Skip to main content

Overview

Hidden Mint identifies suspicious and malicious token minting activities where additional token supply can be altered in harmful ways.
Hidden mint vulnerabilities can completely devastate token value. In 2021, Levyathan.finance lost approximately $1.5 million when an attacker exploited unlimited minting permissions.

The Risk

Minting is the process of creating new tokens and adding them to circulating supply. When supply increases without corresponding demand, token price drops. When mint functions lack proper safeguards:
  • Malicious actors can create unlimited tokens
  • Token value can be crashed instantly
  • Investors lose their holdings

Detection Categories

Hidden Internal Mint

Functions that exploit transaction gas fees to mint additional tokens beyond what was requested, directing excess tokens to unauthorized addresses. Risk Level: Critical

Controlled Mint

Administrator-accessible functions permitting infinite token minting, enabling controlled liquidity manipulation and exit strategies. Risk Level: High

Supply Update (Upd Supply)

Functions manipulating totalSupply outside normal minting/burning operations. Risk Level: High
totalSupply should only increase on minting and decrease on burning. Direct manipulation is a red flag.

Pre-Mint

Informational flag for tokens pre-minting amounts during deployment. Risk Level: Informational

Red Flags

Safe Patterns

API Response Example