A
ARGUS
11-EYE recon + correlation engine
LIVE - Updated 2026-05-10T20:27:04Z
auto-refresh every 10 min
DAY 31 / 90 of 90-day challenge

Snapshot

Methodology Rules
38
cumulative since Day 1
Disclosures Sent
1
awaiting reply
Walks Averted
11
submission slots saved (30d)
Active Findings
2
pending submission/payout

Detail (click to expand)

🎯Active Findings 2
FindingTargetSeverityEst. PayoutStatus
Polymarket NegRiskOperator DELAY_PERIOD=0 post-audit regressionPolymarket (Cantina, $5M pool)CRITICAL$200K-$1MSUBMITTED Cantina Finding #570 - 2026-05-10 20:17 UTC, status New (pending triage)
dYdX v4 Megavault equity asymmetrydYdX v4 (Cantina)HIGH$150K-$1MBanked-not-submitted (audit-adjacent: 2024-Q2 Informal Systems INFORMATIONAL)
Recent Walks (Methodology Defense) 11
DateTargetReasonSaved
2026-05-10Compound V3 (out-of-methodology-scope, no in-repo audits)Sub-rule 38.1 - Compound publishes audits externally not in-repo. Methodology pivot needed.50min Buddy time + clean methodology calibration
2026-05-10Pendle Finance v2 (saturated)22 audits / 8+ firms. 4/5 fix-class candidates MATCH at HEAD. Rule 38 saturation.50min Buddy time + audit-saturation pattern data
2026-05-10Morpho Blue (clean fixes)3 audits parsed, 2 fix-class candidates checked, both MATCH at HEAD. Strong audit-response discipline.Calibration data: Morpho Labs preserves audit fixes.
2026-05-09Reserve Protocol Cantina ($10M pool)Audit-saturation: 16+ prior audits cover backing-basket/issuance/redemption surfaces. Step 1 audit-coverage check killed candidate in 55 min.Cantina submission slot + 3-4h Buddy time
2026-05-09dYdX v4 Cantina (Cosmos hook ordering)Architecture mismatch - dYdX uses direct keeper imports + ABCI order, not hooks pattern. Banked sub-rule under Rule 36.Cantina submission slot + 4-6h Buddy time
2026-05-08Fireblocks MPC BugcrowdPattern A docs explicitly require event_id dedup (Rule 34 sub-rule)Bugcrowd submission slot
2026-05-08Centrifuge V3.1 Sherlock contest 1028Contest finished Nov 17 2025 (Rule 35)Sherlock submission slot - pivoted to direct disclosure
2026-05-08Babylon Phase-2 cycles 1+2Disclosed GHSAs already public + Skeptic gate 4 unconfirmed2 Sherlock submission slots
📚Rules Banked 38
#RuleDateSummary
RULE 38.3Audit-date vs repo-HEAD-date check (Sub-rule, PROVEN 2026-05-10)2026-05-10If audit_date > repo_HEAD_date, public repo is stale snapshot. Bug visible cannot be promoted to live without deployment verification. Behavior-test via RPC = 25min, vs hours for bytecode decompile. Vesu founder case + saved $100 false-positive.
RULE 38.2Audit-named-commit verification (Sub-rule)2026-05-09If audit says 'Resolved in commit X' and X not in git log --all, mark NEEDS-FOLLOW-UP not REGRESSION. Could be curated mirror. Pendle PR 526 founder case.
RULE 38.1Pre-flight applicability check (Sub-rule)2026-05-09Confirm audits/ dir or README links audits BEFORE firing Rule 38. If neither, pivot to different primitive or allocate external-audit-fetch budget. Compound V3 founder case.
RULE 38Post-audit regression hunting primitive2026-05-09Audit findings marked RESOLVED/FIXED can REGRESS, often buried in unrelated PRs. Pull audits + grep current code + diff = HIGH-EV bug class. Polymarket DELAY_PERIOD founder.
RULE 37Adapt primitive to architecture, don't walk on mismatch2026-05-09Walks belong to scope/status/saturation - NOT architecture-mismatch. Audit primitives compound at INVARIANT level.
📊Programs & Scope 890 programs
Programs
890
890 active / 0 suspended
In-Scope Assets
45,294
across all programs
Vendor Clusters
9
52 members
Total Signals
2,395
cumulative all EYEs
🚨Signal Tiers 12 T1 / 789 T2 / 1,594 T3
Tier-1 Alerts
12
submission-worthy
Tier-2 Signals
789
deferred / follow-up
Tier-3 Signals
1,594
tracking / informational
Unprocessed 24h
0
awaiting Brain
👁️EYE Breakdown 2,395 signals across 8 EYEs
EYE_0: 26EYE_1: 998EYE_2: 0EYE_3: 18EYE_4: 665EYE_5: 564EYE_10: 124EYE_11: 0
📡Recent Tier-1 + Tier-2 Signals 30
TierEYETypeTargetDetected
Tier-2EYE 10all-a-records-migratedwww.yeswehack.com2h ago
Tier-2EYE 10all-a-records-migratedwww.microsoft.com2h ago
