f69226b6-91af-40a2-9dd4-2ea8b6401620
Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?
| ID | Type | Status | Attempts | Heartbeat |
|---|---|---|---|---|
| 31045 | report.consolidate | complete | 1 / 1 | 3 months ago |
| 76084 | artifact.fetch | failed | 1 / 3 | 2 weeks ago |
| 76085 | tool.cast_disasm | complete | 1 / 3 | 2 weeks ago |
| 76086 | analysis.bundle | complete | 1 / 3 | 2 weeks ago |
| 76087 | capability.graph | complete | 1 / 3 | 2 weeks ago |
| 76088 | detector.run | complete | 1 / 3 | 2 weeks ago |
| 76089 | validation.fork | complete | 1 / 3 | 2 weeks ago |
No slither job recorded yet.
[codex:8510487] OpenAI Codex v0.77.0 (research preview)
[codex:8510487] --------
[codex:8510487] workdir: /tmp/codex-multi-_10z8slc
[codex:8510487] model: gpt-5.2-codex
[codex:8510487] provider: openai
[codex:8510487] approval: never
[codex:8510487] sandbox: read-only
[codex:8510487] reasoning effort: xhigh
[codex:8510487] reasoning summaries: auto
[codex:8510487] session id: 019b79fe-af6b-7800-81ad-96b58f88ca1c
[codex:8510487] --------
[codex:8510487] user
[codex:8510487] You are a profit-focused exploit hunter. Your ONLY goal is finding ways to extract value (ETH, tokens, NFTs) from this contract.
[codex:8510487]
[codex:8510487] Read `AUDIT_BUNDLE.txt` completely before concluding. Treat `lib/` and `@openzeppelin/` as trusted unless misused.
[codex:8510487]
[codex:8510487] ONLY REPORT if you find a CONCRETE, EXPLOITABLE path to profit. We do NOT care about:
[codex:8510487] - Gas inefficiency, code quality, naming, or best practices
[codex:8510487] - Theoretical vulnerabilities without a clear extraction path
[codex:8510487] - Centralization risks (admin can rug) - assume admin keys are secure
[codex:8510487] - Front-running unless it enables theft beyond MEV
[codex:8510487] - DoS, griefing, or issues that don't result in attacker profit
[codex:8510487] - Missing events, view function issues, or informational findings
[codex:8510487]
[codex:8510487] HIGH-VALUE PATTERNS TO HUNT:
[codex:8510487] - Reentrancy: external calls before state updates that allow double-withdrawal
[codex:8510487] - Access control: missing/bypassable auth on withdraw, transfer, or mint functions
[codex:8510487] - Flash loan attacks: borrow -> manipulate -> profit in single tx
[codex:8510487] - Price oracle manipulation: TWAP with short window, spot price reads, stale prices
[codex:8510487] - Signature replay: missing nonce, chainId, or deadline in permit/meta-tx
[codex:8510487] - Proxy hijacking: unprotected initialize(), storage collision, UUPS without auth
[codex:8510487] - Accounting errors: rounding that favors attacker, share inflation, first depositor attacks
[codex:8510487] - Unchecked external calls: return value ignored on token transfers enabling fake tokens
[codex:8510487] - Cross-function reentrancy: state read in function A, modified via reentrant call, used stale in A
[codex:8510487]
[codex:8510487] For each finding, you MUST provide:
[codex:8510487] 1. Exact file and line numbers of vulnerable code
[codex:8510487] 2. Step-by-step exploit transaction sequence
[codex:8510487] 3. Estimated profit potential (order of magnitude: contract balance, LP reserves, etc.)
[codex:8510487]
[codex:8510487] If no concrete profit path exists: set no_findings=true. Do NOT pad with low-severity noise.
[codex:8510487]
[codex:8510487] Output MUST be valid JSON matching the provided schema.
[codex:8510487] - severity: info, low, medium, high, critical (use high/critical ONLY for clear extraction paths)
[codex:8510487] - category: access_control, reentrancy, math, oracle, upgradeability, auth, other
[codex:8510487] mcp startup: no servers
[codex:8510487]
[codex:8510487] thinking
[codex:8510487] **Preparing to audit with rg**
[codex:8510487] exec
[codex:8510487] /bin/bash -lc ls in /tmp/codex-multi-_10z8slc succeeded in 7ms:
[codex:8510487] AUDIT_BUNDLE.txt
[codex:8510487] codex-output-schema.json
[codex:8510487] contracts
[codex:8510487]
[codex:8510487] thinking
[codex:8510487] **Reading AUDIT_BUNDLE.txt**
[codex:8510487] exec
[codex:8510487] /bin/bash -lc 'cat AUDIT_BUNDLE.txt' in /tmp/codex-multi-_10z8slc succeeded in 5ms:
[codex:8510487] This file concatenates first-party Solidity sources only (lib/@openzeppelin excluded).
