Overview
Risk tags are specific indicators returned by the API that identify potential security issues, fraud patterns, or risk factors. Each tag includes a severity level and description.Token Risk Tags
Tags related to token contract security and manipulation risks.| Tag | Name | Description |
|---|---|---|
is_closed_source | Closed Source | Closed-sourced contracts may hide various unknown mechanisms and are extremely risky. It might also be a fake token, since most major tokens are open sourced. |
hidden_owner | Hidden Owner | Hidden ownership is used by developers to maintain ownership ability even after abandoning ownership, and is often an indicator of malicious intent. |
is_honeypot | Honeypot | A honeypot contract may prevent sale or transfer of tokens, or non-standard code, some honeypots contain seemingly vulnerable code to lure hackers. |
honeypot_with_same_creator | Honeypot | A honeypot contract may prevent sale or transfer of tokens, created by a known honeypot creator. |
buy_tax | Buy Tax | When buying a token, a buy tax will cause the actual token value received to be less than the amount paid. An excessive buy tax may lead to heavy losses. |
sell_tax | Sell Tax | A sell tax will cause the actual value received when selling a token to be less than expected. Too much sell tax may lead to large losses. |
slippage_modifiable | Slippage Modifiable | The contract owner can modify the buy tax or sell tax of the token. Some contracts have unlimited modifiable tax rates, which would make the token untradeable. |
is_blacklisted | Blacklisting | A blacklist function is included. The contract owner may add any address to the blacklist, preventing them from trading. |
is_whitelisted | Whitelisting | Whitelisting functionality allows specific addresses to make early transactions, tax-free, and not affected by transaction suspension. |
can_take_back_ownership | Reclaim Ownership | Ownership can be reclaimed after being abandoned, allowing risky functions to be reactivated. |
owner_change_balance | Change Balance | The owner can modify anyone’s balance, resulting in assets being changed or a massive minting and sell-off. |
is_airdrop_scam | Airdrop Scam | An airdrop scam attempts to get you to visit a fake project site and connect your wallet to steal your funds. |
trust_list | Trusted | This asset is a trusted, widely known project, and is verified as authentic. |
is_fake_token | Fake Token | This asset is an unauthentic knockoff for an existing project. |
illegal_unicode | Deceptive Token | The name or symbol contains unicode characters that appear deceptively similar to letters. Often used to spoof real tokens. |
exploitation | Exploitation | This asset has been exploited in the past and may be vulnerable to future exploits. |
anti_whale_modifiable | Anti Whale Modifiable | The maximum transaction amount or token position for a single address can be modified at any time. |
is_anti_whale | Anti Whale | The contract limits the maximum transaction amount or token position, often to prevent price manipulation. |
non-transferable | Non Transferable | Tokens cannot be transferred between addresses, limiting utility and liquidity. |
not-renounce | Not Renouncable | The owner cannot renounce ownership, limiting decentralization. |
freezeable | Freezeable | Token transfers can be frozen by a central authority, posing censorship or manipulation risk. |
mintable | Mintable | Tokens can be created by the minter, introducing inflationary risks if not properly controlled. |
mutable-metadata | Mutable Metadata | Token metadata can be modified, potentially leading to misinformation or manipulation. |
Token Age Tags
| Tag | Name | Description |
|---|---|---|
minted-less-than-10-minutes | Token Too New | Tokens minted within 10 minutes, potentially suspicious. |
minted-less-than-1-hour | Token Too New | Tokens minted within 1 hour, potentially suspicious. |
minted-less-than-1-day | Token Too New | Tokens minted within 1 day, potentially suspicious. |
Ownership Concentration Tags
| Tag | Name | Description |
|---|---|---|
top-10-holders-own-90-percent | Unbalanced Ownership | Top 10 holders control 90% of supply, high manipulation risk. |
top-10-holders-own-50-percent | Unbalanced Ownership | Top 10 holders control 50% of supply, moderate manipulation risk. |
top-10-holders-own-20-percent | Unbalanced Ownership | Top 10 holders control 20% of supply, some concentration risk. |
minter-own-90-percent | Unbalanced Ownership (Minter) | Minter holds 90% of supply. |