Tier-2EYE 10all-a-records-migrateditunes.apple.com2h ago
Tier-2EYE 10all-a-records-migratedauth.immutable.com2h ago
Tier-2EYE 10all-a-records-migratedapi.x.immutable.com2h ago
Tier-2EYE 10all-a-records-migrateddocs.immutable.com2h ago
Tier-2EYE 10all-a-records-migratedwww.shffls.com2h ago
Tier-2EYE 10all-a-records-migrateddocs.sophos.com2h ago
Tier-2EYE 10all-a-records-migratedwww.sophos.com2h ago
Tier-2EYE 10all-a-records-migratedwww.assurancewireless.com2h ago
Tier-2EYE 10all-a-records-migrateddocsite.vistarmedia.com2h ago
Tier-2EYE 10all-a-records-migrateddigits.t-mobile.com2h ago
Tier-2EYE 10all-a-records-migratedtfb.t-mobile.com2h ago
Tier-2EYE 10all-a-records-migrateddevedge.t-mobile.com2h ago
Tier-2EYE 10all-a-records-migratedsprint.com2h ago
Tier-2EYE 10all-a-records-migratedapi.t-mobile.com2h ago
Tier-2EYE 10all-a-records-migratedaccount.t-mobile.com2h ago
Tier-2EYE 4github-commit-newhttps://github.com/anza-xyz/agave5h ago
Tier-2EYE 10all-a-records-migratedwww.yeswehack.com8h ago
Tier-2EYE 10all-a-records-migrateddocs.immutable.com8h ago
Tier-2EYE 10all-a-records-migratedwww.shffls.com8h ago
Tier-2EYE 10all-a-records-migratedauth.immutable.com8h ago
Tier-2EYE 10all-a-records-migratedapi.x.immutable.com8h ago
Tier-2EYE 10all-a-records-migratedwiki.atom-lens.com8h ago
Tier-2EYE 10all-a-records-migratedsignature.blis.com8h ago
📂Sourcemap Captures (EYE 3) 9
HostPathSizeFilesRecovered
wallet.opensea.io/assets/index-C_N1jGkP.js.map9197.9 KB123716h ago
marketplace.auth0.com/_next/static/chunks/pages/_app-5472c689...5696.1 KB12131d ago
marketplace.auth0.com/_next/static/chunks/pages/index-f374b1d...0.5 KB12d ago
marketplace.auth0.com/_next/static/chunks/framework-67c9938e3...183.8 KB92d ago
wallet.opensea.io/assets/index-DGk1JYWX.js.map9197.9 KB12372d ago
marketplace.auth0.com/_next/static/chunks/webpack-5aadf7b0e00...13.4 KB212d ago
marketplace.auth0.com/_next/static/chunks/main-7e69766e8eff35...656.8 KB1342d ago
clients.adstruc.com/static/js/main.45ab4b31.js.map15953.6 KB21412d ago
wallet.opensea.io/assets/index-BWT8Nbv7.js.map9197.9 KB12372d ago
🔧Recent High-Signal GitHub Commits (EYE 4) 12 of 23 watched repos
RepoLabelSHAMessageCommitted
coinbase/smart-walletsecuritye7fde11a50faAdd SECURITY.md (#167)12d ago
Uniswap/v4-peripherygeneric_bypass9dafaaecc1e2fix: pin npm to specific version in deploy workflow (#520)38d ago
babylonlabs-io/babylonsecurityd00e68415909chore(deps): bump google.golang.org/grpc from 1.77.0 to 1.79.3 in the go_modules group acr46d ago
babylonlabs-io/babylonsecurity65d793a0a8b8ci: enhance backport workflow security (#1977)54d ago
Uniswap/UniswapXsecurity9c8f9017a694fix: resolve zizmor GitHub Actions security findings (#362)61d ago
Uniswap/v4-peripherysecuritycfa74b47304dfix: resolve zizmor GitHub Actions security findings (#515)61d ago
babylonlabs-io/babylonsecurity0a2d17d8df02chore(deps): bump the go_modules group across 1 directory with 4 updates (#1974)69d ago
dydxprotocol/v4-chainsecurity07b2c964e689upgrade cometbft and cosmos-sdk for tachyon security fix (#3320)104d ago
Uniswap/UniswapXsecurity687d9e122082fix(DCA): dca allocation bug (#360)106d ago
Uniswap/UniswapXsecurity898d71736220ci: integrate Nethermind Audit Agent for automated security scanning (#357)109d ago
Truelayer/truelayer-signingsecurity868e7e7c04baBump Python library from 0.3.7 to 0.3.8 (#343)296d ago
Uniswap/v4-coresecurity5f00c8416c19Safer readme example (#961)403d ago
⚖️Sherlock Contest Watcher (EYE 11) 0 active / 297 tracked / $0 active pool

Top active contests

TitlePoolStatusEnds
No active Sherlock contests right now.

Recent state transitions

TitleTransitionPoolDetected
No Sherlock transitions yet.
🏢Vendor Clusters 9
ClusterMembers
FDJ-Kindred16
ByteDance-TLB8
Atlassian-Edge7
Salesforce-Experience-Cloud6
Apple-Geneva-Staging5
Intergamma4
IDnow2
Mozilla-allizom-Staging2
AutoDiscovered-GitRepo-intergamma/shopfront2
🔄Recent State Transitions 3
HostNoteDetected
-state changed suspended->active1d ago
-state changed suspended->active3d ago
-state changed active->suspended3d ago