Overview
Hidden Mint identifies suspicious and malicious token minting activities where additional token supply can be altered in harmful ways.
Hidden mint vulnerabilities can completely devastate token value. In 2021, Levyathan.finance lost approximately $1.5 million when an attacker exploited unlimited minting permissions.
The Risk
Minting is the process of creating new tokens and adding them to circulating supply. When supply increases without corresponding demand, token price drops.
When mint functions lack proper safeguards:
- Malicious actors can create unlimited tokens
- Token value can be crashed instantly
- Investors lose their holdings
Detection Categories
Hidden Internal Mint
Functions that exploit transaction gas fees to mint additional tokens beyond what was requested, directing excess tokens to unauthorized addresses.
Risk Level: Critical
Controlled Mint
Administrator-accessible functions permitting infinite token minting, enabling controlled liquidity manipulation and exit strategies.
Risk Level: High
Supply Update (Upd Supply)
Functions manipulating totalSupply outside normal minting/burning operations.
Risk Level: High
totalSupply should only increase on minting and decrease on burning. Direct manipulation is a red flag.
Pre-Mint
Informational flag for tokens pre-minting amounts during deployment.
Risk Level: Informational
Red Flags
Safe Patterns
API Response Example