Verify every token before you buy Unlimited checks · $3.99/wk · Cancel anytime
Get Unlimited
Swap on Verixia
[ on-chain  ·  solana + evm ]

Token Risk Check

Paste any contract address for an instant on-chain risk assessment -- honeypot detection, liquidity analysis, holder concentration, and contract permissions.

Read the contract before the contract reads you. Honeypot, rug, and scam detection from on-chain state — not market data.

⚠️ Token Risk Check
✓ On-Chain Analysis
🔒 No Signup
⚡ Results in Seconds
🔍 Honeypot detection
💧 LP lock status
👥 Holder concentration
⚡ Solana + EVM
4.7 / 5 from 3,294 users Direct on-chain reads 🔐 Non-custodial — no wallet connect required Sub-5-second scan 🔗 Solana · Ethereum · Base · Arbitrum · BNB · Polygon · Avalanche 📊 46,072 risk checks run
Contract Scanner
Live
🔍 On-chain read ⚡ Seconds ✓ No signup
>_
Enter the full token contract address for the most accurate on-chain analysis
No address? Try a popular check:
1 free check · Unlimited from $3.99/wk
No signup required · Results in seconds
Unlimited checks from $3.99 / week · Cancel anytime
Use the same email entered during checkout to restore access
Unlimited token checks active

Unlimited Token Risk Checks

Verify every contract before buying. Honeypot detection, LP lock analysis, and holder concentration reviews across Solana and EVM.
$5.6BFBI crypto losses 2023
$1B+FTC losses 2023
<5sper contract scan
Best Value -- Save 80%
Yearly Access
$39.99 / yr  ·  $3.33/mo
Popular
Monthly Access
$11.99 / month
Try it -- no commitment
Weekly Access
$3.99 / week · cancel anytime
SSL Secured Stripe Cancel anytime No hidden fees
No contracts. Cancel anytime from your account.
SOL ETH BASE ARB BNB POLY AVAX
Powered by Verixia
Live Detections
127 scans today
49K+Scans Run
6Chains
15+Risk Signals
FreeFirst Check
What the checker detects
Example signals · run a scan to see live results
⚠️Sell TaxDETECTED
💧LP LockUNLOCKED
🔑Mint AuthorityACTIVE
OwnershipRENOUNCED
🐋Whale Wallet42%
📅Token Age3 DAYS
🚨Approval RiskHIGH
CooldownACTIVE
🔄Last Update48H AGO
📉Liquidity 24h-12%
🚫Transfer LockENCODED
Freeze AuthENABLED
📋ContractVERIFIED
💰LP Depth$48K
🔗Blacklist FnPRESENT
paste a contract address above to run a live scan
🔍
Honeypot Detection
Simulates sell transactions to detect transfer locks, fee traps, and whitelist-only exit conditions before you buy in. Reads the contract directly — not market data. Works across Solana SPL tokens and all major EVM chains.
💧
Liquidity & Holders
Reviews pool depth, LP lock status, and top wallet percentages. Surfaces unlocked pools and concentrated wallets before the price collapses.
Results in Seconds
On-chain read — no API delays, no market data lag. Raw contract analysis returned in under 5 seconds.
Token verified? Swap at best price.
Route across Raydium, Orca, Meteora & 50+ DEXes — non-custodial, no KYC
Swap on Verixia →
SOL ETH BASE ARB BNB AVAX Powered by Verixia

Token Risk Analysis -- Contract, Liquidity & Holders

🔗 TL;DR

A token's risk lives in three places: contract permissions (can the dev mint, freeze, or block sells?), liquidity structure (is the LP locked and deep enough to exit?), and holder distribution (can a handful of wallets dump the entire float?). The checker above reads all three directly on-chain in under five seconds.

Scan time< 5 sec
Signals checked15+
Cost (first check)Free

Contract permissions alerts arise from the fundamental architectural choice in many smart contracts to adopt upgradeable patterns, most notably those implemented through proxy frameworks. These proxies separate a contract’s state and its logic, allowing the logic to be replaced without changing the contract address that users interact with. This design can sometimes be misunderstood as immutability, since the address is fixed and ostensibly permanent, but the underlying code that governs behavior can be swapped out. This dual nature creates a tension between user expectations of fixed, transparent contract behavior and the reality that the contract’s capabilities and permissions may evolve dynamically. The resulting opacity can conceal changes to critical functions such as administrative controls, token minting, or asset withdrawal rights.

The volatility introduced by upgradeability means that contract permissions can shift after deployment, often without immediate on-chain signals that would alert token holders or observers. A contract that initially restricts access to sensitive functions might later grant elevated privileges to a new admin address or modify the logic to bypass previously enforced safeguards. The key point here is that the contract address alone does not guarantee static rules; the permission set may be mutable if the upgrade mechanism is accessible. This mutability is not inherently malicious or negligent but introduces a structural risk pattern that requires continuous vigilance and contextual analysis.

