Tripwire

Find contracts. Test them. Review real vulns.

Contract

0x4a1dc57d949db46a456d0104f437ed87ee24422f failed chain 1

Latest run: 019c0eab-c14a-7068-a5b7-e9885803d0b8 failed

Dedaub

Queue = batch runner. Audit = immediate run. Audit + LLM forces codex.

Value & Balances

$0.00

last balance 3 months ago

ETH

0.0000

WETH

0.0000

USDC

0.00

USDT

0.00

Findings Signal

confirmed findings

crit 0 high 0 unconfirmed 11 total 11

Latest run

019c0eab-c14a-7068-a5b7-e9885803d0b8 failed

validated = confirmed for call sinks; sink observed for others

Proxy & Workflow

linkage

Proxy status

non-proxy

Implementation address

—

Proxies pointing here

View top proxies

0xfca6a62a11cd75ef6506c4973a67c5b2a3d8915f $43,264.41

Workflow

failed

attempts 0

checked 2 months ago

error slither failed (exit 1): 'forge clean' running (wd: /tmp/slither-l8qdmsx2) 'forge config --json' running 'forge build --build-info --skip ./test/** ./script/** --force' running (wd: /tmp/slither-l8qdmsx2) 'forge' returned non-zero exit code 1 [2m2026-01-30T17:04:38.427935Z[0m [31mERROR[0m [2mfoundry_compilers_artifacts_solc::sources[0m[2m:[0m [3merror[0m[2m=[0m"/tmp/slither-l8qdmsx2/lib/openzeppelin-contracts/contracts/token/ERC20/SafeERC20.sol": No such file or directory (os error 2) stdout: [2m2026-01-30T17:04:38.428058Z[0m [31mERROR[0m [2mfoundry_compilers_artifacts_solc::sources[0m[2m:[0m [3merror[0m[2m=[0m"/tmp/slither-l8qdmsx2/lib/openzeppelin-contracts/contracts/proxy/ProxyAdmin.sol": No such file or directory (os error 2) stdout: [2m2026-01-30T17:04:38.428105Z[0m [31mERROR[0m [2mfoundry_compilers_artifacts_solc::sources[0m[2m:[0m [3merror[0m[2m=[0m"/tmp/slither-l8qdmsx2/lib/openzeppelin-contracts/contracts/token/ERC20/SafeERC20.sol": No such file or directory (os error 2) stdout: [2m2026-01-30T17:04:38.428139Z[0m [31mERROR[0m [2mfoundry_compilers_artifacts_solc::sources[0m[2m:[0m [3merror[0m[2m=[0m"/tmp/slither-l8qdmsx2/lib/openzeppelin-contracts/contracts/math/SafeMath.sol": No such file or directory (os error 2) stdout: [2m2026-01-30T17:04:38.428171Z[0m [31mERROR[0m [2mfoundry_compilers_artifacts_solc::sources[0m[2m:[0m [3merror[0m[2m=[0m"/tmp/slither-l8qdmsx2/lib/openzeppelin-contracts/contracts/math/SafeMath.sol": No such file or directory (os error 2) stdout: [2m2026-01-30T17:04:38.428199Z[0m [31mERROR[0m [2mfoundry_compilers_artifacts_solc::sources[0m[2m:[0m [3merror[0m[2m=[0m"/tmp/slither-l8qdmsx2/lib/openzeppelin-contracts/contracts/math/SafeMath.sol": No such file or directory (os error 2) stdout: [2m2026-01-30T17:04:38.428225Z[0m [31mERROR[0m [2mfoundry_compilers_artifacts_solc::sources[0m[2m:[0m [3merror[0m[2m=[0m"/tmp/slither-l8qdmsx2/lib/openzeppelin-contracts/contracts/presets/ERC20PresetMinterPauser.sol": No such file or directory (os error 2) stdout: [2m2026-01-30T17:04:38.428234Z[0m [31mERROR[0m [2mfoundry_compilers_artifacts_solc::sources[0m[2m:[0m [3merror[0m[2m=[0m"/tmp/slither-l8qdmsx2/lib/openzeppelin-contracts/contracts/presets/ERC20PresetMinterPauser.sol": No such file or directory (os error 2) stdout: Unable to resolve imports: stdout: "@openzeppelin/contracts/math/SafeMath.sol" in "/tmp/slither-l8qdmsx2/contracts/libs/LibGas.sol" stdout: "@openzeppelin/contracts/presets/ERC20PresetMinterPauser.sol" in "/tmp/slither-l8qdmsx2/contracts/testing/TokenB.sol" stdout: "@openzeppelin/contracts/math/SafeMath.sol" in "/tmp/slither-l8qdmsx2/contracts/swapper/uniswap/Uniswapper.sol" stdout: "@openzeppelin/contracts/token/ERC20/SafeERC20.sol" in "/tmp/slither-l8qdmsx2/contracts/libs/LibGas.sol" stdout: "@openzeppelin/contracts/math/SafeMath.sol" in "/tmp/slither-l8qdmsx2/contracts/swapper/uniswapRouting/RoutedSwap.sol" stdout: "@openzeppelin/contracts/token/ERC20/SafeERC20.sol" in "/tmp/slither-l8qdmsx2/contracts/SwapSettlement.sol" stdout: "@openzeppelin/contracts/proxy/ProxyAdmin.sol" in "/tmp/slither-l8qdmsx2/contracts/deployment/DeploymentAdmin.sol" stdout: "@openzeppelin/contracts/presets/ERC20PresetMinterPauser.sol" in "/tmp/slither-l8qdmsx2/contracts/testing/TokenA.sol" stdout: with remappings: stdout: openzeppelin-contracts/=/tmp/slither-l8qdmsx2/lib/openzeppelin-contracts/ stdout: @openzeppelin/contracts/=/tmp/slither-l8qdmsx2/lib/openzeppelin-contracts/contracts/ stdout: Compiling 20 files with Solc 0.6.8 stdout: Solc 0.6.8 finished in 20.86ms Error: Compiler run failed: stderr: Error: Source "lib/openzeppelin-contracts/contracts/token/ERC20/SafeERC20.sol" not found: File not found. stderr: contracts/SwapSettlement.sol:7:1: ParserError: Source "lib/openzeppelin-contracts/contracts/token/ERC20/SafeERC20.sol" not found: File not found. stderr: import "@openzeppelin/contracts/token/ERC20/SafeERC20.sol"; stderr: ^---------------------------------------------------------^ stderr: Error: Source "lib/openzeppelin-contracts/contracts/proxy/ProxyAdmin.sol" not found: File not found. stderr: contracts/deployment/DeploymentAdmin.sol:4:1: ParserError: Source "lib/openzeppelin-contracts/contracts/proxy/ProxyAdmin.sol" not found: File not found. stderr: import "@openzeppelin/contracts/proxy/ProxyAdmin.sol"; stderr: ^----------------------------------------------------^ stderr: Error: Source "lib/openzeppelin-contracts/contracts/token/ERC20/SafeERC20.sol" not found: File not found. stderr: contracts/libs/LibGas.sol:5:1: ParserError: Source "lib/openzeppelin-contracts/contracts/token/ERC20/SafeERC20.sol" not found: File not found. stderr: import "@openzeppelin/contracts/token/ERC20/SafeERC20.sol"; stderr: ^---------------------------------------------------------^ stderr: Error: Source "lib/openzeppelin-contracts/contracts/math/SafeMath.sol" not found: File not found. stderr: contracts/libs/LibGas.sol:6:1: ParserError: Source "lib/openzeppelin-contracts/contracts/math/SafeMath.sol" not found: File not found. stderr: import "@openzeppelin/contracts/math/SafeMath.sol"; stderr: ^-------------------------------------------------^ stderr: Error: Source "lib/openzeppelin-contracts/contracts/math/SafeMath.sol" not found: File not found. stderr: contracts/swapper/uniswap/Uniswapper.sol:6:1: ParserError: Source "lib/openzeppelin-contracts/contracts/math/SafeMath.sol" not found: File not found. stderr: import "@openzeppelin/contracts/math/SafeMath.sol"; stderr: ^-------------------------------------------------^ stderr: Error: Source "lib/openzeppelin-contracts/contracts/math/SafeMath.sol" not found: File not found. stderr: contracts/swapper/uniswapRouting/RoutedSwap.sol:6:1: ParserError: Source "lib/openzeppelin-contracts/contracts/math/SafeMath.sol" not found: File not found. stderr: import "@openzeppelin/contracts/math/SafeMath.sol"; stderr: ^-------------------------------------------------^ stderr: Error: Source "lib/openzeppelin-contracts/contracts/presets/ERC20PresetMinterPauser.sol" not found: File not found. stderr: contracts/testing/TokenA.sol:4:1: ParserError: Source "lib/openzeppelin-contracts/contracts/presets/ERC20PresetMinterPauser.sol" not found: File not found. stderr: import "@openzeppelin/contracts/presets/ERC20PresetMinterPauser.sol"; stderr: ^-------------------------------------------------------------------^ stderr: Error: Source "lib/openzeppelin-contracts/contracts/presets/ERC20PresetMinterPauser.sol" not found: File not found. stderr: contracts/testing/TokenB.sol:4:1: ParserError: Source "lib/openzeppelin-contracts/contracts/presets/ERC20PresetMinterPauser.sol" not found: File not found. stderr: import "@openzeppelin/contracts/presets/ERC20PresetMinterPauser.sol"; stderr: ^-------------------------------------------------------------------^ Traceback (most recent call last): File "/var/www/tripwire/.venv/bin/slither", line 10, in <module> sys.exit(main()) ~~~~^^ File "/var/www/tripwire/.venv/lib/python3.13/site-packages/slither/__main__.py", line 776, in main main_impl(all_detector_classes=detectors, all_printer_classes=printers) ~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/var/www/tripwire/.venv/lib/python3.13/site-packages/slither/__main__.py", line 882, in main_impl ) = process_all(filename, args, detector_classes, printer_classes) ~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/var/www/tripwire/.venv/lib/python3.13/site-packages/slither/__main__.py", line 96, in process_all compilations = compile_all(target, **vars(args)) File "/var/www/tripwire/.venv/lib/python3.13/site-packages/crytic_compile/crytic_compile.py", line 722, in compile_all compilations.append(CryticCompile(target, **kwargs)) ~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^ File "/var/www/tripwire/.venv/lib/python3.13/site-packages/crytic_compile/crytic_compile.py", line 211, in __init__ self._compile(**kwargs) ~~~~~~~~~~~~~^^^^^^^^^^ File "/var/www/tripwire/.venv/lib/python3.13/site-packages/crytic_compile/crytic_compile.py", line 633, in _compile self._platform.compile(self, **kwargs) ~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^ File "/var/www/tripwire/.venv/lib/python3.13/site-packages/crytic_compile/platform/foundry.py", line 102, in compile hardhat_like_parsing( ~~~~~~~~~~~~~~~~~~~~^ crytic_compile, str(self._target), build_directory, str(self._project_root) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ) ^ File "/var/www/tripwire/.venv/lib/python3.13/site-packages/crytic_compile/platform/hardhat.py", line 52, in hardhat_like_parsing raise InvalidCompilation(txt) crytic_compile.platform.exceptions.InvalidCompilation: Compilation failed. Can you run build command? /tmp/slither-l8qdmsx2/out/build-info is not a directory.

