> ## Documentation Index
> Fetch the complete documentation index at: https://docs.webacy.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Risk Tags Reference

> Browse the full Webacy risk tag reference including honeypot, mintable, freezeable, hidden owner, buy tax, sell tax, and scam token indicators.

## Overview

Risk tags are specific indicators returned by the API that identify potential security issues, fraud patterns, or risk factors. Each tag includes a severity level and description.

<Tip>
  Use the [modules parameter](/essentials/modules) to filter which risk tags are analyzed for your specific use case.
</Tip>

***

## Token Risk Tags

Tags related to token contract security and manipulation risks.

| Tag                            | Name                         | Description                                                                                                                                                     |
| ------------------------------ | ---------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `is_closed_source`             | Closed Source                | Closed-sourced contracts may hide various unknown mechanisms and are extremely risky. It might also be a fake token, since most major tokens are open sourced.  |
| `hidden_owner`                 | Hidden Owner                 | Hidden ownership is used by developers to maintain ownership ability even after abandoning ownership, and is often an indicator of malicious intent.            |
| `is_honeypot`                  | Honeypot                     | A honeypot contract may prevent sale or transfer of tokens, or non-standard code, some honeypots contain seemingly vulnerable code to lure hackers.             |
| `classic_honeypot`             | Classic Honeypot             | Token exhibits classic honeypot characteristics preventing normal buy/sell activity.                                                                            |
| `honeypot_with_same_creator`   | Honeypot (Same Creator)      | A honeypot contract created by a known honeypot creator.                                                                                                        |
| `buy_tax`                      | Buy Tax                      | When buying a token, a buy tax will cause the actual token value received to be less than the amount paid. An excessive buy tax may lead to heavy losses.       |
| `sell_tax`                     | Sell Tax                     | A sell tax will cause the actual value received when selling a token to be less than expected. Too much sell tax may lead to large losses.                      |
| `slippage_modifiable`          | Slippage Modifiable          | The contract owner can modify the buy tax or sell tax of the token. Some contracts have unlimited modifiable tax rates, which would make the token untradeable. |
| `personal_slippage_modifiable` | Personal Slippage Modifiable | The owner can modify slippage settings on a per-address basis, enabling targeted manipulation.                                                                  |
| `is_blacklisted`               | Blacklisting                 | A blacklist function is included. The contract owner may add any address to the blacklist, preventing them from trading.                                        |
| `is_whitelisted`               | Whitelisting                 | Whitelisting functionality allows specific addresses to make early transactions, tax-free, and not affected by transaction suspension.                          |
| `can_take_back_ownership`      | Reclaim Ownership            | Ownership can be reclaimed after being abandoned, allowing risky functions to be reactivated.                                                                   |
| `owner_change_balance`         | Change Balance               | The owner can modify anyone's balance, resulting in assets being changed or a massive minting and sell-off.                                                     |
| `is_airdrop_scam`              | Airdrop Scam                 | An airdrop scam attempts to get you to visit a fake project site and connect your wallet to steal your funds.                                                   |
| `trust_list`                   | Trusted                      | This asset is a trusted, widely known project, and is verified as authentic.                                                                                    |
| `is_fake_token`                | Fake Token                   | This asset is an unauthentic knockoff for an existing project.                                                                                                  |
| `is_true_token`                | Verified True Token          | Token has been verified as the authentic version of the project it claims to be.                                                                                |
| `is_scam`                      | Scam Token                   | Token has been identified as a scam.                                                                                                                            |
| `verified_listing`             | Verified Listing             | Token is verified on a recognized token listing platform.                                                                                                       |
| `illegal_unicode`              | Deceptive Token              | The name or symbol contains unicode characters that appear deceptively similar to letters. Often used to spoof real tokens.                                     |
| `exploitation`                 | Exploitation                 | This asset has been exploited in the past and may be vulnerable to future exploits.                                                                             |
| `anti_whale_modifiable`        | Anti Whale Modifiable        | The maximum transaction amount or token position for a single address can be modified at any time.                                                              |
| `is_anti_whale`                | Anti Whale                   | The contract limits the maximum transaction amount or token position, often to prevent price manipulation.                                                      |
| `non-transferable`             | Non Transferable             | Tokens cannot be transferred between addresses, limiting utility and liquidity.                                                                                 |
| `not-renounce`                 | Not Renounceable             | The owner cannot renounce ownership, limiting decentralization.                                                                                                 |
| `not-renounced`                | Not Renounced (alt)          | Alternate spelling — ownership has not been renounced.                                                                                                          |
| `freezeable`                   | Freezeable                   | Token transfers can be frozen by a central authority, posing censorship or manipulation risk.                                                                   |
| `freezable`                    | Freezable (alt)              | Alternate spelling — token transfers can be frozen by a central authority.                                                                                      |
| `mintable`                     | Mintable                     | Tokens can be created by the minter, introducing inflationary risks if not properly controlled.                                                                 |
| `is_mintable`                  | Mintable (alt)               | Alternate identifier — tokens can be created by the minter.                                                                                                     |
| `is_burnable`                  | Burnable                     | Tokens can be burned, which may be used to manipulate supply.                                                                                                   |
| `mutable-metadata`             | Mutable Metadata             | Token metadata can be modified, potentially leading to misinformation or manipulation.                                                                          |
| `transfer_without_approval`    | Transfer Without Approval    | Tokens can be transferred by the contract without the holder's approval.                                                                                        |
| `privileged_burn`              | Privileged Burn              | A privileged address can burn tokens held by other users without their consent.                                                                                 |
| `restricted_approval`          | Restricted Approval          | The token restricts which addresses can be approved as spenders, limiting composability.                                                                        |
| `oversupply_minting`           | Oversupply Minting           | Minting mechanisms allow the total supply to be expanded beyond intended limits.                                                                                |
| `trading_cooldown`             | Trading Cooldown             | A cooldown period is enforced between trades, which may restrict normal trading activity.                                                                       |
| `transfer_pausable`            | Transfer Pausable            | Token transfers can be paused by a central authority.                                                                                                           |
| `is_proxy`                     | Proxy Contract               | The token contract is a proxy, meaning implementation logic can be changed by the owner.                                                                        |
| `is_upgradeable`               | Upgradeable                  | The contract is upgradeable, allowing logic changes without deploying a new contract.                                                                           |
| `upgradeable_contract`         | Upgradeable Contract (alt)   | Alternate identifier — the contract logic can be upgraded by a privileged role.                                                                                 |
| `access_control`               | Access Control               | The contract uses explicit access control mechanisms that restrict certain functions to privileged addresses.                                                   |