Central to the evaluation of contract permissions risk is the control over private keys that authorize upgrades or administrative actions. Whoever holds these keys possesses a de facto master control over the contract’s future state and actions. This authority can sometimes be centralized in a single private key, creating a single point of failure where compromise or intentional misuse could lead to draining of funds, unauthorized token minting, or disabling of critical functions. In such cases, the security of the contract is as strong as the security of that key, which often resides off-chain and outside the transparent consensus mechanisms of the blockchain. This reliance on off-chain trust assumptions contrasts with the ideal of trustless, immutable smart contracts and can sometimes catch users unaware.

Mitigation strategies often involve multisignature (multisig) wallets to distribute control among multiple parties, reducing the risk posed by any single compromised key. Multisigs can require multiple independent signatures before executing an upgrade, thereby raising the bar for authorization and complicating potential attacks. However, multisigs also introduce operational complexity. Coordinating signers can slow down urgent responses, and poorly configured multisigs might still be vulnerable if signers collude or if the multisig contract itself has vulnerabilities. Moreover, the specific implementation of multisigs and whether they are subject to external audits can vary widely, affecting their effectiveness as a security control. Thus, multisigs reduce but do not eliminate permissions risk.

Another layer influencing contract permissions risk is the interaction between network transaction fee structures and contract governance. On low-fee networks, such as those often favored for decentralized exchanges or smaller tokens, the cost of repeatedly interacting with a contract or probing its upgrade functions is minimal. This affordability can sometimes enable adversaries to launch stress tests, spam governance proposals, or attempt to identify vulnerabilities in the upgrade mechanisms through repeated transactions. Conversely, high-fee networks impose a financial barrier that can deter such probing but may also restrict the responsiveness of legitimate governance actions, such as timely upgrades or emergency fixes. The fee environment thus shapes the practical feasibility of both attacks and legitimate administrative operations, influencing the overall risk profile of contract permissions.

The patterns evident in contract permissions alerts should be interpreted with nuance. The presence of upgradeable proxies and administrative keys signals the possibility of significant control shifts after deployment, but this alone does not confirm malicious intent or imminent compromise. Many projects rely on upgradeability to maintain flexibility in dynamic and evolving regulatory or technical environments. When coupled with transparent governance, thorough audits, and widely distributed key control, upgradeable contracts can balance adaptability and security. The analytical challenge lies in understanding who holds upgrade keys, the robustness of the upgrade processes, the visibility of changes post-upgrade, and the network context in which these contracts operate.

Ultimately, contract permissions alerts highlight structural risk factors embedded in the design and governance of smart contracts rather than definitive vulnerabilities. This pattern demands continuous monitoring and deeper inquiry into the custodianship of upgrade authority, the safeguards implemented to prevent abuse, and the feasibility of attacks given network conditions. Only through such layered analysis can one assess the true risk posture presented by contract permissions, recognizing that the upgradeability feature is a double-edged sword—offering both flexibility and potential exposure.

Pre-buy on-chain checklist

  • Mint authority renouncedConfirms supply is capped — no new tokens can be issued post-launch.
  • LP locked or burnedLiquidity cannot be removed in a single transaction. Lock duration and locker contract are both verifiable on-chain.
  • !Top 10 holders under 40%Lower concentration means coordinated dumps are mechanically harder. Above 40% is a structural caution.
  • !No active freeze authorityActive freeze means wallets can be paused at the contract level — no exit possible during a freeze.
  • ×No transfer restrictionsThe transfer function should accept any holder selling. Encoded sell blocks, whitelist exits, and hidden tax functions are honeypot signatures.

Frequently asked questions

Related Risk Guides

Verify the contract address before you buy in. Paste it into the scanner above for the full on-chain breakdown.

Why on-chain signals matter

🔒
Non-custodial Your wallet keys never leave your device. Funds move directly between wallets through the smart contract — Verixia holds nothing.
No account required No sign-up, no KYC, no email. Connect your wallet and swap. Disconnect at any time — no ongoing permissions required.
Solana + EVM Checks SPL tokens and EVM contracts across Ethereum, Base, Arbitrum, BNB Chain, Polygon, and Avalanche.
VR
Verixia Research
On-chain Solana DeFi analysis
Verixia Research analyzes Solana DeFi mechanics, token risk patterns, and DEX aggregator routing using verified market data from DexScreener combined with structural pattern analysis. All ratings derive from observable on-chain signals, not editorial opinion.
📖 How we analyze 👤 About 🔗 Sources: DexScreener market data, structural pattern analysis
⚙ Methodology
Every risk verdict is generated from three on-chain reads run in parallel: (1) direct contract bytecode analysis for honeypot patterns, mint/freeze authority, and blacklist functions; (2) liquidity pool inspection for LP lock status, depth, and removable percentage; (3) holder distribution from token-account snapshots. No editorial opinion is layered on the output. Read the full methodology →