minter-own-50-percent | Unbalanced Ownership (Minter) | Minter holds 50% of supply. |
minter-own-20-percent | Unbalanced Ownership (Minter) | Minter holds 20% of supply. |
owner-own-90-percent | Unbalanced Ownership (Owner) | Owner holds 90% of supply. |
owner-own-50-percent | Unbalanced Ownership (Owner) | Owner holds 50% of supply. |
owner-own-20-percent | Unbalanced Ownership (Owner) | Owner holds 20% of supply. |
update-authority-own-90-percent | Unbalanced Ownership (Updater) | Update authority holds 90% of supply. |
update-authority-own-50-percent | Unbalanced Ownership (Updater) | Update authority holds 50% of supply. |
update-authority-own-20-percent | Unbalanced Ownership (Updater) | Update authority holds 20% of supply. |
Rugpull Tags
| Tag | Name | Description |
|---|---|---|
minter-rugged | Minter is Rugpuller | The minter has executed a rugpull. |
minter-multiple-rugged | Minter is Repeat Rugpuller | Multiple rugpulls associated with the minter. |
owner-rugged | Owner is Rugpuller | The owner has executed a rugpull. |
owner-multiple-rugged | Owner is Repeat Rugpuller | Multiple rugpulls by the owner. |
update-authority-rugged | Updater is Rugpuller | The update authority has conducted a rugpull. |
update-authority-multiple-rugged | Updater is Repeat Rugpuller | Multiple rugpulls by update authorities. |
top-10-holders-rugged | Top Holders are Rugpullers | Top holders have executed rugpulls. |
top-10-holders-multiple-rugged | Top Holders are Rugpullers | Top holders have executed multiple rugpulls. |
Associated Risk Tags (Minter)
| Tag | Name | Description |
|---|---|---|
minter-hacker | Minter is Hacker | The minter has been compromised by hackers. |
minter-ofac | Minter is Sanctioned | Minter involved with OFAC-sanctioned entities. |
minter-drainer | Minter is Drainer | The minter is draining funds or assets. |
minter-mixer | Minter is Mixer | Minter involved in mixing/tumbling schemes. |
minter-fixedfloat | Minter is Mixer | Minter has unusual FixedFloat volume. |
minter-simpleswap | Minter is Mixer | Minter has unusual SimpleSwap volume. |
minter-fundflow-hacker | Minter Funds Hackers | Minter fund flow linked to hackers. |
minter-fundflow-ofac | Minter Funds Sanctioned | Minter fund flow involves sanctioned entities. |
minter-fundflow-drainer | Minter Funds Drainers | Minter fund flow involves drainers. |
minter-fundflow-mixer | Minter Funds Mixers | Minter fund flow involves mixers. |
Associated Risk Tags (Owner)
| Tag | Name | Description |
|---|---|---|
owner-hacker | Owner is Hacker | The owner has been compromised by hackers. |
owner-ofac | Owner is Sanctioned | Owner involved with OFAC-sanctioned entities. |
owner-drainer | Owner is Drainer | The owner is draining funds or assets. |
owner-mixer | Owner is Mixer | Owner involved in mixing/tumbling schemes. |
owner-fundflow-hacker | Owner Funds Hackers | Owner fund flow linked to hackers. |
owner-fundflow-ofac | Owner Funds Sanctioned | Owner fund flow involves sanctioned entities. |
owner-fundflow-drainer | Owner Funds Drainers | Owner fund flow involves drainers. |
owner-fundflow-mixer | Owner Funds Mixers | Owner fund flow involves mixers. |
Associated Risk Tags (Update Authority)
| Tag | Name | Description |
|---|---|---|
update-authority-hacker | Updater is Hacker | Update authority compromised by hackers. |
update-authority-ofac | Updater is Sanctioned | Update authority involved with sanctioned entities. |
update-authority-drainer | Updater is Drainer | Update authority is draining funds. |
update-authority-mixer | Updater is Mixer | Update authority involved in mixing schemes. |
update-authority-fundflow-hacker | Updater Funds Hackers | Update authority fund flow linked to hackers. |
update-authority-fundflow-ofac | Updater Funds Sanctioned | Update authority fund flow involves sanctioned entities. |
update-authority-fundflow-drainer | Updater Funds Drainers | Update authority fund flow involves drainers. |
update-authority-fundflow-mixer | Updater Funds Mixers | Update authority fund flow involves mixers. |
Associated Risk Tags (Top Holders)
| Tag | Name | Description |
|---|---|---|
top-10-holders-hacker | Top Holders are Hackers | Top holders may be hackers. |
top-10-holders-ofac | Top Holders are Sanctioned | Top holders involved with sanctioned entities. |
top-10-holders-drainer | Top Holders are Drainers | Top holders involved in draining funds. |
top-10-holders-fundflow-hacker | Top Holders Fund Hackers | Top holders fund flow linked to hackers. |
