Tripwire

Find contracts. Test them. Review real vulns.

Contract

0x7290367aa694703220516a35e68e3d339ee7d193 skipped chain 1

Latest run: a63772f1-048a-4d9c-860a-5b89e63f052c failed

Dedaub

Queue = batch runner. Audit = immediate run. Audit + LLM forces codex.

Value & Balances

$0.00

last balance 3 months ago

ETH

0.0000

WETH

0.0000

USDC

0.00

USDT

0.00

Findings Signal

confirmed findings

crit 0 high 0 unconfirmed 8 total 8

Latest run

a63772f1-048a-4d9c-860a-5b89e63f052c failed

validated = confirmed for call sinks; sink observed for others

Proxy & Workflow

linkage

Proxy status

non-proxy

Implementation address

—

Proxies pointing here

18 showing top 10

View top proxies

0x845c0179060362f071ff5c7f1d2703617a480f3e $240,667.27

0xeacadc656c9394fb09af25aebc0897fdffe484a1 $59,139.62

0x362ddd14f69924ebbf9066ddd2ae7c171cf6d098 $23,619.80

0x6e1fbeeaba87bae1100d95f8340dc27ad7c8427b $18,901.97

0x682831244b0e97946abc52cb1893cce398de3a35 $1,754.09

0xf3f82bc165a83425e81b8f2858d786e41ab21671 $1,562.22

0x5a89feea78872d7a10dda3ddb95ce7a05b99081a $592.93

0x9b357723fa65e5a22b0b48ae397c2c68859b7b38 $307.00

0x27a0c7e1d6051c334d1e80ef6f521aa38eb0a448 $157.88

0x33d15c3c82e09d438d671a04c27e2cc8e1c9d134 $99.27

Workflow

skipped

attempts 0

checked 1 week ago

skip blacklisted_codehash

Latest Findings

validated = confirmed for call sinks; sink observed for others

No confirmed findings yet.

Show unconfirmed findings

Severity	Tool	Title	Validated	Confirmed
high	detector	Untrusted CALL target/value reachable	no	no
high	detector	ETH value transfer possible	no	no
medium	detector	CREATE/CREATE2 reachable	no	no
medium	codex	initialize is permissionless and can be front-run to hijack a pair	no	—
medium	codex	Permit DOMAIN_SEPARATOR is immutable; clone deployments allow cross-pair signature replay	no	—
low	codex	Protocol fee mints even when feeTo is unset, causing LP dilution	no	—
low	cast	Contract creation opcode present	no	—
info	cast	Heavy CALL-family usage	no	—

From run a63772f1-048a-4d9c-860a-5b89e63f052c

Codex

latest run

complete findings

Identified 3 issues: unprotected pair initialization, permit domain separator unsafe with clone deployments, and protocol fee minting when feeTo is unset causing LP dilution.

Top findings

medium initialize is permissionless and can be front-run to hijack a pair
medium Permit DOMAIN_SEPARATOR is immutable; clone deployments allow cross-pair signature replay
low Protocol fee mints even when feeTo is unset, causing LP dilution

View run

Code Metadata

fingerprint

Created block

—

Code size

8246

Codehash

0x69b5b9a8981ac192042ab8e45130e85319ef722a351f354f16b3ab247de0f39c

Priority score

0.000000

Latest run id

a63772f1-048a-4d9c-860a-5b89e63f052c

Recent Runs

last 20

Run ID	Status	Validated	Total findings	Created
a0d6cd78-8eae-42ac-ad8d-3c25ac0bb488	failed	crit 0 high 0	5	3 months ago
a63772f1-048a-4d9c-860a-5b89e63f052c	failed	crit 0 high 0	8	3 months ago