1212186] 0x50:'POP',0x51:'MLOAD',0x52:'MSTORE',0x53:'MSTORE8',0x54:'SLOAD',0x55:'SSTORE',0x56:'JUMP',0x57:'JUMPI',0x58:'PC',0x59:'MSIZE',0x5a:'GAS',0x5b:'JUMPDEST',
[codex:1212186] 0x60:'PUSH1',0x61:'PUSH2',0x62:'PUSH3',0x63:'PUSH4',0x64:'PUSH5',0x65:'PUSH6',0x66:'PUSH7',0x67:'PUSH8',0x68:'PUSH9',0x69:'PUSH10',0x6a:'PUSH11',0x6b:'PUSH12',0x6c:'PUSH13',0x6d:'PUSH14',0x6e:'PUSH15',0x6f:'PUSH16',
[codex:1212186] 0x70:'PUSH17',0x71:'PUSH18',0x72:'PUSH19',0x73:'PUSH20',0x74:'PUSH21',0x75:'PUSH22',0x76:'PUSH23',0x77:'PUSH24',0x78:'PUSH25',0x79:'PUSH26',0x7a:'PUSH27',0x7b:'PUSH28',0x7c:'PUSH29',0x7d:'PUSH30',0x7e:'PUSH31',0x7f:'PUSH32',
[codex:1212186] 0x80:'DUP1',0x81:'DUP2',0x82:'DUP3',0x83:'DUP4',0x84:'DUP5',0x85:'DUP6',0x86:'DUP7',0x87:'DUP8',0x88:'DUP9',0x89:'DUP10',0x8a:'DUP11',0x8b:'DUP12',0x8c:'DUP13',0x8d:'DUP14',0x8e:'DUP15',0x8f:'DUP16',
[codex:1212186] 0x90:'SWAP1',0x91:'SWAP2',0x92:'SWAP3',0x93:'SWAP4',0x94:'SWAP5',0x95:'SWAP6',0x96:'SWAP7',0x97:'SWAP8',0x98:'SWAP9',0x99:'SWAP10',0x9a:'SWAP11',0x9b:'SWAP12',0x9c:'SWAP13',0x9d:'SWAP14',0x9e:'SWAP15',0x9f:'SWAP16',
[codex:1212186] 0xa0:'LOG0',0xa1:'LOG1',0xa2:'LOG2',0xa3:'LOG3',0xa4:'LOG4',
[codex:1212186] 0xf0:'CREATE',0xf1:'CALL',0xf2:'CALLCODE',0xf3:'RETURN',0xf4:'DELEGATECALL',0xf5:'CREATE2',0xfa:'STATICCALL',0xfd:'REVERT',0xfe:'INVALID',0xff:'SELFDESTRUCT',
[codex:1212186] }
[codex:1212186]
[codex:1212186] def disasm(code):
[codex:1212186] i=0
[codex:1212186] ops=[]
[codex:1212186] while i<len(code):
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] ops.append((i,name,data.hex()))
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] ops.append((i,name,''))
[codex:1212186] i+=1
[codex:1212186] return ops
[codex:1212186]
[codex:1212186] ops=disasm(code)
[codex:1212186] # build pc->index
[codex:1212186] pc_to_idx={pc:i for i,(pc,_,_) in enumerate(ops)}
[codex:1212186]
[codex:1212186] call_pcs=[2621,3773,4841,4572,5229]
[codex:1212186] for target in call_pcs:
[codex:1212186] if target not in pc_to_idx:
[codex:1212186] print('pc',target,'not found')
[codex:1212186] continue
[codex:1212186] idx=pc_to_idx[target]
[codex:1212186] start=max(0,idx-20)
[codex:1212186] end=min(len(ops),idx+10)
[codex:1212186] print('\\n--- around pc',target,'---')
[codex:1212186] for pc,name,arg in ops[start:end]:
[codex:1212186] if arg:
[codex:1212186] print(f'{pc:04x}: {name} 0x{arg}')
[codex:1212186] else:
[codex:1212186] print(f'{pc:04x}: {name}')
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 33ms:
[codex:1212186]
[codex:1212186] --- around pc 2621 ---
[codex:1212186] 0a24: SWAP1
[codex:1212186] 0a25: PUSH1 0x01
[codex:1212186] 0a27: PUSH1 0x01
[codex:1212186] 0a29: PUSH1 0xa0
[codex:1212186] 0a2b: SHL
[codex:1212186] 0a2c: SUB
[codex:1212186] 0a2d: DUP10
[codex:1212186] 0a2e: AND
[codex:1212186] 0a2f: SWAP1
[codex:1212186] 0a30: PUSH2 0x4e20
[codex:1212186] 0a33: SWAP1
[codex:1212186] 0a34: DUP10
[codex:1212186] 0a35: SWAP1
[codex:1212186] 0a36: DUP6
[codex:1212186] 0a37: DUP2
[codex:1212186] 0a38: DUP2
[codex:1212186] 0a39: DUP2
[codex:1212186] 0a3a: DUP6
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing calls and staticcalls for signature checks**
[codex:1212186]
[codex:1212186] I'm examining various call and staticcall instructions, especially those with and without extcodesize checks, to infer their purpose—suspecting ERC20/ERC721 transfers or signature validation like ERC1271. I'll dig into the surrounding bytecode and stack operations near the staticcalls to decode the called addresses and clarify what's happening.
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186] # opcode map
[codex:1212186] opcodes = {
[codex:1212186] 0x00:'STOP',0x01:'ADD',0x02:'MUL',0x03:'SUB',0x04:'DIV',0x05:'SDIV',0x06:'MOD',0x07:'SMOD',0x08:'ADDMOD',0x09:'MULMOD',0x0a:'EXP',0x0b:'SIGNEXTEND',
[codex:1212186] 0x10:'LT',0x11:'GT',0x12:'SLT',0x13:'SGT',0x14:'EQ',0x15:'ISZERO',0x16:'AND',0x17:'OR',0x18:'XOR',0x19:'NOT',0x1a:'BYTE',0x1b:'SHL',0x1c:'SHR',0x1d:'SAR',
[codex:1212186] 0x20:'SHA3',
[codex:1212186] 0x30:'ADDRESS',0x31:'BALANCE',0x32:'ORIGIN',0x33:'CALLER',0x34:'CALLVALUE',0x35:'CALLDATALOAD',0x36:'CALLDATASIZE',0x37:'CALLDATACOPY',0x38:'CODESIZE',0x39:'CODECOPY',0x3a:'GASPRICE',0x3b:'EXTCODESIZE',0x3c:'EXTCODECOPY',0x3d:'RETURNDATASIZE',0x3e:'RETURNDATACOPY',0x3f:'EXTCODEHASH',
[codex:1212186] 0x40:'BLOCKHASH',0x41:'COINBASE',0x42:'TIMESTAMP',0x43:'NUMBER',0x44:'DIFFICULTY',0x45:'GASLIMIT',0x46:'CHAINID',0x47:'SELFBALANCE',0x48:'BASEFEE',
[codex:1212186] 0x50:'POP',0x51:'MLOAD',0x52:'MSTORE',0x53:'MSTORE8',0x54:'SLOAD',0x55:'SSTORE',0x56:'JUMP',0x57:'JUMPI',0x58:'PC',0x59:'MSIZE',0x5a:'GAS',0x5b:'JUMPDEST',
[codex:1212186] 0x60:'PUSH1',0x61:'PUSH2',0x62:'PUSH3',0x63:'PUSH4',0x64:'PUSH5',0x65:'PUSH6',0x66:'PUSH7',0x67:'PUSH8',0x68:'PUSH9',0x69:'PUSH10',0x6a:'PUSH11',0x6b:'PUSH12',0x6c:'PUSH13',0x6d:'PUSH14',0x6e:'PUSH15',0x6f:'PUSH16',
[codex:1212186] 0x70:'PUSH17',0x71:'PUSH18',0x72:'PUSH19',0x73:'PUSH20',0x74:'PUSH21',0x75:'PUSH22',0x76:'PUSH23',0x77:'PUSH24',0x78:'PUSH25',0x79:'PUSH26',0x7a:'PUSH27',0x7b:'PUSH28',0x7c:'PUSH29',0x7d:'PUSH30',0x7e:'PUSH31',0x7f:'PUSH32',
[codex:1212186] 0x80:'DUP1',0x81:'DUP2',0x82:'DUP3',0x83:'DUP4',0x84:'DUP5',0x85:'DUP6',0x86:'DUP7',0x87:'DUP8',0x88:'DUP9',0x89:'DUP10',0x8a:'DUP11',0x8b:'DUP12',0x8c:'DUP13',0x8d:'DUP14',0x8e:'DUP15',0x8f:'DUP16',
[codex:1212186] 0x90:'SWAP1',0x91:'SWAP2',0x92:'SWAP3',0x93:'SWAP4',0x94:'SWAP5',0x95:'SWAP6',0x96:'SWAP7',0x97:'SWAP8',0x98:'SWAP9',0x99:'SWAP10',0x9a:'SWAP11',0x9b:'SWAP12',0x9c:'SWAP13',0x9d:'SWAP14',0x9e:'SWAP15',0x9f:'SWAP16',
[codex:1212186] 0xa0:'LOG0',0xa1:'LOG1',0xa2:'LOG2',0xa3:'LOG3',0xa4:'LOG4',
[codex:1212186] 0xf0:'CREATE',0xf1:'CALL',0xf2:'CALLCODE',0xf3:'RETURN',0xf4:'DELEGATECALL',0xf5:'CREATE2',0xfa:'STATICCALL',0xfd:'REVERT',0xfe:'INVALID',0xff:'SELFDESTRUCT',
[codex:1212186] }
[codex:1212186]
[codex:1212186] def disasm(code):
[codex:1212186] i=0
[codex:1212186] ops=[]
[codex:1212186] while i<len(code):
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] ops.append((i,name,data.hex()))
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] ops.append((i,name,''))
[codex:1212186] i+=1
[codex:1212186] return ops
[codex:1212186]
[codex:1212186] ops=disasm(code)
[codex:1212186] # find around staticcall 0x11dc
[codex:1212186] for target in [0x11b0,0x11dc,0x1200,0x1440,0x146d,0x1490]:
[codex:1212186] # show 30 ops around target
[codex:1212186] print('\\n--- around pc',hex(target),'---')
[codex:1212186] # find closest index
[codex:1212186] idx=min(range(len(ops)), key=lambda i: abs(ops[i][0]-target))
[codex:1212186] start=max(0,idx-25)
[codex:1212186] end=min(len(ops),idx+25)
[codex:1212186] for pc,name,arg in ops[start:end]:
[codex:1212186] if arg:
[codex:1212186] print(f'{pc:04x}: {name} 0x{arg}')
[codex:1212186] else:
[codex:1212186] print(f'{pc:04x}: {name}')
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 34ms:
[codex:1212186]
[codex:1212186] --- around pc 0x11b0 ---
[codex:1212186] 118e: JUMPDEST
[codex:1212186] 118f: PUSH1 0x20
[codex:1212186] 1191: MUL
[codex:1212186] 1192: PUSH1 0x20
[codex:1212186] 1194: ADD
[codex:1212186] 1195: ADD
[codex:1212186] 1196: MLOAD
[codex:1212186] 1197: PUSH1 0x40
[codex:1212186] 1199: MLOAD
[codex:1212186] 119a: PUSH1 0x00
[codex:1212186] 119c: DUP2
[codex:1212186] 119d: MSTORE
[codex:1212186] 119e: PUSH1 0x20
[codex:1212186] 11a0: ADD
[codex:1212186] 11a1: PUSH1 0x40
[codex:1212186] 11a3: MSTORE
[codex:1212186] 11a4: PUSH1 0x40
[codex:1212186] 11a6: MLOAD
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing CALL instructions and value transfers**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186] # opcode map
[codex:1212186] opcodes = {
[codex:1212186] 0x00:'STOP',0x01:'ADD',0x02:'MUL',0x03:'SUB',0x04:'DIV',0x05:'SDIV',0x06:'MOD',0x07:'SMOD',0x08:'ADDMOD',0x09:'MULMOD',0x0a:'EXP',0x0b:'SIGNEXTEND',
[codex:1212186] 0x10:'LT',0x11:'GT',0x12:'SLT',0x13:'SGT',0x14:'EQ',0x15:'ISZERO',0x16:'AND',0x17:'OR',0x18:'XOR',0x19:'NOT',0x1a:'BYTE',0x1b:'SHL',0x1c:'SHR',0x1d:'SAR',
[codex:1212186] 0x20:'SHA3',
[codex:1212186] 0x30:'ADDRESS',0x31:'BALANCE',0x32:'ORIGIN',0x33:'CALLER',0x34:'CALLVALUE',0x35:'CALLDATALOAD',0x36:'CALLDATASIZE',0x37:'CALLDATACOPY',0x38:'CODESIZE',0x39:'CODECOPY',0x3a:'GASPRICE',0x3b:'EXTCODESIZE',0x3c:'EXTCODECOPY',0x3d:'RETURNDATASIZE',0x3e:'RETURNDATACOPY',0x3f:'EXTCODEHASH',
[codex:1212186] 0x40:'BLOCKHASH',0x41:'COINBASE',0x42:'TIMESTAMP',0x43:'NUMBER',0x44:'DIFFICULTY',0x45:'GASLIMIT',0x46:'CHAINID',0x47:'SELFBALANCE',0x48:'BASEFEE',
[codex:1212186] 0x50:'POP',0x51:'MLOAD',0x52:'MSTORE',0x53:'MSTORE8',0x54:'SLOAD',0x55:'SSTORE',0x56:'JUMP',0x57:'JUMPI',0x58:'PC',0x59:'MSIZE',0x5a:'GAS',0x5b:'JUMPDEST',
[codex:1212186] 0x60:'PUSH1',0x61:'PUSH2',0x62:'PUSH3',0x63:'PUSH4',0x64:'PUSH5',0x65:'PUSH6',0x66:'PUSH7',0x67:'PUSH8',0x68:'PUSH9',0x69:'PUSH10',0x6a:'PUSH11',0x6b:'PUSH12',0x6c:'PUSH13',0x6d:'PUSH14',0x6e:'PUSH15',0x6f:'PUSH16',
[codex:1212186] 0x70:'PUSH17',0x71:'PUSH18',0x72:'PUSH19',0x73:'PUSH20',0x74:'PUSH21',0x75:'PUSH22',0x76:'PUSH23',0x77:'PUSH24',0x78:'PUSH25',0x79:'PUSH26',0x7a:'PUSH27',0x7b:'PUSH28',0x7c:'PUSH29',0x7d:'PUSH30',0x7e:'PUSH31',0x7f:'PUSH32',
[codex:1212186] 0x80:'DUP1',0x81:'DUP2',0x82:'DUP3',0x83:'DUP4',0x84:'DUP5',0x85:'DUP6',0x86:'DUP7',0x87:'DUP8',0x88:'DUP9',0x89:'DUP10',0x8a:'DUP11',0x8b:'DUP12',0x8c:'DUP13',0x8d:'DUP14',0x8e:'DUP15',0x8f:'DUP16',
[codex:1212186] 0x90:'SWAP1',0x91:'SWAP2',0x92:'SWAP3',0x93:'SWAP4',0x94:'SWAP5',0x95:'SWAP6',0x96:'SWAP7',0x97:'SWAP8',0x98:'SWAP9',0x99:'SWAP10',0x9a:'SWAP11',0x9b:'SWAP12',0x9c:'SWAP13',0x9d:'SWAP14',0x9e:'SWAP15',0x9f:'SWAP16',
[codex:1212186] 0xa0:'LOG0',0xa1:'LOG1',0xa2:'LOG2',0xa3:'LOG3',0xa4:'LOG4',
[codex:1212186] 0xf0:'CREATE',0xf1:'CALL',0xf2:'CALLCODE',0xf3:'RETURN',0xf4:'DELEGATECALL',0xf5:'CREATE2',0xfa:'STATICCALL',0xfd:'REVERT',0xfe:'INVALID',0xff:'SELFDESTRUCT',
[codex:1212186] }
[codex:1212186]
[codex:1212186] def disasm(code):
[codex:1212186] i=0
[codex:1212186] ops=[]
[codex:1212186] while i<len(code):
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] ops.append((i,name,data.hex()))
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] ops.append((i,name,''))
[codex:1212186] i+=1
[codex:1212186] return ops
[codex:1212186]
[codex:1212186] ops=disasm(code)
[codex:1212186] # print around 0x9f0-0xa70
[codex:1212186] start_pc=0x9e0
[codex:1212186] end_pc=0xa90
[codex:1212186] for pc,name,arg in ops:
[codex:1212186] if start_pc<=pc<=end_pc:
[codex:1212186] if arg:
[codex:1212186] print(f'{pc:04x}: {name} 0x{arg}')
[codex:1212186] else:
[codex:1212186] print(f'{pc:04x}: {name}')
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 33ms:
[codex:1212186] 09e0: DUP3
[codex:1212186] 09e1: ADD
[codex:1212186] 09e2: MSTORE
[codex:1212186] 09e3: PUSH1 0x1d
[codex:1212186] 09e5: PUSH1 0x24
[codex:1212186] 09e7: DUP3
[codex:1212186] 09e8: ADD
[codex:1212186] 09e9: MSTORE
[codex:1212186] 09ea: PUSH32 0x496e73756666696369656e742062616c616e636520746f2073656e642e000000
[codex:1212186] 0a0b: PUSH1 0x44
[codex:1212186] 0a0d: DUP3
[codex:1212186] 0a0e: ADD
[codex:1212186] 0a0f: MSTORE
[codex:1212186] 0a10: SWAP1
[codex:1212186] 0a11: MLOAD
[codex:1212186] 0a12: SWAP1
[codex:1212186] 0a13: DUP2
[codex:1212186] 0a14: SWAP1
[codex:1212186] 0a15: SUB
[codex:1212186] 0a16: PUSH1 0x64
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing transaction execution and error messages**
[codex:1212186]
[codex:1212186] I'm investigating an ETH or token transfer function that checks balances and uses fixed gas for calls, likely within a multisig setup. The detailed revert messages suggest rigorous signature and owner validations, so I'll try mapping function selectors to known multisig functions to clarify the contract's structure and potential access controls.
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] import hashlib
[codex:1212186] sels = ['getOwners()','getRequired()','getTransactionCount()','getTransactionCount(bool,bool)','isOwner(address)','confirmTransaction(uint256)','executeTransaction(uint256)','submitTransaction(address,uint256,bytes)','execute(address,uint256,bytes)','execute(address,uint256,bytes,uint8,bytes32,bytes32)','getConfirmations(uint256)','revokeConfirmation(uint256)','addOwner(address)','removeOwner(address)','replaceOwner(address,address)','changeRequirement(uint256)','ownerExists(address)','nonce()','getNonce()','initialized()','isInitialized()','getInitialization()','getOwners(uint256)','getSigner(address)','getSigners()','signersRequired()','isSigner(address)','execute(address,uint256,bytes,address,uint8,bytes32,bytes32)','execute(address,uint256,bytes,uint8,bytes32,bytes32)']
[codex:1212186]
[codex:1212186] # compute selector
[codex:1212186] for s in sels:
[codex:1212186] h = hashlib.sha3_256(s.encode()).hexdigest() # not keccak but close? use eth_abi? But py sha3_256 is keccak? In python, sha3_256 is NIST, not keccak.
[codex:1212186] # use eth_hash? not available.
[codex:1212186] print('done')
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 24ms:
[codex:1212186] done
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Verifying keccak vs sha3 implementation**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] try:
[codex:1212186] from eth_utils import keccak
[codex:1212186] print('eth_utils available')
[codex:1212186] except Exception as e:
[codex:1212186] print('no eth_utils',e)
[codex:1212186] try:
[codex:1212186] import sha3
[codex:1212186] print('sha3 module ok',sha3)
[codex:1212186] except Exception as e:
[codex:1212186] print('no sha3',e)
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 230ms:
[codex:1212186] eth_utils available
[codex:1212186] no sha3 No module named 'sha3'
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Using eth_utils for selectors**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from eth_utils import keccak
[codex:1212186] sels = ['getOwners()','getRequired()','getTransactionCount()','getTransactionCount(bool,bool)','isOwner(address)','confirmTransaction(uint256)','executeTransaction(uint256)','submitTransaction(address,uint256,bytes)','execute(address,uint256,bytes)','execute(address,uint256,bytes,uint8,bytes32,bytes32)','getConfirmations(uint256)','revokeConfirmation(uint256)','addOwner(address)','removeOwner(address)','replaceOwner(address,address)','changeRequirement(uint256)','ownerExists(address)','nonce()','getNonce()','initialized()','isInitialized()','getInitialization()','getOwners(uint256)','getSigner(address)','getSigners()','signersRequired()','isSigner(address)','execute(address,uint256,bytes,address,uint8,bytes32,bytes32)','execute(address,uint256,bytes,uint8,bytes32,bytes32)','execute(address,uint256,bytes,address,uint256,uint8,bytes32,bytes32)','execute(address,uint256,bytes,address,uint256,uint8,bytes32,bytes32,uint8,bytes32,bytes32)']
[codex:1212186]
[codex:1212186] for s in sels:
[codex:1212186] sel = keccak(text=s)[:4].hex()
[codex:1212186] print(f'{s}: 0x{sel}')
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 219ms:
[codex:1212186] getOwners(): 0xa0e67e2b
[codex:1212186] getRequired(): 0x1398a5f6
[codex:1212186] getTransactionCount(): 0x2e7700f0
[codex:1212186] getTransactionCount(bool,bool): 0x54741525
[codex:1212186] isOwner(address): 0x2f54bf6e
[codex:1212186] confirmTransaction(uint256): 0xc01a8c84
[codex:1212186] executeTransaction(uint256): 0xee22610b
[codex:1212186] submitTransaction(address,uint256,bytes): 0xc6427474
[codex:1212186] execute(address,uint256,bytes): 0xb61d27f6
[codex:1212186] execute(address,uint256,bytes,uint8,bytes32,bytes32): 0x6fc370df
[codex:1212186] getConfirmations(uint256): 0xb5dc40c3
[codex:1212186] revokeConfirmation(uint256): 0x20ea8d86
[codex:1212186] addOwner(address): 0x7065cb48
[codex:1212186] removeOwner(address): 0x173825d9
[codex:1212186] replaceOwner(address,address): 0xe20056e6
[codex:1212186] changeRequirement(uint256): 0xba51a6df
[codex:1212186] ownerExists(address): 0x59dbfde8
[codex:1212186] nonce(): 0xaffed0e0
[codex:1212186] getNonce(): 0xd087d288
[codex:1212186] initialized(): 0x158ef93e
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing function selectors and dispatch**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186]
[codex:1212186] # disassemble simple
[codex:1212186] opcodes = {i: f'OP_{i:02x}' for i in range(256)}
[codex:1212186] for i,name in [
[codex:1212186] (0x56,'JUMP'),(0x57,'JUMPI'),(0x5b,'JUMPDEST'),
[codex:1212186] (0x60,'PUSH1'),(0x61,'PUSH2'),(0x62,'PUSH3'),(0x63,'PUSH4'),
[codex:1212186] (0x14,'EQ'),(0x35,'CALLDATALOAD'),(0x36,'CALLDATASIZE'),(0x3d,'RETURNDATASIZE'),
[codex:1212186] (0x15,'ISZERO'),(0x10,'LT'),(0x11,'GT'),(0x33,'CALLER')
[codex:1212186] ]: opcodes[i]=name
[codex:1212186]
[codex:1212186] def disasm(code):
[codex:1212186] i=0
[codex:1212186] ops=[]
[codex:1212186] while i<len(code):
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] ops.append((i,name,data))
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] ops.append((i,name,b''))
[codex:1212186] i+=1
[codex:1212186] return ops
[codex:1212186]
[codex:1212186] ops=disasm(code)
[codex:1212186] # find PUSH4 <selector> EQ PUSH2 <dest> JUMPI pattern
[codex:1212186] selectors={}
[codex:1212186] for i in range(len(ops)-3):
[codex:1212186] pc,name,data=ops[i]
[codex:1212186] if name=='PUSH4':
[codex:1212186] sel=data.hex()
[codex:1212186] # look ahead for EQ and JUMPI with PUSH2
[codex:1212186] # pattern: PUSH4 sel DUP? EQ PUSH2 dest JUMPI
[codex:1212186] # We'll just scan next 5 ops for PUSH2 and JUMPI
[codex:1212186] for j in range(i+1,i+8):
[codex:1212186] if j>=len(ops): break
[codex:1212186] pcj,namej,dataj=ops[j]
[codex:1212186] if namej=='PUSH2' and j+1<len(ops) and ops[j+1][1]=='JUMPI':
[codex:1212186] dest=int.from_bytes(dataj,'big')
[codex:1212186] selectors[sel]=dest
[codex:1212186] break
[codex:1212186]
[codex:1212186] # print selectors
[codex:1212186] for sel,dest in selectors.items():
[codex:1212186] print('0x'+sel, '->', hex(dest))
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 32ms:
[codex:1212186] 0x843b1a09 -> 0x548
[codex:1212186] 0xc0ee0b8a -> 0x77e
[codex:1212186] 0xc1278cc5 -> 0x846
[codex:1212186] 0xf0b9e5ba -> 0x88d
[codex:1212186] 0x98ad68a7 -> 0x55d
[codex:1212186] 0xbba85f28 -> 0x735
[codex:1212186] 0x158ef93e -> 0x446
[codex:1212186] 0x60b5bb3f -> 0x46f
[codex:1212186] 0x7db218b7 -> 0x521
[codex:1212186] 0x08405166 -> 0x150
[codex:1212186] 0x0adcf464 -> 0x19a
[codex:1212186] 0x150b7a02 -> 0x373
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Mapping and analyzing contract functions**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186] # disassemble
[codex:1212186] opcodes = {
[codex:1212186] 0x00:'STOP',0x01:'ADD',0x02:'MUL',0x03:'SUB',0x04:'DIV',0x05:'SDIV',0x06:'MOD',0x07:'SMOD',0x08:'ADDMOD',0x09:'MULMOD',0x0a:'EXP',0x0b:'SIGNEXTEND',
[codex:1212186] 0x10:'LT',0x11:'GT',0x12:'SLT',0x13:'SGT',0x14:'EQ',0x15:'ISZERO',0x16:'AND',0x17:'OR',0x18:'XOR',0x19:'NOT',0x1a:'BYTE',0x1b:'SHL',0x1c:'SHR',0x1d:'SAR',
[codex:1212186] 0x20:'SHA3',
[codex:1212186] 0x30:'ADDRESS',0x31:'BALANCE',0x32:'ORIGIN',0x33:'CALLER',0x34:'CALLVALUE',0x35:'CALLDATALOAD',0x36:'CALLDATASIZE',0x37:'CALLDATACOPY',0x38:'CODESIZE',0x39:'CODECOPY',0x3a:'GASPRICE',0x3b:'EXTCODESIZE',0x3c:'EXTCODECOPY',0x3d:'RETURNDATASIZE',0x3e:'RETURNDATACOPY',0x3f:'EXTCODEHASH',
[codex:1212186] 0x40:'BLOCKHASH',0x41:'COINBASE',0x42:'TIMESTAMP',0x43:'NUMBER',0x44:'DIFFICULTY',0x45:'GASLIMIT',0x46:'CHAINID',0x47:'SELFBALANCE',0x48:'BASEFEE',
[codex:1212186] 0x50:'POP',0x51:'MLOAD',0x52:'MSTORE',0x53:'MSTORE8',0x54:'SLOAD',0x55:'SSTORE',0x56:'JUMP',0x57:'JUMPI',0x58:'PC',0x59:'MSIZE',0x5a:'GAS',0x5b:'JUMPDEST',
[codex:1212186] 0x60:'PUSH1',0x61:'PUSH2',0x62:'PUSH3',0x63:'PUSH4',0x64:'PUSH5',0x65:'PUSH6',0x66:'PUSH7',0x67:'PUSH8',0x68:'PUSH9',0x69:'PUSH10',0x6a:'PUSH11',0x6b:'PUSH12',0x6c:'PUSH13',0x6d:'PUSH14',0x6e:'PUSH15',0x6f:'PUSH16',
[codex:1212186] 0x70:'PUSH17',0x71:'PUSH18',0x72:'PUSH19',0x73:'PUSH20',0x74:'PUSH21',0x75:'PUSH22',0x76:'PUSH23',0x77:'PUSH24',0x78:'PUSH25',0x79:'PUSH26',0x7a:'PUSH27',0x7b:'PUSH28',0x7c:'PUSH29',0x7d:'PUSH30',0x7e:'PUSH31',0x7f:'PUSH32',
[codex:1212186] 0x80:'DUP1',0x81:'DUP2',0x82:'DUP3',0x83:'DUP4',0x84:'DUP5',0x85:'DUP6',0x86:'DUP7',0x87:'DUP8',0x88:'DUP9',0x89:'DUP10',0x8a:'DUP11',0x8b:'DUP12',0x8c:'DUP13',0x8d:'DUP14',0x8e:'DUP15',0x8f:'DUP16',
[codex:1212186] 0x90:'SWAP1',0x91:'SWAP2',0x92:'SWAP3',0x93:'SWAP4',0x94:'SWAP5',0x95:'SWAP6',0x96:'SWAP7',0x97:'SWAP8',0x98:'SWAP9',0x99:'SWAP10',0x9a:'SWAP11',0x9b:'SWAP12',0x9c:'SWAP13',0x9d:'SWAP14',0x9e:'SWAP15',0x9f:'SWAP16',
[codex:1212186] 0xa0:'LOG0',0xa1:'LOG1',0xa2:'LOG2',0xa3:'LOG3',0xa4:'LOG4',
[codex:1212186] 0xf0:'CREATE',0xf1:'CALL',0xf2:'CALLCODE',0xf3:'RETURN',0xf4:'DELEGATECALL',0xf5:'CREATE2',0xfa:'STATICCALL',0xfd:'REVERT',0xfe:'INVALID',0xff:'SELFDESTRUCT',