top-10-holders-fundflow-ofac | Top Holders Fund Sanctioned | Top holders fund flow involves sanctioned entities. |
top-10-holders-fundflow-drainer | Top Holders Fund Drainers | Top holders fund flow involves drainers. |
top-10-holders-fundflow-mixer | Top Holders Fund Mixers | Top holders fund flow involves mixers. |
Address Risk Tags
Tags related to wallet address behavior and associations.| Tag | Name | Description |
|---|---|---|
drainer | Drainer | Address related to drainer activity that automates draining assets. |
hacker | Hacker | Address associated with hacking or at risk of being a hacker. |
mixer | Mixer | Coin mixer address. Interacting may result in your address being flagged. |
sanctioned | Sanctioned | Sanctioned activity reported by world authorities. |
cybercrime | Cybercrime | Address has committed cybercrimes reported by authorities. |
financial_crime | Financial Crime | Connected with financial crime. Avoid DEX interaction. |
stealing_attack | Theft | Involved in theft. Do not send anything to this address. |
money_laundering | Money Laundering | Involved in money laundering and may be attached to criminal activity. |
phishing_activities | Phishing | Involved in phishing activities. Proceed with extreme caution. |
blackmail_activities | Blackmail | Potentially involved in illegal blackmail activity. |
darkweb_transactions | Darkweb | Spotted interacting with darkweb actors. |
honeypot_related_address | Honeypot | Honeypot address that traps unsuspecting wallets. |
malicious_mining_activities | Malicious Miner | Miner that has performed malicious mining and AMM activity. |
number_of_malicious_contracts_created | Malicious Contracts | Associated with malicious smart contracts. Avoid at all costs. |
fake_kyc | KYC Fail | Fails to meet KYC standards (too new, too few transactions). |
blacklist_doubt | Possible Blacklist | Reported numerous times as dangerous. Proceed with caution. |
Contract Risk Tags
Tags related to smart contract vulnerabilities and security issues.Reentrancy Vulnerabilities
| Tag | Name | Description |
|---|---|---|
reentrancy_with_eth_transfer | Reentrancy With ETH Transfer | Allows reentrancy attacks capable of withdrawing more ETH than deposited. |
reentrancy_without_eth_transfer | Reentrancy Without ETH Transfer | Vulnerable to reentrancy attacks on token transfers. |
reentrancy_same_effect | Reentrancy | Vulnerable to reentrancy attacks. |
pess_readonly_reentrancy | Readonly Reentrancy | Getter functions return values that could be manipulated during execution. |
Price Manipulation
| Tag | Name | Description |
|---|---|---|
price_manipulation_high | High Price Manipulation Risk | Contract has logic with high potential for price manipulation. |
price_manipulation_medium | Medium Price Manipulation Risk | Contract has logic with moderate potential for price manipulation. |
price_manipulation_low | Low Price Manipulation Risk | Contract has logic with low potential for price manipulation. |
Front Running
| Tag | Name | Description |
|---|---|---|
front_running_high | High Front Running Risk | Contract logic could be subject to front running. |
front_running_medium | Medium Front Running Risk | Contract logic could be subject to front running. |
front_running_low | Low Front Running Risk | Contract logic could be subject to front running. |
Centralization Risks
| Tag | Name | Description |
|---|---|---|
centralized_risk_high | High Centralization Risk | Contract may have drainer-like logic. |
centralized_risk_medium | Medium Centralization Risk | Contract may have drainer-like logic. |
centralized_risk_low | Minor Centralization Risk | Contract may have drainer-like logic. |
Minting Risks
| Tag | Name | Description |
|---|---|---|
mint_high | High Arbitrary Minting Risk | Logic could be manipulated to arbitrarily mint tokens. |
mint_low | Low Arbitrary Minting Risk | Logic could be manipulated to arbitrarily mint tokens. |
burn | Arbitrary Burning Risk | Logic could be manipulated to arbitrarily burn tokens. |
Integer Issues
| Tag | Name | Description |
|---|---|---|
integer_overflow | Integer Overflow | Contract susceptible to integer overflow. |
integer_underflow | Integer Underflow | Contract susceptible to integer underflow. |
Unchecked Operations
| Tag | Name | Description |
|---|---|---|
unchecked_lowlevel | Unchecked Low Level Call | Return value of low level call not checked. |
unchecked_send | Unchecked Send | Return value of send not checked. |
