Verify every token before you buy Unlimited checks · $3.99/wk · Cancel anytime
Get Unlimited
Swap on Verixia
[ on-chain  ·  solana + evm ]

Token Risk Check

Paste any contract address for an instant on-chain risk assessment -- honeypot detection, liquidity analysis, holder concentration, and contract permissions.

Read the contract before the contract reads you. Honeypot, rug, and scam detection from on-chain state — not market data.

⚠️ Token Risk Check
✓ On-Chain Analysis
🔒 No Signup
⚡ Results in Seconds
🔍 Honeypot detection
💧 LP lock status
👥 Holder concentration
⚡ Solana + EVM
4.9 / 5 from 3,130 users Direct on-chain reads 🔐 Non-custodial — no wallet connect required Sub-5-second scan 🔗 Solana · Ethereum · Base · Arbitrum · BNB · Polygon · Avalanche 📊 66,743 risk checks run
Contract Scanner
Live
🔍 On-chain read ⚡ Seconds ✓ No signup
>_
Enter the full token contract address for the most accurate on-chain analysis
No address? Try a popular check:
1 free check · Unlimited from $3.99/wk
No signup required · Results in seconds
Unlimited checks from $3.99 / week · Cancel anytime
Use the same email entered during checkout to restore access
Unlimited token checks active

Unlimited Token Risk Checks

Verify every contract before buying. Honeypot detection, LP lock analysis, and holder concentration reviews across Solana and EVM.
$5.6BFBI crypto losses 2023
$1B+FTC losses 2023
<5sper contract scan
Best Value -- Save 80%
Yearly Access
$39.99 / yr  ·  $3.33/mo
Popular
Monthly Access
$11.99 / month
Try it -- no commitment
Weekly Access
$3.99 / week · cancel anytime
SSL Secured Stripe Cancel anytime No hidden fees
No contracts. Cancel anytime from your account.
SOL ETH BASE ARB BNB POLY AVAX
Powered by Verixia
Live Detections
127 scans today
49K+Scans Run
6Chains
15+Risk Signals
FreeFirst Check
What the checker detects
Example signals · run a scan to see live results
⚠️Sell TaxDETECTED
💧LP LockUNLOCKED
🔑Mint AuthorityACTIVE
OwnershipRENOUNCED
🐋Whale Wallet42%
📅Token Age3 DAYS
🚨Approval RiskHIGH
CooldownACTIVE
🔄Last Update48H AGO
📉Liquidity 24h-12%
🚫Transfer LockENCODED
Freeze AuthENABLED
📋ContractVERIFIED
💰LP Depth$48K
🔗Blacklist FnPRESENT
paste a contract address above to run a live scan
🔍
Honeypot Detection
Simulates sell transactions to detect transfer locks, fee traps, and whitelist-only exit conditions before you buy in. Reads the contract directly — not market data. Works across Solana SPL tokens and all major EVM chains.
💧
Liquidity & Holders
Reviews pool depth, LP lock status, and top wallet percentages. Surfaces unlocked pools and concentrated wallets before the price collapses.
Results in Seconds
On-chain read — no API delays, no market data lag. Raw contract analysis returned in under 5 seconds.
Token verified? Swap at best price.
Route across Raydium, Orca, Meteora & 50+ DEXes — non-custodial, no KYC
Swap on Verixia →
SOL ETH BASE ARB BNB AVAX Powered by Verixia

Token Risk Analysis -- Contract, Liquidity & Holders

🔗 TL;DR

A token's risk lives in three places: contract permissions (can the dev mint, freeze, or block sells?), liquidity structure (is the LP locked and deep enough to exit?), and holder distribution (can a handful of wallets dump the entire float?). The checker above reads all three directly on-chain in under five seconds.

Scan time< 5 sec
Signals checked15+
Cost (first check)Free

Malicious contract reports revolve fundamentally around the structural patterns of smart contract control and mutability, a domain where the outwardly visible properties of a deployed contract often belie more complex underlying risks. On the surface, a smart contract may project an image of immutability and robust security, appearing as a fixed, unchangeable program on the blockchain. However, when the contract employs a proxy upgrade pattern, its logic can be altered after deployment by authorized parties. This creates a fundamental mismatch between perception and reality: a contract that seems permanently fixed can, in fact, be modified to introduce new, potentially harmful behavior long after initial audits have been conducted. This pattern underscores a key challenge in evaluating contract security—the outward signals of a clean and audited contract do not necessarily guarantee safety if upgrade mechanisms are not fully disclosed, understood, or scrutinized in depth.

At the heart of malicious contract concerns lies the analytical significance of control over private keys or multisignature (multisig) wallets that govern contract upgrades or asset management. The holder or holders of these private keys wield unilateral authority to execute transactions, modify contract logic, or transfer assets. This power means that whoever controls these keys effectively controls the contract’s behavior and funds, regardless of the contract’s initial design or audit status. While multisig wallets dilute this risk by requiring multiple approvals before executing sensitive operations, they introduce operational complexity and do not wholly eliminate risk. Multisig arrangements can vary widely in terms of quorum thresholds, key-holder identities, and security practices, all of which influence the real-world security posture. Therefore, the mechanism of key control emerges as a central factor because it directly determines the true gatekeepers of contract mutability and asset flow, making it the focal point of trust and security evaluation.

