Verify every token before you buy Unlimited checks · $3.99/wk · Cancel anytime
Get Unlimited
Swap on Verixia
[ on-chain  ·  solana + evm ]

Token Risk Check

Paste any contract address for an instant on-chain risk assessment -- honeypot detection, liquidity analysis, holder concentration, and contract permissions.

Read the contract before the contract reads you. Honeypot, rug, and scam detection from on-chain state — not market data.

⚠️ Token Risk Check
✓ On-Chain Analysis
🔒 No Signup
⚡ Results in Seconds
🔍 Honeypot detection
💧 LP lock status
👥 Holder concentration
⚡ Solana + EVM
4.6 / 5 from 2,299 users Direct on-chain reads 🔐 Non-custodial — no wallet connect required Sub-5-second scan 🔗 Solana · Ethereum · Base · Arbitrum · BNB · Polygon · Avalanche 📊 51,853 risk checks run
Contract Scanner
Live
🔍 On-chain read ⚡ Seconds ✓ No signup
>_
Enter the full token contract address for the most accurate on-chain analysis
No address? Try a popular check:
1 free check · Unlimited from $3.99/wk
No signup required · Results in seconds
Unlimited checks from $3.99 / week · Cancel anytime
Use the same email entered during checkout to restore access
Unlimited token checks active

Unlimited Token Risk Checks

Verify every contract before buying. Honeypot detection, LP lock analysis, and holder concentration reviews across Solana and EVM.
$5.6BFBI crypto losses 2023
$1B+FTC losses 2023
<5sper contract scan
Best Value -- Save 80%
Yearly Access
$39.99 / yr  ·  $3.33/mo
Popular
Monthly Access
$11.99 / month
Try it -- no commitment
Weekly Access
$3.99 / week · cancel anytime
SSL Secured Stripe Cancel anytime No hidden fees
No contracts. Cancel anytime from your account.
SOL ETH BASE ARB BNB POLY AVAX
Powered by Verixia
Live Detections
127 scans today
49K+Scans Run
6Chains
15+Risk Signals
FreeFirst Check
What the checker detects
Example signals · run a scan to see live results
⚠️Sell TaxDETECTED
💧LP LockUNLOCKED
🔑Mint AuthorityACTIVE
OwnershipRENOUNCED
🐋Whale Wallet42%
📅Token Age3 DAYS
🚨Approval RiskHIGH
CooldownACTIVE
🔄Last Update48H AGO
📉Liquidity 24h-12%
🚫Transfer LockENCODED
Freeze AuthENABLED
📋ContractVERIFIED
💰LP Depth$48K
🔗Blacklist FnPRESENT
paste a contract address above to run a live scan
🔍
Honeypot Detection
Simulates sell transactions to detect transfer locks, fee traps, and whitelist-only exit conditions before you buy in. Reads the contract directly — not market data. Works across Solana SPL tokens and all major EVM chains.
💧
Liquidity & Holders
Reviews pool depth, LP lock status, and top wallet percentages. Surfaces unlocked pools and concentrated wallets before the price collapses.
Results in Seconds
On-chain read — no API delays, no market data lag. Raw contract analysis returned in under 5 seconds.
Token verified? Swap at best price.
Route across Raydium, Orca, Meteora & 50+ DEXes — non-custodial, no KYC
Swap on Verixia →
SOL ETH BASE ARB BNB AVAX Powered by Verixia

Token Risk Analysis -- Contract, Liquidity & Holders

🔗 TL;DR

A token's risk lives in three places: contract permissions (can the dev mint, freeze, or block sells?), liquidity structure (is the LP locked and deep enough to exit?), and holder distribution (can a handful of wallets dump the entire float?). The checker above reads all three directly on-chain in under five seconds.

Scan time< 5 sec
Signals checked15+
Cost (first check)Free

DeFi exploit directories serve as comprehensive repositories cataloging vulnerabilities and incident patterns within decentralized finance protocols. Rather than focusing solely on isolated occurrences, these directories emphasize recurring structural risk profiles that facilitate exploits, shedding light on systemic weaknesses that transcend individual contract implementations. At the heart of this approach lies the recognition that a protocol’s apparent robustness—often measured by code complexity or the presence of audits—does not necessarily correlate with immunity to sophisticated attacks. In fact, protocols with extensive, well-audited codebases can sometimes conceal subtle, emergent flaws that become exploitable only through complex interactions, such as composability with other contracts or manipulation of external data oracles.

This disconnect between surface-level security assessment and deeper exploitability arises because many vulnerabilities manifest not in isolated lines of code but in the interplay among multiple contract components or dependencies. For instance, a contract that relies on price feeds may appear secure on its own, but if the oracle providing that data can be manipulated or suffers downtime, the protocol becomes vulnerable to price manipulation attacks. Exploit directories highlight these systemic vulnerabilities, underscoring that perceived security—rooted in code audits or formal verification—does not guarantee protection against nuanced, multi-vector exploit strategies that leverage ecosystem interdependencies.

Liquidity depth emerges as one of the most analytically significant factors when assessing exploit risk within DeFi environments. Pools with thin liquidity—often characterized by depths under $50,000 or a small fraction relative to a token’s market capitalization—are particularly vulnerable to manipulation. In such pools, relatively modest trades can cause outsized price swings due to slippage amplification. Attackers exploit this by executing large trades that move prices significantly, then capitalizing on the resulting discrepancies through front-running or sandwich attacks before the market can correct. While low liquidity alone does not confirm exploitability, it amplifies the tactical leverage an attacker gains, magnifying the practical risk posed by other contract vulnerabilities.