[codex:8510487]
[codex:8510487]
[codex:8510487] thinking
[codex:8510487] **Searching for contract files**
[codex:8510487] exec
[codex:8510487] /bin/bash -lc 'rg --files contracts' in /tmp/codex-multi-_10z8slc succeeded in 8ms:
[codex:8510487] contracts/lib/@gearbox-protocol/core-v3/contracts/interfaces/IExceptions.sol
[codex:8510487] contracts/lib/@1inch/solidity-utils/contracts/interfaces/IPermit2.sol
[codex:8510487] contracts/lib/@1inch/solidity-utils/contracts/interfaces/IWETH.sol
[codex:8510487] contracts/lib/@1inch/solidity-utils/contracts/interfaces/IDaiLikePermit.sol
[codex:8510487] contracts/lib/@gearbox-protocol/core-v3/contracts/interfaces/base/IVersion.sol
[codex:8510487] contracts/lib/@gearbox-protocol/core-v3/contracts/interfaces/ICreditAccountV3.sol
[codex:8510487] contracts/lib/@1inch/solidity-utils/contracts/libraries/SafeERC20.sol
[codex:8510487] contracts/lib/@1inch/solidity-utils/contracts/libraries/RevertReasonForwarder.sol
[codex:8510487] contracts/lib/@openzeppelin/contracts/utils/Address.sol
[codex:8510487] contracts/lib/@gearbox-protocol/core-v3/contracts/credit/CreditAccountV3.sol
[codex:8510487] contracts/lib/@openzeppelin/contracts/token/ERC20/IERC20.sol
[codex:8510487] contracts/lib/@openzeppelin/contracts/token/ERC20/extensions/draft-IERC20Permit.sol
[codex:8510487] contracts/lib/@openzeppelin/contracts/token/ERC20/extensions/IERC20Permit.sol
[codex:8510487]
[codex:8510487] thinking
[codex:8510487] **Investigating source files outside lib**
[codex:8510487] exec
[codex:8510487] /bin/bash -lc "rg --files -g '"'!contracts/lib/**'"' contracts" in /tmp/codex-multi-_10z8slc exited 1 in 9ms:
[codex:8510487]
[codex:8510487]
[codex:8510487] thinking
[codex:8510487] **Checking for contract directories**
[codex:8510487] exec
[codex:8510487] /bin/bash -lc 'ls -la contracts' in /tmp/codex-multi-_10z8slc succeeded in 6ms:
[codex:8510487] total 12
[codex:8510487] drwxrwxr-x 3 noahkuhn noahkuhn 4096 Jan 1 14:38 .
[codex:8510487] drwx------ 3 noahkuhn noahkuhn 4096 Jan 1 14:38 ..
[codex:8510487] drwxrwxr-x 5 noahkuhn noahkuhn 4096 Jan 1 14:38 lib
[codex:8510487]
[codex:8510487] thinking
[codex:8510487] **Confirming no first-party findings**
[codex:8510487] codex
[codex:8510487] {"no_findings":true,"summary":"No first-party Solidity sources found in repository; only trusted library code under contracts/lib. No concrete exploitable profit paths identified.","findings":[]}
[codex:8510487] tokens used
[codex:8510487] 6,221
[codex:8510487] {"no_findings":true,"summary":"No first-party Solidity sources found in repository; only trusted library code under contracts/lib. No concrete exploitable profit paths identified.","findings":[]}
{
"codex": {
"ran_at": "2026-01-01T14:38:30.072996+00:00",
"returncode": 0
},
"summary": "No first-party Solidity sources found in repository; only trusted library code under contracts/lib. No concrete exploitable profit paths identified.",
"raw_final": {
"summary": "No first-party Solidity sources found in repository; only trusted library code under contracts/lib. No concrete exploitable profit paths identified.",
"findings": [],
"no_findings": true
},
"no_findings": true,
"schema_version": 1
}
00000000: PUSH1 0x80 00000002: PUSH1 0x40 00000004: MSTORE 00000005: CALLVALUE 00000006: DUP1 00000007: ISZERO 00000008: PUSH2 0x000f 0000000b: JUMPI 0000000c: PUSH0 0000000d: DUP1 0000000e: REVERT 0000000f: JUMPDEST 00000010: POP 00000011: PUSH1 0x04 00000013: CALLDATASIZE 00000014: LT 00000015: PUSH2 0x007a 00000018: JUMPI 00000019: PUSH0 0000001a: CALLDATALOAD 0000001b: PUSH1 0xe0 0000001d: SHR 0000001e: DUP1 0000001f: PUSH4 0xc45a0155 00000024: GT 00000025: PUSH2 0x0058 00000028: JUMPI 00000029: DUP1 0000002a: PUSH4 0xc45a0155 0000002f: EQ 00000030: PUSH2 0x01cc 00000033: JUMPI 00000034: DUP1 00000035: PUSH4 0xc5ecfed7 0000003a: EQ 0000003b: PUSH2 0x01f3 