A
ARGUS
12-EYE recon + correlation engine
LIVE - Updated 2026-05-15T09:00:01Z
auto-refresh every 10 min
DAY 34 / 90 of 90-day challenge

Snapshot

Methodology Rules
46
cumulative since Day 1
Disclosures Sent
1
awaiting reply
Walks Averted
29
submission slots saved (30d)
Active Findings
1
pending submission/payout

Detail (click to expand)

🎯Active Findings 1
FindingTargetSeverityEst. PayoutStatus
Luno test_bridge.html bridge-enumeration / P3 info-disclosure floorLuno (Bugcrowd)P3 (P2 ceiling pending Cycle 21 runtime retry)P3 floor ~$250-$1,500 (Bugcrowd Luno range); P2 ceiling ~$1-5K if Cycle 21 confirms LimitlessAuthoriseBid silent executionBANKED 2026-05-12 via Cycle 20 static-deep-trace. P1 fund-withdrawal ceiling COLLAPSED (dispatcher allowlist rejects InitiateInstantBuy + InitiateWithdrawal). P3 floor CONFIRMED (test_bridge.html shipped to prod + dispatcher enumeration discloses production endpoint paths + gRPC service paths + payload structures). Kingsley deciding: ship-P3-now OR Cycle 21 runtime retry on BlueStacks/rooted Android for P2 upgrade.
Recent Walks (Methodology Defense) 29
DateTargetReasonSaved
2026-05-12Day 27 actuator corpus (Allstate qa-roadside + IDnow video.test pair)Cycle 18: 3 Tier-1 candidates only serve banner-grabbing endpoints (health/info/prometheus/metrics). High-value endpoints (env/heapdump/loggers/shutdown) all return 404. Rule 33 = unsubmittable. Day 27 249-host corpus retrospectively pre-classified.~30 min Buddy time + decisive Rule 33 calibration; don't re-audit Day 27 corpus
2026-05-12Polymarket multi-audit Sub-rule 38.4 sweep (Cantina BB $5M pool)Cycle 19: 1 DRIFT found = M-01 DELAY_PERIOD=0 (audit recommended INCREASING, team removed via PR #33), but that's the closed-Duplicate #570 finding per brief constraint. ALL other audit-asserted invariants HOLD in current HEAD across ChainSecurity Exchange + UMA + Multi-Outcome.~50 min Buddy time + Polymarket Sub-rule 38.4 surface confirmed saturated
2026-05-12Luno test_bridge.html runtime PoC (Bugcrowd)Cycle 20: P1 fund-withdrawal ceiling COLLAPSED via static-deep-trace. Dispatcher allowlist rejects InitiateInstantBuy + InitiateWithdrawal. Day 25 P1 hypothesis bust. P3 floor confirmed instead.~30 min + saved from false-P1-submission deposit burn
2026-05-11Veda + Lombard + Aera + Renzo NatSpec Sub-rule 38.5 (Cycle 17)4/4 walk-clean on 38.5 retroactive sweep. ~697 NatSpec entries examined. Yield zone refined to un-audited-rich-NatSpec only.~60 min Buddy time + Sub-rule 38.5 yield zone decisively calibrated
2026-05-11Hyperlane CCTP downstream deployers (Cycle 16, Sub-rule 38.3)Hyperlane registry only contains Hyperlane-owned routes. 3rd-party CCTP warp-routes require chain-explorer bytecode-signature scanning (ARGUS-class multi-cycle). Banked for ARGUS EYE 13.~30 min + EYE 13 spec confirmed needed
2026-05-11Hyperlane core Sub-rule 38.4 (Cycle 15-B)Audit-asserted invariants HOLD on Hyperlane canonical deployments. Bug visible in source-only deployments (PR #8519 TokenBridgeCctp) walks Hyperlane's own scope.~45 min + Hyperlane 38.4 surface clean
2026-05-11Aera v3 Sub-rule 38.4 (Cycle 14)All audit-asserted invariants HOLD on current HEAD. Multi-firm audit discipline confirmed.~50 min
