TW
Tripwire
Find contracts. Test them. Review real vulns.
Contract
0xda9f13722fef7a6357944622f583285da14c90a5 checked chain 1
Latest run: 019d5666-71a5-72ca-9f63-c22da967b9db complete
Dedaub
Queue = batch runner. Audit = immediate run. Audit + LLM forces codex.
Value & Balances
$41,788.00
last balance 3 months ago
ETH
13.4800
WETH
0.0000
USDC
0.00
USDT
0.00
Findings Signal
0
confirmed findings
crit 0 high 0 unconfirmed 7 total 7
validated = confirmed for call sinks; sink observed for others

Proxy & Workflow

linkage
Proxy status
non-proxy
Implementation address
Proxies pointing here
0
Workflow
checked
attempts 3
checked 1 week ago

Latest Findings

validated = confirmed for call sinks; sink observed for others
No confirmed findings yet.
Show unconfirmed findings
Severity Tool Title Validated Confirmed
high detector Untrusted CALL target/value reachable no no
high detector ETH value transfer possible no no
high codex ETH distribution accounting is never persisted, so crossing the payout threshold can brick subsequent purchases no
high slither Reentrancy in Crowdsale.buyTokens(address) (contracts/Contract.sol#698-728): no
high slither Crowdsale.withdrawTokens(IERC20,address) (contracts/Contract.sol#854-862) ignores return value by token_.transfer(beneficiary_,balance) (contracts/Contract.sol#859-862) no
medium codex Per-address round contribution caps are unenforced because contributor totals are never updated no
medium codex buyTokens performs external token delivery before round accounting and lacks the advertised reentrancy guard no
From run 019d5666-71a5-72ca-9f63-c22da967b9db

Codex

latest run
complete source findings
The first-party crowdsale logic has broken ETH distribution accounting, broken per-address contribution accounting, and a reentrancy-prone purchase flow that updates round state after external token delivery.
Top findings
  • high ETH distribution accounting is never persisted, so crossing the payout threshold can brick subsequent purchases
  • medium Per-address round contribution caps are unenforced because contributor totals are never updated
  • medium buyTokens performs external token delivery before round accounting and lacks the advertised reentrancy guard
View run

Code Metadata

fingerprint
Created block
12425374
Code size
9039
Codehash
0xf5c99dfe070299359bdb94110b509b42191250c5060c41721c691292a2c3a592
Priority score
41788.000310

Recent Runs

last 20
Run ID Status Validated Total findings Created
019d5666-71a5-72ca-9f63-c22da967b9db complete crit 0 high 0 7 1 week ago
019b477e-bf0c-7259-9b66-a38eb794e1c8 complete crit 0 high 0 2 3 months ago
019b3844-9a2b-7074-bae7-0aa807c0d1af complete crit 0 high 0 2 3 months ago