0000003e: JUMPI 0000003f: DUP1 00000040: PUSH4 0xcb2ef6f7 00000045: EQ 00000046: PUSH2 0x0271 00000049: JUMPI 0000004a: DUP1 0000004b: PUSH4 0xd1660f99 00000050: EQ 00000051: PUSH2 0x0298 00000054: JUMPI 00000055: PUSH0 00000056: DUP1 00000057: REVERT 00000058: JUMPDEST 00000059: DUP1 0000005a: PUSH4 0x1cff79cd 0000005f: EQ 00000060: PUSH2 0x007e 00000063: JUMPI 00000064: DUP1 00000065: PUSH4 0x54fd4d50 0000006a: EQ 0000006b: PUSH2 0x016e 0000006e: JUMPI 0000006f: DUP1 00000070: PUSH4 0xc12c21c0 00000075: EQ 00000076: PUSH2 0x0189 00000079: JUMPI 0000007a: JUMPDEST 0000007b: PUSH0 0000007c: DUP1 0000007d: REVERT 0000007e: JUMPDEST 0000007f: PUSH2 0x00fa 00000082: PUSH1 0x04 00000084: DUP1 00000085: CALLDATASIZE 00000086: SUB 00000087: PUSH1 0x40 00000089: DUP2 0000008a: LT 0000008b: ISZERO 0000008c: PUSH2 0x0093 0000008f: JUMPI 00000090: PUSH0 00000091: DUP1 00000092: REVERT 00000093: JUMPDEST 00000094: PUSH1 0x01 00000096: PUSH1 0x01 00000098: PUSH1 0xa0 0000009a: SHL 0000009b: SUB 0000009c: DUP3 0000009d: CALLDATALOAD 0000009e: AND 0000009f: SWAP2 000000a0: SWAP1 000000a1: DUP2 000000a2: ADD 000000a3: SWAP1 000000a4: PUSH1 0x40 000000a6: DUP2 000000a7: ADD 000000a8: PUSH1 0x20 000000aa: DUP3 000000ab: ADD 000000ac: CALLDATALOAD 000000ad: PUSH5 0x0100000000 000000b3: DUP2 000000b4: GT 000000b5: ISZERO 000000b6: PUSH2 0x00bd 000000b9: JUMPI 000000ba: PUSH0 000000bb: DUP1 000000bc: REVERT 000000bd: JUMPDEST 000000be: DUP3 000000bf: ADD 000000c0: DUP4 000000c1: PUSH1 0x20 000000c3: DUP3 000000c4: ADD 000000c5: GT 000000c6: ISZERO 000000c7: PUSH2 0x00ce 000000ca: JUMPI 000000cb: PUSH0 000000cc: DUP1 000000cd: REVERT 000000ce: JUMPDEST 000000cf: DUP1 000000d0: CALLDATALOAD 000000d1: SWAP1 000000d2: PUSH1 0x20 000000d4: ADD 000000d5: SWAP2 000000d6: DUP5 000000d7: PUSH1 0x01 000000d9: DUP4 000000da: MUL 000000db: DUP5 000000dc: ADD 000000dd: GT 000000de: PUSH5 0x0100000000 000000e4: DUP4 000000e5: GT 000000e6: OR 000000e7: ISZERO 000000e8: PUSH2 0x00ef 000000eb: JUMPI 000000ec: PUSH0 000000ed: DUP1 000000ee: REVERT 000000ef: JUMPDEST 000000f0: POP 000000f1: SWAP1 000000f2: SWAP3 000000f3: POP 000000f4: SWAP1 000000f5: POP 000000f6: PUSH2 0x02cd 000000f9: JUMP 000000fa: JUMPDEST 000000fb: PUSH1 0x40 000000fd: DUP1 000000fe: MLOAD 000000ff: PUSH1 0x20 00000101: DUP1 00000102: DUP3 00000103: MSTORE 00000104: DUP4 00000105: MLOAD 00000106: DUP2 00000107: DUP4 00000108: ADD 00000109: MSTORE 0000010a: DUP4 0000010b: MLOAD 0000010c: SWAP2 0000010d: SWAP3 0000010e: DUP4 0000010f: SWAP3 00000110: SWAP1 00000111: DUP4 00000112: ADD 00000113: SWAP2 00000114: DUP6 00000115: ADD 00000116: SWAP1 00000117: DUP1 00000118: DUP4 00000119: DUP4 0000011a: PUSH0 0000011b: JUMPDEST 0000011c: DUP4 0000011d: DUP2 0000011e: LT 0000011f: ISZERO 00000120: PUSH2 0x0133 00000123: JUMPI 00000124: DUP2 00000125: DUP2 00000126: ADD 00000127: MLOAD 00000128: DUP4 00000129: DUP3 0000012a: ADD 0000012b: MSTORE 0000012c: PUSH1 0x20 0000012e: ADD 0000012f: PUSH2 0x011b 00000132: JUMP 00000133: JUMPDEST 00000134: POP 00000135: POP 00000136: POP 00000137: POP 00000138: SWAP1 00000139: POP 0000013a: SWAP1 0000013b: DUP2 0000013c: ADD 0000013d: SWAP1 0000013e: PUSH1 0x1f 00000140: AND 00000141: DUP1 00000142: ISZERO 00000143: PUSH2 0x0160 00000146: JUMPI 00000147: DUP1 00000148: DUP3 00000149: SUB 0000014a: DUP1 0000014b: MLOAD 0000014c: PUSH1 0x01 0000014e: DUP4 0000014f: PUSH1 0x20 00000151: SUB 00000152: PUSH2 0x0100 00000155: EXP 00000156: SUB 00000157: NOT 00000158: AND 00000159: DUP2 0000015a: MSTORE 0000015b: PUSH1 0x20 0000015d: ADD 0000015e: SWAP2 0000015f: POP 00000160: JUMPDEST 00000161: POP 00000162: SWAP3 00000163: POP 00000164: POP 00000165: POP 00000166: PUSH1 0x40 00000168: MLOAD 00000169: DUP1 0000016a: SWAP2 0000016b: SUB 0000016c: SWAP1 0000016d: RETURN 0000016e: JUMPDEST 0000016f: PUSH2 0x0177 00000172: PUSH2 0x0136 