unchecked_transfer | Unchecked Transfer | Return value of transfer not checked. |
Self Destruct
| Tag | Name | Description |
|---|---|---|
selfdestruct | Self Destruct | Contract is self destructible. All functions become unavailable and assets erased. Susceptible to rug-pulls. |
suicidal | Self Destruct | Contract is self destructible. |
Arbitrary Operations
| Tag | Name | Description |
|---|---|---|
arbitrary_send_erc20 | Arbitrary Send ERC20 | Approval allows attacker to take tokens directly to their wallet. |
arbitrary_send_erc20_permit | Arbitrary Send ERC20 with Permit | TransferFrom allows attacker to transfer all approved tokens. |
arbitrary_send_eth | Arbitrary Send ETH | Unprotected call sending ETH to arbitrary address. |
Signature Issues
| Tag | Name | Description |
|---|---|---|
SWC_117 | Signature Malleability | Signature could be reused in unauthorized ways. |
SWC_121 | Replay Attack Vulnerability | Attackers can reuse your signature. |
SWC_122 | Lack of Signature Verification | Missing proper signature verification. |
pess_ecrecover | ECRecover Issue | Ecrecover returns 0 on error, must check result. |
Storage & State Issues
| Tag | Name | Description |
|---|---|---|
uninitialized_state | Uninitialized State | State variables are uninitialized. |
uninitialized_storage | Uninitialized Storage | Storage variables are uninitialized. |
unprotected_upgrade | Unprotected Upgrade | Contract can be self destructed and funds withdrawn. |
SWC_124 | Arbitrary Storage Write | Attacker can write to arbitrary storage locations. |
locked_ether | Locked Ether | Contract takes payment but has no withdraw function. |
Access Control
| Tag | Name | Description |
|---|---|---|
controlled_delegatecall | Controlled Delegatecall | Attacker can delegate to malicious contract. |
delegatecall_loop | Delegatecall Loop | Logic could be harmful on repeat. |
pess_unprotected_initialize | Unprotected Initialize | Initialize could be hijacked by attacker. |
pess_unprotected_setter | Unprotected Setter | Setter changes parameters without protection. |
pess_call_forward_to_protected | Call Forward to Protected | Low level calls to custom address could bypass access control. |
Other Contract Vulnerabilities
| Tag | Name | Description |
|---|---|---|
weak_prng | Weak PRNG | Randomness generation is weak and could be gamed by miners. |
rtlo | Right To Left Override | Unicode characters used to manipulate contract logic. No legitimate use case. |
shadowing_state | Shadowing State | Variable naming prevents setting certain variables. |
encode_packed_collision | Encode Packed Collision | Possibility of collisions overwriting data. |
incorrect_shift | Incorrect Shift | Incorrectly using bitshifting. |
k_value_error | K Value Error | K value error in swap/mint/burn functions. |
missing_zero_check | Missing Zero Check | No check for zero address, potentially bricking contract. |
pess_token_fallback | Token Fallback | Fallback function indicates potential reentrancy. |
pess_double_entry_token_alert | Double Entry Token | Token has two entry points that may cause misfunction. |
controlled_array_length | Controlled Array Length | Array length can be resized, allowing access to critical information. |
msg_value_loop | Msg.Value in Loop | Use of msg.value inside a loop. |
Wallet History Tags
Tags related to wallet age and activity.| Tag | Name | Description |
|---|---|---|
insufficient_wallet_age | Insufficient Age | Wallet is too new to pass KYW (Know Your Wallet) criteria. May indicate malicious creation. |
insufficient_wallet_balance | Insufficient Balance | Balance is below KYW criteria. May indicate a new wallet. |
insufficient_wallet_transactions | Insufficient Transactions | Too few transactions to pass KYW criteria. |
Chain-Specific Tags
Solana
| Tag | Name | Description |
|---|---|---|
impersonator | Impersonator | Someone is impersonating an entity related to the token. |
known-malicious-token | Known Malicious Token | Token is recognized as malicious. |
mutable-metadata | Mutable Metadata | Token metadata can be modified. |
TON
| Tag | Name | Description |
|---|---|---|
is_nonstandard_jetton | Non-standard Jetton | Jetton does not follow standard implementation. |
is_nonstandard_jetton_wallet | Non-standard Jetton Wallet | Jetton wallet does not follow standard implementation. |
Report Tags
| Tag | Name | Description |
|---|---|---|
valid_report | Reported | This address or contract has been reported by the community. |