The interaction between transaction fee economics and contract mutability further shapes the risk environment surrounding malicious contracts. High-fee networks tend to impose a natural economic friction that discourages spam or low-value attacks, making exploit attempts more costly and less frequent. In contrast, low-fee networks reduce the economic barrier for repeated malicious interactions, such as front-running, transaction spamming, or rapid testing of exploit vectors. This dynamic is particularly concerning when combined with upgradeable contracts, as low fees facilitate rapid, repeated deployment of new malicious logic via contract upgrades. Attackers can, in some cases, efficiently iterate through exploit attempts, probing for vulnerabilities or destabilizing liquidity pools with minimal cost. This interplay between fee structures and contract design complexity can significantly influence both the likelihood and potential impact of malicious activity. Understanding this nuance is essential for assessing risk in the context of different blockchain environments.

Malicious contract reports also highlight a fundamental tension between contract transparency and hidden control mechanisms. Upgradeable contracts inherently enable important flexibility, allowing developers to patch bugs, add features, or improve security in response to evolving threats. Yet, this very flexibility opens avenues for post-deployment manipulation that can be exploited either maliciously or negligently. Importantly, the presence of upgrade mechanisms or multisig control does not, by itself, imply wrongdoing. Many reputable projects use proxy upgrades responsibly, governed by transparent processes and community oversight, to enhance long-term security and functionality. The challenge lies in distinguishing responsible governance from opaque control that can be wielded to the detriment of token holders or ecosystem participants.

Another dimension to consider is the scope and depth of audits relative to upgrade patterns. Initial audits often focus on the deployed contract logic visible at the time of review, but may not fully encompass the upgrade mechanisms or future implementation contracts. This gap means that post-audit upgrades can introduce code that was never reviewed, rendering the initial audit less meaningful as a guarantee of safety. In some cases, contracts may include functions that grant “admin” or “owner” accounts sweeping powers, such as pausing transfers, blacklisting addresses, or minting tokens arbitrarily. These features, while sometimes justified for maintenance or compliance, can also be abused if control is concentrated or insufficiently transparent. Therefore, audit scope and governance transparency become critical factors in evaluating malicious contract risk beyond the static codebase.

Holder concentration and liquidity considerations intertwine with contract control to further complicate risk assessment. A token with a highly concentrated holder base, combined with mutable contract logic, can be vulnerable to coordinated malicious actions. Similarly, liquidity pool lock status can influence exploit viability; thin pools relative to market capitalization or shallow locked liquidity can be drained or manipulated more easily if malicious upgrades enable asset extraction or trading restrictions. These factors do not automatically indicate malicious intent but can create conditions where such intent is easier to realize, elevating overall risk.

In summary, malicious contract reports serve as a lens for examining the multifaceted risks associated with smart contract control and mutability. While upgradeable contracts and multisig governance structures offer important benefits, they also introduce vectors for potential abuse that require rigorous and ongoing scrutiny. The patterns identified in these reports are not determinative of malicious intent but rather highlight areas where trust assumptions must be carefully evaluated and where transparency, governance, and technical design converge to define security posture. Understanding these dynamics is essential for informed analysis and risk management in the evolving landscape of decentralized finance and token ecosystems.

Pre-buy on-chain checklist

  • Mint authority renouncedConfirms supply is capped — no new tokens can be issued post-launch.
  • LP locked or burnedLiquidity cannot be removed in a single transaction. Lock duration and locker contract are both verifiable on-chain.
  • !Top 10 holders under 40%Lower concentration means coordinated dumps are mechanically harder. Above 40% is a structural caution.
  • !No active freeze authorityActive freeze means wallets can be paused at the contract level — no exit possible during a freeze.
  • ×No transfer restrictionsThe transfer function should accept any holder selling. Encoded sell blocks, whitelist exits, and hidden tax functions are honeypot signatures.

Frequently asked questions

Related Risk Guides

Verify the contract address before you buy in. Paste it into the scanner above for the full on-chain breakdown.

Why on-chain signals matter

🔒
Non-custodial Your wallet keys never leave your device. Funds move directly between wallets through the smart contract — Verixia holds nothing.
No account required No sign-up, no KYC, no email. Connect your wallet and swap. Disconnect at any time — no ongoing permissions required.
Solana + EVM Checks SPL tokens and EVM contracts across Ethereum, Base, Arbitrum, BNB Chain, Polygon, and Avalanche.
VR
Verixia Research
On-chain Solana DeFi analysis
Verixia Research analyzes Solana DeFi mechanics, token risk patterns, and DEX aggregator routing using verified market data from DexScreener combined with structural pattern analysis. All ratings derive from observable on-chain signals, not editorial opinion.
📖 How we analyze 👤 About 🔗 Sources: DexScreener market data, structural pattern analysis
⚙ Methodology
Every risk verdict is generated from three on-chain reads run in parallel: (1) direct contract bytecode analysis for honeypot patterns, mint/freeze authority, and blacklist functions; (2) liquidity pool inspection for LP lock status, depth, and removable percentage; (3) holder distribution from token-account snapshots. No editorial opinion is layered on the output. Read the full methodology →