[codex:1212186] }
[codex:1212186]
[codex:1212186] def disasm(code):
[codex:1212186] i=0
[codex:1212186] ops=[]
[codex:1212186] while i<len(code):
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] ops.append((i,name,data.hex()))
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] ops.append((i,name,''))
[codex:1212186] i+=1
[codex:1212186] return ops
[codex:1212186]
[codex:1212186] ops=disasm(code)
[codex:1212186] # print around 0xa80-0xb50
[codex:1212186] start_pc=0xa80
[codex:1212186] end_pc=0xb60
[codex:1212186] for pc,name,arg in ops:
[codex:1212186] if start_pc<=pc<=end_pc:
[codex:1212186] if arg:
[codex:1212186] print(f'{pc:04x}: {name} 0x{arg}')
[codex:1212186] else:
[codex:1212186] print(f'{pc:04x}: {name}')
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 31ms:
[codex:1212186] 0a80: DUP1
[codex:1212186] 0a81: MLOAD
[codex:1212186] 0a82: PUSH3 0x461bcd
[codex:1212186] 0a86: PUSH1 0xe5
[codex:1212186] 0a88: SHL
[codex:1212186] 0a89: DUP2
[codex:1212186] 0a8a: MSTORE
[codex:1212186] 0a8b: PUSH1 0x20
[codex:1212186] 0a8d: PUSH1 0x04
[codex:1212186] 0a8f: DUP3
[codex:1212186] 0a90: ADD
[codex:1212186] 0a91: MSTORE
[codex:1212186] 0a92: PUSH1 0x16
[codex:1212186] 0a94: PUSH1 0x24
[codex:1212186] 0a96: DUP3
[codex:1212186] 0a97: ADD
[codex:1212186] 0a98: MSTORE
[codex:1212186] 0a99: PUSH32 0x4574686572207472616e73666572206661696c65642e00000000000000000000
[codex:1212186] 0aba: PUSH1 0x44
[codex:1212186] 0abc: DUP3
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Examining token and ETH transfer logic**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186]
[codex:1212186] # simple disasm
[codex:1212186] opcodes = {i: f'OP_{i:02x}' for i in range(256)}
[codex:1212186] for i,name in [
[codex:1212186] (0x55,'SSTORE'),(0x54,'SLOAD'),(0x5b,'JUMPDEST'),(0xf1,'CALL'),(0xfa,'STATICCALL'),(0x60,'PUSH1'),(0x61,'PUSH2'),(0x62,'PUSH3'),(0x63,'PUSH4'),(0x73,'PUSH20')
[codex:1212186] ]: opcodes[i]=name
[codex:1212186]
[codex:1212186] def disasm(code):
[codex:1212186] i=0
[codex:1212186] ops=[]
[codex:1212186] while i<len(code):
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] ops.append((i,name,data.hex()))
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] ops.append((i,name,''))
[codex:1212186] i+=1
[codex:1212186] return ops
[codex:1212186]
[codex:1212186] ops=disasm(code)
[codex:1212186] # find SSTORE ops
[codex:1212186] for idx,(pc,name,arg) in enumerate(ops):
[codex:1212186] if name=='SSTORE':
[codex:1212186] # print some context
[codex:1212186] start=max(0,idx-5)
[codex:1212186] end=min(len(ops),idx+5)
[codex:1212186] print('\\nSSTORE at',hex(pc))
[codex:1212186] for pc2,name2,arg2 in ops[start:end]:
[codex:1212186] if arg2:
[codex:1212186] print(f'{pc2:04x}: {name2} 0x{arg2}')
[codex:1212186] else:
[codex:1212186] print(f'{pc2:04x}: {name2}')
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 31ms:
[codex:1212186]
[codex:1212186] SSTORE at 0x9a0
[codex:1212186] 099a: OP_80
[codex:1212186] 099b: SLOAD
[codex:1212186] 099c: PUSH1 0x01
[codex:1212186] 099e: OP_01
[codex:1212186] 099f: OP_90
[codex:1212186] 09a0: SSTORE
[codex:1212186] 09a1: PUSH1 0x01
[codex:1212186] 09a3: PUSH1 0x01
[codex:1212186] 09a5: PUSH1 0xa0
[codex:1212186] 09a7: OP_1b
[codex:1212186]
[codex:1212186] SSTORE at 0xd1a
[codex:1212186] 0d15: OP_91
[codex:1212186] 0d16: OP_90
[codex:1212186] 0d17: OP_91
[codex:1212186] 0d18: OP_17
[codex:1212186] 0d19: OP_90
[codex:1212186] 0d1a: SSTORE
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing SSTORE operations in bytecode**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186] # disasm
[codex:1212186] opcodes = {i: f'OP_{i:02x}' for i in range(256)}
[codex:1212186] for i,name in [
[codex:1212186] (0x55,'SSTORE'),(0x54,'SLOAD'),(0x5b,'JUMPDEST'),(0x60,'PUSH1'),(0x61,'PUSH2'),(0x62,'PUSH3'),(0x63,'PUSH4'),(0x73,'PUSH20'),(0x50,'POP'),(0x56,'JUMP'),(0x57,'JUMPI')
[codex:1212186] ]: opcodes[i]=name
[codex:1212186]
[codex:1212186] def disasm(code):
[codex:1212186] i=0
[codex:1212186] ops=[]
[codex:1212186] while i<len(code):
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] ops.append((i,name,data.hex()))
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] ops.append((i,name,''))
[codex:1212186] i+=1
[codex:1212186] return ops
[codex:1212186]
[codex:1212186] ops=disasm(code)
[codex:1212186] start_pc=0xd80
[codex:1212186] end_pc=0xe00
[codex:1212186] for pc,name,arg in ops:
[codex:1212186] if start_pc<=pc<=end_pc:
[codex:1212186] if arg:
[codex:1212186] print(f'{pc:04x}: {name} 0x{arg}')
[codex:1212186] else:
[codex:1212186] print(f'{pc:04x}: {name}')
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 32ms:
[codex:1212186] 0d80: OP_82
[codex:1212186] 0d81: OP_81
[codex:1212186] 0d82: OP_03
[codex:1212186] 0d83: OP_82
[codex:1212186] 0d84: OP_52
[codex:1212186] 0d85: PUSH1 0x28
[codex:1212186] 0d87: OP_81
[codex:1212186] 0d88: OP_52
[codex:1212186] 0d89: PUSH1 0x20
[codex:1212186] 0d8b: OP_01
[codex:1212186] 0d8c: OP_80
[codex:1212186] 0d8d: PUSH2 0x1843
[codex:1212186] 0d90: PUSH1 0x28
[codex:1212186] 0d92: OP_91
[codex:1212186] 0d93: OP_39
[codex:1212186] 0d94: PUSH1 0x40
[codex:1212186] 0d96: OP_01
[codex:1212186] 0d97: OP_91
[codex:1212186] 0d98: POP
[codex:1212186] 0d99: POP
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing storage operations and function at 0x150**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186] # disassemble from 0x130-0x200
[codex:1212186] opcodes = {i: f'OP_{i:02x}' for i in range(256)}
[codex:1212186] for i,name in [(0x56,'JUMP'),(0x57,'JUMPI'),(0x5b,'JUMPDEST'),(0x60,'PUSH1'),(0x61,'PUSH2'),(0x62,'PUSH3'),(0x63,'PUSH4'),(0x54,'SLOAD'),(0x55,'SSTORE'),(0xf3,'RETURN'),(0xfd,'REVERT'),(0x51,'MLOAD'),(0x52,'MSTORE'),(0x33,'CALLER')]: opcodes[i]=name
[codex:1212186]
[codex:1212186] def disasm_range(start,end):
[codex:1212186] i=start
[codex:1212186] while i<end:
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] print(f'{i:04x}: {name} 0x{data.hex()}')
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] print(f'{i:04x}: {name}')
[codex:1212186] i+=1
[codex:1212186]
[codex:1212186] # range around function at 0x150
[codex:1212186] print('--- 0x150 function ---')
[codex:1212186] disasm_range(0x150,0x1b0)
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 27ms:
[codex:1212186] --- 0x150 function ---
[codex:1212186] 0150: JUMPDEST
[codex:1212186] 0151: OP_34
[codex:1212186] 0152: OP_80
[codex:1212186] 0153: OP_15
[codex:1212186] 0154: PUSH2 0x015c
[codex:1212186] 0157: JUMPI
[codex:1212186] 0158: PUSH1 0x00
[codex:1212186] 015a: OP_80
[codex:1212186] 015b: REVERT
[codex:1212186] 015c: JUMPDEST
[codex:1212186] 015d: OP_50
[codex:1212186] 015e: PUSH2 0x0165
[codex:1212186] 0161: PUSH2 0x091f
[codex:1212186] 0164: JUMP
[codex:1212186] 0165: JUMPDEST
[codex:1212186] 0166: PUSH1 0x40
[codex:1212186] 0168: OP_80
[codex:1212186] 0169: MLOAD
[codex:1212186] 016a: OP_7f 0xffffffff00000000000000000000000000000000000000000000000000000000
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing opcode for non-payable check and constant return**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186]
[codex:1212186] opcodes = {i: f'OP_{i:02x}' for i in range(256)}
[codex:1212186] for i,name in [(0x5b,'JUMPDEST'),(0x60,'PUSH1'),(0x61,'PUSH2'),(0x62,'PUSH3'),(0x63,'PUSH4'),(0x64,'PUSH5'),(0x65,'PUSH6'),(0x66,'PUSH7'),(0x67,'PUSH8'),(0x68,'PUSH9'),(0x69,'PUSH10'),(0x6a,'PUSH11'),(0x6b,'PUSH12'),(0x6c,'PUSH13'),(0x6d,'PUSH14'),(0x6e,'PUSH15'),(0x6f,'PUSH16'),(0x7f,'PUSH32'),(0x54,'SLOAD'),(0x56,'JUMP'),(0x57,'JUMPI'),(0x52,'MSTORE'),(0x51,'MLOAD'),(0xf3,'RETURN')]: opcodes[i]=name
[codex:1212186]
[codex:1212186] def disasm_range(start,end):
[codex:1212186] i=start
[codex:1212186] while i<end:
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] print(f'{i:04x}: {name} 0x{data.hex()}')
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] print(f'{i:04x}: {name}')
[codex:1212186] i+=1
[codex:1212186]
[codex:1212186] print('--- around 0x091f ---')
[codex:1212186] disasm_range(0x0910,0x0940)
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 31ms:
[codex:1212186] --- around 0x091f ---
[codex:1212186] 0910: PUSH1 0x00
[codex:1212186] 0912: OP_80
[codex:1212186] 0913: OP_fd
[codex:1212186] 0914: JUMPDEST
[codex:1212186] 0915: OP_50
[codex:1212186] 0916: OP_90
[codex:1212186] 0917: OP_92
[codex:1212186] 0918: OP_50
[codex:1212186] 0919: OP_90
[codex:1212186] 091a: OP_50
[codex:1212186] 091b: PUSH2 0x1083
[codex:1212186] 091e: JUMP
[codex:1212186] 091f: JUMPDEST
[codex:1212186] 0920: PUSH32 0xc0ee0b8a00000000000000000000000000000000000000000000000000000000
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing JUMPDEST and constants**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186]
[codex:1212186] # disasm a bit more
[codex:1212186] opcodes = {i: f'OP_{i:02x}' for i in range(256)}
[codex:1212186] for i,name in [(0x5b,'JUMPDEST'),(0x60,'PUSH1'),(0x61,'PUSH2'),(0x62,'PUSH3'),(0x63,'PUSH4'),(0x64,'PUSH5'),(0x65,'PUSH6'),(0x66,'PUSH7'),(0x67,'PUSH8'),(0x68,'PUSH9'),(0x69,'PUSH10'),(0x6a,'PUSH11'),(0x6b,'PUSH12'),(0x6c,'PUSH13'),(0x6d,'PUSH14'),(0x6e,'PUSH15'),(0x6f,'PUSH16'),(0x7f,'PUSH32'),(0x54,'SLOAD'),(0x56,'JUMP'),(0x57,'JUMPI'),(0x52,'MSTORE'),(0x51,'MLOAD'),(0xf3,'RETURN'),(0x81,'DUP2')]: opcodes[i]=name
[codex:1212186]
[codex:1212186] def disasm_range(start,end):
[codex:1212186] i=start
[codex:1212186] while i<end:
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] print(f'{i:04x}: {name} 0x{data.hex()}')
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] print(f'{i:04x}: {name}')
[codex:1212186] i+=1
[codex:1212186]
[codex:1212186] print('--- around 0x091f ---')
[codex:1212186] disasm_range(0x091f,0x0930)
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 27ms:
[codex:1212186] --- around 0x091f ---
[codex:1212186] 091f: JUMPDEST
[codex:1212186] 0920: PUSH32 0xc0ee0b8a00000000000000000000000000000000000000000000000000000000
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Decoding function bytecode patterns**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186] # disasm around 0x1083
[codex:1212186] opcodes = {i: f'OP_{i:02x}' for i in range(256)}
[codex:1212186] for i,name in [(0x5b,'JUMPDEST'),(0x60,'PUSH1'),(0x61,'PUSH2'),(0x62,'PUSH3'),(0x63,'PUSH4'),(0x64,'PUSH5'),(0x65,'PUSH6'),(0x66,'PUSH7'),(0x67,'PUSH8'),(0x68,'PUSH9'),(0x69,'PUSH10'),(0x6a,'PUSH11'),(0x6b,'PUSH12'),(0x6c,'PUSH13'),(0x6d,'PUSH14'),(0x6e,'PUSH15'),(0x6f,'PUSH16'),(0x7f,'PUSH32'),(0x54,'SLOAD'),(0x56,'JUMP'),(0x57,'JUMPI'),(0x52,'MSTORE'),(0x51,'MLOAD'),(0xf3,'RETURN'),(0x80,'DUP1'),(0x81,'DUP2'),(0x50,'POP')]: opcodes[i]=name
[codex:1212186]
[codex:1212186] def disasm_range(start,end):
[codex:1212186] i=start
[codex:1212186] while i<end:
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] print(f'{i:04x}: {name} 0x{data.hex()}')
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] print(f'{i:04x}: {name}')
[codex:1212186] i+=1
[codex:1212186]
[codex:1212186] print('--- around 0x1060-0x10d0 ---')
[codex:1212186] disasm_range(0x1060,0x10d0)
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 30ms:
[codex:1212186] --- around 0x1060-0x10d0 ---
[codex:1212186] 1060: MSTORE
[codex:1212186] 1061: PUSH1 0x7c
[codex:1212186] 1063: DUP1
[codex:1212186] 1064: OP_83
[codex:1212186] 1065: OP_01
[codex:1212186] 1066: OP_91
[codex:1212186] 1067: OP_90
[codex:1212186] 1068: OP_91
[codex:1212186] 1069: MSTORE
[codex:1212186] 106a: OP_83
[codex:1212186] 106b: MLOAD
[codex:1212186] 106c: DUP1
[codex:1212186] 106d: OP_83
[codex:1212186] 106e: OP_03
[codex:1212186] 106f: OP_90
[codex:1212186] 1070: OP_91
[codex:1212186] 1071: OP_01
[codex:1212186] 1072: DUP2
[codex:1212186] 1073: MSTORE
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing function selectors and storage checks**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186] # disasm around 0x10ac-0x1140
[codex:1212186] opcodes = {i: f'OP_{i:02x}' for i in range(256)}
[codex:1212186] for i,name in [(0x5b,'JUMPDEST'),(0x60,'PUSH1'),(0x61,'PUSH2'),(0x62,'PUSH3'),(0x63,'PUSH4'),(0x64,'PUSH5'),(0x65,'PUSH6'),(0x66,'PUSH7'),(0x67,'PUSH8'),(0x68,'PUSH9'),(0x69,'PUSH10'),(0x6a,'PUSH11'),(0x6b,'PUSH12'),(0x6c,'PUSH13'),(0x6d,'PUSH14'),(0x6e,'PUSH15'),(0x6f,'PUSH16'),(0x7f,'PUSH32'),(0x54,'SLOAD'),(0x56,'JUMP'),(0x57,'JUMPI'),(0x52,'MSTORE'),(0x51,'MLOAD'),(0xf3,'RETURN'),(0x80,'DUP1'),(0x81,'DUP2'),(0x82,'DUP3'),(0x83,'DUP4'),(0x84,'DUP5'),(0x85,'DUP6'),(0x86,'DUP7'),(0x87,'DUP8'),(0x90,'SWAP1'),(0x91,'SWAP2'),(0x92,'SWAP3'),(0x93,'SWAP4'),(0x94,'SWAP5'),(0x95,'SWAP6'),(0x96,'SWAP7'),(0x50,'POP'),(0xfd,'REVERT'),(0x14,'EQ'),(0x15,'ISZERO'),(0x10,'LT'),(0x11,'GT'),(0x1b,'SHL'),(0x20,'SHA3'),(0x33,'CALLER')]: opcodes[i]=name
[codex:1212186]
[codex:1212186] def disasm_range(start,end):
[codex:1212186] i=start
[codex:1212186] while i<end:
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] print(f'{i:04x}: {name} 0x{data.hex()}')
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] print(f'{i:04x}: {name}')
[codex:1212186] i+=1
[codex:1212186]
[codex:1212186] print('--- around 0x10ac-0x1140 ---')
[codex:1212186] disasm_range(0x10ac,0x1140)
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 28ms:
[codex:1212186] --- around 0x10ac-0x1140 ---
[codex:1212186] 10ac: JUMPDEST
[codex:1212186] 10ad: PUSH1 0x00
[codex:1212186] 10af: DUP1
[codex:1212186] 10b0: PUSH2 0x10ba
[codex:1212186] 10b3: OP_88
[codex:1212186] 10b4: OP_88
[codex:1212186] 10b5: OP_88
[codex:1212186] 10b6: PUSH2 0x14b4
[codex:1212186] 10b9: JUMP
[codex:1212186] 10ba: JUMPDEST
[codex:1212186] 10bb: SWAP1
[codex:1212186] 10bc: POP
[codex:1212186] 10bd: PUSH1 0x04
[codex:1212186] 10bf: SLOAD
[codex:1212186] 10c0: DUP6
[codex:1212186] 10c1: MLOAD
[codex:1212186] 10c2: EQ
[codex:1212186] 10c3: DUP1
[codex:1212186] 10c4: ISZERO
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing signature verification logic**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186] # disasm around 0xf00-0xf90
[codex:1212186] opcodes = {i: f'OP_{i:02x}' for i in range(256)}
[codex:1212186] for i,name in [(0x5b,'JUMPDEST'),(0x60,'PUSH1'),(0x61,'PUSH2'),(0x62,'PUSH3'),(0x63,'PUSH4'),(0x64,'PUSH5'),(0x65,'PUSH6'),(0x66,'PUSH7'),(0x67,'PUSH8'),(0x68,'PUSH9'),(0x69,'PUSH10'),(0x6a,'PUSH11'),(0x6b,'PUSH12'),(0x6c,'PUSH13'),(0x6d,'PUSH14'),(0x6e,'PUSH15'),(0x6f,'PUSH16'),(0x7f,'PUSH32'),(0x54,'SLOAD'),(0x56,'JUMP'),(0x57,'JUMPI'),(0x52,'MSTORE'),(0x51,'MLOAD'),(0xf3,'RETURN'),(0x80,'DUP1'),(0x81,'DUP2'),(0x82,'DUP3'),(0x83,'DUP4'),(0x84,'DUP5'),(0x85,'DUP6'),(0x86,'DUP7'),(0x87,'DUP8'),(0x90,'SWAP1'),(0x91,'SWAP2'),(0x92,'SWAP3'),(0x93,'SWAP4'),(0x94,'SWAP5'),(0x95,'SWAP6'),(0x96,'SWAP7'),(0x50,'POP'),(0xfd,'REVERT'),(0x14,'EQ'),(0x15,'ISZERO'),(0x10,'LT'),(0x11,'GT'),(0x1b,'SHL'),(0x20,'SHA3'),(0x33,'CALLER')]: opcodes[i]=name
[codex:1212186]
[codex:1212186] def disasm_range(start,end):
[codex:1212186] i=start
[codex:1212186] while i<end:
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] print(f'{i:04x}: {name} 0x{data.hex()}')
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] print(f'{i:04x}: {name}')
[codex:1212186] i+=1
[codex:1212186]
[codex:1212186] print('--- around 0xf00-0xf90 ---')
[codex:1212186] disasm_range(0x0f00,0x0f90)
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 30ms:
[codex:1212186] --- around 0xf00-0xf90 ---
[codex:1212186] 0f00: OP_c5
[codex:1212186] 0f01: OP_b4
[codex:1212186] 0f02: SLOAD
[codex:1212186] 0f03: PUSH15 0x6222fea2e4f36e824db9d44eb7ec93
[codex:1212186] 0f13: POP
[codex:1212186] 0f14: SWAP1
[codex:1212186] 0f15: DUP2
[codex:1212186] 0f16: SWAP1
[codex:1212186] 0f17: OP_03
[codex:1212186] 0f18: PUSH1 0x60
[codex:1212186] 0f1a: OP_01
[codex:1212186] 0f1b: SWAP2
[codex:1212186] 0f1c: POP
[codex:1212186] 0f1d: OP_a1
[codex:1212186] 0f1e: POP
[codex:1212186] 0f1f: POP
[codex:1212186] 0f20: POP
[codex:1212186] 0f21: POP
[codex:1212186] 0f22: POP
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing contract address check and revert logic**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186] # disasm around 0xe20-0xea0
[codex:1212186] opcodes = {i: f'OP_{i:02x}' for i in range(256)}
[codex:1212186] for i,name in [(0x5b,'JUMPDEST'),(0x60,'PUSH1'),(0x61,'PUSH2'),(0x62,'PUSH3'),(0x63,'PUSH4'),(0x64,'PUSH5'),(0x65,'PUSH6'),(0x66,'PUSH7'),(0x67,'PUSH8'),(0x68,'PUSH9'),(0x69,'PUSH10'),(0x6a,'PUSH11'),(0x6b,'PUSH12'),(0x6c,'PUSH13'),(0x6d,'PUSH14'),(0x6e,'PUSH15'),(0x6f,'PUSH16'),(0x7f,'PUSH32'),(0x54,'SLOAD'),(0x56,'JUMP'),(0x57,'JUMPI'),(0x52,'MSTORE'),(0x51,'MLOAD'),(0xf3,'RETURN'),(0x80,'DUP1'),(0x81,'DUP2'),(0x82,'DUP3'),(0x83,'DUP4'),(0x84,'DUP5'),(0x85,'DUP6'),(0x86,'DUP7'),(0x87,'DUP8'),(0x90,'SWAP1'),(0x91,'SWAP2'),(0x92,'SWAP3'),(0x93,'SWAP4'),(0x94,'SWAP5'),(0x95,'SWAP6'),(0x96,'SWAP7'),(0x50,'POP'),(0xfd,'REVERT'),(0x14,'EQ'),(0x15,'ISZERO'),(0x10,'LT'),(0x11,'GT'),(0x1b,'SHL'),(0x20,'SHA3'),(0x33,'CALLER'),(0xf1,'CALL'),(0x3b,'EXTCODESIZE')]: opcodes[i]=name
[codex:1212186]
[codex:1212186] def disasm_range(start,end):
[codex:1212186] i=start
[codex:1212186] while i<end:
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] print(f'{i:04x}: {name} 0x{data.hex()}')
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] print(f'{i:04x}: {name}')
[codex:1212186] i+=1
[codex:1212186]
[codex:1212186] print('--- around 0xe20-0xea0 ---')
[codex:1212186] disasm_range(0x0e20,0x0ea0)
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 29ms:
[codex:1212186] --- around 0xe20-0xea0 ---
[codex:1212186] 0e20: OP_34
[codex:1212186] 0e21: OP_b2
[codex:1212186] 0e22: LT
[codex:1212186] 0e23: OP_39
[codex:1212186] 0e24: OP_b4
[codex:1212186] 0e25: OP_b3
[codex:1212186] 0e26: OP_b7
[codex:1212186] 0e27: OP_30
[codex:1212186] 0e28: OP_ba
[codex:1212186] 0e29: OP_3a
[codex:1212186] 0e2a: OP_b9
[codex:1212186] 0e2b: OP_32
[codex:1212186] 0e2c: OP_97
[codex:1212186] 0e2d: PUSH1 0x71
[codex:1212186] 0e2f: SHL
[codex:1212186] 0e30: PUSH1 0x44
[codex:1212186] 0e32: DUP3
[codex:1212186] 0e33: OP_01
[codex:1212186] 0e34: MSTORE
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing token transfer function and ownership checks**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186]
[codex:1212186] # disasm
[codex:1212186] opcodes = {i: f'OP_{i:02x}' for i in range(256)}
[codex:1212186] for i,name in [(0x33,'CALLER'),(0x54,'SLOAD'),(0x55,'SSTORE'),(0x5b,'JUMPDEST'),(0x60,'PUSH1'),(0x61,'PUSH2'),(0x73,'PUSH20'),(0x14,'EQ'),(0x15,'ISZERO'),(0x16,'AND'),(0x1b,'SHL')]: opcodes[i]=name
[codex:1212186]
[codex:1212186] def disasm(code):
[codex:1212186] i=0
[codex:1212186] ops=[]
[codex:1212186] while i<len(code):
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] ops.append((i,name,data.hex()))
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] ops.append((i,name,''))
[codex:1212186] i+=1
[codex:1212186] return ops
[codex:1212186]
[codex:1212186] ops=disasm(code)
[codex:1212186] for idx,(pc,name,arg) in enumerate(ops):
[codex:1212186] if name=='CALLER':
[codex:1212186] start=max(0,idx-8)
[codex:1212186] end=min(len(ops),idx+8)
[codex:1212186] print('\\nCALLER at',hex(pc))
[codex:1212186] for pc2,name2,arg2 in ops[start:end]:
[codex:1212186] if arg2:
[codex:1212186] print(f'{pc2:04x}: {name2} 0x{arg2}')
[codex:1212186] else:
[codex:1212186] print(f'{pc2:04x}: {name2}')
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 37ms:
[codex:1212186]
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Verifying CALLER opcode presence**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186] print('CALLER count', code.count(bytes([0x33])))
[codex:1212186] print('ADDRESS count', code.count(bytes([0x30])))
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 26ms:
[codex:1212186] CALLER count 8
[codex:1212186] ADDRESS count 13
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Investigating missing CALLER opcode display**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186]
[codex:1212186] # find positions of 0x33
[codex:1212186] positions = [i for i,b in enumerate(code) if b==0x33]
[codex:1212186] print('positions',positions[:20])
[codex:1212186] # show context bytes for first few
[codex:1212186] for p in positions[:5]:
[codex:1212186] print(p, code[p-5:p+5].hex())
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 26ms:
[codex:1212186] positions [813, 3543, 4349, 4360, 5006, 5017, 5367, 6484]
[codex:1212186] 813 11171561033357600080
[codex:1212186] 3543 e9f61d50b633c89190a1
[codex:1212186] 4349 81038252603381526020
[codex:1212186] 4360 80611890603391396040
[codex:1212186] 5006 81038252603381526020
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing contract signature verification**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186] # disasm around 0x14b4-0x1550
[codex:1212186] opcodes = {i: f'OP_{i:02x}' for i in range(256)}
