Verify every token before you buy Unlimited checks · $3.99/wk · Cancel anytime
Get Unlimited
Swap on Verixia
[ on-chain  ·  solana + evm ]

Token Risk Check

Paste any contract address for an instant on-chain risk assessment -- honeypot detection, liquidity analysis, holder concentration, and contract permissions.

Read the contract before the contract reads you. Honeypot, rug, and scam detection from on-chain state — not market data.

⚠️ Token Risk Check
✓ On-Chain Analysis
🔒 No Signup
⚡ Results in Seconds
🔍 Honeypot detection
💧 LP lock status
👥 Holder concentration
⚡ Solana + EVM
4.7 / 5 from 3,138 users Direct on-chain reads 🔐 Non-custodial — no wallet connect required Sub-5-second scan 🔗 Solana · Ethereum · Base · Arbitrum · BNB · Polygon · Avalanche 📊 48,545 risk checks run
Contract Scanner
Live
🔍 On-chain read ⚡ Seconds ✓ No signup
>_
Enter the full token contract address for the most accurate on-chain analysis
No address? Try a popular check:
1 free check · Unlimited from $3.99/wk
No signup required · Results in seconds
Unlimited checks from $3.99 / week · Cancel anytime
Use the same email entered during checkout to restore access
Unlimited token checks active

Unlimited Token Risk Checks

Verify every contract before buying. Honeypot detection, LP lock analysis, and holder concentration reviews across Solana and EVM.
$5.6BFBI crypto losses 2023
$1B+FTC losses 2023
<5sper contract scan
Best Value -- Save 80%
Yearly Access
$39.99 / yr  ·  $3.33/mo
Popular
Monthly Access
$11.99 / month
Try it -- no commitment
Weekly Access
$3.99 / week · cancel anytime
SSL Secured Stripe Cancel anytime No hidden fees
No contracts. Cancel anytime from your account.
SOL ETH BASE ARB BNB POLY AVAX
Powered by Verixia
Live Detections
127 scans today
49K+Scans Run
6Chains
15+Risk Signals
FreeFirst Check
What the checker detects
Example signals · run a scan to see live results
⚠️Sell TaxDETECTED
💧LP LockUNLOCKED
🔑Mint AuthorityACTIVE
OwnershipRENOUNCED
🐋Whale Wallet42%
📅Token Age3 DAYS
🚨Approval RiskHIGH
CooldownACTIVE
🔄Last Update48H AGO
📉Liquidity 24h-12%
🚫Transfer LockENCODED
Freeze AuthENABLED
📋ContractVERIFIED
💰LP Depth$48K
🔗Blacklist FnPRESENT
paste a contract address above to run a live scan
🔍
Honeypot Detection
Simulates sell transactions to detect transfer locks, fee traps, and whitelist-only exit conditions before you buy in. Reads the contract directly — not market data. Works across Solana SPL tokens and all major EVM chains.
💧
Liquidity & Holders
Reviews pool depth, LP lock status, and top wallet percentages. Surfaces unlocked pools and concentrated wallets before the price collapses.
Results in Seconds
On-chain read — no API delays, no market data lag. Raw contract analysis returned in under 5 seconds.
Token verified? Swap at best price.
Route across Raydium, Orca, Meteora & 50+ DEXes — non-custodial, no KYC
Swap on Verixia →
SOL ETH BASE ARB BNB AVAX Powered by Verixia

Token Risk Analysis -- Contract, Liquidity & Holders

🔗 TL;DR

A token's risk lives in three places: contract permissions (can the dev mint, freeze, or block sells?), liquidity structure (is the LP locked and deep enough to exit?), and holder distribution (can a handful of wallets dump the entire float?). The checker above reads all three directly on-chain in under five seconds.

Scan time< 5 sec
Signals checked15+
Cost (first check)Free

At the core of a crypto exploit directory lies the intricate structural pattern formed by the tension between smart contract immutability and the mechanisms that enable upgrades, most notably proxy upgrade patterns. Smart contracts are often celebrated for their immutability, a property that assures users and auditors alike that once deployed, the contract’s code and behavior remain fixed and transparent. This immutability is foundational to the trust model of decentralized finance. However, proxy patterns introduce a layer of complexity by separating the contract’s interface from its implementation. In this architecture, the proxy contract delegates calls to an implementation contract whose address can be swapped out or upgraded. This design, while promoting flexibility and adaptability, undermines the simple assumption that deployed contracts are permanently unchangeable. The coexistence of apparent immutability at the proxy level and underlying mutability at the implementation level creates a subtle but significant attack vector. It means that the contract’s logic can be altered post-deployment, even after extensive audits, potentially introducing vulnerabilities or exploits that were not visible or anticipated during initial reviews. Understanding this duality is crucial for anyone analyzing exploit risk, as superficial code inspection that focuses solely on the deployed proxy contract can miss the mutable layer beneath.

Within this structural pattern, control over the upgrade mechanism carries the most analytical weight. The keys or multisignature (multisig) wallets that govern the upgrade authority effectively hold the power to rewrite the contract’s behavior at will. The security posture of the contract depends heavily on how this control is managed. In cases where a single private key controls upgrade authority, the risk of unauthorized or malicious changes escalates considerably. A compromised private key or an insider threat can immediately alter the contract’s logic, bypassing any previously established security assumptions. Conversely, multisig setups, which require multiple signers to approve upgrades, reduce the risk of unilateral actions by a single entity. However, multisig governance introduces its own operational complexities, including delays in decision-making, the need for coordination among signatories, and potential vulnerabilities if one or more signers are compromised or collude maliciously. The mechanism by which upgrade control is exercised—whether highly centralized or distributed among trusted parties—directly influences both the likelihood of exploit scenarios and their potential severity. This governance structure is a critical area of focus in any comprehensive exploit directory, as it reflects the human and procedural factors that underpin technical vulnerabilities.