2026-05-11Lombard Finance Sub-rule 38.4 (Cycle 13)All audit-asserted invariants HOLD on current HEAD.~45 min
📚Rules Banked 46
#RuleDateSummary
RULE 43Rule 38 yield-targeting filter2026-05-11Pre-cycle audit-discipline scoring filters target list. Veda-class (multi-firm + recent cadence + clean prior outcomes) = HIGH-discipline LOW-yield = skip Rule 38 cycle entirely. Calibrated against 9 walks across Tier-1 Solidity perimeter.
RULE 42Walk-clean is a VALID verdict2026-05-11Walks compound methodology + indirect revenue (Securva positioning, Cantina rep, banked rules) even at $0 direct payout. Dual-revenue compound model.
RULE 41BB-velocity-favorable for Rule 382026-05-11Continuous BB programs (Immunefi/H1/BC/Cantina BB) > private contests (Cantina/C4/Sherlock) for Rule 38. Per-tier fixed rewards vs pool-split contest economics. dYdX (continuous BB, $1M Critical) > Polymarket (contest, $5M pool but cluster-split).
RULE 40Private-contest dup-blindness structural Gate 4 cap2026-05-11Cantina/C4/Sherlock SEAL submissions during contest window. Gate 4 cannot fire reliably. Polymarket #570 founder case (8-finder cluster). Dup-economics flatten upside even for 1st-finder.
RULE 38.5NatSpec / inline-doc implementation drift (Sub-rule)2026-05-12 (yield-zone-calibrated)Code-only sister of 38.4. NatSpec/godoc/JSDoc/docstring claims vs implementation. Yield zone = un-audited-rich-NatSpec ONLY (skip already-audited per Cycle 17 4/4 walk). Skill v0.2 shipped.
RULE 38.4Audit-documented safety-net break (Sub-rule)2026-05-11Audit prose asserts invariant as established fact -> post-audit PR silently breaks it. HIGH-Critical regression class. dYdX V4 founder case (PR #2099 inverted DecommissionNonPositiveEquityVaults, broke line-980 invariant). Skill v0.1 shipped.
📊Programs & Scope 895 programs
Programs
895
889 active / 6 suspended
In-Scope Assets
45,497
across all programs
Vendor Clusters
9
52 members
Total Signals
3,828
cumulative all EYEs
🚨Signal Tiers 17 T1 / 1115 T2 / 2,591 T3
Tier-1 Alerts
17
submission-worthy
Tier-2 Signals
1115
deferred / follow-up
Tier-3 Signals
2,591
tracking / informational
Unprocessed 24h
2
awaiting Brain
👁️EYE Breakdown 3,789 signals across 9 EYEs
EYE_0: 108EYE_1: 1232EYE_2: 0EYE_3: 22EYE_4: 733EYE_5: 1325EYE_10: 368EYE_11: 0EYE_12: 1
📡Recent Tier-1 + Tier-2 Signals 30
TierEYETypeTargetDetected
Tier-2EYE 4github-commit-newhttps://github.com/anza-xyz/agave1h ago
Tier-2EYE 10all-a-records-migratedlink.x.immutable.com2h ago
Tier-2EYE 10all-a-records-migrateddocs.immutable.com2h ago
Tier-2EYE 10all-a-records-migratedimx.community2h ago
Tier-2EYE 10cname-migration-detectedapi.pinterest.com2h ago
Tier-2EYE 10all-a-records-migratedapi.pinterest.com2h ago
Tier-2EYE 10all-a-records-migratedchrome.google.com2h ago
Tier-2EYE 10all-a-records-migratedapi.us1.fga.dev2h ago
Tier-2EYE 10all-a-records-migratedwiki.atom-lens.com2h ago
Tier-2EYE 10all-a-records-migratedcreative.infinity.blismedia.com2h ago
Tier-2EYE 10all-a-records-migratedassets-cdn.vistarmedia.com2h ago
Tier-2EYE 4github-commit-newhttps://github.com/anza-xyz/solana-sdk5h ago
Tier-2EYE 4github-commit-newhttps://github.com/anza-xyz/agave8h ago