### Token Age Tags

| Tag                           | Name          | Description                                              |
| ----------------------------- | ------------- | -------------------------------------------------------- |
| `minted-less-than-10-minutes` | Token Too New | Tokens minted within 10 minutes, potentially suspicious. |
| `minted-less-than-1-hour`     | Token Too New | Tokens minted within 1 hour, potentially suspicious.     |
| `minted-less-than-1-day`      | Token Too New | Tokens minted within 1 day, potentially suspicious.      |

### Ownership Concentration Tags

| Tag                               | Name                           | Description                                                       |
| --------------------------------- | ------------------------------ | ----------------------------------------------------------------- |
| `top-10-holders-own-10-percent`   | Unbalanced Ownership           | Top 10 holders control 10% of supply.                             |
| `top-10-holders-own-20-percent`   | Unbalanced Ownership           | Top 10 holders control 20% of supply, some concentration risk.    |
| `top-10-holders-own-30-percent`   | Unbalanced Ownership           | Top 10 holders control 30% of supply.                             |
| `top-10-holders-own-40-percent`   | Unbalanced Ownership           | Top 10 holders control 40% of supply.                             |
| `top-10-holders-own-50-percent`   | Unbalanced Ownership           | Top 10 holders control 50% of supply, moderate manipulation risk. |
| `top-10-holders-own-60-percent`   | Unbalanced Ownership           | Top 10 holders control 60% of supply.                             |
| `top-10-holders-own-70-percent`   | Unbalanced Ownership           | Top 10 holders control 70% of supply.                             |
| `top-10-holders-own-80-percent`   | Unbalanced Ownership           | Top 10 holders control 80% of supply.                             |
| `top-10-holders-own-90-percent`   | Unbalanced Ownership           | Top 10 holders control 90% of supply, high manipulation risk.     |
| `top-10-holders-own-100-percent`  | Total Concentration            | Top 10 holders control 100% of supply.                            |
| `minter-own-20-percent`           | Unbalanced Ownership (Minter)  | Minter holds 20% of supply.                                       |
| `minter-own-50-percent`           | Unbalanced Ownership (Minter)  | Minter holds 50% of supply.                                       |
| `minter-own-90-percent`           | Unbalanced Ownership (Minter)  | Minter holds 90% of supply.                                       |
| `owner-own-20-percent`            | Unbalanced Ownership (Owner)   | Owner holds 20% of supply.                                        |
| `owner-own-50-percent`            | Unbalanced Ownership (Owner)   | Owner holds 50% of supply.                                        |
| `owner-own-90-percent`            | Unbalanced Ownership (Owner)   | Owner holds 90% of supply.                                        |
| `update-authority-own-20-percent` | Unbalanced Ownership (Updater) | Update authority holds 20% of supply.                             |
| `update-authority-own-50-percent` | Unbalanced Ownership (Updater) | Update authority holds 50% of supply.                             |
| `update-authority-own-90-percent` | Unbalanced Ownership (Updater) | Update authority holds 90% of supply.                             |

### Rugpull Tags

| Tag                                | Name                              | Description                                   |
| ---------------------------------- | --------------------------------- | --------------------------------------------- |
| `minter-rugged`                    | Minter is Rugpuller               | The minter has executed a rugpull.            |
| `minter-multiple-rugged`           | Minter is Repeat Rugpuller        | Multiple rugpulls associated with the minter. |
| `owner-rugged`                     | Owner is Rugpuller                | The owner has executed a rugpull.             |
| `owner-multiple-rugged`            | Owner is Repeat Rugpuller         | Multiple rugpulls by the owner.               |
| `update-authority-rugged`          | Updater is Rugpuller              | The update authority has conducted a rugpull. |
| `update-authority-multiple-rugged` | Updater is Repeat Rugpuller       | Multiple rugpulls by update authorities.      |
| `top-10-holders-rugged`            | Top Holders are Rugpullers        | Top holders have executed rugpulls.           |
| `top-10-holders-multiple-rugged`   | Top Holders are Repeat Rugpullers | Top holders have executed multiple rugpulls.  |

### Associated Risk Tags (Minter)

| Tag                          | Name                    | Description                                    |
| ---------------------------- | ----------------------- | ---------------------------------------------- |
| `minter-hacker`              | Minter is Hacker        | The minter has been compromised by hackers.    |
| `minter-ofac`                | Minter is Sanctioned    | Minter involved with OFAC-sanctioned entities. |
| `minter-drainer`             | Minter is Drainer       | The minter is draining funds or assets.        |
| `minter-mixer`               | Minter is Mixer         | Minter involved in mixing/tumbling schemes.    |
| `minter-fixedfloat`          | Minter Uses FixedFloat  | Minter has unusual FixedFloat exchange volume. |
| `minter-simpleswap`          | Minter Uses SimpleSwap  | Minter has unusual SimpleSwap exchange volume. |
| `minter-fundflow-hacker`     | Minter Funds Hackers    | Minter fund flow linked to hackers.            |
| `minter-fundflow-ofac`       | Minter Funds Sanctioned | Minter fund flow involves sanctioned entities. |
| `minter-fundflow-drainer`    | Minter Funds Drainers   | Minter fund flow involves drainers.            |
| `minter-fundflow-mixer`      | Minter Funds Mixers     | Minter fund flow involves mixers.              |
| `minter-fundflow-fixedfloat` | Minter Funds FixedFloat | Minter fund flow linked to FixedFloat.         |
| `minter-fundflow-simpleswap` | Minter Funds SimpleSwap | Minter fund flow linked to SimpleSwap.         |

### Associated Risk Tags (Owner)

| Tag                         | Name                   | Description                                   |
| --------------------------- | ---------------------- | --------------------------------------------- |
| `owner-hacker`              | Owner is Hacker        | The owner has been compromised by hackers.    |
| `owner-ofac`                | Owner is Sanctioned    | Owner involved with OFAC-sanctioned entities. |
| `owner-drainer`             | Owner is Drainer       | The owner is draining funds or assets.        |
| `owner-mixer`               | Owner is Mixer         | Owner involved in mixing/tumbling schemes.    |
| `owner-fixedfloat`          | Owner Uses FixedFloat  | Owner has unusual FixedFloat exchange volume. |
| `owner-simpleswap`          | Owner Uses SimpleSwap  | Owner has unusual SimpleSwap exchange volume. |
| `owner-fundflow-hacker`     | Owner Funds Hackers    | Owner fund flow linked to hackers.            |
| `owner-fundflow-ofac`       | Owner Funds Sanctioned | Owner fund flow involves sanctioned entities. |
| `owner-fundflow-drainer`    | Owner Funds Drainers   | Owner fund flow involves drainers.            |
| `owner-fundflow-mixer`      | Owner Funds Mixers     | Owner fund flow involves mixers.              |
| `owner-fundflow-fixedfloat` | Owner Funds FixedFloat | Owner fund flow linked to FixedFloat.         |
| `owner-fundflow-simpleswap` | Owner Funds SimpleSwap | Owner fund flow linked to SimpleSwap.         |