[codex:1212186] for i,name in [(0x5b,'JUMPDEST'),(0x60,'PUSH1'),(0x61,'PUSH2'),(0x62,'PUSH3'),(0x63,'PUSH4'),(0x64,'PUSH5'),(0x65,'PUSH6'),(0x66,'PUSH7'),(0x67,'PUSH8'),(0x68,'PUSH9'),(0x69,'PUSH10'),(0x6a,'PUSH11'),(0x6b,'PUSH12'),(0x6c,'PUSH13'),(0x6d,'PUSH14'),(0x6e,'PUSH15'),(0x6f,'PUSH16'),(0x7f,'PUSH32'),(0x54,'SLOAD'),(0x56,'JUMP'),(0x57,'JUMPI'),(0x52,'MSTORE'),(0x51,'MLOAD'),(0xf3,'RETURN'),(0x80,'DUP1'),(0x81,'DUP2'),(0x82,'DUP3'),(0x83,'DUP4'),(0x84,'DUP5'),(0x85,'DUP6'),(0x86,'DUP7'),(0x87,'DUP8'),(0x90,'SWAP1'),(0x91,'SWAP2'),(0x92,'SWAP3'),(0x93,'SWAP4'),(0x94,'SWAP5'),(0x95,'SWAP6'),(0x96,'SWAP7'),(0x50,'POP'),(0xfd,'REVERT'),(0x14,'EQ'),(0x15,'ISZERO'),(0x10,'LT'),(0x11,'GT'),(0x1b,'SHL'),(0x20,'SHA3'),(0x33,'CALLER'),(0xf1,'CALL'),(0x3b,'EXTCODESIZE'),(0xfa,'STATICCALL')]: opcodes[i]=name
[codex:1212186]
[codex:1212186] def disasm_range(start,end):
[codex:1212186] i=start
[codex:1212186] while i<end:
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] print(f'{i:04x}: {name} 0x{data.hex()}')
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] print(f'{i:04x}: {name}')
[codex:1212186] i+=1
[codex:1212186]
[codex:1212186] print('--- around 0x14b4-0x1550 ---')
[codex:1212186] disasm_range(0x14b4,0x1550)
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 26ms:
[codex:1212186] --- around 0x14b4-0x1550 ---
[codex:1212186] 14b4: JUMPDEST
[codex:1212186] 14b5: PUSH1 0x00
[codex:1212186] 14b7: DUP1
[codex:1212186] 14b8: PUSH2 0x14c5
[codex:1212186] 14bb: DUP6
[codex:1212186] 14bc: DUP6
[codex:1212186] 14bd: DUP6
[codex:1212186] 14be: PUSH1 0x03
[codex:1212186] 14c0: SLOAD
[codex:1212186] 14c1: PUSH2 0x0fd6
[codex:1212186] 14c4: JUMP
[codex:1212186] 14c5: JUMPDEST
[codex:1212186] 14c6: SWAP1
[codex:1212186] 14c7: POP
[codex:1212186] 14c8: PUSH1 0x60
[codex:1212186] 14ca: PUSH1 0x40
[codex:1212186] 14cc: MLOAD
[codex:1212186] 14cd: DUP1
[codex:1212186] 14ce: PUSH1 0x40
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing Ethereum signed message prefix function**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186] # disasm around 0x0fd6-0x1060
[codex:1212186] opcodes = {i: f'OP_{i:02x}' for i in range(256)}
[codex:1212186] for i,name in [(0x5b,'JUMPDEST'),(0x60,'PUSH1'),(0x61,'PUSH2'),(0x62,'PUSH3'),(0x63,'PUSH4'),(0x64,'PUSH5'),(0x65,'PUSH6'),(0x66,'PUSH7'),(0x67,'PUSH8'),(0x68,'PUSH9'),(0x69,'PUSH10'),(0x6a,'PUSH11'),(0x6b,'PUSH12'),(0x6c,'PUSH13'),(0x6d,'PUSH14'),(0x6e,'PUSH15'),(0x6f,'PUSH16'),(0x7f,'PUSH32'),(0x54,'SLOAD'),(0x56,'JUMP'),(0x57,'JUMPI'),(0x52,'MSTORE'),(0x51,'MLOAD'),(0xf3,'RETURN'),(0x80,'DUP1'),(0x81,'DUP2'),(0x82,'DUP3'),(0x83,'DUP4'),(0x84,'DUP5'),(0x85,'DUP6'),(0x86,'DUP7'),(0x87,'DUP8'),(0x90,'SWAP1'),(0x91,'SWAP2'),(0x92,'SWAP3'),(0x93,'SWAP4'),(0x94,'SWAP5'),(0x95,'SWAP6'),(0x96,'SWAP7'),(0x50,'POP'),(0xfd,'REVERT'),(0x14,'EQ'),(0x15,'ISZERO'),(0x10,'LT'),(0x11,'GT'),(0x1b,'SHL'),(0x20,'SHA3'),(0x33,'CALLER'),(0xf1,'CALL'),(0x3b,'EXTCODESIZE'),(0xfa,'STATICCALL'),(0x30,'ADDRESS'),(0x31,'BALANCE')]: opcodes[i]=name
[codex:1212186]
[codex:1212186] def disasm_range(start,end):
[codex:1212186] i=start
[codex:1212186] while i<end:
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] print(f'{i:04x}: {name} 0x{data.hex()}')
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] print(f'{i:04x}: {name}')
[codex:1212186] i+=1
[codex:1212186]
[codex:1212186] print('--- around 0x0fd6-0x1060 ---')
[codex:1212186] disasm_range(0x0fd6,0x1060)
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 29ms:
[codex:1212186] --- around 0x0fd6-0x1060 ---
[codex:1212186] 0fd6: JUMPDEST
[codex:1212186] 0fd7: PUSH1 0x00
[codex:1212186] 0fd9: PUSH1 0x01
[codex:1212186] 0fdb: PUSH1 0x01
[codex:1212186] 0fdd: PUSH1 0xa0
[codex:1212186] 0fdf: SHL
[codex:1212186] 0fe0: OP_03
[codex:1212186] 0fe1: DUP6
[codex:1212186] 0fe2: OP_16
[codex:1212186] 0fe3: ADDRESS
[codex:1212186] 0fe4: EQ
[codex:1212186] 0fe5: ISZERO
[codex:1212186] 0fe6: PUSH2 0x1020
[codex:1212186] 0fe9: JUMPI
[codex:1212186] 0fea: PUSH1 0x40
[codex:1212186] 0fec: MLOAD
[codex:1212186] 0fed: PUSH3 0x461bcd
[codex:1212186] 0ff1: PUSH1 0xe5
[codex:1212186] 0ff3: SHL
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing contract checks and nonce usage**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186]
[codex:1212186] # disasm range around 0x440-0x530
[codex:1212186] opcodes = {i: f'OP_{i:02x}' for i in range(256)}
[codex:1212186] for i,name in [(0x5b,'JUMPDEST'),(0x60,'PUSH1'),(0x61,'PUSH2'),(0x62,'PUSH3'),(0x63,'PUSH4'),(0x64,'PUSH5'),(0x65,'PUSH6'),(0x66,'PUSH7'),(0x67,'PUSH8'),(0x68,'PUSH9'),(0x69,'PUSH10'),(0x6a,'PUSH11'),(0x6b,'PUSH12'),(0x6c,'PUSH13'),(0x6d,'PUSH14'),(0x6e,'PUSH15'),(0x6f,'PUSH16'),(0x7f,'PUSH32'),(0x54,'SLOAD'),(0x55,'SSTORE'),(0x56,'JUMP'),(0x57,'JUMPI'),(0x52,'MSTORE'),(0x51,'MLOAD'),(0xf3,'RETURN'),(0x80,'DUP1'),(0x81,'DUP2'),(0x82,'DUP3'),(0x83,'DUP4'),(0x84,'DUP5'),(0x85,'DUP6'),(0x86,'DUP7'),(0x87,'DUP8'),(0x90,'SWAP1'),(0x91,'SWAP2'),(0x92,'SWAP3'),(0x93,'SWAP4'),(0x94,'SWAP5'),(0x95,'SWAP6'),(0x96,'SWAP7'),(0x50,'POP'),(0xfd,'REVERT'),(0x14,'EQ'),(0x15,'ISZERO'),(0x10,'LT'),(0x11,'GT'),(0x1b,'SHL'),(0x20,'SHA3'),(0x33,'CALLER'),(0xf1,'CALL'),(0x3b,'EXTCODESIZE'),(0xfa,'STATICCALL'),(0x30,'ADDRESS'),(0x31,'BALANCE'),(0x35,'CALLDATALOAD'),(0x36,'CALLDATASIZE'),(0x37,'CALLDATACOPY'),(0x34,'CALLVALUE')]: opcodes[i]=name
[codex:1212186]
[codex:1212186] def disasm_range(start,end):
[codex:1212186] i=start
[codex:1212186] while i<end:
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] print(f'{i:04x}: {name} 0x{data.hex()}')
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] print(f'{i:04x}: {name}')
[codex:1212186] i+=1
[codex:1212186]
[codex:1212186] print('--- around 0x430-0x530 ---')
[codex:1212186] disasm_range(0x430,0x530)
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 33ms:
[codex:1212186] --- around 0x430-0x530 ---
[codex:1212186] 0430: PUSH1 0x00
[codex:1212186] 0432: SWAP3
[codex:1212186] 0433: OP_01
[codex:1212186] 0434: SWAP2
[codex:1212186] 0435: SWAP1
[codex:1212186] 0436: SWAP2
[codex:1212186] 0437: MSTORE
[codex:1212186] 0438: POP
[codex:1212186] 0439: SWAP3
[codex:1212186] 043a: SWAP6
[codex:1212186] 043b: POP
[codex:1212186] 043c: PUSH2 0x0b7f
[codex:1212186] 043f: SWAP5
[codex:1212186] 0440: POP
[codex:1212186] 0441: POP
[codex:1212186] 0442: POP
[codex:1212186] 0443: POP
[codex:1212186] 0444: POP
[codex:1212186] 0445: JUMP
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing signature verification and potential bypasses**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186] # disasm around 0x1550-0x1600
[codex:1212186] opcodes = {i: f'OP_{i:02x}' for i in range(256)}
[codex:1212186] for i,name in [(0x5b,'JUMPDEST'),(0x60,'PUSH1'),(0x61,'PUSH2'),(0x62,'PUSH3'),(0x63,'PUSH4'),(0x64,'PUSH5'),(0x65,'PUSH6'),(0x66,'PUSH7'),(0x67,'PUSH8'),(0x68,'PUSH9'),(0x69,'PUSH10'),(0x6a,'PUSH11'),(0x6b,'PUSH12'),(0x6c,'PUSH13'),(0x6d,'PUSH14'),(0x6e,'PUSH15'),(0x6f,'PUSH16'),(0x7f,'PUSH32'),(0x54,'SLOAD'),(0x56,'JUMP'),(0x57,'JUMPI'),(0x52,'MSTORE'),(0x51,'MLOAD'),(0xf3,'RETURN'),(0x80,'DUP1'),(0x81,'DUP2'),(0x82,'DUP3'),(0x83,'DUP4'),(0x84,'DUP5'),(0x85,'DUP6'),(0x86,'DUP7'),(0x87,'DUP8'),(0x90,'SWAP1'),(0x91,'SWAP2'),(0x92,'SWAP3'),(0x93,'SWAP4'),(0x94,'SWAP5'),(0x95,'SWAP6'),(0x96,'SWAP7'),(0x50,'POP'),(0xfd,'REVERT'),(0x14,'EQ'),(0x15,'ISZERO'),(0x10,'LT'),(0x11,'GT'),(0x1b,'SHL'),(0x20,'SHA3'),(0x33,'CALLER'),(0xf1,'CALL'),(0x3b,'EXTCODESIZE'),(0xfa,'STATICCALL'),(0x30,'ADDRESS'),(0x31,'BALANCE')]: opcodes[i]=name
[codex:1212186]
[codex:1212186] def disasm_range(start,end):
[codex:1212186] i=start
[codex:1212186] while i<end:
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] print(f'{i:04x}: {name} 0x{data.hex()}')
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] print(f'{i:04x}: {name}')
[codex:1212186] i+=1
[codex:1212186]
[codex:1212186] print('--- around 0x1550-0x1600 ---')
[codex:1212186] disasm_range(0x1550,0x1600)
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 26ms:
[codex:1212186] --- around 0x1550-0x1600 ---
[codex:1212186] 1550: SWAP3
[codex:1212186] 1551: OP_01
[codex:1212186] 1552: SWAP4
[codex:1212186] 1553: DUP5
[codex:1212186] 1554: MSTORE
[codex:1212186] 1555: POP
[codex:1212186] 1556: PUSH1 0x40
[codex:1212186] 1558: DUP1
[codex:1212186] 1559: MLOAD
[codex:1212186] 155a: DUP1
[codex:1212186] 155b: DUP6
[codex:1212186] 155c: OP_03
[codex:1212186] 155d: DUP2
[codex:1212186] 155e: MSTORE
[codex:1212186] 155f: SWAP4
[codex:1212186] 1560: DUP3
[codex:1212186] 1561: OP_01
[codex:1212186] 1562: SWAP1
[codex:1212186] 1563: MSTORE
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing signer verification logic**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186] # disasm around 0x15f0-0x16d0
[codex:1212186] opcodes = {i: f'OP_{i:02x}' for i in range(256)}
[codex:1212186] for i,name in [(0x5b,'JUMPDEST'),(0x60,'PUSH1'),(0x61,'PUSH2'),(0x62,'PUSH3'),(0x63,'PUSH4'),(0x64,'PUSH5'),(0x65,'PUSH6'),(0x66,'PUSH7'),(0x67,'PUSH8'),(0x68,'PUSH9'),(0x69,'PUSH10'),(0x6a,'PUSH11'),(0x6b,'PUSH12'),(0x6c,'PUSH13'),(0x6d,'PUSH14'),(0x6e,'PUSH15'),(0x6f,'PUSH16'),(0x7f,'PUSH32'),(0x54,'SLOAD'),(0x56,'JUMP'),(0x57,'JUMPI'),(0x52,'MSTORE'),(0x51,'MLOAD'),(0xf3,'RETURN'),(0x80,'DUP1'),(0x81,'DUP2'),(0x82,'DUP3'),(0x83,'DUP4'),(0x84,'DUP5'),(0x85,'DUP6'),(0x86,'DUP7'),(0x87,'DUP8'),(0x90,'SWAP1'),(0x91,'SWAP2'),(0x92,'SWAP3'),(0x93,'SWAP4'),(0x94,'SWAP5'),(0x95,'SWAP6'),(0x96,'SWAP7'),(0x50,'POP'),(0xfd,'REVERT'),(0x14,'EQ'),(0x15,'ISZERO'),(0x10,'LT'),(0x11,'GT'),(0x1b,'SHL'),(0x20,'SHA3'),(0x33,'CALLER'),(0xf1,'CALL'),(0x3b,'EXTCODESIZE'),(0xfa,'STATICCALL'),(0x30,'ADDRESS'),(0x31,'BALANCE'),(0x16,'AND'),(0x17,'OR'),(0x19,'NOT'),(0x1a,'BYTE'),(0x18,'XOR')]: opcodes[i]=name
[codex:1212186]
[codex:1212186] def disasm_range(start,end):
[codex:1212186] i=start
[codex:1212186] while i<end:
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] print(f'{i:04x}: {name} 0x{data.hex()}')
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] print(f'{i:04x}: {name}')
[codex:1212186] i+=1
[codex:1212186]
[codex:1212186] print('--- around 0x15f0-0x16d0 ---')
[codex:1212186] disasm_range(0x15f0,0x16d0)
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 26ms:
[codex:1212186] --- around 0x15f0-0x16d0 ---
[codex:1212186] 15f0: RETURN
[codex:1212186] 15f1: JUMPI
[codex:1212186] 15f2: OP_fe
[codex:1212186] 15f3: JUMPDEST
[codex:1212186] 15f4: PUSH1 0x20
[codex:1212186] 15f6: OP_02
[codex:1212186] 15f7: PUSH1 0x20
[codex:1212186] 15f9: OP_01
[codex:1212186] 15fa: OP_01
[codex:1212186] 15fb: MLOAD
[codex:1212186] 15fc: PUSH1 0x01
[codex:1212186] 15fe: PUSH1 0x01
[codex:1212186] 1600: PUSH1 0xa0
[codex:1212186] 1602: SHL
[codex:1212186] 1603: OP_03
[codex:1212186] 1604: AND
[codex:1212186] 1605: EQ
[codex:1212186] 1606: ISZERO
[codex:1212186] 1607: PUSH2 0x164c
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Continuing processing**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186]
[codex:1212186] # disasm around 0x16d0-0x1750
[codex:1212186] opcodes = {i: f'OP_{i:02x}' for i in range(256)}
[codex:1212186] for i,name in [(0x5b,'JUMPDEST'),(0x60,'PUSH1'),(0x61,'PUSH2'),(0x62,'PUSH3'),(0x63,'PUSH4'),(0x64,'PUSH5'),(0x65,'PUSH6'),(0x66,'PUSH7'),(0x67,'PUSH8'),(0x68,'PUSH9'),(0x69,'PUSH10'),(0x6a,'PUSH11'),(0x6b,'PUSH12'),(0x6c,'PUSH13'),(0x6d,'PUSH14'),(0x6e,'PUSH15'),(0x6f,'PUSH16'),(0x7f,'PUSH32'),(0x54,'SLOAD'),(0x56,'JUMP'),(0x57,'JUMPI'),(0x52,'MSTORE'),(0x51,'MLOAD'),(0xf3,'RETURN'),(0x80,'DUP1'),(0x81,'DUP2'),(0x82,'DUP3'),(0x83,'DUP4'),(0x84,'DUP5'),(0x85,'DUP6'),(0x86,'DUP7'),(0x87,'DUP8'),(0x90,'SWAP1'),(0x91,'SWAP2'),(0x92,'SWAP3'),(0x93,'SWAP4'),(0x94,'SWAP5'),(0x95,'SWAP6'),(0x96,'SWAP7'),(0x50,'POP'),(0xfd,'REVERT'),(0x14,'EQ'),(0x15,'ISZERO'),(0x10,'LT'),(0x11,'GT'),(0x1b,'SHL'),(0x20,'SHA3'),(0x33,'CALLER'),(0xf1,'CALL'),(0x3b,'EXTCODESIZE'),(0xfa,'STATICCALL'),(0x30,'ADDRESS'),(0x31,'BALANCE'),(0x16,'AND'),(0x17,'OR'),(0x19,'NOT'),(0x1a,'BYTE'),(0x18,'XOR')]: opcodes[i]=name
[codex:1212186]
[codex:1212186] def disasm_range(start,end):
[codex:1212186] i=start
[codex:1212186] while i<end:
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] print(f'{i:04x}: {name} 0x{data.hex()}')
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] print(f'{i:04x}: {name}')
[codex:1212186] i+=1
[codex:1212186]
[codex:1212186] print('--- around 0x16d0-0x1750 ---')
[codex:1212186] disasm_range(0x16d0,0x1750)
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 29ms:
[codex:1212186] --- around 0x16d0-0x1750 ---
[codex:1212186] 16d0: PUSH5 0x0190fd5b60
[codex:1212186] 16d6: OP_02
[codex:1212186] 16d7: PUSH1 0x00
[codex:1212186] 16d9: DUP5
[codex:1212186] 16da: DUP4
[codex:1212186] 16db: DUP2
[codex:1212186] 16dc: MLOAD
[codex:1212186] 16dd: DUP2
[codex:1212186] 16de: LT
[codex:1212186] 16df: PUSH2 0x16e4
[codex:1212186] 16e2: JUMPI
[codex:1212186] 16e3: OP_fe
[codex:1212186] 16e4: JUMPDEST
[codex:1212186] 16e5: PUSH1 0x20
[codex:1212186] 16e7: SWAP1
[codex:1212186] 16e8: DUP2
[codex:1212186] 16e9: OP_02
[codex:1212186] 16ea: SWAP2
[codex:1212186] 16eb: SWAP1
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing signature verification code**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] # search for secp256k1n/2 constant
[codex:1212186] const = '7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b20a0'
[codex:1212186] print('const found', const in hexstr)
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 32ms:
[codex:1212186] const found False
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing signature verification and malleability risks**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186]
[codex:1212186] # more detailed disasm with PC, show pushes
[codex:1212186] opcodes = {i: f'OP_{i:02x}' for i in range(256)}
[codex:1212186] # minimal names
[codex:1212186] for i,name in [(0x5b,'JUMPDEST'),(0x60,'PUSH1'),(0x61,'PUSH2'),(0x62,'PUSH3'),(0x63,'PUSH4'),(0x64,'PUSH5'),(0x65,'PUSH6'),(0x66,'PUSH7'),(0x67,'PUSH8'),(0x68,'PUSH9'),(0x69,'PUSH10'),(0x6a,'PUSH11'),(0x6b,'PUSH12'),(0x6c,'PUSH13'),(0x6d,'PUSH14'),(0x6e,'PUSH15'),(0x6f,'PUSH16'),(0x7f,'PUSH32'),(0x52,'MSTORE'),(0x51,'MLOAD'),(0x50,'POP'),(0x56,'JUMP'),(0x57,'JUMPI'),(0xfa,'STATICCALL'),(0x5a,'GAS'),(0x80,'DUP1'),(0x81,'DUP2'),(0x82,'DUP3'),(0x83,'DUP4'),(0x84,'DUP5'),(0x85,'DUP6'),(0x86,'DUP7'),(0x87,'DUP8'),(0x88,'DUP9'),(0x89,'DUP10'),(0x8a,'DUP11'),(0x8b,'DUP12'),(0x8c,'DUP13'),(0x8d,'DUP14'),(0x8e,'DUP15'),(0x8f,'DUP16'),(0x90,'SWAP1'),(0x91,'SWAP2'),(0x92,'SWAP3'),(0x93,'SWAP4'),(0x94,'SWAP5'),(0x95,'SWAP6'),(0x96,'SWAP7'),(0x97,'SWAP8'),(0x98,'SWAP9'),(0x99,'SWAP10'),(0x9a,'SWAP11'),(0x9b,'SWAP12'),(0x9c,'SWAP13'),(0x9d,'SWAP14'),(0x9e,'SWAP15'),(0x9f,'SWAP16')]: opcodes[i]=name
[codex:1212186]
[codex:1212186] def disasm_range(start,end):
[codex:1212186] i=start
[codex:1212186] while i<end:
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] print(f'{i:04x}: {name} 0x{data.hex()}')
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] print(f'{i:04x}: {name}')
[codex:1212186] i+=1
[codex:1212186]
[codex:1212186] print('--- 0x1160-0x11f0 ---')
[codex:1212186] disasm_range(0x1160,0x11f0)
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 27ms:
[codex:1212186] --- 0x1160-0x11f0 ---
[codex:1212186] 1160: OP_10
[codex:1212186] 1161: PUSH2 0x1166
[codex:1212186] 1164: JUMPI
[codex:1212186] 1165: OP_fe
[codex:1212186] 1166: JUMPDEST
[codex:1212186] 1167: PUSH1 0x20
[codex:1212186] 1169: OP_02
[codex:1212186] 116a: PUSH1 0x20
[codex:1212186] 116c: OP_01
[codex:1212186] 116d: OP_01
[codex:1212186] 116e: MLOAD
[codex:1212186] 116f: DUP9
[codex:1212186] 1170: DUP5
[codex:1212186] 1171: DUP2
[codex:1212186] 1172: MLOAD
[codex:1212186] 1173: DUP2
[codex:1212186] 1174: OP_10
[codex:1212186] 1175: PUSH2 0x117a
[codex:1212186] 1178: JUMPI
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing staticcall and signature verification**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186] # disasm around 0x133d-0x13b0
[codex:1212186] opcodes = {i: f'OP_{i:02x}' for i in range(256)}
[codex:1212186] for i,name in [(0x5b,'JUMPDEST'),(0x60,'PUSH1'),(0x61,'PUSH2'),(0x62,'PUSH3'),(0x63,'PUSH4'),(0x64,'PUSH5'),(0x65,'PUSH6'),(0x66,'PUSH7'),(0x67,'PUSH8'),(0x68,'PUSH9'),(0x69,'PUSH10'),(0x6a,'PUSH11'),(0x6b,'PUSH12'),(0x6c,'PUSH13'),(0x6d,'PUSH14'),(0x6e,'PUSH15'),(0x6f,'PUSH16'),(0x7f,'PUSH32'),(0x54,'SLOAD'),(0x56,'JUMP'),(0x57,'JUMPI'),(0x52,'MSTORE'),(0x51,'MLOAD'),(0xf3,'RETURN'),(0x80,'DUP1'),(0x81,'DUP2'),(0x82,'DUP3'),(0x83,'DUP4'),(0x84,'DUP5'),(0x85,'DUP6'),(0x86,'DUP7'),(0x87,'DUP8'),(0x90,'SWAP1'),(0x91,'SWAP2'),(0x92,'SWAP3'),(0x93,'SWAP4'),(0x94,'SWAP5'),(0x95,'SWAP6'),(0x96,'SWAP7'),(0x50,'POP'),(0xfd,'REVERT'),(0x14,'EQ'),(0x15,'ISZERO'),(0x10,'LT'),(0x11,'GT'),(0x1b,'SHL'),(0x20,'SHA3'),(0x33,'CALLER'),(0xf1,'CALL'),(0x3b,'EXTCODESIZE'),(0xfa,'STATICCALL'),(0x30,'ADDRESS'),(0x31,'BALANCE')]: opcodes[i]=name
[codex:1212186]
[codex:1212186] def disasm_range(start,end):
[codex:1212186] i=start
[codex:1212186] while i<end:
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] print(f'{i:04x}: {name} 0x{data.hex()}')
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] print(f'{i:04x}: {name}')
[codex:1212186] i+=1
[codex:1212186]
[codex:1212186] print('--- around 0x133d-0x13b0 ---')
[codex:1212186] disasm_range(0x133d,0x13b0)
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 28ms:
[codex:1212186] --- around 0x133d-0x13b0 ---
[codex:1212186] 133d: JUMPDEST
[codex:1212186] 133e: PUSH1 0x00
[codex:1212186] 1340: DUP1
[codex:1212186] 1341: PUSH2 0x134b
[codex:1212186] 1344: OP_88
[codex:1212186] 1345: OP_88
[codex:1212186] 1346: OP_88
[codex:1212186] 1347: PUSH2 0x17ec
[codex:1212186] 134a: JUMP
[codex:1212186] 134b: JUMPDEST
[codex:1212186] 134c: SWAP1
[codex:1212186] 134d: POP
[codex:1212186] 134e: PUSH1 0x04
[codex:1212186] 1350: SLOAD
[codex:1212186] 1351: DUP6
[codex:1212186] 1352: MLOAD
[codex:1212186] 1353: EQ
[codex:1212186] 1354: DUP1
[codex:1212186] 1355: ISZERO
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing signature verification variants**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186] # disasm around 0x17ec-0x1820
[codex:1212186] opcodes = {i: f'OP_{i:02x}' for i in range(256)}
[codex:1212186] for i,name in [(0x5b,'JUMPDEST'),(0x60,'PUSH1'),(0x61,'PUSH2'),(0x62,'PUSH3'),(0x63,'PUSH4'),(0x64,'PUSH5'),(0x65,'PUSH6'),(0x66,'PUSH7'),(0x67,'PUSH8'),(0x68,'PUSH9'),(0x69,'PUSH10'),(0x6a,'PUSH11'),(0x6b,'PUSH12'),(0x6c,'PUSH13'),(0x6d,'PUSH14'),(0x6e,'PUSH15'),(0x6f,'PUSH16'),(0x7f,'PUSH32'),(0x54,'SLOAD'),(0x56,'JUMP'),(0x57,'JUMPI'),(0x52,'MSTORE'),(0x51,'MLOAD'),(0xf3,'RETURN'),(0x80,'DUP1'),(0x81,'DUP2'),(0x82,'DUP3'),(0x83,'DUP4'),(0x84,'DUP5'),(0x85,'DUP6'),(0x86,'DUP7'),(0x87,'DUP8'),(0x90,'SWAP1'),(0x91,'SWAP2'),(0x92,'SWAP3'),(0x93,'SWAP4'),(0x94,'SWAP5'),(0x95,'SWAP6'),(0x96,'SWAP7'),(0x50,'POP'),(0xfd,'REVERT'),(0x14,'EQ'),(0x15,'ISZERO'),(0x10,'LT'),(0x11,'GT'),(0x1b,'SHL'),(0x20,'SHA3'),(0x33,'CALLER'),(0xf1,'CALL'),(0x3b,'EXTCODESIZE'),(0xfa,'STATICCALL'),(0x30,'ADDRESS'),(0x31,'BALANCE')]: opcodes[i]=name
[codex:1212186]
[codex:1212186] def disasm_range(start,end):
[codex:1212186] i=start
[codex:1212186] while i<end:
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] print(f'{i:04x}: {name} 0x{data.hex()}')
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] print(f'{i:04x}: {name}')
[codex:1212186] i+=1
[codex:1212186]
[codex:1212186] print('--- around 0x17ec-0x1820 ---')
[codex:1212186] disasm_range(0x17ec,0x1820)
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 28ms:
[codex:1212186] --- around 0x17ec-0x1820 ---
[codex:1212186] 17ec: JUMPDEST
[codex:1212186] 17ed: PUSH1 0x00
[codex:1212186] 17ef: DUP1
[codex:1212186] 17f0: PUSH2 0x14c5
[codex:1212186] 17f3: DUP6
[codex:1212186] 17f4: DUP6
[codex:1212186] 17f5: DUP6
[codex:1212186] 17f6: PUSH1 0x03
[codex:1212186] 17f8: SLOAD
[codex:1212186] 17f9: PUSH2 0x0f26
[codex:1212186] 17fc: JUMP
[codex:1212186] 17fd: OP_fe
[codex:1212186] 17fe: OP_4f
[codex:1212186] 17ff: OP_77 0x6e657273206d75737420626520646966666572656e742061
[codex:1212186] 1818: PUSH5 0x6472657373
[codex:1212186] 181e: OP_2e
[codex:1212186] 181f: OP_44
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing signature verification and magic values**
[codex:1212186]
[codex:1212186] I'm mapping out how different functions handle message hashing and prefixing, noting two hashing paths likely for distinct transaction types. I'm also checking for vulnerabilities like delegatecall or selfdestruct—none found. The contract returns unusual magic values for signature verification that might relate to ERC1271 or a custom interface, so I'm trying to confirm the selectors by comparing with known standards. This got me curious about how the contract handles isValidSignature variants and owner-related selectors. Let's explore these selector computations next!
