> ## Documentation Index
> Fetch the complete documentation index at: https://docs.webacy.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Malicious Burn

> Detect malicious burn functions that let attackers destroy tokens from any wallet or liquidity pool without consent, enabling theft and price manipulation.

## Overview

Malicious burn functions allow unauthorized destruction of tokens, either from user wallets or liquidity pools, enabling theft and market manipulation.

## Types of Malicious Burns

### Privileged Burn

Admin can burn tokens from any wallet without owner consent.

```solidity theme={null}
// DANGEROUS: Owner can burn anyone's tokens
function privilegedBurn(address from, uint256 amount) public onlyOwner {
    _burn(from, amount);  // No consent required!
}
```

**Risk:** Admin can drain user wallets at will.

***

### Hidden Burn

Burn logic hidden within other functions like transfers.

```solidity theme={null}
// DANGEROUS: Hidden burn in transfer
function _transfer(address from, address to, uint256 amount) internal {
    uint256 burnAmount = amount / 100;  // 1% hidden burn
    _burn(from, burnAmount);
    super._transfer(from, to, amount - burnAmount);
}
```

**Risk:** Users unknowingly lose tokens on every transfer.

***

### Selective Burn

Burn functions targeting specific addresses or conditions.

```solidity theme={null}
// DANGEROUS: Targeted burn capability
mapping(address => bool) public canBeBurned;

function burn(address target) public onlyOwner {
    require(canBeBurned[target], "Not burnable");
    _burn(target, balanceOf(target));  // Wipes entire balance
}
```

**Risk:** Allows targeting and elimination of specific holders.

***

### LP Burn Manipulation

Burning liquidity pool tokens to manipulate price.

```solidity theme={null}
// DANGEROUS: LP token burn for price manipulation
function burnLP(address lpToken, uint256 amount) public onlyOwner {
    ILPToken(lpToken).burn(amount);  // Reduces liquidity
}
```

**Risk:** Price manipulation through liquidity reduction.

## Safe Burn Patterns

### User-Only Burn

```solidity theme={null}
// SAFE: Users can only burn their own tokens
function burn(uint256 amount) public {
    _burn(msg.sender, amount);  // Only burns caller's tokens
}
```

### Transparent Burn Tax

```solidity theme={null}
// ACCEPTABLE: Documented burn tax
uint256 public constant BURN_RATE = 100;  // 1%

function transfer(address to, uint256 amount) public override returns (bool) {
    uint256 burnAmount = amount / BURN_RATE;
    _burn(msg.sender, burnAmount);
    emit BurnTax(msg.sender, burnAmount);  // Transparent
    return super.transfer(to, amount - burnAmount);
}
```

## Detection Tags

| Tag                   | Severity | Description                          |
| --------------------- | -------- | ------------------------------------ |
| `privileged_burn`     | High     | Admin can burn from any address      |
| `hidden_burn`         | High     | Burn logic hidden in other functions |
| `selective_burn`      | Medium   | Targeted burn capabilities           |
| `excessive_burn_rate` | Medium   | Burn rate above normal thresholds    |

## API Response Example

```json theme={null}
{
  "issues": [
    {
      "tag": "privileged_burn",
      "severity": "high",
      "description": "Owner can burn tokens from any address",
      "location": "burn(address,uint256)"
    }
  ]
}
```

## Red Flags

* [ ] `burn(address from, ...)` with admin access
* [ ] Hidden burns in transfer functions
* [ ] No events emitted on burns
* [ ] Burn rate can be changed by admin
* [ ] Burn targets specific addresses or mappings