Latest Findings

validated = confirmed for call sinks; sink observed for others

No confirmed findings yet.

Show unconfirmed findings

Severity	Tool	Title	Validated	Confirmed
critical	detector	Untrusted DELEGATECALL target reachable	no	no
high	detector	ETH value transfer possible	no	no
high	detector	Untrusted CALL target/value reachable	no	no
medium	cast	DELEGATECALL present	no	—
medium	detector	CREATE/CREATE2 reachable	no	no
medium	codex	Orders lack trader authorization; relays can execute arbitrary swaps	no	—
medium	codex	Public initializers can be seized if deployment is not atomic	no	—
low	codex	ERC20 transfer/approve return values are not checked in swap scripts	no	—
low	cast	Contract creation opcode present	no	—
info	cast	Heavy CALL-family usage	no	—
info	cast	Heavy EXTCODE*/BALANCE usage	no	—

From run 019c0eab-c14a-7068-a5b7-e9885803d0b8

Codex

latest run

complete source findings

Missing on-chain order authorization allows relays to execute arbitrary swaps, public initializers can be seized if not initialized atomically, and several ERC20 interactions ignore return values.

Top findings

medium Orders lack trader authorization; relays can execute arbitrary swaps
medium Public initializers can be seized if deployment is not atomic
low ERC20 transfer/approve return values are not checked in swap scripts

View run

Code Metadata

fingerprint

Created block

—

Code size

12186

Codehash

0xf568bbfea49c6211dde46be8e8a0e94b42549a4152899324853c381807d721f8

Priority score

0.000000

Latest run id

—

Recent Runs

last 20

Run ID	Status	Validated	Total findings	Created
019c0eab-c14a-7068-a5b7-e9885803d0b8	failed	crit 0 high 0	11	2 months ago