00000175: DUP2 00000176: JUMP 00000177: JUMPDEST 00000178: PUSH1 0x40 0000017a: DUP1 0000017b: MLOAD 0000017c: SWAP2 0000017d: DUP3 0000017e: MSTORE 0000017f: MLOAD 00000180: SWAP1 00000181: DUP2 00000182: SWAP1 00000183: SUB 00000184: PUSH1 0x20 00000186: ADD 00000187: SWAP1 00000188: RETURN 00000189: JUMPDEST 0000018a: PUSH2 0x01b0 0000018d: PUSH32 0x000000000000000000000000f21414d37546de220905fddae4ab586da1c9072d 000001ae: DUP2 000001af: JUMP 000001b0: JUMPDEST 000001b1: PUSH1 0x40 000001b3: DUP1 000001b4: MLOAD 000001b5: PUSH1 0x01 000001b7: PUSH1 0x01 000001b9: PUSH1 0xa0 000001bb: SHL 000001bc: SUB 000001bd: SWAP1 000001be: SWAP3 000001bf: AND 000001c0: DUP3 000001c1: MSTORE 000001c2: MLOAD 000001c3: SWAP1 000001c4: DUP2 000001c5: SWAP1 000001c6: SUB 000001c7: PUSH1 0x20 000001c9: ADD 000001ca: SWAP1 000001cb: RETURN 000001cc: JUMPDEST 000001cd: PUSH2 0x01b0 000001d0: PUSH32 0x0000000000000000000000003533f84c71243a1ca3f76165b046bb05866579e3 000001f1: DUP2 000001f2: JUMP 000001f3: JUMPDEST 000001f4: PUSH2 0x026f 000001f7: PUSH1 0x04 000001f9: DUP1 000001fa: CALLDATASIZE 000001fb: SUB 000001fc: PUSH1 0x40 000001fe: DUP2 000001ff: LT 00000200: ISZERO 00000201: PUSH2 0x0208 00000204: JUMPI 00000205: PUSH0 00000206: DUP1 00000207: REVERT 00000208: JUMPDEST 00000209: PUSH1 0x01 0000020b: PUSH1 0x01 0000020d: PUSH1 0xa0 0000020f: SHL 00000210: SUB 00000211: DUP3 00000212: CALLDATALOAD 00000213: AND 00000214: SWAP2 00000215: SWAP1 00000216: DUP2 00000217: ADD 00000218: SWAP1 00000219: PUSH1 0x40 0000021b: DUP2 0000021c: ADD 0000021d: PUSH1 0x20 0000021f: DUP3 00000220: ADD 00000221: CALLDATALOAD 00000222: PUSH5 0x0100000000 00000228: DUP2 00000229: GT 0000022a: ISZERO 0000022b: PUSH2 0x0232 0000022e: JUMPI 0000022f: PUSH0 00000230: DUP1 00000231: REVERT 00000232: JUMPDEST 00000233: DUP3 00000234: ADD 00000235: DUP4 00000236: PUSH1 0x20 00000238: DUP3 00000239: ADD 0000023a: GT 0000023b: ISZERO 0000023c: PUSH2 0x0243 0000023f: JUMPI 00000240: PUSH0 00000241: DUP1 00000242: REVERT 00000243: JUMPDEST 00000244: DUP1 00000245: CALLDATALOAD 00000246: SWAP1 00000247: PUSH1 0x20 00000249: ADD 0000024a: SWAP2 0000024b: DUP5 0000024c: PUSH1 0x01 0000024e: DUP4 0000024f: MUL 00000250: DUP5 00000251: ADD 00000252: GT 00000253: PUSH5 0x0100000000 00000259: DUP4 0000025a: GT 0000025b: OR 0000025c: ISZERO 0000025d: PUSH2 0x0264 00000260: JUMPI 00000261: PUSH0 00000262: DUP1 00000263: REVERT 00000264: JUMPDEST 00000265: POP 00000266: SWAP1 00000267: SWAP3 00000268: POP 00000269: SWAP1 0000026a: POP 0000026b: PUSH2 0x0328 0000026e: JUMP 0000026f: JUMPDEST 00000270: STOP 00000271: JUMPDEST 00000272: PUSH2 0x0177 00000275: PUSH32 0x4352454449545f4143434f554e54000000000000000000000000000000000000 00000296: DUP2 00000297: JUMP 00000298: JUMPDEST 00000299: PUSH2 0x026f 0000029c: PUSH1 0x04 0000029e: DUP1 0000029f: CALLDATASIZE 000002a0: SUB 000002a1: PUSH1 0x60 000002a3: DUP2 000002a4: LT 000002a5: ISZERO 000002a6: PUSH2 0x02ad 000002a9: JUMPI 000002aa: PUSH0 000002ab: DUP1 000002ac: REVERT 000002ad: JUMPDEST 000002ae: POP 000002af: PUSH1 0x01 000002b1: PUSH1 0x01 000002b3: PUSH1 0xa0 000002b5: SHL 000002b6: SUB 000002b7: DUP2 000002b8: CALLDATALOAD 000002b9: DUP2 000002ba: AND 000002bb: SWAP2 000002bc: PUSH1 0x20 000002be: DUP2 000002bf: ADD 000002c0: CALLDATALOAD 000002c1: SWAP1 000002c2: SWAP2 000002c3: AND 000002c4: SWAP1 000002c5: PUSH1 0x40 000002c7: ADD 000002c8: CALLDATALOAD 000002c9: PUSH2 0x03d9 000002cc: JUMP 000002cd: JUMPDEST 000002ce: PUSH1 0x60 000002d0: PUSH2 0x02d7 000002d3: PUSH2 0x03fa 000002d6: JUMP 000002d7: JUMPDEST 000002d8: PUSH2 0x0320 000002db: DUP4 000002dc: DUP4 000002dd: DUP1 000002de: DUP1 000002df: PUSH1 0x1f 000002e1: ADD 000002e2: PUSH1 0x20 000002e4: DUP1 000002e5: SWAP2 000002e6: DIV 000002e7: MUL 000002e8: PUSH1 0x20 000002ea: ADD 000002eb: PUSH1 0x40 000002ed: MLOAD 000002ee: SWAP1 000002ef: DUP2 000002f0: ADD 000002f1: PUSH1 0x40 000002f3: MSTORE 000002f4: DUP1 000002f5: SWAP4 000002f6: SWAP3 000002f7: SWAP2 000002f8: SWAP1 000002f9: DUP2 000002fa: DUP2 000002fb: MSTORE 000002fc: PUSH1 0x20 000002fe: ADD 000002ff: DUP4 00000300: DUP4 00000301: DUP1 00000302: DUP3 00000303: DUP5 00000304: CALLDATACOPY 00000305: PUSH0 00000306: SWAP3 00000307: ADD 00000308: SWAP2 00000309: SWAP1 0000030a: SWAP2 0000030b: MSTORE 0000030c: POP 0000030d: POP 0000030e: PUSH1 0x01 00000310: PUSH1 0x01 00000312: PUSH1 0xa0 00000314: SHL 00000315: SUB 00000316: DUP9 00000317: AND 00000318: SWAP3 00000319: SWAP2 0000031a: POP 0000031b: POP 0000031c: PUSH2 0x045e 0000031f: JUMP 00000320: JUMPDEST 00000321: SWAP5 00000322: SWAP4 00000323: POP 00000324: POP 00000325: POP 00000326: POP 00000327: JUMP 00000328: JUMPDEST 00000329: CALLER 0000032a: PUSH1 0x01 0000032c: PUSH1 0x01 0000032e: PUSH1 0xa0 00000330: SHL 00000331: SUB 00000332: PUSH32 0x0000000000000000000000003533f84c71243a1ca3f76165b046bb05866579e3 00000353: AND 00000354: EQ 00000355: PUSH2 0x038a 00000358: JUMPI 00000359: PUSH1 0x40 0000035b: MLOAD 0000035c: PUSH32 0x8b63087400000000000000000000000000000000000000000000000000000000 0000037d: DUP2 0000037e: MSTORE 0000037f: PUSH1 0x04 00000381: ADD 00000382: PUSH1 0x40 00000384: MLOAD 00000385: DUP1 00000386: SWAP2 00000387: SUB 00000388: SWAP1 00000389: REVERT 0000038a: JUMPDEST 0000038b: PUSH2 0x03d3 0000038e: DUP3 0000038f: DUP3 00000390: DUP1 00000391: DUP1 00000392: PUSH1 0x1f 00000394: ADD 00000395: PUSH1 0x20 00000397: DUP1 00000398: SWAP2 00000399: DIV 0000039a: MUL 0000039b: PUSH1 0x20 0000039d: ADD 0000039e: PUSH1 0x40 000003a0: MLOAD 000003a1: SWAP1 000003a2: DUP2 000003a3: ADD 000003a4: PUSH1 0x40 000003a6: MSTORE 000003a7: DUP1 000003a8: SWAP4 000003a9: SWAP3 000003aa: SWAP2 000003ab: SWAP1 000003ac: DUP2 000003ad: DUP2 000003ae: MSTORE 000003af: PUSH1 0x20 000003b1: ADD 000003b2: DUP4 000003b3: DUP4 000003b4: DUP1 000003b5: DUP3 000003b6: DUP5 000003b7: CALLDATACOPY 000003b8: PUSH0 000003b9: SWAP3 000003ba: ADD 000003bb: SWAP2 000003bc: SWAP1 000003bd: SWAP2 000003be: MSTORE 000003bf: POP 000003c0: POP 000003c1: PUSH1 0x01 000003c3: PUSH1 0x01 000003c5: PUSH1 0xa0 000003c7: SHL 000003c8: SUB 000003c9: DUP8 000003ca: AND 000003cb: SWAP3 000003cc: SWAP2 000003cd: POP 000003ce: POP 000003cf: PUSH2 0x045e 000003d2: JUMP 000003d3: JUMPDEST 000003d4: POP 000003d5: POP 000003d6: POP 000003d7: POP 000003d8: JUMP 000003d9: JUMPDEST 000003da: PUSH2 0x03e1 000003dd: PUSH2 0x03fa 000003e0: JUMP 000003e1: JUMPDEST 000003e2: PUSH2 0x03f5 000003e5: PUSH1 0x01 000003e7: PUSH1 0x01 000003e9: PUSH1 0xa0 000003eb: SHL 000003ec: SUB 000003ed: DUP5 000003ee: AND 000003ef: DUP4 000003f0: DUP4 000003f1: PUSH2 0x04a8 000003f4: JUMP 000003f5: JUMPDEST 000003f6: POP 000003f7: POP 000003f8: POP 000003f9: JUMP 000003fa: JUMPDEST 000003fb: CALLER 000003fc: PUSH1 0x01 000003fe: PUSH1 0x01 00000400: PUSH1 0xa0 00000402: SHL 00000403: SUB 00000404: PUSH32 0x000000000000000000000000f21414d37546de220905fddae4ab586da1c9072d 00000425: AND 00000426: EQ 00000427: PUSH2 0x045c 0000042a: JUMPI 0000042b: PUSH1 0x40 0000042d: MLOAD 0000042e: PUSH32 0x1f51116700000000000000000000000000000000000000000000000000000000 0000044f: DUP2 00000450: MSTORE 00000451: PUSH1 0x04 00000453: ADD 00000454: PUSH1 0x40 00000456: MLOAD 00000457: DUP1 00000458: SWAP2 00000459: SUB 0000045a: SWAP1 0000045b: REVERT 0000045c: JUMPDEST 0000045d: JUMP 0000045e: JUMPDEST 0000045f: PUSH1 0x60 00000461: PUSH2 0x04a1 00000464: DUP4 00000465: DUP4 00000466: PUSH0 00000467: PUSH1 0x40 00000469: MLOAD 0000046a: DUP1 0000046b: PUSH1 0x40 0000046d: ADD 0000046e: PUSH1 0x40 00000470: MSTORE 00000471: DUP1 00000472: PUSH1 0x1e 00000474: DUP2 00000475: MSTORE 00000476: PUSH1 0x20 00000478: ADD 00000479: PUSH32 