### Associated Risk Tags (Update Authority)

| Tag                                    | Name                     | Description                                              |
| -------------------------------------- | ------------------------ | -------------------------------------------------------- |
| `update-authority-hacker`              | Updater is Hacker        | Update authority compromised by hackers.                 |
| `update-authority-ofac`                | Updater is Sanctioned    | Update authority involved with sanctioned entities.      |
| `update-authority-drainer`             | Updater is Drainer       | Update authority is draining funds.                      |
| `update-authority-mixer`               | Updater is Mixer         | Update authority involved in mixing schemes.             |
| `update-authority-fixedfloat`          | Updater Uses FixedFloat  | Update authority has unusual FixedFloat exchange volume. |
| `update-authority-simpleswap`          | Updater Uses SimpleSwap  | Update authority has unusual SimpleSwap exchange volume. |
| `update-authority-fundflow-hacker`     | Updater Funds Hackers    | Update authority fund flow linked to hackers.            |
| `update-authority-fundflow-ofac`       | Updater Funds Sanctioned | Update authority fund flow involves sanctioned entities. |
| `update-authority-fundflow-drainer`    | Updater Funds Drainers   | Update authority fund flow involves drainers.            |
| `update-authority-fundflow-mixer`      | Updater Funds Mixers     | Update authority fund flow involves mixers.              |
| `update-authority-fundflow-fixedfloat` | Updater Funds FixedFloat | Update authority fund flow linked to FixedFloat.         |
| `update-authority-fundflow-simpleswap` | Updater Funds SimpleSwap | Update authority fund flow linked to SimpleSwap.         |

### Associated Risk Tags (Top Holders)

| Tag                                  | Name                        | Description                                          |
| ------------------------------------ | --------------------------- | ---------------------------------------------------- |
| `top-10-holders-hacker`              | Top Holders are Hackers     | Top holders may be hackers.                          |
| `top-10-holders-ofac`                | Top Holders are Sanctioned  | Top holders involved with sanctioned entities.       |
| `top-10-holders-drainer`             | Top Holders are Drainers    | Top holders involved in draining funds.              |
| `top-10-holders-mixer`               | Top Holders are Mixers      | Top holders involved in mixing/tumbling schemes.     |
| `top-10-holders-fixedfloat`          | Top Holders Use FixedFloat  | Top holders have unusual FixedFloat exchange volume. |
| `top-10-holders-simpleswap`          | Top Holders Use SimpleSwap  | Top holders have unusual SimpleSwap exchange volume. |
| `top-10-holders-fundflow-hacker`     | Top Holders Fund Hackers    | Top holders fund flow linked to hackers.             |
| `top-10-holders-fundflow-ofac`       | Top Holders Fund Sanctioned | Top holders fund flow involves sanctioned entities.  |
| `top-10-holders-fundflow-drainer`    | Top Holders Fund Drainers   | Top holders fund flow involves drainers.             |
| `top-10-holders-fundflow-mixer`      | Top Holders Fund Mixers     | Top holders fund flow involves mixers.               |
| `top-10-holders-fundflow-fixedfloat` | Top Holders Fund FixedFloat | Top holders fund flow linked to FixedFloat.          |
| `top-10-holders-fundflow-simpleswap` | Top Holders Fund SimpleSwap | Top holders fund flow linked to SimpleSwap.          |

***

## Market Data & Liquidity Risks

Tags that flag abnormal market conditions, price behavior, or insufficient liquidity.

| Tag                            | Name                         | Description                                                                                                                                                             |
| ------------------------------ | ---------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `volatility`                   | High Volatility              | 24-hour price change dropped below −70%, or the spread between the all-time high and all-time low within a single day exceeds 70%. Indicates extreme price instability. |
| `market_cap`                   | Market Cap Risk              | Token has an unusually low or suspicious market capitalization relative to its trading activity.                                                                        |
| `is_in_dex`                    | Listed on DEX                | Token is actively listed and tradeable on a decentralized exchange.                                                                                                     |
| `cannot_buy`                   | Cannot Buy                   | Token cannot be purchased on-chain, consistent with a honeypot or broken contract.                                                                                      |
| `low-liquidity`                | Low Liquidity                | Overall liquidity for the token is below a safe threshold, increasing slippage and exit risk.                                                                           |
| `low-pool-liquidity`           | Low Pool Liquidity           | The primary liquidity pool has insufficient depth to support normal trading.                                                                                            |
| `low-holder-count`             | Low Holder Count             | Very few unique addresses hold the token, increasing concentration and manipulation risk.                                                                               |
| `token-too-new`                | Token Too New                | Token was launched very recently, with insufficient trading history to assess risk.                                                                                     |
| `extreme-holder-concentration` | Extreme Holder Concentration | An extreme proportion of supply is concentrated in very few addresses.                                                                                                  |
| `first-buyer-dominance`        | First Buyer Dominance        | The earliest buyers hold a disproportionate share of supply, suggesting coordinated accumulation.                                                                       |
| `missing-sniper-analysis`      | Missing Sniper Analysis      | Sniper/bot activity data is unavailable for this token.                                                                                                                 |
| `high_concentration_risk`      | High Concentration Risk      | Supply is concentrated in a small number of addresses at a level that poses significant manipulation risk.                                                              |
| `suspicious_accumulation`      | Suspicious Accumulation      | Accumulation patterns in wallet activity suggest coordinated or manipulative buying behavior.                                                                           |

***

## Liquidity / LP Analysis Tags

Tags that describe the structure and health of the token's liquidity pool positions.

| Tag                      | Name                   | Description                                                                                 |
| ------------------------ | ---------------------- | ------------------------------------------------------------------------------------------- |
| `unlocked-liquidity`     | Unlocked Liquidity     | Liquidity pool tokens are not locked, meaning the creator can remove liquidity at any time. |
| `lp_holder_count`        | LP Holder Count        | Informational — the number of unique addresses holding liquidity pool tokens.               |
| `low-lp-holder-count`    | Low LP Holder Count    | Very few addresses hold LP tokens, concentrating liquidity control.                         |
| `lp_total_supply`        | LP Total Supply        | Informational — the total supply of liquidity pool tokens.                                  |
| `lp-whale-concentration` | LP Whale Concentration | A small number of addresses hold a dominant share of liquidity pool tokens.                 |
| `creator_balance`        | Creator Balance        | Informational — the current token balance held by the creator address.                      |
| `creator_percent`        | Creator Percent        | Informational — the percentage of total supply held by the creator.                         |
| `owner_balance`          | Owner Balance          | Informational — the current token balance held by the owner address.                        |
| `owner_percent`          | Owner Percent          | Informational — the percentage of total supply held by the owner address.                   |