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from eth_utils import keccak
[codex:1212186] for s in ['isValidSignature(bytes32,bytes)','isValidSignature(bytes,bytes)','isValidSignature(bytes32,bytes32)','isValidSignature(bytes32)','isValidSignature(bytes)']:
[codex:1212186] print(s, keccak(text=s)[:4].hex())
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 193ms:
[codex:1212186] isValidSignature(bytes32,bytes) 1626ba7e
[codex:1212186] isValidSignature(bytes,bytes) 20c13b0b
[codex:1212186] isValidSignature(bytes32,bytes32) e0c5e6c3
[codex:1212186] isValidSignature(bytes32) 42b48667
[codex:1212186] isValidSignature(bytes) dc2a4c59
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing potential function selectors and signature verification**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186]
[codex:1212186] # disasm around 0x11ed-0x1230
[codex:1212186] opcodes = {i: f'OP_{i:02x}' for i in range(256)}
[codex:1212186] for i,name in [(0x5b,'JUMPDEST'),(0x60,'PUSH1'),(0x61,'PUSH2'),(0x62,'PUSH3'),(0x63,'PUSH4'),(0x64,'PUSH5'),(0x65,'PUSH6'),(0x66,'PUSH7'),(0x67,'PUSH8'),(0x68,'PUSH9'),(0x69,'PUSH10'),(0x6a,'PUSH11'),(0x6b,'PUSH12'),(0x6c,'PUSH13'),(0x6d,'PUSH14'),(0x6e,'PUSH15'),(0x6f,'PUSH16'),(0x7f,'PUSH32'),(0x54,'SLOAD'),(0x56,'JUMP'),(0x57,'JUMPI'),(0x52,'MSTORE'),(0x51,'MLOAD'),(0xf3,'RETURN'),(0x80,'DUP1'),(0x81,'DUP2'),(0x82,'DUP3'),(0x83,'DUP4'),(0x84,'DUP5'),(0x85,'DUP6'),(0x86,'DUP7'),(0x87,'DUP8'),(0x90,'SWAP1'),(0x91,'SWAP2'),(0x92,'SWAP3'),(0x93,'SWAP4'),(0x94,'SWAP5'),(0x95,'SWAP6'),(0x96,'SWAP7'),(0x50,'POP'),(0xfd,'REVERT'),(0x14,'EQ'),(0x15,'ISZERO'),(0x10,'LT'),(0x11,'GT'),(0x1b,'SHL'),(0x20,'SHA3'),(0x33,'CALLER'),(0xf1,'CALL'),(0x3b,'EXTCODESIZE'),(0xfa,'STATICCALL'),(0x30,'ADDRESS'),(0x31,'BALANCE'),(0x16,'AND'),(0x17,'OR'),(0x19,'NOT'),(0x1a,'BYTE'),(0x18,'XOR')]: opcodes[i]=name
[codex:1212186]
[codex:1212186] def disasm_range(start,end):
[codex:1212186] i=start
[codex:1212186] while i<end:
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] print(f'{i:04x}: {name} 0x{data.hex()}')
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] print(f'{i:04x}: {name}')
[codex:1212186] i+=1
[codex:1212186]
[codex:1212186] print('--- around 0x11ed-0x1230 ---')
[codex:1212186] disasm_range(0x11ed,0x1230)
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 28ms:
[codex:1212186] --- around 0x11ed-0x1230 ---
[codex:1212186] 11ed: JUMPDEST
[codex:1212186] 11ee: POP
[codex:1212186] 11ef: POP
[codex:1212186] 11f0: POP
[codex:1212186] 11f1: PUSH1 0x20
[codex:1212186] 11f3: PUSH1 0x40
[codex:1212186] 11f5: MLOAD
[codex:1212186] 11f6: OP_03
[codex:1212186] 11f7: MLOAD
[codex:1212186] 11f8: DUP3
[codex:1212186] 11f9: DUP3
[codex:1212186] 11fa: DUP2
[codex:1212186] 11fb: MLOAD
[codex:1212186] 11fc: DUP2
[codex:1212186] 11fd: LT
[codex:1212186] 11fe: PUSH2 0x1203
[codex:1212186] 1201: JUMPI
[codex:1212186] 1202: OP_fe
[codex:1212186] 1203: JUMPDEST
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing signature verification and initialization risks**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] # search for push2 0xda2 pattern
[codex:1212186] needle = '61'+'0da2' # PUSH2 0x0da2
[codex:1212186] print('found', hexstr.find(needle))
[codex:1212186] # list all occurrences of push2 0xda2
[codex:1212186] idx=0
[codex:1212186] while True:
[codex:1212186] idx = hexstr.find(needle, idx)
[codex:1212186] if idx==-1: break
[codex:1212186] print('occurrence at byte offset', idx//2)
[codex:1212186] idx+=1
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 27ms:
[codex:1212186] found 6864
[codex:1212186] occurrence at byte offset 3432
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing bytecode offset location**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186]
[codex:1212186] # disasm around 0x0d80-0x0db0 etc
[codex:1212186] start=0x0d40
[codex:1212186] end=0x0db0
[codex:1212186]
[codex:1212186] # small disasm
[codex:1212186] opcodes={i: f'OP_{i:02x}' for i in range(256)}
[codex:1212186] for i,name in [(0x60,'PUSH1'),(0x61,'PUSH2'),(0x5b,'JUMPDEST'),(0x56,'JUMP'),(0x57,'JUMPI'),(0x52,'MSTORE'),(0x51,'MLOAD'),(0xfd,'REVERT'),(0x55,'SSTORE'),(0x54,'SLOAD')]: opcodes[i]=name
[codex:1212186]
[codex:1212186] def disasm_range(start,end):
[codex:1212186] i=start
[codex:1212186] while i<end:
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] print(f'{i:04x}: {name} 0x{data.hex()}')
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] print(f'{i:04x}: {name}')
[codex:1212186] i+=1
[codex:1212186]
[codex:1212186] print('--- around 0x0d40-0x0db0 ---')
[codex:1212186] disasm_range(start,end)
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 30ms:
[codex:1212186] --- around 0x0d40-0x0db0 ---
[codex:1212186] 0d40: OP_82
[codex:1212186] 0d41: OP_81
[codex:1212186] 0d42: OP_03
[codex:1212186] 0d43: OP_82
[codex:1212186] 0d44: MSTORE
[codex:1212186] 0d45: PUSH1 0x26
[codex:1212186] 0d47: OP_81
[codex:1212186] 0d48: MSTORE
[codex:1212186] 0d49: PUSH1 0x20
[codex:1212186] 0d4b: OP_01
[codex:1212186] 0d4c: OP_80
[codex:1212186] 0d4d: PUSH2 0x18c3
[codex:1212186] 0d50: PUSH1 0x26
[codex:1212186] 0d52: OP_91
[codex:1212186] 0d53: OP_39
[codex:1212186] 0d54: PUSH1 0x40
[codex:1212186] 0d56: OP_01
[codex:1212186] 0d57: OP_91
[codex:1212186] 0d58: OP_50
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing initialization and access checks**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186] # disasm around 0xbd0-0xc50
[codex:1212186] opcodes = {i: f'OP_{i:02x}' for i in range(256)}
[codex:1212186] for i,name in [(0x5b,'JUMPDEST'),(0x60,'PUSH1'),(0x61,'PUSH2'),(0x62,'PUSH3'),(0x63,'PUSH4'),(0x64,'PUSH5'),(0x65,'PUSH6'),(0x66,'PUSH7'),(0x67,'PUSH8'),(0x68,'PUSH9'),(0x69,'PUSH10'),(0x6a,'PUSH11'),(0x6b,'PUSH12'),(0x6c,'PUSH13'),(0x6d,'PUSH14'),(0x6e,'PUSH15'),(0x6f,'PUSH16'),(0x7f,'PUSH32'),(0x54,'SLOAD'),(0x56,'JUMP'),(0x57,'JUMPI'),(0x52,'MSTORE'),(0x51,'MLOAD'),(0xf3,'RETURN'),(0x80,'DUP1'),(0x81,'DUP2'),(0x82,'DUP3'),(0x83,'DUP4'),(0x84,'DUP5'),(0x85,'DUP6'),(0x86,'DUP7'),(0x87,'DUP8'),(0x90,'SWAP1'),(0x91,'SWAP2'),(0x92,'SWAP3'),(0x93,'SWAP4'),(0x94,'SWAP5'),(0x95,'SWAP6'),(0x96,'SWAP7'),(0x50,'POP'),(0xfd,'REVERT'),(0x14,'EQ'),(0x15,'ISZERO'),(0x10,'LT'),(0x11,'GT'),(0x1b,'SHL'),(0x20,'SHA3'),(0x33,'CALLER'),(0xf1,'CALL'),(0x3b,'EXTCODESIZE'),(0xfa,'STATICCALL'),(0x30,'ADDRESS'),(0x31,'BALANCE')]: opcodes[i]=name
[codex:1212186]
[codex:1212186] def disasm_range(start,end):
[codex:1212186] i=start
[codex:1212186] while i<end:
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] print(f'{i:04x}: {name} 0x{data.hex()}')
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] print(f'{i:04x}: {name}')
[codex:1212186] i+=1
[codex:1212186]
[codex:1212186] print('--- around 0x0bc0-0x0c50 ---')
[codex:1212186] disasm_range(0x0bc0,0x0c50)
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 33ms:
[codex:1212186] --- around 0x0bc0-0x0c50 ---
[codex:1212186] 0bc0: PUSH3 0x461bcd
[codex:1212186] 0bc4: PUSH1 0xe5
[codex:1212186] 0bc6: SHL
[codex:1212186] 0bc7: DUP2
[codex:1212186] 0bc8: MSTORE
[codex:1212186] 0bc9: PUSH1 0x04
[codex:1212186] 0bcb: OP_01
[codex:1212186] 0bcc: DUP1
[codex:1212186] 0bcd: DUP1
[codex:1212186] 0bce: PUSH1 0x20
[codex:1212186] 0bd0: OP_01
[codex:1212186] 0bd1: DUP3
[codex:1212186] 0bd2: DUP2
[codex:1212186] 0bd3: OP_03
[codex:1212186] 0bd4: DUP3
[codex:1212186] 0bd5: MSTORE
[codex:1212186] 0bd6: PUSH1 0x2b
[codex:1212186] 0bd8: DUP2
[codex:1212186] 0bd9: MSTORE
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing initialization and function selectors**
[codex:1212186]
[codex:1212186] I'm piecing together which function handles initialization by examining code around 0xbf3 and earlier. The init seems unprotected from unauthorized calls, which could be a vulnerability. I'm cross-checking function selectors and parameter decoding to identify the true initialize method vs execute calls, focusing on array and signature handling functions for clues. This feels like solving a puzzle to expose the open initialization risk.
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186]
[codex:1212186] # disasm around 0x0930-0x09a8
[codex:1212186] opcodes = {i: f'OP_{i:02x}' for i in range(256)}
[codex:1212186] for i,name in [(0x5b,'JUMPDEST'),(0x60,'PUSH1'),(0x61,'PUSH2'),(0x62,'PUSH3'),(0x63,'PUSH4'),(0x64,'PUSH5'),(0x65,'PUSH6'),(0x66,'PUSH7'),(0x67,'PUSH8'),(0x68,'PUSH9'),(0x69,'PUSH10'),(0x6a,'PUSH11'),(0x6b,'PUSH12'),(0x6c,'PUSH13'),(0x6d,'PUSH14'),(0x6e,'PUSH15'),(0x6f,'PUSH16'),(0x7f,'PUSH32'),(0x54,'SLOAD'),(0x55,'SSTORE'),(0x56,'JUMP'),(0x57,'JUMPI'),(0x52,'MSTORE'),(0x51,'MLOAD'),(0xf3,'RETURN'),(0x80,'DUP1'),(0x81,'DUP2'),(0x82,'DUP3'),(0x83,'DUP4'),(0x84,'DUP5'),(0x85,'DUP6'),(0x86,'DUP7'),(0x87,'DUP8'),(0x90,'SWAP1'),(0x91,'SWAP2'),(0x92,'SWAP3'),(0x93,'SWAP4'),(0x94,'SWAP5'),(0x95,'SWAP6'),(0x96,'SWAP7'),(0x50,'POP'),(0xfd,'REVERT'),(0x14,'EQ'),(0x15,'ISZERO'),(0x10,'LT'),(0x11,'GT'),(0x1b,'SHL'),(0x20,'SHA3'),(0x33,'CALLER'),(0xf1,'CALL'),(0x3b,'EXTCODESIZE'),(0xfa,'STATICCALL'),(0x30,'ADDRESS'),(0x31,'BALANCE'),(0x16,'AND')]: opcodes[i]=name
[codex:1212186]
[codex:1212186] def disasm_range(start,end):
[codex:1212186] i=start
[codex:1212186] while i<end:
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] print(f'{i:04x}: {name} 0x{data.hex()}')
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] print(f'{i:04x}: {name}')
[codex:1212186] i+=1
[codex:1212186]
[codex:1212186] print('--- around 0x0930-0x09a8 ---')
[codex:1212186] disasm_range(0x0930,0x09a8)
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 27ms:
[codex:1212186] --- around 0x0930-0x09a8 ---
[codex:1212186] 0930: OP_00
[codex:1212186] 0931: OP_00
[codex:1212186] 0932: OP_00
[codex:1212186] 0933: OP_00
[codex:1212186] 0934: OP_00
[codex:1212186] 0935: OP_00
[codex:1212186] 0936: OP_00
[codex:1212186] 0937: OP_00
[codex:1212186] 0938: OP_00
[codex:1212186] 0939: OP_00
[codex:1212186] 093a: OP_00
[codex:1212186] 093b: OP_00
[codex:1212186] 093c: OP_00
[codex:1212186] 093d: OP_00
[codex:1212186] 093e: OP_00
[codex:1212186] 093f: OP_00
[codex:1212186] 0940: OP_00
[codex:1212186] 0941: DUP2
[codex:1212186] 0942: JUMP
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing execute and initialization functions**
[codex:1212186] exec
[codex:1212186] /bin/bash -lc "python - <<'PY'
[codex:1212186] from pathlib import Path
[codex:1212186] import re
[codex:1212186] hexdata = Path('/tmp/codex-multi-pq5rq34b/BYTECODE_BUNDLE.txt').read_text()
[codex:1212186] hexstr = re.search(r'0x[0-9a-fA-F]+', hexdata).group(0)[2:]
[codex:1212186] code = bytes.fromhex(hexstr)
[codex:1212186] # disasm around 0xb60-0xbc0
[codex:1212186] opcodes = {i: f'OP_{i:02x}' for i in range(256)}
[codex:1212186] for i,name in [(0x5b,'JUMPDEST'),(0x60,'PUSH1'),(0x61,'PUSH2'),(0x62,'PUSH3'),(0x63,'PUSH4'),(0x64,'PUSH5'),(0x65,'PUSH6'),(0x66,'PUSH7'),(0x67,'PUSH8'),(0x68,'PUSH9'),(0x69,'PUSH10'),(0x6a,'PUSH11'),(0x6b,'PUSH12'),(0x6c,'PUSH13'),(0x6d,'PUSH14'),(0x6e,'PUSH15'),(0x6f,'PUSH16'),(0x7f,'PUSH32'),(0x54,'SLOAD'),(0x55,'SSTORE'),(0x56,'JUMP'),(0x57,'JUMPI'),(0x52,'MSTORE'),(0x51,'MLOAD'),(0xf3,'RETURN'),(0x80,'DUP1'),(0x81,'DUP2'),(0x82,'DUP3'),(0x83,'DUP4'),(0x84,'DUP5'),(0x85,'DUP6'),(0x86,'DUP7'),(0x87,'DUP8'),(0x90,'SWAP1'),(0x91,'SWAP2'),(0x92,'SWAP3'),(0x93,'SWAP4'),(0x94,'SWAP5'),(0x95,'SWAP6'),(0x96,'SWAP7'),(0x50,'POP'),(0xfd,'REVERT'),(0x14,'EQ'),(0x15,'ISZERO'),(0x10,'LT'),(0x11,'GT'),(0x1b,'SHL'),(0x20,'SHA3'),(0x33,'CALLER'),(0xf1,'CALL'),(0x3b,'EXTCODESIZE'),(0xfa,'STATICCALL'),(0x30,'ADDRESS'),(0x31,'BALANCE'),(0x16,'AND')]: opcodes[i]=name
[codex:1212186]
[codex:1212186] def disasm_range(start,end):
[codex:1212186] i=start
[codex:1212186] while i<end:
[codex:1212186] op=code[i]
[codex:1212186] name=opcodes.get(op,f'OP_{op:02x}')
[codex:1212186] if 0x60<=op<=0x7f:
[codex:1212186] n=op-0x5f
[codex:1212186] data=code[i+1:i+1+n]
[codex:1212186] print(f'{i:04x}: {name} 0x{data.hex()}')
[codex:1212186] i+=1+n
[codex:1212186] else:
[codex:1212186] print(f'{i:04x}: {name}')
[codex:1212186] i+=1
[codex:1212186]
[codex:1212186] print('--- around 0xb60-0xbc0 ---')
[codex:1212186] disasm_range(0x0b60,0x0bc0)
[codex:1212186] PY" in /tmp/codex-multi-pq5rq34b succeeded in 27ms:
[codex:1212186] --- around 0xb60-0xbc0 ---
[codex:1212186] 0b60: OP_cf
[codex:1212186] 0b61: DUP8
[codex:1212186] 0b62: OP_04
[codex:1212186] 0b63: BALANCE
[codex:1212186] 0b64: OP_9e
[codex:1212186] 0b65: OP_9a
[codex:1212186] 0b66: JUMPDEST
[codex:1212186] 0b67: OP_ff
[codex:1212186] 0b68: OP_78 0x29f9cb959dd59181900360600190a1505050505050565b7f15
[codex:1212186] 0b82: OP_0b
[codex:1212186] 0b83: OP_7a 0x020000000000000000000000000000000000000000000000000000
[codex:1212186] 0b9f: OP_00
[codex:1212186] 0ba0: OP_00
[codex:1212186] 0ba1: SWAP5
[codex:1212186] 0ba2: SWAP4
[codex:1212186] 0ba3: POP
[codex:1212186] 0ba4: POP
[codex:1212186] 0ba5: POP
[codex:1212186] 0ba6: POP
[codex:1212186]
[codex:1212186] thinking
[codex:1212186] **Analyzing unprotected initialization vulnerability**
[codex:1212186] codex
[codex:1212186] {"no_findings":false,"summary":"Found a permissionless initializer path that allows full takeover and draining if the contract is still uninitialized.","findings":[{"severity":"high","category":"access_control","title":"Unprotected initialization allows anyone to seize ownership and drain funds if not yet initialized","exploit_scenario":"1) Call `initialized()` (selector `0x158ef93e`) to confirm the flag is false. 2) Call the initializer (selector `0x60b5bb3f`, entry at 0x046f) with an owners array you control and signer threshold = 1. This writes owner mappings and sets `initialized` without any caller check. 3) Use the execute path (e.g., selector `0x0adcf464`) with a signature from your key to transfer ETH (token sentinel `0xeeee…`) or ERC20s via the CALL at 0x0a3d / token transfer branch at 0x0ad1, draining the wallet.","recommendation":"If this contract is intended to be initialized only by a trusted deployer/factory, enforce an access check in the initializer or set initialization state in a constructor. For proxy patterns, lock the implementation or require an explicit admin to initialize.","evidence":"Initializer entry at 0x046f (selector `0x60b5bb3f`) decodes calldata then jumps to 0x0bb1. At 0x0bb1 it only checks slot0 initialized flag (`SLOAD` + `AND 0xff`) before proceeding to owner setup at 0x0bf3; there is no `CALLER`/`ORIGIN` check on this path. State is written at 0x0da7 (SSTORE to slot4) and 0x0db4 (SSTORE to slot0 initialized flag). The execute path verifies signatures (0x0943 -> 0x10ac) then performs the value transfer via CALL at 0x0a3d or ERC20 transfer branch at 0x0ad1.","locations":["BYTECODE_BUNDLE.txt:0x046f","BYTECODE_BUNDLE.txt:0x0bb1","BYTECODE_BUNDLE.txt:0x0bf3","BYTECODE_BUNDLE.txt:0x0da7","BYTECODE_BUNDLE.txt:0x0db4","BYTECODE_BUNDLE.txt:0x0943","BYTECODE_BUNDLE.txt:0x0a3d","BYTECODE_BUNDLE.txt:0x0ad1"]}]}
[codex:1212186] tokens used
[codex:1212186] 182,987
[codex:1212186] {"no_findings":false,"summary":"Found a permissionless initializer path that allows full takeover and draining if the contract is still uninitialized.","findings":[{"severity":"high","category":"access_control","title":"Unprotected initialization allows anyone to seize ownership and drain funds if not yet initialized","exploit_scenario":"1) Call `initialized()` (selector `0x158ef93e`) to confirm the flag is false. 2) Call the initializer (selector `0x60b5bb3f`, entry at 0x046f) with an owners array you control and signer threshold = 1. This writes owner mappings and sets `initialized` without any caller check. 3) Use the execute path (e.g., selector `0x0adcf464`) with a signature from your key to transfer ETH (token sentinel `0xeeee…`) or ERC20s via the CALL at 0x0a3d / token transfer branch at 0x0ad1, draining the wallet.","recommendation":"If this contract is intended to be initialized only by a trusted deployer/factory, enforce an access check in the initializer or set initialization state in a constructor. For proxy patterns, lock the implementation or require an explicit admin to initialize.","evidence":"Initializer entry at 0x046f (selector `0x60b5bb3f`) decodes calldata then jumps to 0x0bb1. At 0x0bb1 it only checks slot0 initialized flag (`SLOAD` + `AND 0xff`) before proceeding to owner setup at 0x0bf3; there is no `CALLER`/`ORIGIN` check on this path. State is written at 0x0da7 (SSTORE to slot4) and 0x0db4 (SSTORE to slot0 initialized flag). The execute path verifies signatures (0x0943 -> 0x10ac) then performs the value transfer via CALL at 0x0a3d or ERC20 transfer branch at 0x0ad1.","locations":["BYTECODE_BUNDLE.txt:0x046f","BYTECODE_BUNDLE.txt:0x0bb1","BYTECODE_BUNDLE.txt:0x0bf3","BYTECODE_BUNDLE.txt:0x0da7","BYTECODE_BUNDLE.txt:0x0db4","BYTECODE_BUNDLE.txt:0x0943","BYTECODE_BUNDLE.txt:0x0a3d","BYTECODE_BUNDLE.txt:0x0ad1"]}]}
{
"codex": {
"ran_at": "2026-01-02T02:55:25.737806+00:00",
"returncode": 0
},
"summary": "Found a permissionless initializer path that allows full takeover and draining if the contract is still uninitialized.",
"raw_final": {
"summary": "Found a permissionless initializer path that allows full takeover and draining if the contract is still uninitialized.",
"findings": [
{
"title": "Unprotected initialization allows anyone to seize ownership and drain funds if not yet initialized",
"category": "access_control",
"evidence": "Initializer entry at 0x046f (selector `0x60b5bb3f`) decodes calldata then jumps to 0x0bb1. At 0x0bb1 it only checks slot0 initialized flag (`SLOAD` + `AND 0xff`) before proceeding to owner setup at 0x0bf3; there is no `CALLER`/`ORIGIN` check on this path. State is written at 0x0da7 (SSTORE to slot4) and 0x0db4 (SSTORE to slot0 initialized flag). The execute path verifies signatures (0x0943 -> 0x10ac) then performs the value transfer via CALL at 0x0a3d or ERC20 transfer branch at 0x0ad1.",
"severity": "high",
"locations": [
"BYTECODE_BUNDLE.txt:0x046f",
"BYTECODE_BUNDLE.txt:0x0bb1",
"BYTECODE_BUNDLE.txt:0x0bf3",
"BYTECODE_BUNDLE.txt:0x0da7",
"BYTECODE_BUNDLE.txt:0x0db4",
"BYTECODE_BUNDLE.txt:0x0943",
"BYTECODE_BUNDLE.txt:0x0a3d",
"BYTECODE_BUNDLE.txt:0x0ad1"
],
"recommendation": "If this contract is intended to be initialized only by a trusted deployer/factory, enforce an access check in the initializer or set initialization state in a constructor. For proxy patterns, lock the implementation or require an explicit admin to initialize.",
"exploit_scenario": "1) Call `initialized()` (selector `0x158ef93e`) to confirm the flag is false. 2) Call the initializer (selector `0x60b5bb3f`, entry at 0x046f) with an owners array you control and signer threshold = 1. This writes owner mappings and sets `initialized` without any caller check. 3) Use the execute path (e.g., selector `0x0adcf464`) with a signature from your key to transfer ETH (token sentinel `0xeeee\u2026`) or ERC20s via the CALL at 0x0a3d / token transfer branch at 0x0ad1, draining the wallet."
