complete
bytecode
findings
Bytecode review found one high-confidence arithmetic/accounting issue and two lower-confidence ETH-transfer hazards. No proxy/delegatecall pattern was present (`is_proxy=false`, `delegatecall_count=0`).
Top findings
-
high
Cooldown/lock check uses reversed subtraction, collapsing the wait period
-
medium
Fallback/unknown-selector path silently accepts ETH without crediting sender
-
low
ETH payouts are sent with stipend-only CALL semantics, which can lock funds for contract recipients