***

## Address Risk Tags

Tags related to wallet address behavior and associations.

| Tag                                     | Name                           | Description                                                                                               |
| --------------------------------------- | ------------------------------ | --------------------------------------------------------------------------------------------------------- |
| `drainer`                               | Drainer                        | Address related to drainer activity that automates draining assets.                                       |
| `hacker`                                | Hacker                         | Address associated with hacking or at risk of being a hacker.                                             |
| `mixer`                                 | Mixer                          | Coin mixer address. Interacting may result in your address being flagged.                                 |
| `sanctioned`                            | Sanctioned                     | Sanctioned activity reported by world authorities.                                                        |
| `cybercrime`                            | Cybercrime                     | Address has committed cybercrimes reported by authorities.                                                |
| `financial_crime`                       | Financial Crime                | Connected with financial crime. Avoid DEX interaction.                                                    |
| `stealing_attack`                       | Theft                          | Involved in theft. Do not send anything to this address.                                                  |
| `money_laundering`                      | Money Laundering               | Involved in money laundering and may be attached to criminal activity.                                    |
| `phishing_activities`                   | Phishing                       | Involved in phishing activities. Proceed with extreme caution.                                            |
| `blackmail_activities`                  | Blackmail                      | Potentially involved in illegal blackmail activity.                                                       |
| `darkweb_transactions`                  | Darkweb                        | Spotted interacting with darkweb actors.                                                                  |
| `honeypot_related_address`              | Honeypot                       | Honeypot address that traps unsuspecting wallets.                                                         |
| `malicious_mining_activities`           | Malicious Miner                | Miner that has performed malicious mining and AMM activity.                                               |
| `number_of_malicious_contracts_created` | Malicious Contracts            | Associated with malicious smart contracts. Avoid at all costs.                                            |
| `fake_kyc`                              | KYC Fail                       | Fails to meet KYC standards (too new, too few transactions).                                              |
| `blacklist_doubt`                       | Possible Blacklist             | Reported numerous times as dangerous. Proceed with caution.                                               |
| `wash_trading`                          | Wash Trading                   | Address has exhibited wash trading behavior, inflating apparent transaction volume.                       |
| `automated_trading`                     | Automated Trading              | Address behavior is consistent with automated or bot-driven trading.                                      |
| `deployed_high_volatility_token`        | Deployed High Volatility Token | Address has previously deployed tokens that exhibited extreme price volatility.                           |
| `fund_flow_issues`                      | Fund Flow Issues               | Address fund flow patterns raise concerns about the source or destination of funds.                       |
| `address_poisoning`                     | Address Poisoning              | Address has been involved in address poisoning attacks, sending look-alike transactions to mislead users. |
| `spam`                                  | Spam                           | Address is associated with spam token or transaction activity.                                            |
| `spam_domain`                           | Spam Domain                    | Address is linked to a domain associated with spam or scam operations.                                    |
| `associated_hacker`                     | Associated with Hacker         | Address has fund flow connections to known hacker addresses.                                              |
| `associated_drainer`                    | Associated with Drainer        | Address has fund flow connections to known drainer addresses.                                             |
| `associated_mixer`                      | Associated with Mixer          | Address has fund flow connections to known mixer addresses.                                               |
| `associated_sanctioned`                 | Associated with Sanctioned     | Address has fund flow connections to sanctioned entities.                                                 |
| `associated_tornado`                    | Associated with Tornado Cash   | Address has fund flow connections to Tornado Cash.                                                        |
| `tornado`                               | Tornado Cash                   | Address has directly interacted with Tornado Cash.                                                        |

***

## Sanctions Compliance Tags

Tags that indicate an address is subject to formal sanctions or stablecoin issuer denylists.

<Note>
  The `sanctioned` tag appears in both Address Risk Tags and here. When you see it under sanctions compliance context, it specifically reflects OFAC or other regulatory lists.
</Note>

| Tag               | Name            | Description                                                                                                 |
| ----------------- | --------------- | ----------------------------------------------------------------------------------------------------------- |
| `ofac_sanctioned` | OFAC Sanctioned | Address is on the U.S. Treasury OFAC Specially Designated Nationals list.                                   |
| `open_sanctions`  | OpenSanctions   | Address appears in the OpenSanctions database, covering international regulatory and law enforcement lists. |
| `usdt_banned`     | USDT Banned     | Address is on the Tether (USDT) issuer's denylist and cannot transact in that stablecoin.                   |
| `usdc_banned`     | USDC Banned     | Address is on the USDC issuer's denylist and cannot transact in that stablecoin.                            |
| `eurc_banned`     | EURC Banned     | Address is on the EURC issuer's denylist and cannot transact in that stablecoin.                            |
| `busd_banned`     | BUSD Banned     | Address is on the BUSD issuer's denylist and cannot transact in that stablecoin.                            |
| `pyusd_banned`    | PYUSD Banned    | Address is on the PayPal USD (PYUSD) issuer's denylist and cannot transact in that stablecoin.              |
| `usdp_banned`     | USDP Banned     | Address is on the Pax Dollar (USDP) issuer's denylist and cannot transact in that stablecoin.               |

***

## Contract Risk Tags

Tags related to smart contract vulnerabilities and security issues.

### Reentrancy Vulnerabilities

| Tag                               | Name                            | Description                                                                |
| --------------------------------- | ------------------------------- | -------------------------------------------------------------------------- |
| `reentrancy_with_eth_transfer`    | Reentrancy With ETH Transfer    | Allows reentrancy attacks capable of withdrawing more ETH than deposited.  |
| `reentrancy_without_eth_transfer` | Reentrancy Without ETH Transfer | Vulnerable to reentrancy attacks on token transfers.                       |
| `reentrancy_same_effect`          | Reentrancy                      | Vulnerable to reentrancy attacks.                                          |
| `reentrancy`                      | Reentrancy (General)            | General reentrancy vulnerability detected in the contract.                 |
| `reentrancy_no_eth`               | Reentrancy (No ETH)             | Reentrancy vulnerability that does not involve ETH transfers.              |
| `pess_readonly_reentrancy`        | Readonly Reentrancy             | Getter functions return values that could be manipulated during execution. |