}
],
"no_findings": false
},
"no_findings": false,
"schema_version": 1
}
00000000: PUSH1 0x80 00000002: PUSH1 0x40 00000004: MSTORE 00000005: PUSH1 0x04 00000007: CALLDATASIZE 00000008: LT 00000009: PUSH2 0x00c7 0000000c: JUMPI 0000000d: PUSH1 0x00 0000000f: CALLDATALOAD 00000010: PUSH1 0xe0 00000012: SHR 00000013: DUP1 00000014: PUSH4 0x843b1a09 00000019: GT 0000001a: PUSH2 0x0074 0000001d: JUMPI 0000001e: DUP1 0000001f: PUSH4 0xc0ee0b8a 00000024: GT 00000025: PUSH2 0x004e 00000028: JUMPI 00000029: DUP1 0000002a: PUSH4 0xc0ee0b8a 0000002f: EQ 00000030: PUSH2 0x077e 00000033: JUMPI 00000034: DUP1 00000035: PUSH4 0xc1278cc5 0000003a: EQ 0000003b: PUSH2 0x0846 0000003e: JUMPI 0000003f: DUP1 00000040: PUSH4 0xf0b9e5ba 00000045: EQ 00000046: PUSH2 0x088d 00000049: JUMPI 0000004a: PUSH2 0x00c7 0000004d: JUMP 0000004e: JUMPDEST 0000004f: DUP1 00000050: PUSH4 0x843b1a09 00000055: EQ 00000056: PUSH2 0x0548 00000059: JUMPI 0000005a: DUP1 0000005b: PUSH4 0x98ad68a7 00000060: EQ 00000061: PUSH2 0x055d 00000064: JUMPI 00000065: DUP1 00000066: PUSH4 0xbba85f28 0000006b: EQ 0000006c: PUSH2 0x0735 0000006f: JUMPI 00000070: PUSH2 0x00c7 00000073: JUMP 00000074: JUMPDEST 00000075: DUP1 00000076: PUSH4 0x158ef93e 0000007b: GT 0000007c: PUSH2 0x00a5 0000007f: JUMPI 00000080: DUP1 00000081: PUSH4 0x158ef93e 00000086: EQ 00000087: PUSH2 0x0446 0000008a: JUMPI 0000008b: DUP1 0000008c: PUSH4 0x60b5bb3f 00000091: EQ 00000092: PUSH2 0x046f 00000095: JUMPI 00000096: DUP1 00000097: PUSH4 0x7db218b7 0000009c: EQ 0000009d: PUSH2 0x0521 000000a0: JUMPI 000000a1: PUSH2 0x00c7 000000a4: JUMP 000000a5: JUMPDEST 000000a6: DUP1 000000a7: PUSH4 0x08405166 000000ac: EQ 000000ad: PUSH2 0x0150 000000b0: JUMPI 000000b1: DUP1 000000b2: PUSH4 0x0adcf464 000000b7: EQ 000000b8: PUSH2 0x019a 000000bb: JUMPI 000000bc: DUP1 000000bd: PUSH4 0x150b7a02 000000c2: EQ 000000c3: PUSH2 0x0373 000000c6: JUMPI 000000c7: JUMPDEST 000000c8: CALLDATASIZE 000000c9: ISZERO 000000ca: PUSH2 0x011a 000000cd: JUMPI 000000ce: PUSH1 0x40 000000d0: DUP1 000000d1: MLOAD 000000d2: PUSH3 0x461bcd 000000d6: PUSH1 0xe5 000000d8: SHL 000000d9: DUP2 000000da: MSTORE 000000db: PUSH1 0x20 000000dd: PUSH1 0x04 000000df: DUP3 000000e0: ADD 000000e1: MSTORE 000000e2: PUSH1 0x16 000000e4: PUSH1 0x24 000000e6: DUP3 000000e7: ADD 000000e8: MSTORE 000000e9: PUSH32 0x6d73672e64617461206973206e6f7420656d7074792e00000000000000000000 0000010a: PUSH1 0x44 0000010c: DUP3 0000010d: ADD 0000010e: MSTORE 0000010f: SWAP1 00000110: MLOAD 00000111: SWAP1 00000112: DUP2 00000113: SWAP1 00000114: SUB 00000115: PUSH1 0x64 00000117: ADD 00000118: SWAP1 00000119: REVERT 0000011a: JUMPDEST 0000011b: PUSH1 0x40 0000011d: DUP1 0000011e: MLOAD 0000011f: ADDRESS 00000120: BALANCE 00000121: DUP2 00000122: MSTORE 00000123: SWAP1 00000124: MLOAD 00000125: PUSH32 0xc4c14883ae9fd8e26d5d59e3485ed29fd126d781d7e498a4ca5c54c8268e4936 00000146: SWAP2 00000147: DUP2 00000148: SWAP1 00000149: SUB 0000014a: PUSH1 0x20 0000014c: ADD 0000014d: SWAP1 0000014e: LOG1 0000014f: STOP 00000150: JUMPDEST 00000151: CALLVALUE 00000152: DUP1 00000153: ISZERO 00000154: PUSH2 0x015c 00000157: JUMPI 00000158: PUSH1 0x00 0000015a: DUP1 0000015b: REVERT 0000015c: JUMPDEST 0000015d: POP 0000015e: PUSH2 0x0165 00000161: PUSH2 0x091f 00000164: JUMP 00000165: JUMPDEST 00000166: PUSH1 0x40 00000168: DUP1 00000169: MLOAD 0000016a: PUSH32 0xffffffff00000000000000000000000000000000000000000000000000000000 0000018b: SWAP1 0000018c: SWAP3 0000018d: AND 0000018e: DUP3 0000018f: MSTORE 00000190: MLOAD 00000191: SWAP1 00000192: DUP2 00000193: SWAP1 00000194: SUB 00000195: PUSH1 0x20 00000197: ADD 00000198: SWAP1 00000199: RETURN 0000019a: JUMPDEST 0000019b: CALLVALUE 0000019c: DUP1 0000019d: ISZERO 0000019e: PUSH2 0x01a6 000001a1: JUMPI 000001a2: PUSH1 0x00 000001a4: DUP1 000001a5: REVERT 000001a6: JUMPDEST 000001a7: POP 000001a8: PUSH2 0x0371 000001ab: PUSH1 0x04 000001ad: DUP1 000001ae: CALLDATASIZE 000001af: SUB 000001b0: PUSH1 0xc0 000001b2: DUP2 000001b3: LT 000001b4: ISZERO 000001b5: PUSH2 0x01bd 000001b8: JUMPI 000001b9: PUSH1 0x00 000001bb: DUP1 000001bc: REVERT 000001bd: JUMPDEST 000001be: PUSH1 0x01 000001c0: PUSH1 0x01 000001c2: PUSH1 0xa0 000001c4: SHL 000001c5: SUB 000001c6: DUP3 000001c7: CALLDATALOAD 000001c8: DUP2 000001c9: AND 000001ca: SWAP3 000001cb: PUSH1 0x20 000001cd: DUP2 000001ce: ADD 000001cf: CALLDATALOAD 000001d0: SWAP3 000001d1: PUSH1 0x40 000001d3: DUP3 000001d4: ADD 000001d5: CALLDATALOAD 000001d6: SWAP1 000001d7: SWAP3 000001d8: AND 000001d9: SWAP2 000001da: DUP2 000001db: ADD 000001dc: SWAP1 000001dd: PUSH1 0x80 000001df: DUP2 000001e0: ADD 000001e1: PUSH1 0x60 000001e3: DUP3 000001e4: ADD 000001e5: CALLDATALOAD 000001e6: PUSH5 0x0100000000 000001ec: DUP2 000001ed: GT 000001ee: ISZERO 000001ef: PUSH2 0x01f7 000001f2: JUMPI 000001f3: PUSH1 0x00 000001f5: DUP1 000001f6: REVERT 000001f7: JUMPDEST 000001f8: DUP3 000001f9: ADD 000001fa: DUP4 000001fb: PUSH1 0x20 000001fd: DUP3 000001fe: ADD 000001ff: GT 00000200: ISZERO 00000201: PUSH2 0x0209 00000204: JUMPI 00000205: PUSH1 0x00 00000207: DUP1 00000208: REVERT 00000209: JUMPDEST 0000020a: DUP1 0000020b: CALLDATALOAD 0000020c: SWAP1 0000020d: PUSH1 0x20 0000020f: ADD 00000210: SWAP2 00000211: DUP5 00000212: PUSH1 0x20 00000214: DUP4 00000215: MUL 00000216: DUP5 00000217: ADD 00000218: GT 00000219: PUSH5 0x0100000000 0000021f: DUP4 00000220: GT 00000221: OR 00000222: ISZERO 00000223: PUSH2 0x022b 00000226: JUMPI 00000227: PUSH1 0x00 00000229: DUP1 0000022a: REVERT 0000022b: JUMPDEST 0000022c: SWAP2 0000022d: SWAP1 0000022e: DUP1 0000022f: DUP1 00000230: PUSH1 0x20 00000232: MUL 00000233: PUSH1 0x20 00000235: ADD 00000236: PUSH1 0x40 00000238: MLOAD 00000239: SWAP1 0000023a: DUP2 0000023b: ADD 0000023c: PUSH1 0x40 0000023e: MSTORE 0000023f: DUP1 00000240: SWAP4 00000241: SWAP3 00000242: SWAP2 00000243: SWAP1 00000244: DUP2 00000245: DUP2 00000246: MSTORE 00000247: PUSH1 0x20 00000249: ADD 0000024a: DUP4 0000024b: DUP4 0000024c: PUSH1 0x20 0000024e: MUL 0000024f: DUP1 00000250: DUP3 00000251: DUP5 00000252: CALLDATACOPY 00000253: PUSH1 0x00 00000255: SWAP3 00000256: ADD 00000257: SWAP2 00000258: SWAP1 00000259: SWAP2 0000025a: MSTORE 0000025b: POP 0000025c: SWAP3 0000025d: SWAP6 0000025e: SWAP5 0000025f: SWAP4 00000260: PUSH1 0x20 00000262: DUP2 00000263: ADD 00000264: SWAP4 00000265: POP 00000266: CALLDATALOAD 00000267: SWAP2 00000268: POP 00000269: POP 0000026a: PUSH5 0x0100000000 00000270: DUP2 00000271: GT 00000272: ISZERO 00000273: PUSH2 0x027b 00000276: JUMPI 00000277: PUSH1 0x00 00000279: DUP1 0000027a: REVERT 0000027b: JUMPDEST 0000027c: DUP3 0000027d: ADD 0000027e: DUP4 0000027f: PUSH1 0x20 00000281: DUP3 00000282: ADD 00000283: GT 00000284: ISZERO 00000285: PUSH2 0x028d 00000288: JUMPI 00000289: PUSH1 0x00 0000028b: DUP1 0000028c: REVERT 0000028d: JUMPDEST 0000028e: DUP1 0000028f: CALLDATALOAD 00000290: SWAP1 00000291: PUSH1 0x20 00000293: ADD 00000294: SWAP2 00000295: DUP5 00000296: PUSH1 0x20 00000298: DUP4 00000299: MUL 0000029a: DUP5 0000029b: ADD 0000029c: GT 0000029d: PUSH5 0x0100000000 000002a3: DUP4 000002a4: GT 000002a5: OR 000002a6: ISZERO 000002a7: PUSH2 0x02af 000002aa: JUMPI 000002ab: PUSH1 0x00 000002ad: DUP1 000002ae: REVERT 000002af: JUMPDEST 000002b0: SWAP2 000002b1: SWAP1 000002b2: DUP1 000002b3: DUP1 000002b4: PUSH1 0x20 000002b6: MUL 000002b7: PUSH1 0x20 000002b9: ADD 000002ba: PUSH1 0x40 000002bc: MLOAD 000002bd: SWAP1 000002be: DUP2 000002bf: ADD 000002c0: PUSH1 0x40 000002c2: MSTORE 000002c3: DUP1 000002c4: SWAP4 000002c5: SWAP3 000002c6: SWAP2 000002c7: SWAP1 000002c8: DUP2 000002c9: DUP2 000002ca: MSTORE 000002cb: PUSH1 0x20 000002cd: ADD 000002ce: DUP4 000002cf: DUP4 000002d0: PUSH1 0x20 000002d2: MUL 000002d3: DUP1 000002d4: DUP3 000002d5: DUP5 000002d6: CALLDATACOPY 000002d7: PUSH1 0x00 000002d9: SWAP3 000002da: ADD 000002db: SWAP2 000002dc: SWAP1 000002dd: SWAP2 000002de: MSTORE 000002df: POP 000002e0: SWAP3 000002e1: SWAP6 000002e2: SWAP5 000002e3: SWAP4 000002e4: PUSH1 0x20 000002e6: DUP2 000002e7: ADD 000002e8: SWAP4 000002e9: POP 000002ea: CALLDATALOAD 000002eb: SWAP2 000002ec: POP 000002ed: POP 000002ee: PUSH5 0x0100000000 000002f4: DUP2 000002f5: GT 000002f6: ISZERO 000002f7: PUSH2 0x02ff 000002fa: JUMPI 000002fb: PUSH1 0x00 000002fd: DUP1 000002fe: REVERT 000002ff: JUMPDEST 00000300: DUP3 00000301: ADD 00000302: DUP4 00000303: PUSH1 0x20 00000305: DUP3 00000306: ADD 00000307: GT 00000308: ISZERO 00000309: PUSH2 0x0311 0000030c: JUMPI 0000030d: PUSH1 0x00 0000030f: DUP1 00000310: REVERT 00000311: JUMPDEST 00000312: DUP1 00000313: CALLDATALOAD 00000314: SWAP1 00000315: PUSH1 0x20 00000317: ADD 00000318: SWAP2 00000319: DUP5 0000031a: PUSH1 0x20 0000031c: DUP4 0000031d: MUL 0000031e: DUP5 0000031f: ADD 00000320: GT 00000321: PUSH5 0x0100000000 00000327: DUP4 00000328: GT 00000329: OR 0000032a: ISZERO 0000032b: PUSH2 0x0333 0000032e: JUMPI 0000032f: PUSH1 0x00 00000331: DUP1 00000332: REVERT 00000333: JUMPDEST 00000334: SWAP2 00000335: SWAP1 00000336: DUP1 00000337: DUP1 00000338: PUSH1 0x20 0000033a: MUL 0000033b: PUSH1 0x20 0000033d: ADD 0000033e: PUSH1 0x40 00000340: MLOAD 00000341: SWAP1 00000342: DUP2 00000343: ADD 00000344: PUSH1 0x40 00000346: MSTORE 00000347: DUP1 00000348: SWAP4 00000349: SWAP3 0000034a: SWAP2 0000034b: SWAP1 0000034c: DUP2 0000034d: DUP2 0000034e: MSTORE 0000034f: PUSH1 0x20 00000351: ADD 00000352: DUP4 00000353: DUP4 00000354: PUSH1 0x20 00000356: MUL 00000357: DUP1 00000358: DUP3 00000359: DUP5 0000035a: CALLDATACOPY 0000035b: PUSH1 0x00 0000035d: SWAP3 0000035e: ADD 0000035f: SWAP2 00000360: SWAP1 00000361: SWAP2 00000362: MSTORE 00000363: POP 00000364: SWAP3 00000365: SWAP6 00000366: POP 00000367: PUSH2 0x0943 0000036a: SWAP5 0000036b: POP 0000036c: POP 0000036d: POP 0000036e: POP 0000036f: POP 00000370: JUMP 00000371: JUMPDEST 00000372: STOP 00000373: JUMPDEST 00000374: CALLVALUE 00000375: DUP1 00000376: ISZERO 00000377: PUSH2 0x037f 0000037a: JUMPI 0000037b: PUSH1 0x00 0000037d: DUP1 0000037e: REVERT 0000037f: JUMPDEST 00000380: POP 00000381: PUSH2 0x0165 00000384: PUSH1 0x04 00000386: DUP1 00000387: CALLDATASIZE 00000388: SUB 00000389: PUSH1 0x80 0000038b: DUP2 0000038c: LT 0000038d: ISZERO 0000038e: PUSH2 0x0396 00000391: JUMPI 00000392: PUSH1 0x00 00000394: DUP1 00000395: REVERT 00000396: JUMPDEST 00000397: PUSH1 0x01 00000399: PUSH1 0x01 0000039b: PUSH1 0xa0 0000039d: SHL 0000039e: SUB 0000039f: DUP3 000003a0: CALLDATALOAD 000003a1: DUP2 000003a2: AND 000003a3: SWAP3 000003a4: PUSH1 0x20 000003a6: DUP2 000003a7: ADD 000003a8: CALLDATALOAD 000003a9: SWAP1 000003aa: SWAP2 000003ab: AND 000003ac: SWAP2 000003ad: PUSH1 0x40 000003af: DUP3 000003b0: ADD 000003b1: CALLDATALOAD 000003b2: SWAP2 000003b3: SWAP1 000003b4: DUP2 000003b5: ADD 000003b6: SWAP1 000003b7: PUSH1 0x80 000003b9: DUP2 000003ba: ADD 000003bb: PUSH1 0x60 000003bd: DUP3 000003be: ADD 000003bf: CALLDATALOAD 000003c0: PUSH5 0x0100000000 000003c6: DUP2 000003c7: GT 000003c8: ISZERO 000003c9: PUSH2 0x03d1 000003cc: JUMPI 000003cd: PUSH1 0x00 000003cf: DUP1 000003d0: REVERT 000003d1: JUMPDEST 000003d2: DUP3 000003d3: ADD 000003d4: DUP4 000003d5: PUSH1 0x20 000003d7: DUP3 000003d8: ADD 000003d9: GT 000003da: ISZERO 000003db: PUSH2 0x03e3 000003de: JUMPI 000003df: PUSH1 0x00 000003e1: DUP1 000003e2: REVERT 000003e3: JUMPDEST 000003e4: DUP1 000003e5: CALLDATALOAD 000003e6: SWAP1 000003e7: PUSH1 0x20 000003e9: ADD 000003ea: SWAP2 000003eb: DUP5 000003ec: PUSH1 0x01 000003ee: DUP4 000003ef: MUL 000003f0: DUP5 000003f1: ADD 000003f2: GT 000003f3: PUSH5 0x0100000000 000003f9: DUP4 000003fa: GT 000003fb: OR 000003fc: ISZERO 000003fd: PUSH2 0x0405 00000400: JUMPI 00000401: PUSH1 0x00 00000403: DUP1 00000404: REVERT 00000405: JUMPDEST 00000406: SWAP2 00000407: SWAP1 00000408: DUP1 00000409: DUP1 0000040a: PUSH1 0x1f 0000040c: ADD 0000040d: PUSH1 0x20 0000040f: DUP1 00000410: SWAP2 00000411: DIV 00000412: MUL 00000413: PUSH1 0x20 00000415: ADD 00000416: PUSH1 0x40 00000418: MLOAD 00000419: SWAP1 0000041a: DUP2 0000041b: ADD 0000041c: PUSH1 0x40 0000041e: MSTORE 0000041f: DUP1 00000420: SWAP4 00000421: SWAP3 00000422: SWAP2 00000423: SWAP1 00000424: DUP2 00000425: DUP2 00000426: MSTORE 00000427: PUSH1 0x20 00000429: ADD 0000042a: DUP4 0000042b: DUP4 0000042c: DUP1 0000042d: DUP3 0000042e: DUP5 0000042f: CALLDATACOPY 00000430: PUSH1 0x00 00000432: SWAP3 00000433: ADD 00000434: SWAP2 00000435: SWAP1 00000436: SWAP2 00000437: MSTORE 00000438: POP 00000439: SWAP3 0000043a: SWAP6 0000043b: POP 0000043c: PUSH2 0x0b7f 0000043f: SWAP5 00000440: POP 00000441: POP 00000442: POP 00000443: POP 00000444: POP 00000445: JUMP 00000446: JUMPDEST 00000447: CALLVALUE 00000448: DUP1 00000449: ISZERO 0000044a: PUSH2 0x0452 0000044d: JUMPI 0000044e: PUSH1 0x00 00000450: DUP1 00000451: REVERT 00000452: JUMPDEST 00000453: POP 00000454: PUSH2 0x045b 00000457: PUSH2 0x0ba8 0000045a: JUMP 0000045b: JUMPDEST 0000045c: PUSH1 0x40 0000045e: DUP1 0000045f: MLOAD 00000460: SWAP2 00000461: ISZERO 00000462: ISZERO 00000463: DUP3 00000464: MSTORE 00000465: MLOAD 00000466: SWAP1 00000467: DUP2 00000468: SWAP1 00000469: SUB 0000046a: PUSH1 0x20 0000046c: ADD 0000046d: SWAP1 0000046e: RETURN 0000046f: JUMPDEST 00000470: CALLVALUE 00000471: DUP1 00000472: ISZERO 00000473: PUSH2 0x047b 00000476: JUMPI 00000477: PUSH1 0x00 00000479: DUP1 0000047a: REVERT 0000047b: JUMPDEST 0000047c: POP 0000047d: PUSH2 0x0371 00000480: PUSH1 0x04 00000482: DUP1 00000483: CALLDATASIZE 00000484: SUB 00000485: PUSH1 0x40 00000487: DUP2 00000488: LT 00000489: ISZERO 0000048a: PUSH2 0x0492 0000048d: JUMPI 0000048e: PUSH1 0x00 00000490: DUP1 00000491: REVERT 00000492: JUMPDEST 00000493: DUP2 00000494: ADD 00000495: SWAP1 00000496: PUSH1 0x20 00000498: DUP2 00000499: ADD 0000049a: DUP2 0000049b: CALLDATALOAD 0000049c: PUSH5 0x0100000000 000004a2: DUP2 000004a3: GT 000004a4: ISZERO 000004a5: PUSH2 0x04ad 000004a8: JUMPI 000004a9: PUSH1 0x00 000004ab: DUP1 000004ac: REVERT 000004ad: JUMPDEST 000004ae: DUP3 000004af: ADD 000004b0: DUP4 000004b1: PUSH1 0x20 000004b3: DUP3 000004b4: ADD 000004b5: GT 000004b6: ISZERO 000004b7: PUSH2 0x04bf 000004ba: JUMPI 000004bb: PUSH1 0x00 000004bd: DUP1 000004be: REVERT 000004bf: JUMPDEST 000004c0: DUP1 000004c1: CALLDATALOAD 000004c2: SWAP1 000004c3: PUSH1 0x20 000004c5: ADD 000004c6: SWAP2 000004c7: DUP5 000004c8: PUSH1 0x20 000004ca: DUP4 000004cb: MUL 000004cc: DUP5 000004cd: ADD 000004ce: GT 000004cf: PUSH5 0x0100000000 000004d5: DUP4 000004d6: GT 000004d7: OR 000004d8: ISZERO 000004d9: PUSH2 0x04e1 000004dc: JUMPI 000004dd: PUSH1 0x00 000004df: DUP1 000004e0: REVERT 000004e1: JUMPDEST 000004e2: SWAP2 000004e3: SWAP1 000004e4: DUP1 000004e5: DUP1 000004e6: PUSH1 0x20 000004e8: MUL 000004e9: PUSH1 0x20 000004eb: ADD 000004ec: PUSH1 0x40 000004ee: MLOAD 000004ef: SWAP1 000004f0: DUP2 000004f1: ADD 000004f2: PUSH1 0x40 000004f4: MSTORE 000004f5: DUP1 000004f6: SWAP4 000004f7: SWAP3 000004f8: SWAP2 000004f9: SWAP1 000004fa: DUP2 000004fb: DUP2 000004fc: MSTORE 000004fd: PUSH1 0x20 000004ff: ADD 00000500: DUP4 00000501: DUP4 00000502: PUSH1 0x20 00000504: MUL 00000505: DUP1 00000506: DUP3 00000507: DUP5 00000508: CALLDATACOPY 00000509: PUSH1 0x00 0000050b: SWAP3 0000050c: ADD 0000050d: SWAP2 0000050e: SWAP1 0000050f: SWAP2 00000510: MSTORE 00000511: POP 00000512: SWAP3 00000513: SWAP6 00000514: POP 00000515: POP 00000516: SWAP2 00000517: CALLDATALOAD 00000518: SWAP3 00000519: POP 0000051a: PUSH2 0x0bb1 0000051d: SWAP2 0000051e: POP 0000051f: POP 00000520: JUMP 00000521: JUMPDEST 00000522: CALLVALUE 00000523: DUP1 00000524: ISZERO 00000525: PUSH2 0x052d 00000528: JUMPI 00000529: PUSH1 0x00 0000052b: DUP1 0000052c: REVERT 0000052d: JUMPDEST 0000052e: POP 0000052f: PUSH2 0x0536 00000532: PUSH2 0x0de0 00000535: JUMP 00000536: JUMPDEST 00000537: PUSH1 0x40 00000539: DUP1 0000053a: MLOAD 0000053b: SWAP2 0000053c: DUP3 0000053d: MSTORE 0000053e: MLOAD 0000053f: SWAP1 00000540: DUP2 00000541: SWAP1 00000542: SUB 00000543: PUSH1 0x20 00000545: ADD 00000546: SWAP1 00000547: RETURN 00000548: JUMPDEST 00000549: CALLVALUE 0000054a: DUP1 0000054b: ISZERO 0000054c: PUSH2 0x0554 0000054f: JUMPI 00000550: PUSH1 0x00 00000552: DUP1 00000553: REVERT 00000554: JUMPDEST 00000555: POP 00000556: PUSH2 0x0536 00000559: PUSH2 0x0de6 0000055c: JUMP 0000055d: JUMPDEST 0000055e: CALLVALUE 0000055f: DUP1 00000560: ISZERO 00000561: PUSH2 0x0569 00000564: JUMPI 00000565: PUSH1 0x00 00000567: DUP1 00000568: REVERT 00000569: JUMPDEST 0000056a: POP 0000056b: PUSH2 0x0371 0000056e: PUSH1 0x04 00000570: DUP1 00000571: CALLDATASIZE 00000572: SUB 00000573: PUSH1 0xc0 00000575: DUP2 00000576: LT 00000577: ISZERO 00000578: PUSH2 0x0580 0000057b: JUMPI 0000057c: PUSH1 0x00 0000057e: DUP1 0000057f: REVERT 00000580: JUMPDEST 00000581: PUSH1 0x01 00000583: PUSH1 0x01 00000585: PUSH1 0xa0 00000587: SHL 00000588: SUB 00000589: DUP3 0000058a: CALLDATALOAD 0000058b: DUP2 0000058c: AND 0000058d: SWAP3 0000058e: PUSH1 0x20 00000590: DUP2 00000591: ADD 00000592: CALLDATALOAD 00000593: SWAP1 00000594: SWAP2 00000595: AND 00000596: SWAP2 00000597: PUSH1 0x40 00000599: DUP3 0000059a: ADD 0000059b: CALLDATALOAD 0000059c: SWAP2 0000059d: SWAP1 0000059e: DUP2 0000059f: ADD 000005a0: SWAP1 000005a1: PUSH1 0x80 000005a3: DUP2 000005a4: ADD 000005a5: PUSH1 0x60 000005a7: DUP3 000005a8: ADD 000005a9: CALLDATALOAD 000005aa: PUSH5 0x0100000000 000005b0: DUP2 000005b1: GT 000005b2: ISZERO 000005b3: PUSH2 0x05bb 000005b6: JUMPI 000005b7: PUSH1 0x00 000005b9: DUP1 000005ba: REVERT 000005bb: JUMPDEST 000005bc: DUP3 000005bd: ADD 000005be: DUP4 000005bf: PUSH1 0x20 000005c1: DUP3 000005c2: ADD 000005c3: GT 000005c4: ISZERO 000005c5: PUSH2 0x05cd 000005c8: JUMPI 000005c9: PUSH1 0x00 000005cb: DUP1 000005cc: REVERT 000005cd: JUMPDEST 000005ce: DUP1 000005cf: CALLDATALOAD 000005d0: SWAP1 000005d1: PUSH1 0x20 000005d3: ADD 000005d4: SWAP2 000005d5: DUP5 000005d6: PUSH1 0x20 000005d8: DUP4 000005d9: MUL 000005da: DUP5 000005db: ADD 000005dc: GT 000005dd: PUSH5 0x0100000000 000005e3: DUP4 000005e4: GT 000005e5: OR 000005e6: ISZERO 000005e7: PUSH2 0x05ef 000005ea: JUMPI 000005eb: PUSH1 0x00 000005ed: DUP1 000005ee: REVERT 000005ef: JUMPDEST 000005f0: SWAP2 000005f1: SWAP1 000005f2: DUP1 000005f3: DUP1 000005f4: PUSH1 0x20 000005f6: MUL 000005f7: PUSH1 0x20 000005f9: ADD 000005fa: PUSH1 0x40 000005fc: MLOAD 000005fd: SWAP1 000005fe: DUP2 000005ff: ADD 00000600: PUSH1 0x40 00000602: MSTORE 00000603: DUP1 00000604: SWAP4 00000605: SWAP3 00000606: SWAP2 00000607: SWAP1 00000608: DUP2 00000609: DUP2 0000060a: MSTORE 0000060b: PUSH1 0x20 0000060d: ADD 0000060e: DUP4 0000060f: DUP4 00000610: PUSH1 0x20 00000612: MUL 00000613: DUP1 00000614: DUP3 00000615: DUP5 00000616: CALLDATACOPY 00000617: PUSH1 0x00 00000619: SWAP3 0000061a: ADD 0000061b: SWAP2 0000061c: SWAP1 0000061d: SWAP2 0000061e: MSTORE 0000061f: POP 00000620: SWAP3 00000621: SWAP6 00000622: SWAP5 00000623: SWAP4 00000624: PUSH1 0x20 00000626: DUP2 00000627: ADD 00000628: SWAP4 00000629: POP 0000062a: CALLDATALOAD 0000062b: SWAP2 0000062c: POP 0000062d: POP 0000062e: PUSH5 0x0100000000 00000634: DUP2 00000635: GT 00000636: ISZERO 00000637: PUSH2 0x063f 0000063a: JUMPI 0000063b: PUSH1 0x00 0000063d: DUP1 0000063e: REVERT 0000063f: JUMPDEST 00000640: DUP3 00000641: ADD 00000642: DUP4 00000643: PUSH1 0x20 00000645: DUP3 00000646: ADD 00000647: GT 00000648: ISZERO 00000649: PUSH2 0x0651 0000064c: JUMPI 0000064d: PUSH1 0x00 0000064f: DUP1 00000650: REVERT 00000651: JUMPDEST 00000652: DUP1 00000653: CALLDATALOAD 00000654: SWAP1 00000655: PUSH1 0x20 00000657: ADD 00000658: SWAP2 00000659: DUP5 0000065a: PUSH1 0x20 0000065c: DUP4 0000065d: MUL 0000065e: DUP5 0000065f: ADD 00000660: GT 00000661: PUSH5 0x0100000000 00000667: DUP4 00000668: GT 00000669: OR 0000066a: ISZERO 0000066b: PUSH2 0x0673 0000066e: JUMPI 0000066f: PUSH1 0x00 00000671: DUP1 00000672: REVERT 00000673: JUMPDEST 00000674: SWAP2 00000675: SWAP1 00000676: DUP1 00000677: DUP1 00000678: PUSH1 0x20 0000067a: MUL 0000067b: PUSH1 0x20 0000067d: ADD 0000067e: PUSH1 0x40 00000680: MLOAD 00000681: SWAP1 00000682: DUP2 00000683: ADD 00000684: PUSH1 0x40 00000686: MSTORE 00000687: DUP1 00000688: SWAP4 00000689: SWAP3 0000068a: SWAP2 0000068b: SWAP1 0000068c: DUP2 0000068d: DUP2 0000068e: MSTORE 0000068f: PUSH1 0x20 00000691: ADD 00000692: DUP4 00000693: DUP4 00000694: PUSH1 0x20 00000696: MUL 00000697: DUP1 00000698: DUP3 00000699: DUP5 0000069a: CALLDATACOPY 0000069b: PUSH1 0x00 0000069d: SWAP3 0000069e: ADD 0000069f: SWAP2 000006a0: SWAP1 000006a1: SWAP2 