Tripwire

Find contracts. Test them. Review real vulns.

Contract

0x00000000d681e85e5783588f87a9573cb97eda01 checked chain 1

Latest run: 019d5666-f542-7208-84bc-d2e3db83e367 complete

Dedaub

Queue = batch runner. Audit = immediate run. Audit + LLM forces codex.

Value & Balances

$0.00

last balance 3 months ago

ETH

0.0000

WETH

0.0000

USDC

0.00

USDT

0.00

Findings Signal

confirmed findings

crit 0 high 0 unconfirmed 11 total 11

Latest run

019d5666-f542-7208-84bc-d2e3db83e367 complete

validated = confirmed for call sinks; sink observed for others

Proxy & Workflow

linkage

Proxy status

non-proxy

Implementation address

—

Proxies pointing here

View top proxies

0xc95b806ac073df930014ac476d26c8ad918f14e0 $41,195.58

0x17aeabfd3cb214a8757bf07d2e248d526c8c4809 $3.10

Workflow

checked

attempts 0

checked 1 week ago

Latest Findings

validated = confirmed for call sinks; sink observed for others

No confirmed findings yet.

Show unconfirmed findings

Severity	Tool	Title	Validated	Confirmed
high	detector	Untrusted CALL target/value reachable	no	no
high	detector	ETH value transfer possible	no	no
high	codex	Unchecked CowSwap feeAmount lets a limit order drain extra sellToken beyond params.amountIn	no	—
high	slither	GPv2Transfer.transferFromAccounts(IVault,GPv2Transfer.Data[],address) (lib/contracts/src/contracts/libraries/GPv2Transfer.sol#91-136) uses arbitrary from in transferFrom: transf...	no	—
high	slither	GPv2Transfer.fastTransferFromAccount(IVault,GPv2Transfer.Data,address) (lib/contracts/src/contracts/libraries/GPv2Transfer.sol#46-77) uses arbitrary from in transferFrom: transf...	no	—
high	slither	TransferLibrary.receiveAssets(address,address,uint256) (src/libraries/TransferLibrary.sol#40-48) uses arbitrary from in transferFrom: IERC20(asset).safeTransferFrom(from,address...	no	—
high	slither	StorageAccessible.simulateDelegatecallInternal(address,bytes) (lib/contracts/src/contracts/mixins/StorageAccessible.sol#87-95) uses delegatecall to a input-controlled function id	no	—
medium	detector	CREATE/CREATE2 reachable	no	no
low	cast	Contract creation opcode present	no	—
info	cast	Heavy CALL-family usage	no	—
info	cast	Heavy EXTCODE*/BALANCE usage	no	—

From run 019d5666-f542-7208-84bc-d2e3db83e367

Codex

latest run

complete source findings

Read the full AUDIT_BUNDLE.txt. Found one high-severity invariant break in CowSwap limit-order validation: the module does not constrain order fees, so a presigned order can spend more sellToken than params.amountIn.

Top findings

high Unchecked CowSwap feeAmount lets a limit order drain extra sellToken beyond params.amountIn

View run

Code Metadata

fingerprint

Created block

—

Code size

14147

Codehash

0xe6b1f2eca6161c012147afe27bb1f4f0f9a502a14e3b998a22df6713e3d6b447

Priority score

0.000000

Latest run id

—

Recent Runs

last 20

Run ID	Status	Validated	Total findings	Created
019d5666-f542-7208-84bc-d2e3db83e367	complete	crit 0 high 0	11	1 week ago