### Price Manipulation

| Tag                         | Name                           | Description                                                        |
| --------------------------- | ------------------------------ | ------------------------------------------------------------------ |
| `price_manipulation_high`   | High Price Manipulation Risk   | Contract has logic with high potential for price manipulation.     |
| `price_manipulation_medium` | Medium Price Manipulation Risk | Contract has logic with moderate potential for price manipulation. |
| `price_manipulation_low`    | Low Price Manipulation Risk    | Contract has logic with low potential for price manipulation.      |

### Front Running

| Tag                    | Name                      | Description                                       |
| ---------------------- | ------------------------- | ------------------------------------------------- |
| `front_running_high`   | High Front Running Risk   | Contract logic could be subject to front running. |
| `front_running_medium` | Medium Front Running Risk | Contract logic could be subject to front running. |
| `front_running_low`    | Low Front Running Risk    | Contract logic could be subject to front running. |

### Centralization Risks

| Tag                       | Name                       | Description                           |
| ------------------------- | -------------------------- | ------------------------------------- |
| `centralized_risk_high`   | High Centralization Risk   | Contract may have drainer-like logic. |
| `centralized_risk_medium` | Medium Centralization Risk | Contract may have drainer-like logic. |
| `centralized_risk_low`    | Minor Centralization Risk  | Contract may have drainer-like logic. |

### Minting Risks

| Tag         | Name                        | Description                                            |
| ----------- | --------------------------- | ------------------------------------------------------ |
| `mint_high` | High Arbitrary Minting Risk | Logic could be manipulated to arbitrarily mint tokens. |
| `mint_low`  | Low Arbitrary Minting Risk  | Logic could be manipulated to arbitrarily mint tokens. |
| `burn`      | Arbitrary Burning Risk      | Logic could be manipulated to arbitrarily burn tokens. |

### Integer Issues

| Tag                        | Name                       | Description                                                       |
| -------------------------- | -------------------------- | ----------------------------------------------------------------- |
| `integer_overflow`         | Integer Overflow           | Contract susceptible to integer overflow.                         |
| `integer_underflow`        | Integer Underflow          | Contract susceptible to integer underflow.                        |
| `detect_integer_underflow` | Detected Integer Underflow | Static analysis detected a potential integer underflow condition. |

### Unchecked Operations

| Tag                  | Name                     | Description                                 |
| -------------------- | ------------------------ | ------------------------------------------- |
| `unchecked_lowlevel` | Unchecked Low Level Call | Return value of low level call not checked. |
| `unchecked_send`     | Unchecked Send           | Return value of send not checked.           |
| `unchecked_transfer` | Unchecked Transfer       | Return value of transfer not checked.       |

### Self Destruct

| Tag            | Name                | Description                                                                                                  |
| -------------- | ------------------- | ------------------------------------------------------------------------------------------------------------ |
| `selfdestruct` | Self Destruct       | Contract is self destructible. All functions become unavailable and assets erased. Susceptible to rug-pulls. |
| `suicidal`     | Self Destruct (alt) | Contract is self destructible.                                                                               |

### Arbitrary Operations

| Tag                           | Name                             | Description                                                                             |
| ----------------------------- | -------------------------------- | --------------------------------------------------------------------------------------- |
| `arbitrary_send_erc20`        | Arbitrary Send ERC20             | Approval allows attacker to take tokens directly to their wallet.                       |
| `arbitrary_send_erc20_permit` | Arbitrary Send ERC20 with Permit | TransferFrom allows attacker to transfer all approved tokens.                           |
| `arbitrary_send_eth`          | Arbitrary Send ETH               | Unprotected call sending ETH to arbitrary address.                                      |
| `arbitrary_transfer_from`     | Arbitrary Transfer From          | Contract can execute transferFrom to an arbitrary address without proper authorization. |
| `arbitrary_transfer_to`       | Arbitrary Transfer To            | Contract can transfer tokens to an arbitrary destination address.                       |

### Signature Issues

| Tag              | Name                           | Description                                                                                                     |
| ---------------- | ------------------------------ | --------------------------------------------------------------------------------------------------------------- |
| `SWC_117`        | Signature Malleability         | Signature could be reused in unauthorized ways. See [SWC Registry Codes](#swc-registry-codes) for full details. |
| `SWC_121`        | Replay Attack Vulnerability    | Attackers can reuse your signature. See [SWC Registry Codes](#swc-registry-codes).                              |
| `SWC_122`        | Lack of Signature Verification | Missing proper signature verification. See [SWC Registry Codes](#swc-registry-codes).                           |
| `pess_ecrecover` | ECRecover Issue                | Ecrecover returns 0 on error, must check result.                                                                |
| `digital_sig`    | Digital Signature Issue        | Contract has a digital signature implementation issue that may allow signature reuse or bypass.                 |

### Storage & State Issues

| Tag                              | Name                           | Description                                                                                       |
| -------------------------------- | ------------------------------ | ------------------------------------------------------------------------------------------------- |
| `uninitialized_state`            | Uninitialized State            | State variables are uninitialized.                                                                |
| `uninitialized_storage`          | Uninitialized Storage          | Storage variables are uninitialized.                                                              |
| `uninitialized_local`            | Uninitialized Local            | Local variables are used before being initialized.                                                |
| `state_variable_not_initialized` | State Variable Not Initialized | A state variable is declared but never initialized, which may lead to unexpected default values.  |
| `storage_array`                  | Storage Array Issue            | Improper handling of a storage array that may allow unintended data modification.                 |
| `protected_vars`                 | Protected Variables            | Variables are marked as protected in a way that may be bypassable.                                |
| `unprotected_upgrade`            | Unprotected Upgrade            | Contract can be self destructed and funds withdrawn.                                              |
| `SWC_124`                        | Arbitrary Storage Write        | Attacker can write to arbitrary storage locations. See [SWC Registry Codes](#swc-registry-codes). |
| `locked_ether`                   | Locked Ether                   | Contract takes payment but has no withdraw function.                                              |

### Access Control

| Tag                              | Name                      | Description                                                    |
| -------------------------------- | ------------------------- | -------------------------------------------------------------- |
| `controlled_delegatecall`        | Controlled Delegatecall   | Attacker can delegate to malicious contract.                   |
| `delegatecall_loop`              | Delegatecall Loop         | Logic could be harmful on repeat.                              |
| `pess_unprotected_initialize`    | Unprotected Initialize    | Initialize could be hijacked by attacker.                      |
| `pess_unprotected_setter`        | Unprotected Setter        | Setter changes parameters without protection.                  |
| `pess_call_forward_to_protected` | Call Forward to Protected | Low level calls to custom address could bypass access control. |