000006a2: MSTORE 000006a3: POP 000006a4: SWAP3 000006a5: SWAP6 000006a6: SWAP5 000006a7: SWAP4 000006a8: PUSH1 0x20 000006aa: DUP2 000006ab: ADD 000006ac: SWAP4 000006ad: POP 000006ae: CALLDATALOAD 000006af: SWAP2 000006b0: POP 000006b1: POP 000006b2: PUSH5 0x0100000000 000006b8: DUP2 000006b9: GT 000006ba: ISZERO 000006bb: PUSH2 0x06c3 000006be: JUMPI 000006bf: PUSH1 0x00 000006c1: DUP1 000006c2: REVERT 000006c3: JUMPDEST 000006c4: DUP3 000006c5: ADD 000006c6: DUP4 000006c7: PUSH1 0x20 000006c9: DUP3 000006ca: ADD 000006cb: GT 000006cc: ISZERO 000006cd: PUSH2 0x06d5 000006d0: JUMPI 000006d1: PUSH1 0x00 000006d3: DUP1 000006d4: REVERT 000006d5: JUMPDEST 000006d6: DUP1 000006d7: CALLDATALOAD 000006d8: SWAP1 000006d9: PUSH1 0x20 000006db: ADD 000006dc: SWAP2 000006dd: DUP5 000006de: PUSH1 0x20 000006e0: DUP4 000006e1: MUL 000006e2: DUP5 000006e3: ADD 000006e4: GT 000006e5: PUSH5 0x0100000000 000006eb: DUP4 000006ec: GT 000006ed: OR 000006ee: ISZERO 000006ef: PUSH2 0x06f7 000006f2: JUMPI 000006f3: PUSH1 0x00 000006f5: DUP1 000006f6: REVERT 000006f7: JUMPDEST 000006f8: SWAP2 000006f9: SWAP1 000006fa: DUP1 000006fb: DUP1 000006fc: PUSH1 0x20 000006fe: MUL 000006ff: PUSH1 0x20 00000701: ADD 00000702: PUSH1 0x40 00000704: MLOAD 00000705: SWAP1 00000706: DUP2 00000707: ADD 00000708: PUSH1 0x40 0000070a: MSTORE 0000070b: DUP1 0000070c: SWAP4 0000070d: SWAP3 0000070e: SWAP2 0000070f: SWAP1 00000710: DUP2 00000711: DUP2 00000712: MSTORE 00000713: PUSH1 0x20 00000715: ADD 00000716: DUP4 00000717: DUP4 00000718: PUSH1 0x20 0000071a: MUL 0000071b: DUP1 0000071c: DUP3 0000071d: DUP5 0000071e: CALLDATACOPY 0000071f: PUSH1 0x00 00000721: SWAP3 00000722: ADD 00000723: SWAP2 00000724: SWAP1 00000725: SWAP2 00000726: MSTORE 00000727: POP 00000728: SWAP3 00000729: SWAP6 0000072a: POP 0000072b: PUSH2 0x0dec 0000072e: SWAP5 0000072f: POP 00000730: POP 00000731: POP 00000732: POP 00000733: POP 00000734: JUMP 00000735: JUMPDEST 00000736: CALLVALUE 00000737: DUP1 00000738: ISZERO 00000739: PUSH2 0x0741 0000073c: JUMPI 0000073d: PUSH1 0x00 0000073f: DUP1 00000740: REVERT 00000741: JUMPDEST 00000742: POP 00000743: PUSH2 0x0536 00000746: PUSH1 0x04 00000748: DUP1 00000749: CALLDATASIZE 0000074a: SUB 0000074b: PUSH1 0x80 0000074d: DUP2 0000074e: LT 0000074f: ISZERO 00000750: PUSH2 0x0758 00000753: JUMPI 00000754: PUSH1 0x00 00000756: DUP1 00000757: REVERT 00000758: JUMPDEST 00000759: POP 0000075a: PUSH1 0x01 0000075c: PUSH1 0x01 0000075e: PUSH1 0xa0 00000760: SHL 00000761: SUB 00000762: DUP2 00000763: CALLDATALOAD 00000764: DUP2 00000765: AND 00000766: SWAP2 00000767: PUSH1 0x20 00000769: DUP2 0000076a: ADD 0000076b: CALLDATALOAD 0000076c: SWAP1 0000076d: SWAP2 0000076e: AND 0000076f: SWAP1 00000770: PUSH1 0x40 00000772: DUP2 00000773: ADD 00000774: CALLDATALOAD 00000775: SWAP1 00000776: PUSH1 0x60 00000778: ADD 00000779: CALLDATALOAD 0000077a: PUSH2 0x0f26 0000077d: JUMP 0000077e: JUMPDEST 0000077f: CALLVALUE 00000780: DUP1 00000781: ISZERO 00000782: PUSH2 0x078a 00000785: JUMPI 00000786: PUSH1 0x00 00000788: DUP1 00000789: REVERT 0000078a: JUMPDEST 0000078b: POP 0000078c: PUSH2 0x0371 0000078f: PUSH1 0x04 00000791: DUP1 00000792: CALLDATASIZE 00000793: SUB 00000794: PUSH1 0x60 00000796: DUP2 00000797: LT 00000798: ISZERO 00000799: PUSH2 0x07a1 0000079c: JUMPI 0000079d: PUSH1 0x00 0000079f: DUP1 000007a0: REVERT 000007a1: JUMPDEST 000007a2: PUSH1 0x01 000007a4: PUSH1 0x01 000007a6: PUSH1 0xa0 000007a8: SHL 000007a9: SUB 000007aa: DUP3 000007ab: CALLDATALOAD 000007ac: AND 000007ad: SWAP2 000007ae: PUSH1 0x20 000007b0: DUP2 000007b1: ADD 000007b2: CALLDATALOAD 000007b3: SWAP2 000007b4: DUP2 000007b5: ADD 000007b6: SWAP1 000007b7: PUSH1 0x60 000007b9: DUP2 000007ba: ADD 000007bb: PUSH1 0x40 000007bd: DUP3 000007be: ADD 000007bf: CALLDATALOAD 000007c0: PUSH5 0x0100000000 000007c6: DUP2 000007c7: GT 000007c8: ISZERO 000007c9: PUSH2 0x07d1 000007cc: JUMPI 000007cd: PUSH1 0x00 000007cf: DUP1 000007d0: REVERT 000007d1: JUMPDEST 000007d2: DUP3 000007d3: ADD 000007d4: DUP4 000007d5: PUSH1 0x20 000007d7: DUP3 000007d8: ADD 000007d9: GT 000007da: ISZERO 000007db: PUSH2 0x07e3 000007de: JUMPI 000007df: PUSH1 0x00 000007e1: DUP1 000007e2: REVERT 000007e3: JUMPDEST 000007e4: DUP1 000007e5: CALLDATALOAD 000007e6: SWAP1 000007e7: PUSH1 0x20 000007e9: ADD 000007ea: SWAP2 000007eb: DUP5 000007ec: PUSH1 0x01 000007ee: DUP4 000007ef: MUL 000007f0: DUP5 000007f1: ADD 000007f2: GT 000007f3: PUSH5 0x0100000000 000007f9: DUP4 000007fa: GT 000007fb: OR 000007fc: ISZERO 000007fd: PUSH2 0x0805 00000800: JUMPI 00000801: PUSH1 0x00 00000803: DUP1 00000804: REVERT 00000805: JUMPDEST 00000806: SWAP2 00000807: SWAP1 00000808: DUP1 00000809: DUP1 0000080a: PUSH1 0x1f 0000080c: ADD 0000080d: PUSH1 0x20 0000080f: DUP1 00000810: SWAP2 00000811: DIV 00000812: MUL 00000813: PUSH1 0x20 00000815: ADD 00000816: PUSH1 0x40 00000818: MLOAD 00000819: SWAP1 0000081a: DUP2 0000081b: ADD 0000081c: PUSH1 0x40 0000081e: MSTORE 0000081f: DUP1 00000820: SWAP4 00000821: SWAP3 00000822: SWAP2 00000823: SWAP1 00000824: DUP2 00000825: DUP2 00000826: MSTORE 00000827: PUSH1 0x20 00000829: ADD 0000082a: DUP4 0000082b: DUP4 0000082c: DUP1 0000082d: DUP3 0000082e: DUP5 0000082f: CALLDATACOPY 00000830: PUSH1 0x00 00000832: SWAP3 00000833: ADD 00000834: SWAP2 00000835: SWAP1 00000836: SWAP2 00000837: MSTORE 00000838: POP 00000839: SWAP3 0000083a: SWAP6 0000083b: POP 0000083c: PUSH2 0x0fd1 0000083f: SWAP5 00000840: POP 00000841: POP 00000842: POP 00000843: POP 00000844: POP 00000845: JUMP 00000846: JUMPDEST 00000847: CALLVALUE 00000848: DUP1 00000849: ISZERO 0000084a: PUSH2 0x0852 0000084d: JUMPI 0000084e: PUSH1 0x00 00000850: DUP1 00000851: REVERT 00000852: JUMPDEST 00000853: POP 00000854: PUSH2 0x0536 00000857: PUSH1 0x04 00000859: DUP1 0000085a: CALLDATASIZE 0000085b: SUB 0000085c: PUSH1 0x80 0000085e: DUP2 0000085f: LT 00000860: ISZERO 00000861: PUSH2 0x0869 00000864: JUMPI 00000865: PUSH1 0x00 00000867: DUP1 00000868: REVERT 00000869: JUMPDEST 0000086a: POP 0000086b: PUSH1 0x01 0000086d: PUSH1 0x01 0000086f: PUSH1 0xa0 00000871: SHL 00000872: SUB 00000873: DUP2 00000874: CALLDATALOAD 00000875: DUP2 00000876: AND 00000877: SWAP2 00000878: PUSH1 0x20 0000087a: DUP2 0000087b: ADD 0000087c: CALLDATALOAD 0000087d: SWAP2 0000087e: PUSH1 0x40 00000880: DUP3 00000881: ADD 00000882: CALLDATALOAD 00000883: AND 00000884: SWAP1 00000885: PUSH1 0x60 00000887: ADD 00000888: CALLDATALOAD 00000889: PUSH2 0x0fd6 0000088c: JUMP 0000088d: JUMPDEST 0000088e: CALLVALUE 0000088f: DUP1 00000890: ISZERO 00000891: PUSH2 0x0899 00000894: JUMPI 00000895: PUSH1 0x00 00000897: DUP1 00000898: REVERT 00000899: JUMPDEST 0000089a: POP 0000089b: PUSH2 0x0165 0000089e: PUSH1 0x04 000008a0: DUP1 000008a1: CALLDATASIZE 000008a2: SUB 000008a3: PUSH1 0x60 000008a5: DUP2 000008a6: LT 000008a7: ISZERO 000008a8: PUSH2 0x08b0 000008ab: JUMPI 000008ac: PUSH1 0x00 000008ae: DUP1 000008af: REVERT 000008b0: JUMPDEST 000008b1: PUSH1 0x01 000008b3: PUSH1 0x01 000008b5: PUSH1 0xa0 000008b7: SHL 000008b8: SUB 000008b9: DUP3 000008ba: CALLDATALOAD 000008bb: AND 000008bc: SWAP2 000008bd: PUSH1 0x20 000008bf: DUP2 000008c0: ADD 000008c1: CALLDATALOAD 000008c2: SWAP2 000008c3: DUP2 000008c4: ADD 000008c5: SWAP1 000008c6: PUSH1 0x60 000008c8: DUP2 000008c9: ADD 000008ca: PUSH1 0x40 000008cc: DUP3 000008cd: ADD 000008ce: CALLDATALOAD 000008cf: PUSH5 0x0100000000 000008d5: DUP2 000008d6: GT 000008d7: ISZERO 000008d8: PUSH2 0x08e0 000008db: JUMPI 000008dc: PUSH1 0x00 000008de: DUP1 000008df: REVERT 000008e0: JUMPDEST 000008e1: DUP3 000008e2: ADD 000008e3: DUP4 000008e4: PUSH1 0x20 000008e6: DUP3 000008e7: ADD 000008e8: GT 000008e9: ISZERO 000008ea: PUSH2 0x08f2 000008ed: JUMPI 000008ee: PUSH1 0x00 000008f0: DUP1 000008f1: REVERT 000008f2: JUMPDEST 000008f3: DUP1 000008f4: CALLDATALOAD 000008f5: SWAP1 000008f6: PUSH1 0x20 000008f8: ADD 000008f9: SWAP2 000008fa: DUP5 000008fb: PUSH1 0x01 000008fd: DUP4 000008fe: MUL 000008ff: DUP5 00000900: ADD 00000901: GT 00000902: PUSH5 0x0100000000 00000908: DUP4 00000909: GT 0000090a: OR 0000090b: ISZERO 0000090c: PUSH2 0x0914 0000090f: JUMPI 00000910: PUSH1 0x00 00000912: DUP1 00000913: REVERT 00000914: JUMPDEST 00000915: POP 00000916: SWAP1 00000917: SWAP3 00000918: POP 00000919: SWAP1 0000091a: POP 0000091b: PUSH2 0x1083 0000091e: JUMP 0000091f: JUMPDEST 00000920: PUSH32 0xc0ee0b8a00000000000000000000000000000000000000000000000000000000 00000941: DUP2 00000942: JUMP 00000943: JUMPDEST 00000944: PUSH2 0x0951 00000947: DUP7 00000948: DUP7 00000949: DUP7 0000094a: DUP7 0000094b: DUP7 0000094c: DUP7 0000094d: PUSH2 0x10ac 00000950: JUMP 00000951: JUMPDEST 00000952: PUSH2 0x0997 00000955: JUMPI 00000956: PUSH1 0x40 00000958: DUP1 00000959: MLOAD 0000095a: PUSH3 0x461bcd 0000095e: PUSH1 0xe5 00000960: SHL 00000961: DUP2 00000962: MSTORE 00000963: PUSH1 0x20 00000965: PUSH1 0x04 00000967: DUP3 00000968: ADD 00000969: MSTORE 0000096a: PUSH1 0x12 0000096c: PUSH1 0x24 0000096e: DUP3 0000096f: ADD 00000970: MSTORE 00000971: PUSH18 0x24b73b30b634b21039b4b3b730ba3ab93297 00000984: PUSH1 0x71 00000986: SHL 00000987: PUSH1 0x44 00000989: DUP3 0000098a: ADD 0000098b: MSTORE 0000098c: SWAP1 0000098d: MLOAD 0000098e: SWAP1 0000098f: DUP2 00000990: SWAP1 00000991: SUB 00000992: PUSH1 0x64 00000994: ADD 00000995: SWAP1 00000996: REVERT 00000997: JUMPDEST 00000998: PUSH1 0x03 0000099a: DUP1 0000099b: SLOAD 0000099c: PUSH1 0x01 0000099e: ADD 0000099f: SWAP1 000009a0: SSTORE 000009a1: PUSH1 0x01 000009a3: PUSH1 0x01 000009a5: PUSH1 0xa0 000009a7: SHL 000009a8: SUB 000009a9: DUP5 000009aa: AND 000009ab: PUSH20 0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee 000009c0: EQ 000009c1: ISZERO 000009c2: PUSH2 0x0ad1 000009c5: JUMPI 000009c6: ADDRESS 000009c7: BALANCE 000009c8: DUP6 000009c9: GT 000009ca: ISZERO 000009cb: PUSH2 0x0a1b 000009ce: JUMPI 000009cf: PUSH1 0x40 000009d1: DUP1 000009d2: MLOAD 000009d3: PUSH3 0x461bcd 000009d7: PUSH1 0xe5 000009d9: SHL 000009da: DUP2 000009db: MSTORE 000009dc: PUSH1 0x20 000009de: PUSH1 0x04 000009e0: DUP3 000009e1: ADD 000009e2: MSTORE 000009e3: PUSH1 0x1d 000009e5: PUSH1 0x24 000009e7: DUP3 000009e8: ADD 000009e9: MSTORE 000009ea: PUSH32 0x496e73756666696369656e742062616c616e636520746f2073656e642e000000 00000a0b: PUSH1 0x44 00000a0d: DUP3 00000a0e: ADD 00000a0f: MSTORE 00000a10: SWAP1 00000a11: MLOAD 00000a12: SWAP1 00000a13: DUP2 00000a14: SWAP1 00000a15: SUB 00000a16: PUSH1 0x64 00000a18: ADD 00000a19: SWAP1 00000a1a: REVERT 00000a1b: JUMPDEST 00000a1c: PUSH1 0x40 00000a1e: MLOAD 00000a1f: PUSH1 0x00 00000a21: SWAP1 00000a22: PUSH1 0x60 00000a24: SWAP1 00000a25: PUSH1 0x01 00000a27: PUSH1 0x01 00000a29: PUSH1 0xa0 00000a2b: SHL 00000a2c: SUB 00000a2d: DUP10 00000a2e: AND 00000a2f: SWAP1 00000a30: PUSH2 0x4e20 00000a33: SWAP1 00000a34: DUP10 00000a35: SWAP1 00000a36: DUP6 00000a37: DUP2 00000a38: DUP2 00000a39: DUP2 00000a3a: DUP6 00000a3b: DUP9 00000a3c: DUP9 00000a3d: CALL 00000a3e: SWAP4 00000a3f: POP 00000a40: POP 00000a41: POP 00000a42: POP 00000a43: RETURNDATASIZE 00000a44: DUP1 00000a45: PUSH1 0x00 00000a47: DUP2 00000a48: EQ 00000a49: PUSH2 0x0a6e 00000a4c: JUMPI 00000a4d: PUSH1 0x40 00000a4f: MLOAD 00000a50: SWAP2 00000a51: POP 00000a52: PUSH1 0x1f 00000a54: NOT 00000a55: PUSH1 0x3f 00000a57: RETURNDATASIZE 00000a58: ADD 00000a59: AND 00000a5a: DUP3 00000a5b: ADD 00000a5c: PUSH1 0x40 00000a5e: MSTORE 00000a5f: RETURNDATASIZE 00000a60: DUP3 00000a61: MSTORE 00000a62: RETURNDATASIZE 00000a63: PUSH1 0x00 00000a65: PUSH1 0x20 00000a67: DUP5 00000a68: ADD 00000a69: RETURNDATACOPY 00000a6a: PUSH2 0x0a73 00000a6d: JUMP 00000a6e: JUMPDEST 00000a6f: PUSH1 0x60 00000a71: SWAP2 00000a72: POP 00000a73: JUMPDEST 00000a74: POP 00000a75: SWAP2 00000a76: POP 00000a77: SWAP2 00000a78: POP 00000a79: DUP2 00000a7a: PUSH2 0x0aca 00000a7d: JUMPI 00000a7e: PUSH1 0x40 00000a80: DUP1 00000a81: MLOAD 00000a82: PUSH3 0x461bcd 00000a86: PUSH1 0xe5 00000a88: SHL 00000a89: DUP2 00000a8a: MSTORE 00000a8b: PUSH1 0x20 00000a8d: PUSH1 0x04 00000a8f: DUP3 00000a90: ADD 00000a91: MSTORE 00000a92: PUSH1 0x16 00000a94: PUSH1 0x24 00000a96: DUP3 00000a97: ADD 00000a98: MSTORE 00000a99: PUSH32 0x4574686572207472616e73666572206661696c65642e00000000000000000000 00000aba: PUSH1 0x44 00000abc: DUP3 00000abd: ADD 00000abe: MSTORE 00000abf: SWAP1 00000ac0: MLOAD 00000ac1: SWAP1 00000ac2: DUP2 00000ac3: SWAP1 00000ac4: SUB 00000ac5: PUSH1 0x64 00000ac7: ADD 00000ac8: SWAP1 00000ac9: REVERT 00000aca: JUMPDEST 00000acb: POP 00000acc: POP 00000acd: PUSH2 0x0b2d 00000ad0: JUMP 00000ad1: JUMPDEST 00000ad2: PUSH2 0x0adc 00000ad5: DUP5 00000ad6: DUP8 00000ad7: DUP8 00000ad8: PUSH2 0x1277 00000adb: JUMP 00000adc: JUMPDEST 00000add: PUSH2 0x0b2d 00000ae0: JUMPI 00000ae1: PUSH1 0x40 00000ae3: DUP1 00000ae4: MLOAD 00000ae5: PUSH3 0x461bcd 00000ae9: PUSH1 0xe5 00000aeb: SHL 00000aec: DUP2 00000aed: MSTORE 00000aee: PUSH1 0x20 00000af0: PUSH1 0x04 00000af2: DUP3 00000af3: ADD 00000af4: MSTORE 00000af5: PUSH1 0x16 00000af7: PUSH1 0x24 00000af9: DUP3 00000afa: ADD 00000afb: MSTORE 00000afc: PUSH32 0x546f6b656e207472616e73666572206661696c65642e00000000000000000000 00000b1d: PUSH1 0x44 00000b1f: DUP3 00000b20: ADD 00000b21: MSTORE 00000b22: SWAP1 00000b23: MLOAD 00000b24: SWAP1 00000b25: DUP2 00000b26: SWAP1 00000b27: SUB 00000b28: PUSH1 0x64 00000b2a: ADD 00000b2b: SWAP1 00000b2c: REVERT 00000b2d: JUMPDEST 00000b2e: PUSH1 0x40 00000b30: DUP1 00000b31: MLOAD 00000b32: PUSH1 0x01 00000b34: PUSH1 0x01 00000b36: PUSH1 0xa0 00000b38: SHL 00000b39: SUB 00000b3a: DUP1 00000b3b: DUP10 00000b3c: AND 00000b3d: DUP3 00000b3e: MSTORE 00000b3f: PUSH1 0x20 00000b41: DUP3 00000b42: ADD 00000b43: DUP9 00000b44: SWAP1 00000b45: MSTORE 00000b46: DUP7 00000b47: AND 00000b48: DUP2 00000b49: DUP4 00000b4a: ADD 00000b4b: MSTORE 00000b4c: SWAP1 00000b4d: MLOAD 00000b4e: PUSH32 0x5a41af68171a76546ae6bd5ae4bc21a429cf8704319e9a5bff7829f9cb959dd5 00000b6f: SWAP2 00000b70: DUP2 00000b71: SWAP1 00000b72: SUB 00000b73: PUSH1 0x60 00000b75: ADD 00000b76: SWAP1 00000b77: LOG1 00000b78: POP 00000b79: POP 00000b7a: POP 00000b7b: POP 00000b7c: POP 00000b7d: POP 00000b7e: JUMP 00000b7f: JUMPDEST 00000b80: PUSH32 0x150b7a0200000000000000000000000000000000000000000000000000000000 00000ba1: SWAP5 00000ba2: SWAP4 00000ba3: POP 00000ba4: POP 00000ba5: POP 00000ba6: POP 00000ba7: JUMP 00000ba8: JUMPDEST 00000ba9: PUSH1 0x00 00000bab: SLOAD 00000bac: PUSH1 0xff 00000bae: AND 00000baf: DUP2 00000bb0: JUMP 00000bb1: JUMPDEST 00000bb2: PUSH1 0x00 00000bb4: SLOAD 00000bb5: PUSH1 0xff 00000bb7: AND 00000bb8: ISZERO 00000bb9: PUSH2 0x0bf3 00000bbc: JUMPI 00000bbd: PUSH1 0x40 00000bbf: MLOAD 00000bc0: PUSH3 0x461bcd 00000bc4: PUSH1 0xe5 00000bc6: SHL 00000bc7: DUP2 00000bc8: MSTORE 00000bc9: PUSH1 0x04 00000bcb: ADD 00000bcc: DUP1 00000bcd: DUP1 00000bce: PUSH1 0x20 00000bd0: ADD 00000bd1: DUP3 00000bd2: DUP2 00000bd3: SUB 00000bd4: DUP3 00000bd5: MSTORE 00000bd6: PUSH1 0x2b 00000bd8: DUP2 00000bd9: MSTORE 00000bda: PUSH1 0x20 00000bdc: ADD 00000bdd: DUP1 00000bde: PUSH2 0x190a 00000be1: PUSH1 0x2b 00000be3: SWAP2 00000be4: CODECOPY 00000be5: PUSH1 0x40 00000be7: ADD 00000be8: SWAP2 00000be9: POP 00000bea: POP 00000beb: PUSH1 0x40 00000bed: MLOAD 00000bee: DUP1 00000bef: SWAP2 00000bf0: SUB 00000bf1: SWAP1 00000bf2: REVERT 00000bf3: JUMPDEST 00000bf4: PUSH1 0x00 00000bf6: DUP1 00000bf7: JUMPDEST 00000bf8: DUP4 00000bf9: MLOAD 00000bfa: DUP2 00000bfb: LT 00000bfc: ISZERO 00000bfd: PUSH2 0x0d22 00000c00: JUMPI 00000c01: DUP2 00000c02: PUSH1 0x01 00000c04: PUSH1 0x01 00000c06: PUSH1 0xa0 00000c08: SHL 00000c09: SUB 00000c0a: AND 00000c0b: DUP5 00000c0c: DUP3 00000c0d: DUP2 00000c0e: MLOAD 00000c0f: DUP2 00000c10: LT 00000c11: PUSH2 0x0c16 00000c14: JUMPI 00000c15: INVALID 00000c16: JUMPDEST 00000c17: PUSH1 0x20 00000c19: MUL 00000c1a: PUSH1 0x20 00000c1c: ADD 00000c1d: ADD 00000c1e: MLOAD 00000c1f: PUSH1 0x01 00000c21: PUSH1 0x01 00000c23: PUSH1 0xa0 00000c25: SHL 00000c26: SUB 00000c27: AND 00000c28: EQ 00000c29: ISZERO 00000c2a: PUSH2 0x0c64 00000c2d: JUMPI 00000c2e: PUSH1 0x40 00000c30: MLOAD 00000c31: PUSH3 0x461bcd 00000c35: PUSH1 0xe5 00000c37: SHL 00000c38: DUP2 00000c39: MSTORE 00000c3a: PUSH1 0x04 00000c3c: ADD 00000c3d: DUP1 00000c3e: DUP1 00000c3f: PUSH1 0x20 00000c41: ADD 00000c42: DUP3 00000c43: DUP2 00000c44: SUB 00000c45: DUP3 00000c46: MSTORE 00000c47: PUSH1 0x25 00000c49: DUP2 00000c4a: MSTORE 00000c4b: PUSH1 0x20 00000c4d: ADD 00000c4e: DUP1 00000c4f: PUSH2 0x186b 00000c52: PUSH1 0x25 00000c54: SWAP2 00000c55: CODECOPY 00000c56: PUSH1 0x40 00000c58: ADD 00000c59: SWAP2 00000c5a: POP 00000c5b: POP 00000c5c: PUSH1 0x40 00000c5e: MLOAD 00000c5f: DUP1 00000c60: SWAP2 00000c61: SUB 00000c62: SWAP1 00000c63: REVERT 00000c64: JUMPDEST 00000c65: PUSH1 0x01 00000c67: PUSH1 0x00 00000c69: DUP6 00000c6a: DUP4 00000c6b: DUP2 00000c6c: MLOAD 00000c6d: DUP2 00000c6e: LT 00000c6f: PUSH2 0x0c74 00000c72: JUMPI 00000c73: INVALID 00000c74: JUMPDEST 00000c75: PUSH1 0x20 00000c77: SWAP1 00000c78: DUP2 00000c79: MUL 00000c7a: SWAP2 00000c7b: SWAP1 00000c7c: SWAP2 00000c7d: ADD 00000c7e: DUP2 00000c7f: ADD 00000c80: MLOAD 00000c81: PUSH1 0x01 00000c83: PUSH1 0x01 00000c85: PUSH1 0xa0 00000c87: SHL 00000c88: SUB 00000c89: AND 00000c8a: DUP3 00000c8b: MSTORE 00000c8c: DUP2 00000c8d: ADD 00000c8e: SWAP2 00000c8f: SWAP1 00000c90: SWAP2 00000c91: MSTORE 00000c92: PUSH1 0x40 00000c94: ADD 00000c95: PUSH1 0x00 00000c97: KECCAK256 00000c98: SLOAD 00000c99: PUSH1 0xff 00000c9b: AND 00000c9c: ISZERO 00000c9d: PUSH2 0x0cd7 00000ca0: JUMPI 00000ca1: PUSH1 0x40 00000ca3: MLOAD 00000ca4: PUSH3 0x461bcd 00000ca8: PUSH1 0xe5 00000caa: SHL 00000cab: DUP2 00000cac: MSTORE 00000cad: PUSH1 0x04 00000caf: ADD 00000cb0: DUP1 00000cb1: DUP1 00000cb2: PUSH1 0x20 00000cb4: ADD 00000cb5: DUP3 00000cb6: DUP2 00000cb7: SUB 00000cb8: DUP3 00000cb9: MSTORE 00000cba: PUSH1 0x21 00000cbc: DUP2 00000cbd: MSTORE 00000cbe: PUSH1 0x20 00000cc0: ADD 00000cc1: DUP1 00000cc2: PUSH2 0x17fe 00000cc5: PUSH1 0x21 00000cc7: SWAP2 00000cc8: CODECOPY 00000cc9: PUSH1 0x40 00000ccb: ADD 00000ccc: SWAP2 00000ccd: POP 00000cce: POP 00000ccf: PUSH1 0x40 00000cd1: MLOAD 00000cd2: DUP1 00000cd3: SWAP2 00000cd4: SUB 00000cd5: SWAP1 00000cd6: REVERT 00000cd7: JUMPDEST 00000cd8: PUSH1 0x01 00000cda: DUP1 00000cdb: PUSH1 0x00 00000cdd: DUP7 00000cde: DUP5 00000cdf: DUP2 00000ce0: MLOAD 00000ce1: DUP2 00000ce2: LT 00000ce3: PUSH2 0x0ce8 00000ce6: JUMPI 00000ce7: INVALID 00000ce8: JUMPDEST 00000ce9: PUSH1 0x20 00000ceb: SWAP1 00000cec: DUP2 00000ced: MUL 00000cee: SWAP2 00000cef: SWAP1 00000cf0: SWAP2 00000cf1: ADD 00000cf2: DUP2 00000cf3: ADD 00000cf4: MLOAD 00000cf5: PUSH1 0x01 00000cf7: PUSH1 0x01 00000cf9: PUSH1 0xa0 00000cfb: SHL 00000cfc: SUB 00000cfd: AND 00000cfe: DUP3 00000cff: MSTORE 00000d00: DUP2 00000d01: ADD 00000d02: SWAP2 00000d03: SWAP1 00000d04: SWAP2 00000d05: MSTORE 00000d06: PUSH1 0x40 00000d08: ADD 00000d09: PUSH1 0x00 00000d0b: KECCAK256 00000d0c: DUP1 00000d0d: SLOAD 00000d0e: PUSH1 0xff 00000d10: NOT 00000d11: AND 00000d12: SWAP2 00000d13: ISZERO 00000d14: ISZERO 00000d15: SWAP2 00000d16: SWAP1 00000d17: SWAP2 00000d18: OR 00000d19: SWAP1 00000d1a: SSTORE 00000d1b: PUSH1 0x01 00000d1d: ADD 00000d1e: PUSH2 0x0bf7 00000d21: JUMP 00000d22: JUMPDEST 00000d23: POP 00000d24: PUSH1 0x00 00000d26: DUP3 00000d27: GT 00000d28: PUSH2 0x0d62 00000d2b: JUMPI 00000d2c: PUSH1 0x40 00000d2e: MLOAD 00000d2f: PUSH3 0x461bcd 00000d33: PUSH1 0xe5 00000d35: SHL 00000d36: DUP2 00000d37: MSTORE 00000d38: PUSH1 0x04 00000d3a: ADD 00000d3b: DUP1 00000d3c: DUP1 00000d3d: PUSH1 0x20 00000d3f: ADD 00000d40: DUP3 00000d41: DUP2 00000d42: SUB 00000d43: DUP3 00000d44: MSTORE 00000d45: PUSH1 0x26 00000d47: DUP2 00000d48: MSTORE 00000d49: PUSH1 0x20 00000d4b: ADD 00000d4c: DUP1 00000d4d: PUSH2 0x18c3 00000d50: PUSH1 0x26 00000d52: SWAP2 00000d53: CODECOPY 00000d54: PUSH1 0x40 00000d56: ADD 00000d57: SWAP2 00000d58: POP 00000d59: POP 00000d5a: PUSH1 0x40 00000d5c: MLOAD 00000d5d: DUP1 00000d5e: SWAP2 00000d5f: SUB 00000d60: SWAP1 00000d61: REVERT 00000d62: JUMPDEST 00000d63: DUP3 00000d64: MLOAD 00000d65: DUP3 00000d66: GT 00000d67: ISZERO 00000d68: PUSH2 0x0da2 00000d6b: JUMPI 00000d6c: PUSH1 0x40 00000d6e: MLOAD 00000d6f: PUSH3 0x461bcd 00000d73: PUSH1 0xe5 00000d75: SHL 00000d76: DUP2 00000d77: MSTORE 00000d78: PUSH1 0x04 00000d7a: ADD 00000d7b: DUP1 00000d7c: DUP1 00000d7d: PUSH1 0x20 00000d7f: ADD 00000d80: DUP3 00000d81: DUP2 00000d82: SUB 00000d83: DUP3 00000d84: MSTORE 00000d85: PUSH1 0x28 00000d87: DUP2 00000d88: MSTORE 00000d89: PUSH1 0x20 00000d8b: ADD 