Transaction fee structures and governance mechanisms, such as multisig wallets, interact in nuanced ways to shape the exploit landscape. Low-fee networks can enable attackers to execute numerous small transactions at minimal cost, facilitating tactics such as spam attacks or front-running that might be economically prohibitive on high-fee chains. This economic environment lowers the barrier to probing contract behavior aggressively and repeatedly, potentially uncovering subtle vulnerabilities. When combined with multisig governance, the timing and cost dynamics of potential attacks become even more complex. Multisig setups inherently slow down the execution of upgrades or administrative actions because multiple approvals are required. This delay creates a window during which attackers can rapidly test contract responses or exploit temporary inconsistencies in state or logic. For instance, an attacker might use the low-cost environment to probe the contract’s defenses while awaiting multisig consensus, increasing the probability of successful exploitation before a patch or rollback can be enacted. The interplay between network economics and governance mechanisms reveals how operational realities influence exploit feasibility and detection, complicating simplistic threat models that consider contract code in isolation.

Importantly, the mere presence of upgradeable contracts cataloged in an exploit directory does not, by itself, imply malicious intent or imminent risk. Many legitimate projects employ proxy patterns precisely to allow for bug fixes, feature enhancements, or compliance-related updates that are vital for long-term viability and adaptability in a rapidly evolving regulatory and technological landscape. The structural capability for post-deployment changes is often a pragmatic design choice rather than a sign of vulnerability. The pattern becomes concerning primarily when upgrade control is overly centralized, lacks transparency, or operates without robust multisig safeguards and clearly defined governance processes. Without these controls, the potential for exploit increases because the upgrade path can be weaponized by insiders or external attackers who gain control over upgrade keys. Thus, while upgradeability introduces a potential attack surface, it can also serve legitimate operational needs, and recognizing this balance is essential to avoid conflating the structural pattern of upgradeability with exploitability in generalized assessments.

Further analytical depth emerges when considering the broader ecosystem context in which upgradeable contracts operate. For instance, the median liquidity pool depths and market capitalizations of tokens associated with such contracts can inform the economic incentives behind potential exploits. Contracts governing tokens with shallow liquidity pools relative to their market cap can be more vulnerable to manipulation or rug-pull tactics, especially if coupled with centralized upgrade control. Likewise, the age of the deployed pairs and the activity patterns on decentralized exchanges contribute to the risk profile, as newer contracts may not have undergone sufficient community scrutiny or stress testing. These factors intersect with contract-level structures, reinforcing the need for multi-dimensional risk assessments within a crypto exploit directory.

In sum, the structural pattern of proxy upgrade mechanisms encapsulates a complex interplay between technical design, governance arrangements, economic incentives, and network conditions. It demands a nuanced analytical approach that goes beyond surface-level code audits to encompass control dynamics, operational realities, and ecosystem parameters. This comprehensive perspective enables a more informed and balanced understanding of risk, one that distinguishes the legitimate flexibility of upgradeable contracts from the vulnerabilities that can arise when governance and transparency are inadequate.

Pre-buy on-chain checklist

  • Mint authority renouncedConfirms supply is capped — no new tokens can be issued post-launch.
  • LP locked or burnedLiquidity cannot be removed in a single transaction. Lock duration and locker contract are both verifiable on-chain.
  • !Top 10 holders under 40%Lower concentration means coordinated dumps are mechanically harder. Above 40% is a structural caution.
  • !No active freeze authorityActive freeze means wallets can be paused at the contract level — no exit possible during a freeze.
  • ×No transfer restrictionsThe transfer function should accept any holder selling. Encoded sell blocks, whitelist exits, and hidden tax functions are honeypot signatures.

Frequently asked questions

Related Risk Guides

Verify the contract address before you buy in. Paste it into the scanner above for the full on-chain breakdown.

Why on-chain signals matter

🔒
Non-custodial Your wallet keys never leave your device. Funds move directly between wallets through the smart contract — Verixia holds nothing.
No account required No sign-up, no KYC, no email. Connect your wallet and swap. Disconnect at any time — no ongoing permissions required.
Solana + EVM Checks SPL tokens and EVM contracts across Ethereum, Base, Arbitrum, BNB Chain, Polygon, and Avalanche.
VR
Verixia Research
On-chain Solana DeFi analysis
Verixia Research analyzes Solana DeFi mechanics, token risk patterns, and DEX aggregator routing using verified market data from DexScreener combined with structural pattern analysis. All ratings derive from observable on-chain signals, not editorial opinion.
📖 How we analyze 👤 About 🔗 Sources: DexScreener market data, structural pattern analysis
⚙ Methodology
Every risk verdict is generated from three on-chain reads run in parallel: (1) direct contract bytecode analysis for honeypot patterns, mint/freeze authority, and blacklist functions; (2) liquidity pool inspection for LP lock status, depth, and removable percentage; (3) holder distribution from token-account snapshots. No editorial opinion is layered on the output. Read the full methodology →