### Other Contract Vulnerabilities

| Tag                             | Name                        | Description                                                                                                |
| ------------------------------- | --------------------------- | ---------------------------------------------------------------------------------------------------------- |
| `weak_prng`                     | Weak PRNG                   | Randomness generation is weak and could be gamed by miners.                                                |
| `rtlo`                          | Right To Left Override      | Unicode characters used to manipulate contract logic. No legitimate use case.                              |
| `shadowing_state`               | Shadowing State             | Variable naming prevents setting certain variables.                                                        |
| `encode_packed_collision`       | Encode Packed Collision     | Possibility of collisions overwriting data.                                                                |
| `incorrect_shift`               | Incorrect Shift             | Incorrectly using bitshifting.                                                                             |
| `k_value_error`                 | K Value Error               | K value error in swap/mint/burn functions.                                                                 |
| `missing_zero_check`            | Missing Zero Check          | No check for zero address, potentially bricking contract.                                                  |
| `pess_token_fallback`           | Token Fallback              | Fallback function indicates potential reentrancy.                                                          |
| `pess_double_entry_token_alert` | Double Entry Token          | Token has two entry points that may cause misfunction.                                                     |
| `controlled_array_length`       | Controlled Array Length     | Array length can be resized, allowing access to critical information.                                      |
| `msg_value_loop`                | Msg.Value in Loop           | Use of msg.value inside a loop.                                                                            |
| `timestamp`                     | Timestamp Dependence        | Contract relies on block timestamp for critical logic, which miners can manipulate slightly.               |
| `external_call`                 | External Call               | Contract makes an external call that may introduce reentrancy or unexpected behavior.                      |
| `external_dependencies`         | External Dependencies       | Contract depends on external contracts whose behavior could change or be compromised.                      |
| `external_function`             | External Function           | A function is marked external where visibility may allow unintended external access.                       |
| `obsolete_calls`                | Obsolete Calls              | Contract uses deprecated or obsolete Solidity calls or patterns.                                           |
| `tx_origin`                     | Tx.Origin Usage             | Contract uses tx.origin for authorization, which can be bypassed by phishing attacks.                      |
| `mapping_deletion`              | Mapping Deletion            | Deleting a struct containing a mapping does not clear the mapping, leaving residual data.                  |
| `divide_before_multiply`        | Divide Before Multiply      | Division before multiplication can cause precision loss due to integer truncation.                         |
| `incorrect_equality`            | Incorrect Equality          | Strict equality checks on values that may never match exactly, causing logic to never execute.             |
| `incorrect_exp`                 | Incorrect Exponentiation    | Use of `^` as exponentiation (it is XOR in Solidity) rather than `**`.                                     |
| `incorrect_return`              | Incorrect Return            | A low-level call or assembly block has an incorrect return that may halt execution unexpectedly.           |
| `incorrect_inheritance_order`   | Incorrect Inheritance Order | Contract inheritance order causes unexpected function resolution (C3 linearization issue).                 |
| `incorrect_modifier`            | Incorrect Modifier          | A modifier does not execute the function body or placeholder, causing functions to silently do nothing.    |
| `incorrect_constructor_name`    | Incorrect Constructor Name  | A function named identically to the contract (old constructor pattern) may be callable by anyone.          |
| `immutable_states`              | Immutable States            | State variables that should be immutable are not declared as such, increasing risk of unintended mutation. |
| `tautology`                     | Tautology                   | Contract contains a condition that is always true or always false.                                         |
| `tautological_compare`          | Tautological Compare        | A comparison is tautological — always evaluates the same way regardless of input.                          |
| `write_after_write`             | Write After Write           | A variable is written twice without being read in between, making the first write useless.                 |
| `boolean_cst`                   | Boolean Constant            | Contract uses boolean constants (true/false) in conditions, indicating dead code or logic errors.          |
| `calls_loop`                    | Calls in Loop               | External calls inside loops can cause denial-of-service or unbounded gas consumption.                      |
| `var_read_using_this`           | Var Read Using This         | Contract reads a variable using `this.` which triggers an external call instead of an internal read.       |
| `unused_return`                 | Unused Return               | Return value of a function call is ignored, potentially missing error signals.                             |
| `unsafe_modifier`               | Unsafe Modifier             | A modifier is used in an unsafe way that may not properly gate access to a function.                       |
| `unintended_arbitrage`          | Unintended Arbitrage        | Contract logic creates unintended arbitrage opportunities due to price or state inconsistencies.           |
| `name_reused`                   | Name Reused                 | A contract, event, or variable name is reused in a way that causes shadowing or ambiguity.                 |
| `multiple_constructors`         | Multiple Constructors       | Contract defines multiple constructors, which may cause undefined initialization behavior.                 |
| `public_mappings_nested`        | Public Nested Mappings      | Nested public mappings can expose internal state in ways that conflict with expected encapsulation.        |
| `reusing_state_variable`        | Reusing State Variable      | A state variable is reused for multiple purposes, which can introduce unexpected state corruption.         |
| `assembly`                      | Inline Assembly             | Contract uses inline assembly, which bypasses Solidity safety checks and requires careful auditing.        |
| `event_setter`                  | Event Setter                | Events are emitted in setters without corresponding state changes, which may mislead monitoring tools.     |
| `events_maths`                  | Events Maths                | Arithmetic operations are performed in event emissions, which may not reflect actual state changes.        |
| `for_dos`                       | For Loop DoS                | A for loop iterates over an unbounded array, enabling denial-of-service by filling the array.              |
| `domain_separator_collision`    | Domain Separator Collision  | The EIP-712 domain separator may collide with another contract, enabling cross-contract signature replay.  |
| `erc721_interface`              | ERC721 Interface Issue      | Contract does not correctly implement the ERC-721 interface, which may break integrations.                 |
| `shadowing_local`               | Shadowing Local             | A local variable shadows a state variable or parameter, leading to incorrect value reads.                  |
| `shadowing_abstract`            | Shadowing Abstract          | A variable or function shadows an abstract declaration, causing unexpected override behavior.              |
| `shadowing_builtin`             | Shadowing Builtin           | A variable or function name shadows a Solidity built-in (e.g., `now`, `assert`).                           |
| `encode_packed_parameters`      | Encode Packed Parameters    | `abi.encodePacked` is used with multiple dynamic types, risking hash collisions.                           |
| `array_by_reference`            | Array By Reference          | Array is passed by reference where a copy is expected, causing unintended state mutations.                 |
| `abiencoderv2_array`            | ABIEncoderV2 Array          | A struct or array is used with ABIEncoderV2 in a way that may trigger encoding bugs in older compilers.    |
| `codex`                         | Codex Analysis Finding      | An issue was detected via Codex-based AI code analysis.                                                    |
| `return_leave`                  | Return Leave                | A `leave` statement is used in Yul assembly as a return, which may have unintended control flow.           |