Tier-2EYE 4github-commit-newhttps://github.com/anza-xyz/agave8h ago
Tier-2EYE 10all-a-records-migratedimx.community8h ago
Tier-2EYE 10cname-migration-detectedapi.pinterest.com8h ago
Tier-2EYE 10all-a-records-migratedapi.pinterest.com8h ago
Tier-2EYE 10all-a-records-migratedwww.shffls.com8h ago
Tier-2EYE 10all-a-records-migrateddocs.immutable.com8h ago
Tier-2EYE 10all-a-records-migratedwiki.atom-lens.com8h ago
Tier-2EYE 10all-a-records-migratedassets-cdn.vistarmedia.com8h ago
Tier-2EYE 4github-commit-newhttps://github.com/anza-xyz/solana-sdk11h ago
Tier-2EYE 4github-commit-newhttps://github.com/anza-xyz/agave12h ago
Tier-2EYE 4github-commit-newhttps://github.com/anza-xyz/agave13h ago
Tier-2EYE 4github-commit-newhttps://github.com/anza-xyz/agave14h ago
📂Sourcemap Captures (EYE 3) 11
HostPathSizeFilesRecovered
marketplace.auth0.com/_next/static/chunks/pages/_app-dcb5e865...5708.1 KB12132d ago
wallet.opensea.io/assets/index-unKym5lB.js.map9197.9 KB12373d ago
wallet.opensea.io/assets/index-C_N1jGkP.js.map9197.9 KB12375d ago
marketplace.auth0.com/_next/static/chunks/pages/_app-5472c689...5696.1 KB12136d ago
marketplace.auth0.com/_next/static/chunks/pages/index-f374b1d...0.5 KB17d ago
marketplace.auth0.com/_next/static/chunks/framework-67c9938e3...183.8 KB97d ago
wallet.opensea.io/assets/index-DGk1JYWX.js.map9197.9 KB12377d ago
marketplace.auth0.com/_next/static/chunks/webpack-5aadf7b0e00...13.4 KB217d ago
marketplace.auth0.com/_next/static/chunks/main-7e69766e8eff35...656.8 KB1347d ago
clients.adstruc.com/static/js/main.45ab4b31.js.map15953.6 KB21417d ago
wallet.opensea.io/assets/index-BWT8Nbv7.js.map9197.9 KB12377d ago
🔧Recent High-Signal GitHub Commits (EYE 4) 13 of 23 watched repos
RepoLabelSHAMessageCommitted
anza-xyz/solana-sdksecuritycbc1ecfe4375[BLS] update screening doc; improve security boundary (#709)16h ago
coinbase/smart-walletsecuritye7fde11a50faAdd SECURITY.md (#167)16d ago
Uniswap/v4-peripherygeneric_bypass9dafaaecc1e2fix: pin npm to specific version in deploy workflow (#520)42d ago
babylonlabs-io/babylonsecurityd00e68415909chore(deps): bump google.golang.org/grpc from 1.77.0 to 1.79.3 in the go_modules group acr51d ago
babylonlabs-io/babylonsecurity65d793a0a8b8ci: enhance backport workflow security (#1977)59d ago
Uniswap/UniswapXsecurity9c8f9017a694fix: resolve zizmor GitHub Actions security findings (#362)65d ago
Uniswap/v4-peripherysecuritycfa74b47304dfix: resolve zizmor GitHub Actions security findings (#515)65d ago
babylonlabs-io/babylonsecurity0a2d17d8df02chore(deps): bump the go_modules group across 1 directory with 4 updates (#1974)73d ago
dydxprotocol/v4-chainsecurity07b2c964e689upgrade cometbft and cosmos-sdk for tachyon security fix (#3320)108d ago
Uniswap/UniswapXsecurity687d9e122082fix(DCA): dca allocation bug (#360)111d ago
Uniswap/UniswapXsecurity898d71736220ci: integrate Nethermind Audit Agent for automated security scanning (#357)113d ago
Truelayer/truelayer-signingsecurity868e7e7c04baBump Python library from 0.3.7 to 0.3.8 (#343)300d ago
Uniswap/v4-coresecurity5f00c8416c19Safer readme example (#961)407d ago
⚖️Sherlock Contest Watcher (EYE 11) 0 active / 297 tracked / $0 active pool