00000d8c: DUP1 00000d8d: PUSH2 0x1843 00000d90: PUSH1 0x28 00000d92: SWAP2 00000d93: CODECOPY 00000d94: PUSH1 0x40 00000d96: ADD 00000d97: SWAP2 00000d98: POP 00000d99: POP 00000d9a: PUSH1 0x40 00000d9c: MLOAD 00000d9d: DUP1 00000d9e: SWAP2 00000d9f: SUB 00000da0: SWAP1 00000da1: REVERT 00000da2: JUMPDEST 00000da3: PUSH1 0x04 00000da5: DUP3 00000da6: SWAP1 00000da7: SSTORE 00000da8: PUSH1 0x00 00000daa: DUP1 00000dab: SLOAD 00000dac: PUSH1 0xff 00000dae: NOT 00000daf: AND 00000db0: PUSH1 0x01 00000db2: OR 00000db3: DUP2 00000db4: SSTORE 00000db5: PUSH1 0x40 00000db7: MLOAD 00000db8: PUSH32 0x5daa87a0e9463431830481fd4b6e3403442dfb9a12b9c07597e9f61d50b633c8 00000dd9: SWAP2 00000dda: SWAP1 00000ddb: LOG1 00000ddc: POP 00000ddd: POP 00000dde: POP 00000ddf: JUMP 00000de0: JUMPDEST 00000de1: PUSH1 0x04 00000de3: SLOAD 00000de4: DUP2 00000de5: JUMP 00000de6: JUMPDEST 00000de7: PUSH1 0x03 00000de9: SLOAD 00000dea: DUP2 00000deb: JUMP 00000dec: JUMPDEST 00000ded: PUSH2 0x0dfa 00000df0: DUP7 00000df1: DUP7 00000df2: DUP7 00000df3: DUP7 00000df4: DUP7 00000df5: DUP7 00000df6: PUSH2 0x133d 00000df9: JUMP 00000dfa: JUMPDEST 00000dfb: PUSH2 0x0e40 00000dfe: JUMPI 00000dff: PUSH1 0x40 00000e01: DUP1 00000e02: MLOAD 00000e03: PUSH3 0x461bcd 00000e07: PUSH1 0xe5 00000e09: SHL 00000e0a: DUP2 00000e0b: MSTORE 00000e0c: PUSH1 0x20 00000e0e: PUSH1 0x04 00000e10: DUP3 00000e11: ADD 00000e12: MSTORE 00000e13: PUSH1 0x12 00000e15: PUSH1 0x24 00000e17: DUP3 00000e18: ADD 00000e19: MSTORE 00000e1a: PUSH18 0x24b73b30b634b21039b4b3b730ba3ab93297 00000e2d: PUSH1 0x71 00000e2f: SHL 00000e30: PUSH1 0x44 00000e32: DUP3 00000e33: ADD 00000e34: MSTORE 00000e35: SWAP1 00000e36: MLOAD 00000e37: SWAP1 00000e38: DUP2 00000e39: SWAP1 00000e3a: SUB 00000e3b: PUSH1 0x64 00000e3d: ADD 00000e3e: SWAP1 00000e3f: REVERT 00000e40: JUMPDEST 00000e41: PUSH1 0x03 00000e43: DUP1 00000e44: SLOAD 00000e45: PUSH1 0x01 00000e47: ADD 00000e48: SWAP1 00000e49: SSTORE 00000e4a: PUSH1 0x40 00000e4c: DUP1 00000e4d: MLOAD 00000e4e: PUSH32 0x42842e0e00000000000000000000000000000000000000000000000000000000 00000e6f: DUP2 00000e70: MSTORE 00000e71: ADDRESS 00000e72: PUSH1 0x04 00000e74: DUP3 00000e75: ADD 00000e76: MSTORE 00000e77: PUSH1 0x01 00000e79: PUSH1 0x01 00000e7b: PUSH1 0xa0 00000e7d: SHL 00000e7e: SUB 00000e7f: DUP9 00000e80: DUP2 00000e81: AND 00000e82: PUSH1 0x24 00000e84: DUP4 00000e85: ADD 00000e86: MSTORE 00000e87: PUSH1 0x44 00000e89: DUP3 00000e8a: ADD 00000e8b: DUP8 00000e8c: SWAP1 00000e8d: MSTORE 00000e8e: SWAP2 00000e8f: MLOAD 00000e90: DUP8 00000e91: SWAP3 00000e92: DUP4 00000e93: AND 00000e94: SWAP2 00000e95: PUSH4 0x42842e0e 00000e9a: SWAP2 00000e9b: PUSH1 0x64 00000e9d: DUP1 00000e9e: DUP4 00000e9f: ADD 00000ea0: SWAP3 00000ea1: PUSH1 0x00 00000ea3: SWAP3 00000ea4: SWAP2 00000ea5: SWAP1 00000ea6: DUP3 00000ea7: SWAP1 00000ea8: SUB 00000ea9: ADD 00000eaa: DUP2 00000eab: DUP4 00000eac: DUP8 00000ead: DUP1 00000eae: EXTCODESIZE 00000eaf: ISZERO 00000eb0: DUP1 00000eb1: ISZERO 00000eb2: PUSH2 0x0eba 00000eb5: JUMPI 00000eb6: PUSH1 0x00 00000eb8: DUP1 00000eb9: REVERT 00000eba: JUMPDEST 00000ebb: POP 00000ebc: GAS 00000ebd: CALL 00000ebe: ISZERO 00000ebf: DUP1 00000ec0: ISZERO 00000ec1: PUSH2 0x0ece 00000ec4: JUMPI 00000ec5: RETURNDATASIZE 00000ec6: PUSH1 0x00 00000ec8: DUP1 00000ec9: RETURNDATACOPY 00000eca: RETURNDATASIZE 00000ecb: PUSH1 0x00 00000ecd: REVERT 00000ece: JUMPDEST 00000ecf: POP 00000ed0: POP 00000ed1: PUSH1 0x40 00000ed3: DUP1 00000ed4: MLOAD 00000ed5: PUSH1 0x01 00000ed7: PUSH1 0x01 00000ed9: PUSH1 0xa0 00000edb: SHL 00000edc: SUB 00000edd: DUP1 00000ede: DUP13 00000edf: AND 00000ee0: DUP3 00000ee1: MSTORE 00000ee2: DUP11 00000ee3: AND 00000ee4: PUSH1 0x20 00000ee6: DUP3 00000ee7: ADD 00000ee8: MSTORE 00000ee9: DUP1 00000eea: DUP3 00000eeb: ADD 00000eec: DUP10 00000eed: SWAP1 00000eee: MSTORE 00000eef: SWAP1 00000ef0: MLOAD 00000ef1: PUSH32 0xc18352ae46a2296c951b2256c5ebc5b4546e6222fea2e4f36e824db9d44eb7ec 00000f12: SWAP4 00000f13: POP 00000f14: SWAP1 00000f15: DUP2 00000f16: SWAP1 00000f17: SUB 00000f18: PUSH1 0x60 00000f1a: ADD 00000f1b: SWAP2 00000f1c: POP 00000f1d: LOG1 00000f1e: POP 00000f1f: POP 00000f20: POP 00000f21: POP 00000f22: POP 00000f23: POP 00000f24: POP 00000f25: JUMP 00000f26: JUMPDEST 00000f27: PUSH1 0x00 00000f29: PUSH1 0x01 00000f2b: PUSH1 0x01 00000f2d: PUSH1 0xa0 00000f2f: SHL 00000f30: SUB 00000f31: DUP6 00000f32: AND 00000f33: ADDRESS 00000f34: EQ 00000f35: ISZERO 00000f36: PUSH2 0x0f70 00000f39: JUMPI 00000f3a: PUSH1 0x40 00000f3c: MLOAD 00000f3d: PUSH3 0x461bcd 00000f41: PUSH1 0xe5 00000f43: SHL 00000f44: DUP2 00000f45: MSTORE 00000f46: PUSH1 0x04 00000f48: ADD 00000f49: DUP1 00000f4a: DUP1 00000f4b: PUSH1 0x20 00000f4d: ADD 00000f4e: DUP3 00000f4f: DUP2 00000f50: SUB 00000f51: DUP3 00000f52: MSTORE 00000f53: PUSH1 0x24 00000f55: DUP2 00000f56: MSTORE 00000f57: PUSH1 0x20 00000f59: ADD 00000f5a: DUP1 00000f5b: PUSH2 0x181f 00000f5e: PUSH1 0x24 00000f60: SWAP2 00000f61: CODECOPY 00000f62: PUSH1 0x40 00000f64: ADD 00000f65: SWAP2 00000f66: POP 00000f67: POP 00000f68: PUSH1 0x40 00000f6a: MLOAD 00000f6b: DUP1 00000f6c: SWAP2 00000f6d: SUB 00000f6e: SWAP1 00000f6f: REVERT 00000f70: JUMPDEST 00000f71: POP 00000f72: PUSH1 0x40 00000f74: DUP1 00000f75: MLOAD 00000f76: ADDRESS 00000f77: PUSH1 0x60 00000f79: SWAP1 00000f7a: DUP2 00000f7b: SHL 00000f7c: PUSH1 0x20 00000f7e: DUP1 00000f7f: DUP5 00000f80: ADD 00000f81: SWAP2 00000f82: SWAP1 00000f83: SWAP2 00000f84: MSTORE 00000f85: PUSH12 0xffffffffffffffffffffffff 00000f92: NOT 00000f93: SWAP8 00000f94: DUP3 00000f95: SHL 00000f96: DUP9 00000f97: AND 00000f98: PUSH1 0x34 00000f9a: DUP5 00000f9b: ADD 00000f9c: MSTORE 00000f9d: SWAP6 00000f9e: SWAP1 00000f9f: SHL 00000fa0: SWAP1 00000fa1: SWAP6 00000fa2: AND 00000fa3: PUSH1 0x48 00000fa5: DUP7 00000fa6: ADD 00000fa7: MSTORE 00000fa8: PUSH1 0x5c 00000faa: DUP6 00000fab: ADD 00000fac: SWAP3 00000fad: SWAP1 00000fae: SWAP3 00000faf: MSTORE 00000fb0: PUSH1 0x7c 00000fb2: DUP1 00000fb3: DUP6 00000fb4: ADD 00000fb5: SWAP2 00000fb6: SWAP1 00000fb7: SWAP2 00000fb8: MSTORE 00000fb9: DUP2 00000fba: MLOAD 00000fbb: DUP1 00000fbc: DUP6 00000fbd: SUB 00000fbe: SWAP1 00000fbf: SWAP2 00000fc0: ADD 00000fc1: DUP2 00000fc2: MSTORE 00000fc3: PUSH1 0x9c 00000fc5: SWAP1 00000fc6: SWAP4 00000fc7: ADD 00000fc8: SWAP1 00000fc9: MSTORE 00000fca: DUP2 00000fcb: MLOAD 00000fcc: SWAP2 00000fcd: ADD 00000fce: KECCAK256 00000fcf: SWAP1 00000fd0: JUMP 00000fd1: JUMPDEST 00000fd2: POP 00000fd3: POP 00000fd4: POP 00000fd5: JUMP 00000fd6: JUMPDEST 00000fd7: PUSH1 0x00 00000fd9: PUSH1 0x01 00000fdb: PUSH1 0x01 00000fdd: PUSH1 0xa0 00000fdf: SHL 00000fe0: SUB 00000fe1: DUP6 00000fe2: AND 00000fe3: ADDRESS 00000fe4: EQ 00000fe5: ISZERO 00000fe6: PUSH2 0x1020 00000fe9: JUMPI 00000fea: PUSH1 0x40 00000fec: MLOAD 00000fed: PUSH3 0x461bcd 00000ff1: PUSH1 0xe5 00000ff3: SHL 00000ff4: DUP2 00000ff5: MSTORE 00000ff6: PUSH1 0x04 00000ff8: ADD 00000ff9: DUP1 00000ffa: DUP1 00000ffb: PUSH1 0x20 00000ffd: ADD 00000ffe: DUP3 00000fff: DUP2 00001000: SUB 00001001: DUP3 00001002: MSTORE 00001003: PUSH1 0x24 00001005: DUP2 00001006: MSTORE 00001007: PUSH1 0x20 00001009: ADD 0000100a: DUP1 0000100b: PUSH2 0x181f 0000100e: PUSH1 0x24 00001010: SWAP2 00001011: CODECOPY 00001012: PUSH1 0x40 00001014: ADD 00001015: SWAP2 00001016: POP 00001017: POP 00001018: PUSH1 0x40 0000101a: MLOAD 0000101b: DUP1 0000101c: SWAP2 0000101d: SUB 0000101e: SWAP1 0000101f: REVERT 00001020: JUMPDEST 00001021: POP 00001022: PUSH1 0x40 00001024: DUP1 00001025: MLOAD 00001026: ADDRESS 00001027: PUSH1 0x60 00001029: SWAP1 0000102a: DUP2 0000102b: SHL 0000102c: PUSH1 0x20 0000102e: DUP1 0000102f: DUP5 00001030: ADD 00001031: SWAP2 00001032: SWAP1 00001033: SWAP2 00001034: MSTORE 00001035: PUSH12 0xffffffffffffffffffffffff 00001042: NOT 00001043: SWAP8 00001044: DUP3 00001045: SHL 00001046: DUP9 00001047: AND 00001048: PUSH1 0x34 0000104a: DUP5 0000104b: ADD 0000104c: MSTORE 0000104d: PUSH1 0x48 0000104f: DUP4 00001050: ADD 00001051: SWAP7 00001052: SWAP1 00001053: SWAP7 00001054: MSTORE 00001055: SWAP4 00001056: SWAP1 00001057: SWAP4 00001058: SHL 00001059: SWAP1 0000105a: SWAP5 0000105b: AND 0000105c: PUSH1 0x68 0000105e: DUP4 0000105f: ADD 00001060: MSTORE 00001061: PUSH1 0x7c 00001063: DUP1 00001064: DUP4 00001065: ADD 00001066: SWAP2 00001067: SWAP1 00001068: SWAP2 00001069: MSTORE 0000106a: DUP4 0000106b: MLOAD 0000106c: DUP1 0000106d: DUP4 0000106e: SUB 0000106f: SWAP1 00001070: SWAP2 00001071: ADD 00001072: DUP2 00001073: MSTORE 00001074: PUSH1 0x9c 00001076: SWAP1 00001077: SWAP2 00001078: ADD 00001079: SWAP1 0000107a: SWAP3 0000107b: MSTORE 0000107c: DUP2 0000107d: MLOAD 0000107e: SWAP2 0000107f: ADD 00001080: KECCAK256 00001081: SWAP1 00001082: JUMP 00001083: JUMPDEST 00001084: PUSH32 0xf0b9e5ba00000000000000000000000000000000000000000000000000000000 000010a5: SWAP5 000010a6: SWAP4 000010a7: POP 000010a8: POP 000010a9: POP 000010aa: POP 000010ab: JUMP 000010ac: JUMPDEST 000010ad: PUSH1 0x00 000010af: DUP1 000010b0: PUSH2 0x10ba 000010b3: DUP9 000010b4: DUP9 000010b5: DUP9 000010b6: PUSH2 0x14b4 000010b9: JUMP 000010ba: JUMPDEST 000010bb: SWAP1 000010bc: POP 000010bd: PUSH1 0x04 000010bf: SLOAD 000010c0: DUP6 000010c1: MLOAD 000010c2: EQ 000010c3: DUP1 000010c4: ISZERO 000010c5: PUSH2 0x10d0 000010c8: JUMPI 000010c9: POP 000010ca: PUSH1 0x04 000010cc: SLOAD 000010cd: DUP5 000010ce: MLOAD 000010cf: EQ 000010d0: JUMPDEST 000010d1: DUP1 000010d2: ISZERO 000010d3: PUSH2 0x10de 000010d6: JUMPI 000010d7: POP 000010d8: PUSH1 0x04 000010da: SLOAD 000010db: DUP4 000010dc: MLOAD 000010dd: EQ 000010de: JUMPDEST 000010df: PUSH2 0x1119 000010e2: JUMPI 000010e3: PUSH1 0x40 000010e5: MLOAD 000010e6: PUSH3 0x461bcd 000010ea: PUSH1 0xe5 000010ec: SHL 000010ed: DUP2 000010ee: MSTORE 000010ef: PUSH1 0x04 000010f1: ADD 000010f2: DUP1 000010f3: DUP1 000010f4: PUSH1 0x20 000010f6: ADD 000010f7: DUP3 000010f8: DUP2 000010f9: SUB 000010fa: DUP3 000010fb: MSTORE 000010fc: PUSH1 0x33 000010fe: DUP2 000010ff: MSTORE 00001100: PUSH1 0x20 00001102: ADD 00001103: DUP1 00001104: PUSH2 0x1890 00001107: PUSH1 0x33 00001109: SWAP2 0000110a: CODECOPY 0000110b: PUSH1 0x40 0000110d: ADD 0000110e: SWAP2 0000110f: POP 00001110: POP 00001111: PUSH1 0x40 00001113: MLOAD 00001114: DUP1 00001115: SWAP2 00001116: SUB 00001117: SWAP1 00001118: REVERT 00001119: JUMPDEST 0000111a: PUSH1 0x60 0000111c: PUSH1 0x04 0000111e: SLOAD 0000111f: PUSH1 0x40 00001121: MLOAD 00001122: SWAP1 00001123: DUP1 00001124: DUP3 00001125: MSTORE 00001126: DUP1 00001127: PUSH1 0x20 00001129: MUL 0000112a: PUSH1 0x20 0000112c: ADD 0000112d: DUP3 0000112e: ADD 0000112f: PUSH1 0x40 00001131: MSTORE 00001132: DUP1 00001133: ISZERO 00001134: PUSH2 0x1147 00001137: JUMPI 00001138: DUP2 00001139: PUSH1 0x20 0000113b: ADD 0000113c: PUSH1 0x20 0000113e: DUP3 0000113f: MUL 00001140: DUP1 00001141: CODESIZE 00001142: DUP4 00001143: CODECOPY 00001144: ADD 00001145: SWAP1 00001146: POP 00001147: JUMPDEST 00001148: POP 00001149: SWAP1 0000114a: POP 0000114b: PUSH1 0x00 0000114d: JUMPDEST 0000114e: PUSH1 0x04 00001150: SLOAD 00001151: DUP2 00001152: LT 00001153: ISZERO 00001154: PUSH2 0x1223 00001157: JUMPI 00001158: PUSH1 0x01 0000115a: DUP4 0000115b: DUP9 0000115c: DUP4 0000115d: DUP2 0000115e: MLOAD 0000115f: DUP2 00001160: LT 00001161: PUSH2 0x1166 00001164: JUMPI 00001165: INVALID 00001166: JUMPDEST 00001167: PUSH1 0x20 00001169: MUL 0000116a: PUSH1 0x20 0000116c: ADD 0000116d: ADD 0000116e: MLOAD 0000116f: DUP9 00001170: DUP5 00001171: DUP2 00001172: MLOAD 00001173: DUP2 00001174: LT 00001175: PUSH2 0x117a 00001178: JUMPI 00001179: INVALID 0000117a: JUMPDEST 0000117b: PUSH1 0x20 0000117d: MUL 0000117e: PUSH1 0x20 00001180: ADD 00001181: ADD 00001182: MLOAD 00001183: DUP9 00001184: DUP6 00001185: DUP2 00001186: MLOAD 00001187: DUP2 00001188: LT 00001189: PUSH2 0x118e 0000118c: JUMPI 0000118d: INVALID 0000118e: JUMPDEST 0000118f: PUSH1 0x20 00001191: MUL 00001192: PUSH1 0x20 00001194: ADD 00001195: ADD 00001196: MLOAD 00001197: PUSH1 0x40 00001199: MLOAD 0000119a: PUSH1 0x00 0000119c: DUP2 0000119d: MSTORE 0000119e: PUSH1 0x20 000011a0: ADD 000011a1: PUSH1 0x40 000011a3: MSTORE 000011a4: PUSH1 0x40 000011a6: MLOAD 000011a7: DUP1 000011a8: DUP6 000011a9: DUP2 000011aa: MSTORE 000011ab: PUSH1 0x20 000011ad: ADD 000011ae: DUP5 000011af: PUSH1 0xff 000011b1: AND 000011b2: PUSH1 0xff 000011b4: AND 000011b5: DUP2 000011b6: MSTORE 000011b7: PUSH1 0x20 000011b9: ADD 000011ba: DUP4 000011bb: DUP2 000011bc: MSTORE 000011bd: PUSH1 0x20 000011bf: ADD 000011c0: DUP3 000011c1: DUP2 000011c2: MSTORE 000011c3: PUSH1 0x20 000011c5: ADD 000011c6: SWAP5 000011c7: POP 000011c8: POP 000011c9: POP 000011ca: POP 000011cb: POP 000011cc: PUSH1 0x20 000011ce: PUSH1 0x40 000011d0: MLOAD 000011d1: PUSH1 0x20 000011d3: DUP2 000011d4: SUB 000011d5: SWAP1 000011d6: DUP1 000011d7: DUP5 000011d8: SUB 000011d9: SWAP1 000011da: DUP6 000011db: GAS 000011dc: STATICCALL 000011dd: ISZERO 000011de: DUP1 000011df: ISZERO 000011e0: PUSH2 0x11ed 000011e3: JUMPI 000011e4: RETURNDATASIZE 000011e5: PUSH1 0x00 000011e7: DUP1 000011e8: RETURNDATACOPY 000011e9: RETURNDATASIZE 000011ea: PUSH1 0x00 000011ec: REVERT 000011ed: JUMPDEST 000011ee: POP 000011ef: POP 000011f0: POP 000011f1: PUSH1 0x20 000011f3: PUSH1 0x40 000011f5: MLOAD 000011f6: SUB 000011f7: MLOAD 000011f8: DUP3 000011f9: DUP3 000011fa: DUP2 000011fb: MLOAD 000011fc: DUP2 000011fd: LT 000011fe: PUSH2 0x1203 00001201: JUMPI 00001202: INVALID 00001203: JUMPDEST 00001204: PUSH1 0x01 00001206: PUSH1 0x01 00001208: PUSH1 0xa0 0000120a: SHL 0000120b: SUB 0000120c: SWAP1 0000120d: SWAP3 0000120e: AND 0000120f: PUSH1 0x20 00001211: SWAP3 00001212: DUP4 00001213: MUL 00001214: SWAP2 00001215: SWAP1 00001216: SWAP2 00001217: ADD 00001218: SWAP1 00001219: SWAP2 0000121a: ADD 0000121b: MSTORE 0000121c: PUSH1 0x01 0000121e: ADD 0000121f: PUSH2 0x114d 00001222: JUMP 00001223: JUMPDEST 00001224: POP 00001225: PUSH2 0x122d 00001228: DUP2 00001229: PUSH2 0x1577 0000122c: JUMP 0000122d: JUMPDEST 0000122e: PUSH2 0x1268 00001231: JUMPI 00001232: PUSH1 0x40 00001234: MLOAD 00001235: PUSH3 0x461bcd 00001239: PUSH1 0xe5 0000123b: SHL 0000123c: DUP2 0000123d: MSTORE 0000123e: PUSH1 0x04 00001240: ADD 00001241: DUP1 00001242: DUP1 00001243: PUSH1 0x20 00001245: ADD 00001246: DUP3 00001247: DUP2 00001248: SUB 00001249: DUP3 0000124a: MSTORE 0000124b: PUSH1 0x21 0000124d: DUP2 0000124e: MSTORE 0000124f: PUSH1 0x20 00001251: ADD 00001252: DUP1 00001253: PUSH2 0x18e9 00001256: PUSH1 0x21 00001258: SWAP2 00001259: CODECOPY 0000125a: PUSH1 0x40 0000125c: ADD 0000125d: SWAP2 0000125e: POP 0000125f: POP 00001260: PUSH1 0x40 00001262: MLOAD 00001263: DUP1 00001264: SWAP2 00001265: SUB 00001266: SWAP1 00001267: REVERT 00001268: JUMPDEST 00001269: POP 0000126a: PUSH1 0x01 0000126c: SWAP9 0000126d: SWAP8 0000126e: POP 0000126f: POP 00001270: POP 00001271: POP 00001272: POP 00001273: POP 00001274: POP 00001275: POP 00001276: JUMP 00001277: JUMPDEST 00001278: PUSH1 0x40 0000127a: DUP1 0000127b: MLOAD 0000127c: PUSH32 0xa9059cbb00000000000000000000000000000000000000000000000000000000 0000129d: DUP2 0000129e: MSTORE 0000129f: PUSH1 0x01 000012a1: PUSH1 0x01 000012a3: PUSH1 0xa0 000012a5: SHL 000012a6: SUB 000012a7: DUP5 000012a8: DUP2 000012a9: AND 000012aa: PUSH1 0x04 000012ac: DUP4 000012ad: ADD 000012ae: MSTORE 000012af: PUSH1 0x24 000012b1: DUP3 000012b2: ADD 000012b3: DUP5 000012b4: SWAP1 000012b5: MSTORE 000012b6: SWAP2 000012b7: MLOAD 000012b8: PUSH1 0x00 000012ba: SWAP3 000012bb: DUP7 000012bc: SWAP3 000012bd: SWAP1 000012be: DUP4 000012bf: AND 000012c0: SWAP2 000012c1: PUSH4 0xa9059cbb 000012c6: SWAP2 000012c7: PUSH1 0x44 000012c9: DUP1 000012ca: DUP3 000012cb: ADD 000012cc: SWAP3 000012cd: DUP8 000012ce: SWAP3 000012cf: SWAP1 000012d0: SWAP2 000012d1: SWAP1 000012d2: DUP3 000012d3: SWAP1 000012d4: SUB 000012d5: ADD 000012d6: DUP2 000012d7: DUP4 000012d8: DUP8 000012d9: DUP1 000012da: EXTCODESIZE 000012db: ISZERO 000012dc: DUP1 000012dd: ISZERO 000012de: PUSH2 0x12e6 000012e1: JUMPI 000012e2: PUSH1 0x00 000012e4: DUP1 000012e5: REVERT 000012e6: JUMPDEST 000012e7: POP 000012e8: GAS 000012e9: CALL 000012ea: ISZERO 000012eb: DUP1 000012ec: ISZERO 000012ed: PUSH2 0x12fa 000012f0: JUMPI 000012f1: RETURNDATASIZE 000012f2: PUSH1 0x00 000012f4: DUP1 000012f5: RETURNDATACOPY 000012f6: RETURNDATASIZE 000012f7: PUSH1 0x00 000012f9: REVERT 000012fa: JUMPDEST 000012fb: POP 000012fc: POP 000012fd: POP 000012fe: POP 000012ff: RETURNDATASIZE 00001300: PUSH1 0x00 00001302: DUP2 00001303: EQ 00001304: PUSH2 0x1314 00001307: JUMPI 00001308: PUSH1 0x20 0000130a: DUP2 0000130b: EQ 0000130c: PUSH2 0x131e 0000130f: JUMPI 00001310: PUSH1 0x00 00001312: DUP1 00001313: REVERT 00001314: JUMPDEST 00001315: PUSH1 0x00 00001317: NOT 00001318: SWAP3 00001319: POP 0000131a: PUSH2 0x132a 0000131d: JUMP 0000131e: JUMPDEST 0000131f: PUSH1 0x20 00001321: PUSH1 0x00 00001323: DUP1 00001324: RETURNDATACOPY 00001325: PUSH1 0x00 00001327: MLOAD 00001328: SWAP3 00001329: POP 0000132a: JUMPDEST 0000132b: POP 0000132c: DUP2 0000132d: PUSH2 0x1335 00001330: JUMPI 00001331: PUSH1 0x00 00001333: DUP1 00001334: REVERT 00001335: JUMPDEST 00001336: POP 00001337: SWAP4 00001338: SWAP3 00001339: POP 0000133a: POP 0000133b: POP 0000133c: JUMP 0000133d: JUMPDEST 0000133e: PUSH1 0x00 00001340: DUP1 00001341: PUSH2 0x134b 00001344: DUP9 00001345: DUP9 00001346: DUP9 00001347: PUSH2 0x17ec 0000134a: JUMP 0000134b: JUMPDEST 0000134c: SWAP1 0000134d: POP 0000134e: PUSH1 0x04 00001350: SLOAD 00001351: DUP6 00001352: MLOAD 00001353: EQ 00001354: DUP1 00001355: ISZERO 00001356: PUSH2 0x1361 00001359: JUMPI 0000135a: POP 0000135b: PUSH1 0x04 0000135d: SLOAD 0000135e: DUP5 0000135f: MLOAD 00001360: EQ 00001361: JUMPDEST 00001362: DUP1 00001363: ISZERO 00001364: PUSH2 0x136f 00001367: JUMPI 00001368: POP 00001369: PUSH1 0x04 0000136b: SLOAD 0000136c: DUP4 0000136d: MLOAD 0000136e: EQ 0000136f: JUMPDEST 00001370: PUSH2 0x13aa 00001373: JUMPI 00001374: PUSH1 0x40 00001376: MLOAD 00001377: PUSH3 0x461bcd 0000137b: PUSH1 0xe5 0000137d: SHL 0000137e: DUP2 0000137f: MSTORE 00001380: PUSH1 0x04 00001382: ADD 00001383: DUP1 00001384: DUP1 00001385: PUSH1 0x20 00001387: ADD 00001388: DUP3 00001389: DUP2 0000138a: SUB 0000138b: DUP3 0000138c: MSTORE 0000138d: PUSH1 0x33 0000138f: DUP2 00001390: MSTORE 00001391: PUSH1 0x20 00001393: ADD 00001394: DUP1 00001395: PUSH2 0x1890 00001398: PUSH1 0x33 0000139a: SWAP2 0000139b: CODECOPY 0000139c: PUSH1 0x40 0000139e: ADD 0000139f: SWAP2 000013a0: POP 000013a1: POP 000013a2: PUSH1 0x40 000013a4: MLOAD 000013a5: DUP1 000013a6: SWAP2 000013a7: SUB 000013a8: SWAP1 000013a9: REVERT 000013aa: JUMPDEST 000013ab: PUSH1 0x60 000013ad: PUSH1 0x04 000013af: SLOAD 000013b0: PUSH1 0x40 000013b2: MLOAD 000013b3: SWAP1 000013b4: DUP1 000013b5: DUP3 000013b6: MSTORE 000013b7: DUP1 000013b8: PUSH1 0x20 000013ba: MUL 000013bb: PUSH1 0x20 000013bd: ADD 000013be: DUP3 000013bf: ADD 000013c0: PUSH1 0x40 000013c2: MSTORE 000013c3: DUP1 000013c4: ISZERO 000013c5: PUSH2 0x13d8 000013c8: JUMPI 000013c9: DUP2 000013ca: PUSH1 0x20 000013cc: ADD 000013cd: PUSH1 0x20 000013cf: DUP3 000013d0: MUL 000013d1: DUP1 000013d2: CODESIZE 000013d3: DUP4 000013d4: CODECOPY 000013d5: ADD 000013d6: SWAP1 000013d7: POP 000013d8: JUMPDEST 000013d9: POP 000013da: SWAP1 000013db: POP 000013dc: PUSH1 0x00 000013de: JUMPDEST 000013df: PUSH1 0x04 000013e1: SLOAD 000013e2: DUP2 000013e3: LT 000013e4: ISZERO 000013e5: PUSH2 0x1223 000013e8: JUMPI 000013e9: PUSH1 0x01 000013eb: DUP4 000013ec: DUP9 000013ed: DUP4 000013ee: DUP2 000013ef: MLOAD 000013f0: DUP2 000013f1: LT 000013f2: PUSH2 0x13f7 000013f5: JUMPI 000013f6: INVALID 000013f7: JUMPDEST 000013f8: PUSH1 0x20 000013fa: MUL 000013fb: PUSH1 0x20 000013fd: ADD 000013fe: ADD 000013ff: MLOAD 00001400: DUP9 00001401: DUP5 00001402: DUP2 00001403: MLOAD 00001404: DUP2 00001405: LT 00001406: PUSH2 0x140b 00001409: JUMPI 0000140a: INVALID 0000140b: JUMPDEST 0000140c: PUSH1 0x20 0000140e: MUL 0000140f: PUSH1 0x20 00001411: ADD 00001412: ADD 00001413: MLOAD 00001414: DUP9 00001415: DUP6 00001416: DUP2 00001417: MLOAD 00001418: DUP2 00001419: LT 0000141a: PUSH2 0x141f 0000141d: JUMPI 0000141e: INVALID 0000141f: JUMPDEST 00001420: PUSH1 0x20 00001422: MUL 00001423: PUSH1 0x20 00001425: ADD 00001426: ADD 00001427: MLOAD 00001428: PUSH1 0x40 0000142a: MLOAD 0000142b: PUSH1 0x00 0000142d: DUP2 0000142e: MSTORE 0000142f: PUSH1 0x20 00001431: ADD 00001432: PUSH1 0x40 00001434: MSTORE 00001435: PUSH1 0x40 00001437: MLOAD 00001438: DUP1 00001439: DUP6 0000143a: DUP2 0000143b: MSTORE 0000143c: PUSH1 0x20 0000143e: ADD 0000143f: DUP5 00001440: PUSH1 0xff 00001442: AND 00001443: PUSH1 0xff 00001445: AND 00001446: DUP2 00001447: MSTORE 00001448: PUSH1 0x20 0000144a: ADD 0000144b: DUP4 0000144c: DUP2 0000144d: MSTORE 0000144e: PUSH1 0x20 00001450: ADD 00001451: DUP3 00001452: DUP2 00001453: MSTORE 00001454: PUSH1 0x20 00001456: ADD 00001457: SWAP5 00001458: POP 00001459: POP 0000145a: POP 0000145b: POP 0000145c: POP 0000145d: PUSH1 0x20 0000145f: PUSH1 0x40 00001461: MLOAD 00001462: PUSH1 0x20 00001464: DUP2 00001465: SUB 00001466: SWAP1 00001467: DUP1 00001468: DUP5 00001469: SUB 0000146a: SWAP1 0000146b: DUP6 0000146c: GAS 0000146d: STATICCALL 0000146e: ISZERO 0000146f: DUP1 00001470: ISZERO 00001471: PUSH2 0x147e 00001474: JUMPI 00001475: RETURNDATASIZE 00001476: PUSH1 0x00 00001478: DUP1 00001479: RETURNDATACOPY 0000147a: RETURNDATASIZE 0000147b: PUSH1 0x00 0000147d: REVERT 0000147e: JUMPDEST 0000147f: POP 00001480: POP 00001481: POP 00001482: PUSH1 0x20 00001484: PUSH1 0x40 00001486: MLOAD 00001487: SUB 00001488: MLOAD 00001489: DUP3 0000148a: DUP3 0000148b: DUP2 0000148c: MLOAD 0000148d: DUP2 0000148e: LT 0000148f: PUSH2 0x1494 00001492: JUMPI 00001493: INVALID 00001494: JUMPDEST 00001495: PUSH1 0x01 00001497: PUSH1 0x01 00001499: PUSH1 0xa0 0000149b: SHL 0000149c: SUB 0000149d: SWAP1 0000149e: SWAP3 0000149f: AND 000014a0: PUSH1 0x20 000014a2: SWAP3 000014a3: DUP4 000014a4: MUL 000014a5: SWAP2 000014a6: SWAP1 000014a7: SWAP2 000014a8: ADD 000014a9: SWAP1 000014aa: SWAP2 000014ab: ADD 000014ac: MSTORE 000014ad: PUSH1 0x01 000014af: ADD 000014b0: PUSH2 0x13de 000014b3: JUMP 000014b4: JUMPDEST 000014b5: PUSH1 0x00 000014b7: DUP1 000014b8: PUSH2 0x14c5 000014bb: DUP6 000014bc: DUP6 000014bd: DUP6 000014be: PUSH1 0x03 000014c0: SLOAD 000014c1: PUSH2 0x0fd6 000014c4: JUMP 000014c5: JUMPDEST 000014c6: SWAP1 000014c7: POP 000014c8: PUSH1 0x60 000014ca: PUSH1 0x40 000014cc: MLOAD 000014cd: DUP1 000014ce: PUSH1 0x40 000014d0: ADD 000014d1: PUSH1 0x40 000014d3: MSTORE 000014d4: DUP1 000014d5: PUSH1 0x1c 000014d7: DUP2 000014d8: MSTORE 000014d9: PUSH1 0x20 000014db: ADD 000014dc: PUSH32 0x19457468657265756d205369676e6564204d6573736167653a0a333200000000 000014fd: DUP2 000014fe: MSTORE 000014ff: POP 00001500: SWAP1 00001501: POP 00001502: DUP1 00001503: DUP3 00001504: PUSH1 0x40 00001506: MLOAD 00001507: PUSH1 0x20 00001509: ADD 0000150a: DUP1 0000150b: DUP4 0000150c: DUP1 0000150d: MLOAD 0000150e: SWAP1 0000150f: PUSH1 0x20 00001511: ADD 00001512: SWAP1 00001513: DUP1 00001514: DUP4 00001515: DUP4 00001516: JUMPDEST 00001517: PUSH1 0x20 00001519: DUP4 0000151a: LT 0000151b: PUSH2 0x1535 0000151e: JUMPI 0000151f: DUP1 00001520: MLOAD 00001521: DUP3 00001522: MSTORE 00001523: PUSH1 0x1f 00001525: NOT 00001526: SWAP1 00001527: SWAP3 00001528: ADD 00001529: SWAP2 0000152a: PUSH1 0x20 0000152c: SWAP2 0000152d: DUP3 0000152e: ADD 0000152f: SWAP2 00001530: ADD 00001531: PUSH2 0x1516 00001534: JUMP 00001535: JUMPDEST 00001536: MLOAD 00001537: DUP2 00001538: MLOAD 00001539: PUSH1 0x20 0000153b: SWAP4 0000153c: DUP5 0000153d: SUB 0000153e: PUSH2 0x0100 00001541: EXP 00001542: PUSH1 0x00 00001544: NOT 00001545: ADD 00001546: DUP1 00001547: NOT 00001548: SWAP1 00001549: SWAP3 0000154a: AND 0000154b: SWAP2 0000154c: AND 0000154d: OR 0000154e: SWAP1 0000154f: MSTORE 00001550: SWAP3 00001551: ADD 00001552: SWAP4 00001553: DUP5 00001554: MSTORE 00001555: POP 00001556: PUSH1 0x40 00001558: DUP1 00001559: MLOAD 0000155a: DUP1 0000155b: DUP6 0000155c: SUB 0000155d: DUP2 0000155e: MSTORE 0000155f: SWAP4 00001560: DUP3 00001561: ADD 00001562: SWAP1 00001563: MSTORE 00001564: DUP3 00001565: MLOAD 00001566: SWAP3 00001567: ADD 00001568: SWAP2 00001569: SWAP1 0000156a: SWAP2 0000156b: KECCAK256 0000156c: SWAP9 0000156d: SWAP8 0000156e: POP 0000156f: POP 00001570: POP 00001571: POP 00001572: POP 00001573: POP 00001574: POP 00001575: POP 00001576: JUMP 00001577: JUMPDEST 00001578: PUSH1 0x00 0000157a: PUSH1 0x04 0000157c: SLOAD 0000157d: DUP3 0000157e: MLOAD 0000157f: EQ 00001580: PUSH2 0x15d0 00001583: JUMPI 00001584: PUSH1 0x40 00001586: DUP1 00001587: MLOAD 00001588: PUSH3 0x461bcd 0000158c: PUSH1 0xe5 0000158e: SHL 0000158f: DUP2 00001590: MSTORE 00001591: PUSH1 0x20 00001593: PUSH1 0x04 00001595: DUP3 00001596: ADD 00001597: MSTORE 00001598: PUSH1 0x19 0000159a: PUSH1 0x24 0000159c: DUP3 0000159d: ADD 0000159e: MSTORE 0000159f: PUSH32 0x496e76616c6964206e756d626572206f66207369676e65722e00000000000000 000015c0: PUSH1 0x44 000015c2: DUP3 000015c3: ADD 000015c4: MSTORE 000015c5: SWAP1 000015c6: MLOAD 000015c7: SWAP1 000015c8: DUP2 000015c9: SWAP1 000015ca: SUB 000015cb: PUSH1 0x64 000015cd: ADD 000015ce: SWAP1 000015cf: REVERT 000015d0: JUMPDEST 000015d1: PUSH1 0x00 000015d3: JUMPDEST 000015d4: DUP3 000015d5: MLOAD 000015d6: DUP2 000015d7: LT 000015d8: ISZERO 000015d9: PUSH2 0x1793 000015dc: JUMPI 000015dd: PUSH1 0x00 000015df: PUSH1 0x01 000015e1: PUSH1 0x01 000015e3: PUSH1 0xa0 000015e5: SHL 000015e6: SUB 000015e7: AND 000015e8: DUP4 000015e9: DUP3 000015ea: DUP2 000015eb: MLOAD 000015ec: DUP2 000015ed: LT 000015ee: PUSH2 0x15f3 000015f1: JUMPI 000015f2: INVALID 000015f3: JUMPDEST 000015f4: PUSH1 0x20 000015f6: MUL 000015f7: PUSH1 0x20 000015f9: ADD 000015fa: ADD 000015fb: MLOAD 000015fc: PUSH1 0x01 000015fe: PUSH1 0x01 00001600: PUSH1 0xa0 00001602: SHL 00001603: SUB 00001604: AND 00001605: EQ 00001606: ISZERO 00001607: PUSH2 0x164c 0000160a: JUMPI 0000160b: PUSH1 0x40 0000160d: DUP1 0000160e: MLOAD 0000160f: PUSH3 0x461bcd 00001613: PUSH1 0xe5 00001615: SHL 00001616: DUP2 00001617: MSTORE 00001618: PUSH1 0x20 0000161a: PUSH1 0x04 0000161c: DUP3 0000161d: ADD 0000161e: MSTORE 0000161f: PUSH1 0x12 00001621: PUSH1 0x24 00001623: DUP3 00001624: ADD 00001625: MSTORE 00001626: PUSH18 0x24b73b30b634b21039b4b3b730ba3ab93297 00001639: PUSH1 0x71 0000163b: SHL 0000163c: PUSH1 0x44 0000163e: DUP3 0000163f: ADD 00001640: MSTORE 00001641: SWAP1 00001642: MLOAD 00001643: SWAP1 00001644: DUP2 00001645: SWAP1 00001646: SUB 00001647: PUSH1 0x64 00001649: ADD 0000164a: SWAP1 0000164b: REVERT 0000164c: JUMPDEST 0000164d: PUSH1 0x01 0000164f: PUSH1 0x00 00001651: DUP5 00001652: DUP4 00001653: DUP2 00001654: MLOAD 00001655: DUP2 00001656: LT 00001657: PUSH2 0x165c 0000165a: JUMPI 0000165b: INVALID 0000165c: JUMPDEST 0000165d: PUSH1 0x20 0000165f: SWAP1 00001660: DUP2 00001661: MUL 00001662: SWAP2 00001663: SWAP1 00001664: SWAP2 00001665: ADD 00001666: DUP2 00001667: ADD 00001668: MLOAD 00001669: PUSH1 0x01 0000166b: PUSH1 0x01 0000166d: PUSH1 0xa0 0000166f: SHL 00001670: SUB 00001671: AND 00001672: DUP3 00001673: MSTORE 00001674: DUP2 00001675: ADD 00001676: SWAP2 00001677: SWAP1 00001678: SWAP2 00001679: MSTORE 0000167a: PUSH1 0x40 0000167c: ADD 0000167d: PUSH1 0x00 0000167f: KECCAK256 00001680: SLOAD 00001681: PUSH1 0xff 00001683: AND 00001684: PUSH2 0x16d4 00001687: JUMPI 00001688: PUSH1 0x40 0000168a: DUP1 0000168b: MLOAD 0000168c: PUSH3 0x461bcd 00001690: PUSH1 0xe5 00001692: SHL 00001693: DUP2 00001694: MSTORE 00001695: PUSH1 0x20 00001697: PUSH1 0x04 00001699: DUP3 0000169a: ADD 0000169b: MSTORE 0000169c: PUSH1 0x19 0000169e: PUSH1 0x24 000016a0: DUP3 000016a1: ADD 000016a2: MSTORE 000016a3: PUSH32 0x5369676e6572206d75737420626520746865206f776e65722e00000000000000 000016c4: PUSH1 0x44 000016c6: DUP3 000016c7: ADD 000016c8: MSTORE 000016c9: SWAP1 000016ca: MLOAD 000016cb: SWAP1 000016cc: DUP2 000016cd: SWAP1 000016ce: SUB 000016cf: PUSH1 0x64 000016d1: ADD 000016d2: SWAP1 000016d3: REVERT 000016d4: JUMPDEST 000016d5: PUSH1 0x02 000016d7: PUSH1 0x00 000016d9: DUP5 000016da: DUP4 000016db: DUP2 000016dc: MLOAD 000016dd: DUP2 000016de: LT 000016df: PUSH2 0x16e4 000016e2: JUMPI 000016e3: INVALID 000016e4: JUMPDEST 000016e5: PUSH1 0x20 000016e7: SWAP1 000016e8: DUP2 000016e9: MUL 000016ea: SWAP2 000016eb: SWAP1 000016ec: SWAP2 000016ed: ADD 000016ee: DUP2 000016ef: ADD 000016f0: MLOAD 000016f1: PUSH1 0x01 000016f3: PUSH1 0x01 000016f5: PUSH1 0xa0 000016f7: SHL 000016f8: SUB 000016f9: AND 000016fa: DUP3 000016fb: MSTORE 000016fc: DUP2 000016fd: ADD 000016fe: SWAP2 000016ff: SWAP1 00001700: SWAP2 00001701: MSTORE 00001702: PUSH1 0x40 00001704: ADD 00001705: PUSH1 0x00 00001707: KECCAK256 00001708: SLOAD 00001709: PUSH1 0xff 0000170b: AND 0000170c: ISZERO 0000170d: PUSH2 0x1747 00001710: JUMPI 00001711: PUSH1 0x40 00001713: MLOAD 00001714: PUSH3 0x461bcd 00001718: PUSH1 0xe5 0000171a: SHL 0000171b: DUP2 0000171c: MSTORE 0000171d: PUSH1 0x04 0000171f: ADD 00001720: DUP1 00001721: DUP1 00001722: PUSH1 0x20 00001724: ADD 00001725: DUP3 00001726: DUP2 00001727: SUB 00001728: DUP3 00001729: MSTORE 0000172a: PUSH1 0x21 0000172c: DUP2 0000172d: MSTORE 0000172e: PUSH1 0x20 00001730: ADD 00001731: DUP1 00001732: PUSH2 0x18e9 00001735: PUSH1 0x21 00001737: SWAP2 00001738: CODECOPY 00001739: PUSH1 0x40 0000173b: ADD 0000173c: SWAP2 0000173d: POP 0000173e: POP 0000173f: PUSH1 0x40 00001741: MLOAD 00001742: DUP1 00001743: SWAP2 00001744: SUB 00001745: SWAP1 00001746: REVERT 00001747: JUMPDEST 00001748: PUSH1 0x01 0000174a: PUSH1 0x02 0000174c: PUSH1 0x00 0000174e: DUP6 0000174f: DUP5 00001750: DUP2 00001751: MLOAD 00001752: DUP2 00001753: LT 00001754: PUSH2 0x1759 00001757: JUMPI 00001758: INVALID 00001759: JUMPDEST 0000175a: PUSH1 0x20 0000175c: SWAP1 0000175d: DUP2 0000175e: MUL 0000175f: SWAP2 00001760: SWAP1 00001761: SWAP2 00001762: ADD 00001763: DUP2 00001764: ADD 00001765: MLOAD 00001766: PUSH1 0x01 00001768: PUSH1 0x01 0000176a: PUSH1 0xa0 0000176c: SHL 0000176d: SUB 0000176e: AND 0000176f: DUP3 00001770: MSTORE 00001771: DUP2 00001772: ADD 00001773: SWAP2 00001774: SWAP1 00001775: SWAP2 00001776: MSTORE 00001777: PUSH1 0x40 00001779: ADD 0000177a: PUSH1 0x00 0000177c: KECCAK256 0000177d: DUP1 0000177e: SLOAD 0000177f: PUSH1 0xff 00001781: NOT 00001782: AND 00001783: SWAP2 00001784: ISZERO 00001785: ISZERO 00001786: SWAP2 00001787: SWAP1 00001788: SWAP2 00001789: OR 0000178a: SWAP1 0000178b: SSTORE 0000178c: PUSH1 0x01 0000178e: ADD 0000178f: PUSH2 0x15d3 00001792: JUMP 00001793: JUMPDEST 00001794: POP 00001795: PUSH1 0x00 00001797: JUMPDEST 00001798: DUP3 00001799: MLOAD 0000179a: DUP2 0000179b: LT 0000179c: ISZERO 0000179d: PUSH2 0x17e3 000017a0: JUMPI 000017a1: PUSH1 0x02 000017a3: PUSH1 0x00 000017a5: DUP5 000017a6: DUP4 000017a7: DUP2 000017a8: MLOAD 000017a9: DUP2 000017aa: LT 000017ab: PUSH2 0x17b0 000017ae: JUMPI 000017af: INVALID 000017b0: JUMPDEST 000017b1: PUSH1 0x20 000017b3: SWAP1 000017b4: DUP2 000017b5: MUL 000017b6: SWAP2 000017b7: SWAP1 000017b8: SWAP2 000017b9: ADD 000017ba: DUP2 000017bb: ADD 000017bc: MLOAD 000017bd: PUSH1 0x01 000017bf: PUSH1 0x01 000017c1: PUSH1 0xa0 000017c3: SHL 000017c4: SUB 000017c5: AND 000017c6: DUP3 000017c7: MSTORE 000017c8: DUP2 000017c9: ADD 000017ca: SWAP2 000017cb: SWAP1 000017cc: SWAP2 000017cd: MSTORE 000017ce: PUSH1 0x40 000017d0: ADD 000017d1: PUSH1 0x00 000017d3: KECCAK256 000017d4: DUP1 000017d5: SLOAD 000017d6: PUSH1 0xff 000017d8: NOT 000017d9: AND 000017da: SWAP1 000017db: SSTORE 000017dc: PUSH1 0x01 000017de: ADD 000017df: PUSH2 0x1797 000017e2: JUMP 000017e3: JUMPDEST 000017e4: POP 000017e5: PUSH1 0x01 000017e7: SWAP3 000017e8: SWAP2 000017e9: POP 000017ea: POP 000017eb: JUMP 000017ec: JUMPDEST 000017ed: PUSH1 0x00 000017ef: DUP1 000017f0: PUSH2 0x14c5 000017f3: DUP6 000017f4: DUP6 000017f5: DUP6 000017f6: PUSH1 0x03 000017f8: SLOAD 000017f9: PUSH2 0x0f26 000017fc: JUMP 000017fd: INVALID 000017fe: UNKNOWN(0x4F) 000017ff: PUSH24 0x6e657273206d75737420626520646966666572656e742061 00001818: PUSH5 0x6472657373 0000181e: UNKNOWN(0x2E) 0000181f: DIFFICULTY 00001820: PUSH6 0x7374696e6174 00001827: PUSH10 0x6f6e2063616e6e6f7420 00001832: PUSH3 0x652074 00001836: PUSH9 0x697320636f6e747261 00001840: PUSH4 0x742e5369 00001845: PUSH8 0x6e65724e756d2063 0000184e: PUSH2 0x6e6e 00001851: PUSH16 0x74206265206772656174657220746861 00001862: PUSH15 0x206f776e6572732e4f776e65722061 00001872: PUSH5 0x6472657373 00001878: KECCAK256 00001879: PUSH4 0x616e6e6f 0000187e: PUSH21 0x206265207a65726f20616464726573732e4d657373 00001894: PUSH2 0x6765 00001897: KECCAK256 00001898: PUSH24 0x6173206e6f74207369676e656420627920656e6f75676820 000018b1: PUSH15 0x756d626572206f66207369676e6572 000018c1: PUSH20 0x2e5369676e65724e756d2068617320746f206265 000018d6: KECCAK256 000018d7: PUSH8 0x7265617465722074 000018e0: PUSH9 0x616e207a65726f2e53 000018ea: PUSH10 0x676e696e67206f776e65 000018f5: PUSH19 0x73206d75737420626520646966666572656e74 00001909: UNKNOWN(0x2E) 0000190a: SLOAD 0000190b: PUSH9 0x697320636f6e747261 00001915: PUSH4 0x74206861 0000191a: PUSH20 0x20616c7265616479206265656e20696e69746961 0000192f: PUSH13 0x697a65642ea265627a7a723158 0000193d: KECCAK256 0000193e: UNKNOWN(0xCB) 0000193f: DUP16 00001940: UNKNOWN(0xEB) 00001941: TIMESTAMP 00001942: PUSH32 0x2d2d9f3a79b03f2628461ca9ad5c7f42b1339f9534a37128472ce264736f6c63 00001963: NUMBER 00001964: STOP 00001965: SDIV 00001966: UNKNOWN(0x0C) 00001967: STOP 00001968: ORIGIN
| Severity | Category | Tool | Title | Confidence | Validated | Confirmed | Details |
|---|---|---|---|---|---|---|---|
| high | access_control | codex | Unprotected initialization allows anyone to seize ownership and drain funds if not yet initialized | 85 | no | — |
viewevidence_json{
"evidence": "Initializer entry at 0x046f (selector `0x60b5bb3f`) decodes calldata then jumps to 0x0bb1. At 0x0bb1 it only checks slot0 initialized flag (`SLOAD` + `AND 0xff`) before proceeding to owner setup at 0x0bf3; there is no `CALLER`/`ORIGIN` check on this path. State is written at 0x0da7 (SSTORE to slot4) and 0x0db4 (SSTORE to slot0 initialized flag). The execute path verifies signatures (0x0943 -> 0x10ac) then performs the value transfer via CALL at 0x0a3d or ERC20 transfer branch at 0x0ad1.",
"locations": [
"BYTECODE_BUNDLE.txt:0x046f",
"BYTECODE_BUNDLE.txt:0x0bb1",
"BYTECODE_BUNDLE.txt:0x0bf3",
"BYTECODE_BUNDLE.txt:0x0da7",
"BYTECODE_BUNDLE.txt:0x0db4",
"BYTECODE_BUNDLE.txt:0x0943",
"BYTECODE_BUNDLE.txt:0x0a3d",
"BYTECODE_BUNDLE.txt:0x0ad1"
],
"recommendation": "If this contract is intended to be initialized only by a trusted deployer/factory, enforce an access check in the initializer or set initialization state in a constructor. For proxy patterns, lock the implementation or require an explicit admin to initialize.",
"exploit_scenario": "1) Call `initialized()` (selector `0x158ef93e`) to confirm the flag is false. 2) Call the initializer (selector `0x60b5bb3f`, entry at 0x046f) with an owners array you control and signer threshold = 1. This writes owner mappings and sets `initialized` without any caller check. 3) Use the execute path (e.g., selector `0x0adcf464`) with a signature from your key to transfer ETH (token sentinel `0xeeee\u2026`) or ERC20s via the CALL at 0x0a3d / token transfer branch at 0x0ad1, draining the wallet."
}
|
| high | auth | detector | Authorization based on tx.origin | 70 | no | — |
viewvalidation_json{
"reason": "missing sink mapping",
"status": "no_sink"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0xc0ee0b8a",
"selector": "0xc0ee0b8a",
"calldata_variants": [
"0xc0ee0b8a",
"0xc0ee0b8a0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xc1278cc5",
"selector": "0xc1278cc5",
"calldata_variants": [
"0xc1278cc5",
"0xc1278cc50000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xf0b9e5ba",
"selector": "0xf0b9e5ba",
"calldata_variants": [
"0xf0b9e5ba",
"0xf0b9e5ba0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x843b1a09",
"selector": "0x843b1a09",
"calldata_variants": [
"0x843b1a09",
"0x843b1a090000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x98ad68a7",
"selector": "0x98ad68a7",
"calldata_variants": [
"0x98ad68a7",
"0x98ad68a70000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xbba85f28",
"selector": "0xbba85f28",
"calldata_variants": [
"0xbba85f28",
"0xbba85f280000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x158ef93e",
"selector": "0x158ef93e",
"calldata_variants": [
"0x158ef93e",
"0x158ef93e0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x60b5bb3f",
"selector": "0x60b5bb3f",
"calldata_variants": [
"0x60b5bb3f",
"0x60b5bb3f0000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"guards_detected": [
{
"pc": 6504,
"type": "tx_origin_used"
}
]
}
|
| medium | other | detector | Untrusted CALL target/value reachable | 45 | no | no |
viewtrace_id: 0xbf164603d5e1ad9af2b792208cc89915f5f70cf88e0e94dededc536edda62790
call_targets:
0x14a635549fc5d087d39a0cd1339345b8b8c6fdba
target_varies:
no
classification:
constant_target
validation_json{
"sink": "CALL",
"errors": 0,
"status": "sink_reached",
"attempts": 1,
"trace_id": "0xbf164603d5e1ad9af2b792208cc89915f5f70cf88e0e94dededc536edda62790",
"confirmed": false,
"trace_mode": "callTracer",
"call_targets": [
"0x14a635549fc5d087d39a0cd1339345b8b8c6fdba"
],
"matched_probe": null,
"target_varies": false,
"classification": "constant_target"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0xc0ee0b8a",
"selector": "0xc0ee0b8a",
"calldata_variants": [
"0xc0ee0b8a",
"0xc0ee0b8a0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xc1278cc5",
"selector": "0xc1278cc5",
"calldata_variants": [
"0xc1278cc5",
"0xc1278cc50000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xf0b9e5ba",
"selector": "0xf0b9e5ba",
"calldata_variants": [
"0xf0b9e5ba",
"0xf0b9e5ba0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x843b1a09",
"selector": "0x843b1a09",
"calldata_variants": [
"0x843b1a09",
"0x843b1a090000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x98ad68a7",
"selector": "0x98ad68a7",
"calldata_variants": [
"0x98ad68a7",
"0x98ad68a70000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xbba85f28",
"selector": "0xbba85f28",
"calldata_variants": [
"0xbba85f28",
"0xbba85f280000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x158ef93e",
"selector": "0x158ef93e",
"calldata_variants": [
"0x158ef93e",
"0x158ef93e0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x60b5bb3f",
"selector": "0x60b5bb3f",
"calldata_variants": [
"0x60b5bb3f",
"0x60b5bb3f0000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 2621,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 3773,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 4841,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
}
],
"call_count": 3,
"guards_detected": [
{
"pc": 6504,
"type": "tx_origin_used"
}
],
"untrusted_call_count": 3
}
|
| medium | other | detector | ETH value transfer possible | 40 | no | no |
viewtrace_id: 0xbf164603d5e1ad9af2b792208cc89915f5f70cf88e0e94dededc536edda62790
call_targets:
0x14a635549fc5d087d39a0cd1339345b8b8c6fdba
target_varies:
no
classification:
constant_target
validation_json{
"sink": "CALL",
"errors": 0,
"status": "sink_reached",
"attempts": 1,
"trace_id": "0xbf164603d5e1ad9af2b792208cc89915f5f70cf88e0e94dededc536edda62790",
"confirmed": false,
"trace_mode": "callTracer",
"call_targets": [
"0x14a635549fc5d087d39a0cd1339345b8b8c6fdba"
],
"matched_probe": null,
"target_varies": false,
"classification": "constant_target"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0xc0ee0b8a",
"selector": "0xc0ee0b8a",
"calldata_variants": [
"0xc0ee0b8a",
"0xc0ee0b8a0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xc1278cc5",
"selector": "0xc1278cc5",
"calldata_variants": [
"0xc1278cc5",
"0xc1278cc50000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xf0b9e5ba",
"selector": "0xf0b9e5ba",
"calldata_variants": [
"0xf0b9e5ba",
"0xf0b9e5ba0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x843b1a09",
"selector": "0x843b1a09",
"calldata_variants": [
"0x843b1a09",
"0x843b1a090000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x98ad68a7",
"selector": "0x98ad68a7",
"calldata_variants": [
"0x98ad68a7",
"0x98ad68a70000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xbba85f28",
"selector": "0xbba85f28",
"calldata_variants": [
"0xbba85f28",
"0xbba85f280000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x158ef93e",
"selector": "0x158ef93e",
"calldata_variants": [
"0x158ef93e",
"0x158ef93e0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x60b5bb3f",
"selector": "0x60b5bb3f",
"calldata_variants": [
"0x60b5bb3f",
"0x60b5bb3f0000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 2621,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 3773,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 4841,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
}
],
"eth_value_calls": 3,
"guards_detected": [
{
"pc": 6504,
"type": "tx_origin_used"
}
]
}
|