0x416464726573733a206c6f772d6c6576656c2063616c6c206661696c65640000 0000049a: DUP2 0000049b: MSTORE 0000049c: POP 0000049d: PUSH2 0x050a 000004a0: JUMP 000004a1: JUMPDEST 000004a2: SWAP4 000004a3: SWAP3 000004a4: POP 000004a5: POP 000004a6: POP 000004a7: JUMP 000004a8: JUMPDEST 000004a9: PUSH2 0x04d4 000004ac: DUP4 000004ad: PUSH32 0xa9059cbb00000000000000000000000000000000000000000000000000000000 000004ce: DUP5 000004cf: DUP5 000004d0: PUSH2 0x05fd 000004d3: JUMP 000004d4: JUMPDEST 000004d5: PUSH2 0x03f5 000004d8: JUMPI 000004d9: PUSH1 0x40 000004db: MLOAD 000004dc: PUSH32 0xfb7f507900000000000000000000000000000000000000000000000000000000 000004fd: DUP2 000004fe: MSTORE 000004ff: PUSH1 0x04 00000501: ADD 00000502: PUSH1 0x40 00000504: MLOAD 00000505: DUP1 00000506: SWAP2 00000507: SUB 00000508: SWAP1 00000509: REVERT 0000050a: JUMPDEST 0000050b: PUSH1 0x60 0000050d: DUP3 0000050e: SELFBALANCE 0000050f: LT 00000510: ISZERO 00000511: PUSH2 0x0587 00000514: JUMPI 00000515: PUSH1 0x40 00000517: MLOAD 00000518: PUSH3 0x461bcd 0000051c: PUSH1 0xe5 0000051e: SHL 0000051f: DUP2 00000520: MSTORE 00000521: PUSH1 0x20 00000523: PUSH1 0x04 00000525: DUP3 00000526: ADD 00000527: MSTORE 00000528: PUSH1 0x26 0000052a: PUSH1 0x24 0000052c: DUP3 0000052d: ADD 0000052e: MSTORE 0000052f: PUSH32 0x416464726573733a20696e73756666696369656e742062616c616e636520666f 00000550: PUSH1 0x44 00000552: DUP3 00000553: ADD 00000554: MSTORE 00000555: PUSH32 0x722063616c6c0000000000000000000000000000000000000000000000000000 00000576: PUSH1 0x64 00000578: DUP3 00000579: ADD 0000057a: MSTORE 0000057b: PUSH1 0x84 0000057d: ADD 0000057e: JUMPDEST 0000057f: PUSH1 0x40 00000581: MLOAD 00000582: DUP1 00000583: SWAP2 00000584: SUB 00000585: SWAP1 00000586: REVERT 00000587: JUMPDEST 00000588: PUSH0 00000589: DUP1 0000058a: DUP7 0000058b: PUSH1 0x01 0000058d: PUSH1 0x01 0000058f: PUSH1 0xa0 00000591: SHL 00000592: SUB 00000593: AND 00000594: DUP6 00000595: DUP8 00000596: PUSH1 0x40 00000598: MLOAD 00000599: PUSH2 0x05a2 0000059c: SWAP2 0000059d: SWAP1 0000059e: PUSH2 0x070a 000005a1: JUMP 000005a2: JUMPDEST 000005a3: PUSH0 000005a4: PUSH1 0x40 000005a6: MLOAD 000005a7: DUP1 000005a8: DUP4 000005a9: SUB 000005aa: DUP2 000005ab: DUP6 000005ac: DUP8 000005ad: GAS 000005ae: CALL 000005af: SWAP3 000005b0: POP 000005b1: POP 000005b2: POP 000005b3: RETURNDATASIZE 000005b4: DUP1 000005b5: PUSH0 000005b6: DUP2 000005b7: EQ 000005b8: PUSH2 0x05dc 000005bb: JUMPI 000005bc: PUSH1 0x40 000005be: MLOAD 000005bf: SWAP2 000005c0: POP 000005c1: PUSH1 0x1f 000005c3: NOT 000005c4: PUSH1 0x3f 000005c6: RETURNDATASIZE 000005c7: ADD 000005c8: AND 000005c9: DUP3 000005ca: ADD 000005cb: PUSH1 0x40 000005cd: MSTORE 000005ce: RETURNDATASIZE 000005cf: DUP3 000005d0: MSTORE 000005d1: RETURNDATASIZE 000005d2: PUSH0 000005d3: PUSH1 0x20 000005d5: DUP5 000005d6: ADD 000005d7: RETURNDATACOPY 000005d8: PUSH2 0x05e1 000005db: JUMP 000005dc: JUMPDEST 000005dd: PUSH1 0x60 000005df: SWAP2 000005e0: POP 000005e1: JUMPDEST 000005e2: POP 000005e3: SWAP2 000005e4: POP 000005e5: SWAP2 000005e6: POP 000005e7: PUSH2 0x05f2 000005ea: DUP8 000005eb: DUP4 000005ec: DUP4 000005ed: DUP8 000005ee: PUSH2 0x064b 000005f1: JUMP 000005f2: JUMPDEST 000005f3: SWAP8 000005f4: SWAP7 000005f5: POP 000005f6: POP 000005f7: POP 000005f8: POP 000005f9: POP 000005fa: POP 000005fb: POP 000005fc: JUMP 000005fd: JUMPDEST 000005fe: PUSH0 000005ff: PUSH1 0x40 00000601: MLOAD 00000602: DUP5 00000603: DUP2 00000604: MSTORE 00000605: DUP4 00000606: PUSH1 0x04 00000608: DUP3 00000609: ADD 0000060a: MSTORE 0000060b: DUP3 0000060c: PUSH1 0x24 0000060e: DUP3 0000060f: ADD 00000610: MSTORE 00000611: PUSH1 0x20 00000613: PUSH0 00000614: PUSH1 0x44 00000616: DUP4 00000617: PUSH0 00000618: DUP11 00000619: GAS 0000061a: CALL 0000061b: SWAP2 0000061c: POP 0000061d: POP 0000061e: DUP1 0000061f: ISZERO 00000620: PUSH2 0x0320 00000623: JUMPI 