### Pessimistic Analysis Detectors

The following tags come from the Pessimistic Security detector suite and represent additional static analysis findings.

| Tag                                              | Description                                                                                                          |
| ------------------------------------------------ | -------------------------------------------------------------------------------------------------------------------- |
| `pess_arbitrary_call`                            | An arbitrary external call is made to a user-controlled address without restriction.                                 |
| `pess_arbitrary_call_calldata_tainted`           | An external call is made with calldata that is tainted by user-controlled input.                                     |
| `pess_arbitrary_call_destination_tainted`        | The destination of an external call is tainted by user-controlled input.                                             |
| `pess_arbitrary_call_with_stored_erc20_approves` | An arbitrary call is made using stored ERC-20 approvals, which could drain approved tokens.                          |
| `pess_aave_flashloan_callback`                   | The Aave flashloan callback is callable by anyone, not just the Aave lending pool.                                   |
| `pess_before_token_transfer`                     | The `_beforeTokenTransfer` hook contains logic that may cause unexpected behavior.                                   |
| `pess_dubious_typecast`                          | A type cast is performed that may silently truncate or corrupt data.                                                 |
| `pess_event_setter`                              | An event is emitted in a setter function in a way that does not accurately reflect state changes.                    |
| `pess_for_continue_increment`                    | A `continue` statement inside a `for` loop skips the increment, potentially creating an infinite loop.               |
| `pess_inconsistent_nonreentrant`                 | The `nonReentrant` modifier is applied inconsistently across related functions.                                      |
| `pess_magic_number`                              | Contract uses unexplained magic numbers (literal constants) with no named constant or comment.                       |
| `pess_multiple_storage_read`                     | The same storage slot is read multiple times in a single function without caching, wasting gas.                      |
| `pess_nft_approve_warning`                       | An NFT approval is given to a potentially untrusted address, risking unauthorized transfers.                         |
| `pess_only_eoa_check`                            | Contract checks whether caller is an EOA using `tx.origin == msg.sender`, which can be bypassed in certain contexts. |
| `pess_only_eoa_modifier`                         | A modifier restricts access to EOAs only, which may conflict with contract-based interactions.                       |
| `pess_public_vs_external`                        | A function is declared `public` but only called externally, using more gas than necessary.                           |
| `pess_strange_setter`                            | A setter function sets a value that does not appear to be used, suggesting dead code or logic error.                 |
| `pess_timelock_controller`                       | A timelock controller is present but may be misconfigured or bypassable.                                             |
| `pess_tx_gasprice`                               | Contract uses `tx.gasprice` in a way that may introduce miner-manipulable logic.                                     |
| `pess_uni_v2`                                    | Contract interacts with Uniswap V2 in a potentially unsafe way, such as without slippage protection.                 |

### SWC Registry Codes

See the [Smart Contract Weakness Classification Registry](https://swcregistry.io/) for full details on each weakness.

| Tag       | Title                                               | Description                                                                                                     |
| --------- | --------------------------------------------------- | --------------------------------------------------------------------------------------------------------------- |
| `SWC_108` | State Variable Default Visibility                   | State variables without explicit visibility default to `internal`, which may expose unintended access patterns. |
| `SWC_109` | Uninitialized Storage Pointer                       | Uninitialized local storage pointer points to unexpected storage slot.                                          |
| `SWC_111` | Use of Deprecated Solidity Functions                | Contract uses functions deprecated in newer Solidity versions (e.g., `throw`, `sha3`).                          |
| `SWC_112` | Delegatecall to Untrusted Callee                    | `delegatecall` is made to an address controlled by external input.                                              |
| `SWC_113` | DoS with Failed Call                                | A failed external call inside a loop or aggregation function can block all users.                               |
| `SWC_114` | Transaction Order Dependence                        | Contract behavior depends on transaction ordering, enabling front-running.                                      |
| `SWC_115` | Authorization through tx.origin                     | Uses `tx.origin` for authorization, bypassable by phishing via an intermediary contract.                        |
| `SWC_116` | Block values as a proxy for time                    | Block timestamp or number is used as a time source, manipulable by miners within limits.                        |
| `SWC_117` | Signature Malleability                              | ECDSA signatures can be made malleable, enabling replay with different but valid values.                        |
| `SWC_118` | Incorrect Constructor Name                          | Constructor function uses the old-style naming convention, making it callable as a regular function.            |
| `SWC_119` | Shadowing State Variables                           | State variable in a derived contract shadows a variable in the base contract.                                   |
| `SWC_120` | Weak Sources of Randomness                          | Randomness relies on miner-controllable values such as block hash or timestamp.                                 |
| `SWC_121` | Missing Protection against Signature Replay Attacks | Signed messages can be replayed without a nonce or expiry check.                                                |
| `SWC_122` | Lack of Proper Signature Verification               | Signature verification is absent or improperly implemented, allowing unauthorized operations.                   |
| `SWC_123` | Requirement Violation                               | A `require` condition is violated under reachable conditions, indicating a logic flaw.                          |
| `SWC_124` | Write to Arbitrary Storage Location                 | Attacker can write to an arbitrary storage slot, overwriting critical contract data.                            |
| `SWC_125` | Incorrect Inheritance Order                         | Multiple inheritance with an incorrect order causes unexpected function resolution.                             |
| `SWC_126` | Insufficient Gas Griefing                           | Forwarding insufficient gas to a sub-call causes it to fail while the outer call succeeds.                      |
| `SWC_127` | Arbitrary Jump with Function Type Variable          | A function-type variable can be set to an arbitrary jump destination.                                           |
| `SWC_128` | DoS with Block Gas Limit                            | Operation on a large unbounded data structure can exceed the block gas limit, causing DoS.                      |
| `SWC_129` | Typographical Error                                 | A typographical error in an operator (e.g., `=+` instead of `+=`) causes silent logic bugs.                     |
| `SWC_130` | Right-To-Left-Override Control Character            | The RTLO unicode character is used to misrepresent code or file names.                                          |

***

## Wallet History Tags

Tags related to wallet age and activity.

| Tag                                | Name                      | Description                                                                                 |
| ---------------------------------- | ------------------------- | ------------------------------------------------------------------------------------------- |
| `insufficient_wallet_age`          | Insufficient Age          | Wallet is too new to pass KYW (Know Your Wallet) criteria. May indicate malicious creation. |
| `insufficient_wallet_balance`      | Insufficient Balance      | Balance is below KYW criteria. May indicate a new wallet.                                   |
| `insufficient_wallet_transactions` | Insufficient Transactions | Too few transactions to pass KYW criteria.                                                  |