The relationship between liquidity depth and exploit risk becomes even more pronounced when considered alongside the status of liquidity pool (LP) tokens. In many DeFi protocols, LP tokens represent a user’s share of a liquidity pool, and when these tokens are unlocked—meaning holders can withdraw liquidity at will—they introduce a vector for rapid liquidity extraction. This unlocked status can sometimes facilitate rug pulls, where key liquidity providers withdraw their funds abruptly, causing sharp price crashes and undermining market confidence. When unlocked LP tokens coincide with low market capitalization—a proxy for limited investor depth and thin order books—the resulting market instability can be severe. Such conditions enable attackers to exploit both rapid liquidity removal and price manipulation, often in quick succession.

However, it is important to acknowledge that unlocked LP tokens do not inherently imply malicious intent. Protocols sometimes design unlocked LP status to incentivize early liquidity provision or to maintain flexibility in managing liquidity strategies. This nuance means that the presence of unlocked LP tokens should be analyzed contextually, considering factors such as tokenomics, governance frameworks, and community engagement. The pattern of unlocked LP tokens combined with low market cap signals structural fragility rather than automatic compromise, necessitating a measured evaluation of exploit likelihood versus benign operational design.

Beyond liquidity and LP token status, holder concentration is another structural pattern frequently documented in exploit directories. High concentration of token ownership—where a small number of addresses control a significant share of the circulating supply—can sometimes facilitate market manipulation or governance attacks. Large holders can coordinate sell-offs or influence protocol decisions in ways that destabilize the ecosystem. Yet, concentration alone does not confirm exploit intent; it may reflect legitimate early-stage distribution or strategic partnerships. The key analytical challenge lies in discerning whether such concentration amplifies exploit risk when combined with other vulnerabilities, such as unlocked LP tokens or oracle dependencies.

Additionally, honeypot mechanics and rug-pull patterns represent common exploit archetypes cataloged in these directories. Honeypots involve contracts designed to allow users to buy tokens but restrict their ability to sell, effectively trapping investor funds. Rug pull patterns often entail liquidity removal triggered by specific contract functions or administrative keys. Though these mechanisms are well-documented, their presence in a contract’s design does not necessarily confirm malicious intent. Some contracts incorporate features that can resemble honeypots or rug pulls as part of complex tokenomics or upgrade pathways, which may be poorly understood by casual observers. Thus, the identification of such patterns must be coupled with a nuanced analysis of contract permissions, multisig controls, and timelocked governance to assess exploit potential accurately.

In generalized terms, the patterns highlighted by DeFi exploit directories collectively point to structural fragility within protocols rather than deterministic indicators of imminent exploitation. Many low-cap tokens with thin liquidity and unlocked LP tokens experience rapid price volatility and liquidity shocks even absent direct attacks, reflecting inherent market sensitivity and the challenges of nascent market development. These dynamics underscore the importance of distinguishing between systemic risk—where market forces and tokenomics create vulnerability—and active exploit vectors deliberately leveraged by adversaries. Understanding this distinction is critical for forming a comprehensive risk profile that informs both strategic oversight and technical remediation efforts within decentralized finance ecosystems.

Pre-buy on-chain checklist

  • Mint authority renouncedConfirms supply is capped — no new tokens can be issued post-launch.
  • LP locked or burnedLiquidity cannot be removed in a single transaction. Lock duration and locker contract are both verifiable on-chain.
  • !Top 10 holders under 40%Lower concentration means coordinated dumps are mechanically harder. Above 40% is a structural caution.
  • !No active freeze authorityActive freeze means wallets can be paused at the contract level — no exit possible during a freeze.
  • ×No transfer restrictionsThe transfer function should accept any holder selling. Encoded sell blocks, whitelist exits, and hidden tax functions are honeypot signatures.

Frequently asked questions

Related Risk Guides

Verify the contract address before you buy in. Paste it into the scanner above for the full on-chain breakdown.

Why on-chain signals matter

🔒
Non-custodial Your wallet keys never leave your device. Funds move directly between wallets through the smart contract — Verixia holds nothing.
No account required No sign-up, no KYC, no email. Connect your wallet and swap. Disconnect at any time — no ongoing permissions required.
Solana + EVM Checks SPL tokens and EVM contracts across Ethereum, Base, Arbitrum, BNB Chain, Polygon, and Avalanche.
VR
Verixia Research
On-chain Solana DeFi analysis
Verixia Research analyzes Solana DeFi mechanics, token risk patterns, and DEX aggregator routing using verified market data from DexScreener combined with structural pattern analysis. All ratings derive from observable on-chain signals, not editorial opinion.
📖 How we analyze 👤 About 🔗 Sources: DexScreener market data, structural pattern analysis
⚙ Methodology
Every risk verdict is generated from three on-chain reads run in parallel: (1) direct contract bytecode analysis for honeypot patterns, mint/freeze authority, and blacklist functions; (2) liquidity pool inspection for LP lock status, depth, and removable percentage; (3) holder distribution from token-account snapshots. No editorial opinion is layered on the output. Read the full methodology →