00000624: RETURNDATASIZE 00000625: DUP1 00000626: ISZERO 00000627: PUSH2 0x063b 0000062a: JUMPI 0000062b: PUSH1 0x01 0000062d: PUSH0 0000062e: MLOAD 0000062f: EQ 00000630: PUSH1 0x1f 00000632: RETURNDATASIZE 00000633: GT 00000634: AND 00000635: SWAP2 00000636: POP 00000637: PUSH2 0x0642 0000063a: JUMP 0000063b: JUMPDEST 0000063c: PUSH0 0000063d: DUP7 0000063e: EXTCODESIZE 0000063f: GT 00000640: SWAP2 00000641: POP 00000642: JUMPDEST 00000643: POP 00000644: SWAP5 00000645: SWAP4 00000646: POP 00000647: POP 00000648: POP 00000649: POP 0000064a: JUMP 0000064b: JUMPDEST 0000064c: PUSH1 0x60 0000064e: DUP4 0000064f: ISZERO 00000650: PUSH2 0x06b9 00000653: JUMPI 00000654: DUP3 00000655: MLOAD 00000656: PUSH0 00000657: SUB 00000658: PUSH2 0x06b2 0000065b: JUMPI 0000065c: PUSH1 0x01 0000065e: PUSH1 0x01 00000660: PUSH1 0xa0 00000662: SHL 00000663: SUB 00000664: DUP6 00000665: AND 00000666: EXTCODESIZE 00000667: PUSH2 0x06b2 0000066a: JUMPI 0000066b: PUSH1 0x40 0000066d: MLOAD 0000066e: PUSH3 0x461bcd 00000672: PUSH1 0xe5 00000674: SHL 00000675: DUP2 00000676: MSTORE 00000677: PUSH1 0x20 00000679: PUSH1 0x04 0000067b: DUP3 0000067c: ADD 0000067d: MSTORE 0000067e: PUSH1 0x1d 00000680: PUSH1 0x24 00000682: DUP3 00000683: ADD 00000684: MSTORE 00000685: PUSH32 0x416464726573733a2063616c6c20746f206e6f6e2d636f6e7472616374000000 000006a6: PUSH1 0x44 000006a8: DUP3 000006a9: ADD 000006aa: MSTORE 000006ab: PUSH1 0x64 000006ad: ADD 000006ae: PUSH2 0x057e 000006b1: JUMP 000006b2: JUMPDEST 000006b3: POP 000006b4: DUP2 000006b5: PUSH2 0x0320 000006b8: JUMP 000006b9: JUMPDEST 000006ba: PUSH2 0x0320 000006bd: DUP4 000006be: DUP4 000006bf: DUP2 000006c0: MLOAD 000006c1: ISZERO 000006c2: PUSH2 0x06ce 000006c5: JUMPI 000006c6: DUP2 000006c7: MLOAD 000006c8: DUP1 000006c9: DUP4 000006ca: PUSH1 0x20 000006cc: ADD 000006cd: REVERT 000006ce: JUMPDEST 000006cf: DUP1 000006d0: PUSH1 0x40 000006d2: MLOAD 000006d3: PUSH3 0x461bcd 000006d7: PUSH1 0xe5 000006d9: SHL 000006da: DUP2 000006db: MSTORE 000006dc: PUSH1 0x04 000006de: ADD 000006df: PUSH2 0x057e 000006e2: SWAP2 000006e3: SWAP1 000006e4: PUSH2 0x0725 000006e7: JUMP 000006e8: JUMPDEST 000006e9: PUSH0 000006ea: JUMPDEST 000006eb: DUP4 000006ec: DUP2 000006ed: LT 000006ee: ISZERO 000006ef: PUSH2 0x0702 000006f2: JUMPI 000006f3: DUP2 000006f4: DUP2 000006f5: ADD 000006f6: MLOAD 000006f7: DUP4 000006f8: DUP3 000006f9: ADD 000006fa: MSTORE 000006fb: PUSH1 0x20 000006fd: ADD 000006fe: PUSH2 0x06ea 00000701: JUMP 00000702: JUMPDEST 00000703: POP 00000704: POP 00000705: PUSH0 00000706: SWAP2 00000707: ADD 00000708: MSTORE 00000709: JUMP 0000070a: JUMPDEST 0000070b: PUSH0 0000070c: DUP3 0000070d: MLOAD 0000070e: PUSH2 0x071b 00000711: DUP2 00000712: DUP5 00000713: PUSH1 0x20 00000715: DUP8 00000716: ADD 00000717: PUSH2 0x06e8 0000071a: JUMP 0000071b: JUMPDEST 0000071c: SWAP2 0000071d: SWAP1 0000071e: SWAP2 0000071f: ADD 00000720: SWAP3 00000721: SWAP2 00000722: POP 00000723: POP 00000724: JUMP 00000725: JUMPDEST 00000726: PUSH1 0x20 00000728: DUP2 00000729: MSTORE 0000072a: PUSH0 0000072b: DUP3 0000072c: MLOAD 0000072d: DUP1 0000072e: PUSH1 0x20 00000730: DUP5 00000731: ADD 00000732: MSTORE 00000733: PUSH2 0x0743 00000736: DUP2 00000737: PUSH1 0x40 00000739: DUP6 0000073a: ADD 0000073b: PUSH1 0x20 0000073d: DUP8 0000073e: ADD 0000073f: PUSH2 0x06e8 00000742: JUMP 00000743: JUMPDEST 00000744: PUSH1 0x1f 00000746: ADD 00000747: PUSH1 0x1f 00000749: NOT 0000074a: AND 0000074b: SWAP2 0000074c: SWAP1 0000074d: SWAP2 0000074e: ADD 0000074f: PUSH1 0x40 00000751: ADD 00000752: SWAP3 00000753: SWAP2 00000754: POP 00000755: POP 00000756: JUMP 00000757: INVALID 00000758: LOG1 00000759: PUSH5 0x736f6c6343 0000075f: STOP 00000760: ADDMOD 00000761: OR 00000762: STOP 00000763: EXP
| Severity | Category | Tool | Title | Confidence | Validated | Confirmed | Details |
|---|---|---|---|---|---|---|---|