Top active contests

TitlePoolStatusEnds
No active Sherlock contests right now.

Recent state transitions

TitleTransitionPoolDetected
No Sherlock transitions yet.
🏆Cantina Contest Watcher (EYE 12) 0 active / 142 tracked / $0 active pool

Top active contests

TitlePoolStatusEnds
No active Cantina contests right now.

Recent state transitions

TitleTransitionPoolDetected
Royco Dawnjudging -> complete$50,0003d ago
🏢Vendor Clusters 9
ClusterMembers
FDJ-Kindred16
ByteDance-TLB8
Atlassian-Edge7
Salesforce-Experience-Cloud6
Apple-Geneva-Staging5
Intergamma4
IDnow2
Mozilla-allizom-Staging2
AutoDiscovered-GitRepo-intergamma/shopfront2
🔄Recent State Transitions 10
HostNoteDetected
-state changed suspended->active1d ago
-state changed suspended->active2d ago
-state changed suspended->active2d ago
-state changed active->suspended (feed-membership)3d ago
-state changed active->suspended (feed-membership)3d ago
-state changed active->suspended (feed-membership)3d ago
-state changed active->suspended (feed-membership)3d ago
-state changed active->suspended3d ago
🧠BRAIN State (Cycle 75) 4
EventDetail
[2026-05-15T08:30:01Z] BRAIN v1 tick complete: signals=6 R0=0 R1=0 R2=0 R3=0 R4=0 (retest passed=0 failed=0) R5=0 R6=0 R7=0
FIRED[2026-05-11T16:30:02Z] R3 fired: lululemon@bugcrowd - 13 Tier-3 signals in 24h
FIRED[2026-05-11T16:30:02Z] R3 fired: ferrero@hackerone - 32 Tier-3 signals in 24h
FIRED[2026-05-12T16:30:02Z] R3 fired: ion@hackerone - 100 Tier-3 signals in 24h
FIRED[2026-05-14T02:30:02Z] R3 fired: seek-com@bugcrowd - 18 Tier-3 signals in 24h
🎯Skill Ecosystem 13
SkillVersionStatus
audit-documented-safety-net-checkv??
cross-bridge-reconciliation-primitivesv0.3PRODUCTION
deep-invariant-analysisv??
hyperevm-audit-primitivesv0.3PRODUCTION
natspec-implementation-drift-checkv0.4PRODUCTION
securva-operational-securityv??
skeptic-gate-7-automatorv0.1PRODUCTION
skill-to-eye-translatorv0.2PRODUCTION
solana-audit-primitivesv0.4PRODUCTION
sub-agent-parallel-explorerv0.1PRODUCTION
submission-approval-tg-routerv0.1PRODUCTION
submission-body-templaterv0.1PRODUCTION
web2-differential-testingv??
💰Pre-Banked Inventory 5
CandidateTargetSeverityPayout rangeOrigin
hybra-drift-a-testnet-constantsHybra FinanceCritical$100,000 - $500,000Cycle 30
hybra-drift-b-gauge-bypassHybra FinanceMedium$10,000 - $50,000Cycle 30
sukukfi-h01-unauthorized-withdrawSukukFiCritical$100,000 - $500,000Cycle 31
megapot-h01-arbitrary-bridge-callMegapotHigh$20,000 - $100,000Cycle 35
megapot-m08-payout-calculator-temporalMegapotMedium$5,000 - $50,000Cycle 69
👁EYE Ticker 18
EYEStatusLast fireLast line
eye1ok54 min ago[2026-05-15T08:05:03Z] EYE 1 tick complete: programs+=0 assets+=0 probes_fired=0 tier1_hits=0
eye10ok159 min ago[2026-05-15T06:20:30Z] EYE 10 tick complete: hosts=200 new_baselines=0 drifts=10 (issuer=0, san=0, cname=1, a-records=9)
eye11ok29 min ago[2026-05-15T08:30:17Z] tick complete: contests=297 new_signals=0 tier_1=0
eye12ok25 min ago[2026-05-15T08:35:01Z] tick complete: contests=142 new_signals=0 tier_1=0
eye13stale535 min ago[2026-05-15T00:04:52Z] EYE 13 scan done: 5 tier-1 + 3 tier-2 pattern hits (0 new across all targets)
eye14ok20 min ago[2026-05-15T08:40:01Z] tick complete: programs=66 new_signals=0 tier_1=0
eye15stale534 min ago[2026-05-15T00:05:42Z] EYE 15 scan done: 34 tier-1 + 111 tier-2 Solana primitive hits (0 new across all targets)
eye16stale529 min ago[2026-05-15T00:10:29Z] EYE 16 scan done: 51 tier-1 + 93 tier-2 HyperEVM primitive hits (0 new)
eye17stale524 min ago[2026-05-15T00:15:18Z] EYE 17 scan done: 3 tier-1 + 17 tier-2 cross-bridge primitive hits (0 new)
eye19ok159 min ago[2026-05-15T06:20:22Z] EYE 19 v0.2 scan done
eye2-watchdogold11080 min ago
eye2ok0 min ago[2026-05-15T08:59:31Z] [*] certstream connected
eye20ok154 min ago[2026-05-15T06:25:02Z] EYE 20 scan done
eye22ok149 min ago[2026-05-15T06:30:14Z] EYE 22 scan done
eye23ok134 min ago[2026-05-15T06:45:02Z] EYE 23 scan done
eye3ok296 min ago[2026-05-15T04:03:56Z] EYE 3 tick complete: hosts_scanned=100 new_recoveries=0 new_diffs=0 tier2_signals=0
eye4ok29 min ago[2026-05-15T08:30:08Z] EYE 4 tick complete: polled=22 errors=1 new_commits=0 high_signal=0
eye5ok179 min ago[2026-05-15T06:00:21Z] EYE 5 tick complete: members=52 new-baselines=0 drift=8 new-exposures=0
🏆Recent Cycle Wins 8
CycleVerdict
Cycle 96unknown
Cycle 96unknown
Cycle 96unknown
Cycle 96unknown
Cycle 95unknown
Cycle 95unknown
Cycle 95unknown
Cycle 95unknown
Cycle 95unknown
Cycle 92**0 SUBMISSIONS PASS 7/7 GATES.** All 3 Cycle 92 cascade claims (Renzo + EtherFi + Puffer) are EMPIRICALLY FALSE: Aave V3 Capped oracles use LRT-internal RATIO_PROVIDER which is INVARIANT to EigenLaye