***

## Developer / Migration Risk Tags

Tags that describe the historical behavior of a token's developer across platforms and deployments.

| Tag                        | Name                     | Description                                                                                          |
| -------------------------- | ------------------------ | ---------------------------------------------------------------------------------------------------- |
| `serial_launcher`          | Serial Launcher          | Developer has launched a high volume of tokens across their history.                                 |
| `serial_rugger`            | Serial Rugger            | Developer has a history of abandoning or rugpulling tokens they deploy.                              |
| `platform_hopper`          | Platform Hopper          | Developer repeatedly migrates between launchpad platforms, often to escape negative reputation.      |
| `cross_platform_developer` | Cross Platform Developer | Developer is active across multiple launchpad platforms simultaneously.                              |
| `multi_platform_active`    | Multi Platform Active    | Developer currently has active tokens on multiple platforms at the same time.                        |
| `recent_platform_switch`   | Recent Platform Switch   | Developer recently switched to a new platform, which may indicate reputation-washing.                |
| `high_graduation_rate`     | High Graduation Rate     | Developer has a strong track record of tokens graduating to mainnet trading (positive signal).       |
| `low_graduation_rate`      | Low Graduation Rate      | Developer's tokens rarely graduate to mainnet trading, suggesting low-quality or abandoned projects. |
| `pump_and_dump_pattern`    | Pump and Dump Pattern    | Developer's token history matches patterns consistent with coordinated pump and dump schemes.        |

***

## Stablecoin Depeg Risk Tags

Tags that indicate a stablecoin is showing signs of losing its peg. For usage guidance and integration patterns, see the [stablecoin depeg monitoring guide](/guides/stablecoin-depeg-monitoring).

| Tag                                 | Name                        | Description                                                                                             |
| ----------------------------------- | --------------------------- | ------------------------------------------------------------------------------------------------------- |
| `depeg_price_deviation`             | Price Deviation             | Stablecoin price has deviated from its peg by a notable margin.                                         |
| `depeg_persistent_deviation`        | Persistent Deviation        | Price deviation from peg has persisted over an extended time window.                                    |
| `depeg_severe_persistent_deviation` | Severe Persistent Deviation | Price deviation is large and has persisted over an extended time window, indicating serious depeg risk. |
| `depeg_low_liquidity`               | Low Liquidity               | Stablecoin liquidity has fallen to a level that may impair peg maintenance.                             |
| `depeg_no_liquidity`                | No Liquidity                | Stablecoin has effectively no on-chain liquidity remaining.                                             |
| `depeg_liquidity_decay`             | Liquidity Decay             | Liquidity for the stablecoin is declining over time, increasing depeg pressure.                         |
| `depeg_volatility_burst`            | Volatility Burst            | Short-term price volatility has spiked significantly, inconsistent with a stable asset.                 |
| `depeg_oracle_divergence`           | Oracle Divergence           | The on-chain price oracle is diverging from market prices.                                              |
| `depeg_price_source_disagreement`   | Price Source Disagreement   | Multiple price sources disagree on the stablecoin's current price.                                      |
| `depeg_cross_chain_spread`          | Cross-Chain Spread          | Significant price spread exists between the stablecoin on different chains.                             |
| `depeg_volume_anomaly`              | Volume Anomaly              | Trading volume is abnormally high, often a signal of panic selling or depeg arbitrage.                  |
| `depeg_max_drawdown`                | Max Drawdown                | The stablecoin has reached a maximum drawdown from its peg within the observed window.                  |

***

## Chain-Specific Tags

### Solana

| Tag                     | Name                  | Description                                                                                          |
| ----------------------- | --------------------- | ---------------------------------------------------------------------------------------------------- |
| `impersonator`          | Impersonator          | Someone is impersonating an entity related to the token.                                             |
| `known-malicious-token` | Known Malicious Token | Token is recognized as malicious.                                                                    |
| `mutable-metadata`      | Mutable Metadata      | Token metadata can be modified.                                                                      |
| `has_been_sniped`       | Has Been Sniped       | Token launch was targeted by sniper bots at or immediately after creation.                           |
| `has_been_bundled`      | Has Been Bundled      | Token was launched using a bundle of transactions, a technique associated with insider accumulation. |
| `bundled_token`         | Bundled Token         | Token is identified as having been distributed or launched via a bundled transaction pattern.        |

### TON

| Tag                            | Name                       | Description                                            |
| ------------------------------ | -------------------------- | ------------------------------------------------------ |
| `is_nonstandard_jetton`        | Non-standard Jetton        | Jetton does not follow standard implementation.        |
| `is_nonstandard_jetton_wallet` | Non-standard Jetton Wallet | Jetton wallet does not follow standard implementation. |

### Sui

| Tag                     | Name                  | Description                                                                                              |
| ----------------------- | --------------------- | -------------------------------------------------------------------------------------------------------- |
| `is_currency_standard`  | Currency Standard     | Token conforms to the Sui currency standard (positive signal).                                           |
| `not_currency_standard` | Not Currency Standard | Token does not conform to the Sui currency standard, which may indicate custom or non-standard behavior. |

### Stellar

See [Stellar Risk Tags](/essentials/stellar) for `stellar-*` tags including clawback, malicious account, and unsafe issuer detection.

### Hedera

See [Hedera Risk Tags](/essentials/hedera) for `hedera-*` tags including admin keys, fees, and pause status.

### Vaults (ERC-4626)

See [Vault Risk Tags](/api-reference/vaults) for `vault-*` tags covering governance, liquidity, performance, and protocol-specific risks.

***

## Special Flags

These tags are set by manual review or system-level processes and indicate exceptional risk conditions.

| Tag        | Description                                                                                     |
| ---------- | ----------------------------------------------------------------------------------------------- |
| `DPRK`     | Address or entity has been linked to DPRK (North Korea)-affiliated threat actors.               |
| `HACK`     | Address has been directly involved in a known hack or exploit event.                            |
| `flagged`  | Address or asset has been manually flagged by the Webacy risk team for review or elevated risk. |
| `contract` | The address is identified as a smart contract rather than an externally owned account (EOA).    |

***

## Report Tags

| Tag            | Name     | Description                                                  |
| -------------- | -------- | ------------------------------------------------------------ |
| `valid_report` | Reported | This address or contract has been reported by the community. |

***

## Informational Tags

<Note>
  Informational tags provide metadata about a project but do NOT indicate a security risk.
</Note>

| Tag         | Description                                                                          |
| ----------- | ------------------------------------------------------------------------------------ |
| `paid-info` | This result includes additional data available through a paid or enriched data tier. |