| high | other | detector | Untrusted CALL target/value reachable | 60 | no | no |
viewtrace_id: 0x86f0c4eba44056659fd4e1049303bd88ba5bf6e46fb53be850bb247407b777da
call_targets:
0x0bc44c5552852a46750fa95168c7c5a0d677fb5c
target_varies:
no
classification:
constant_target
validation_json{
"sink": "CALL",
"errors": 0,
"status": "sink_reached",
"attempts": 1,
"trace_id": "0x86f0c4eba44056659fd4e1049303bd88ba5bf6e46fb53be850bb247407b777da",
"confirmed": false,
"trace_mode": "callTracer",
"call_targets": [
"0x0bc44c5552852a46750fa95168c7c5a0d677fb5c"
],
"matched_probe": null,
"target_varies": false,
"classification": "constant_target"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0xc45a0155",
"selector": "0xc45a0155",
"calldata_variants": [
"0xc45a0155",
"0xc45a01550000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xc5ecfed7",
"selector": "0xc5ecfed7",
"calldata_variants": [
"0xc5ecfed7",
"0xc5ecfed70000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xcb2ef6f7",
"selector": "0xcb2ef6f7",
"calldata_variants": [
"0xcb2ef6f7",
"0xcb2ef6f70000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xd1660f99",
"selector": "0xd1660f99",
"calldata_variants": [
"0xd1660f99",
"0xd1660f990000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x1cff79cd",
"selector": "0x1cff79cd",
"calldata_variants": [
"0x1cff79cd",
"0x1cff79cd0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x54fd4d50",
"selector": "0x54fd4d50",
"calldata_variants": [
"0x54fd4d50",
"0x54fd4d500000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xc12c21c0",
"selector": "0xc12c21c0",
"calldata_variants": [
"0xc12c21c0",
"0xc12c21c00000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 1454,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 1562,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
}
],
"call_count": 2,
"guards_detected": [],
"untrusted_call_count": 2
}
|
| high | other | detector | ETH value transfer possible | 55 | no | no |
viewtrace_id: 0x86f0c4eba44056659fd4e1049303bd88ba5bf6e46fb53be850bb247407b777da
call_targets:
0x0bc44c5552852a46750fa95168c7c5a0d677fb5c
target_varies:
no
classification:
constant_target
validation_json{
"sink": "CALL",
"errors": 0,
"status": "sink_reached",
"attempts": 1,
"trace_id": "0x86f0c4eba44056659fd4e1049303bd88ba5bf6e46fb53be850bb247407b777da",
"confirmed": false,
"trace_mode": "callTracer",
"call_targets": [
"0x0bc44c5552852a46750fa95168c7c5a0d677fb5c"
],
"matched_probe": null,
"target_varies": false,
"classification": "constant_target"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0xc45a0155",
"selector": "0xc45a0155",
"calldata_variants": [
"0xc45a0155",
"0xc45a01550000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xc5ecfed7",
"selector": "0xc5ecfed7",
"calldata_variants": [
"0xc5ecfed7",
"0xc5ecfed70000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xcb2ef6f7",
"selector": "0xcb2ef6f7",
"calldata_variants": [
"0xcb2ef6f7",
"0xcb2ef6f70000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xd1660f99",
"selector": "0xd1660f99",
"calldata_variants": [
"0xd1660f99",
"0xd1660f990000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x1cff79cd",
"selector": "0x1cff79cd",
"calldata_variants": [
"0x1cff79cd",
"0x1cff79cd0000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0x54fd4d50",
"selector": "0x54fd4d50",
"calldata_variants": [
"0x54fd4d50",
"0x54fd4d500000000000000000000000000000000000000000000000000000000000000000"
]
},
{
"calldata": "0xc12c21c0",
"selector": "0xc12c21c0",
"calldata_variants": [
"0xc12c21c0",
"0xc12c21c00000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 1454,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
},
{
"pc": 1562,
"opcode": "CALL",
"returndata_checked": null,
"value_expression_category": "computed",
"target_expression_category": "computed"
}
],
"eth_value_calls": 2,
"guards_detected": []
}
|