Verify every token before you buy Unlimited checks · $3.99/wk · Cancel anytime
Get Unlimited
Swap on Verixia
[ on-chain  ·  solana + evm ]

Token Risk Check

Paste any contract address for an instant on-chain risk assessment -- honeypot detection, liquidity analysis, holder concentration, and contract permissions.

Read the contract before the contract reads you. Honeypot, rug, and scam detection from on-chain state — not market data.

⚠️ Token Risk Check
✓ On-Chain Analysis
🔒 No Signup
⚡ Results in Seconds
🔍 Honeypot detection
💧 LP lock status
👥 Holder concentration
⚡ Solana + EVM
4.8 / 5 from 2,015 users Direct on-chain reads 🔐 Non-custodial — no wallet connect required Sub-5-second scan 🔗 Solana · Ethereum · Base · Arbitrum · BNB · Polygon · Avalanche 📊 51,285 risk checks run
Contract Scanner
Live
🔍 On-chain read ⚡ Seconds ✓ No signup
>_
Enter the full token contract address for the most accurate on-chain analysis
No address? Try a popular check:
1 free check · Unlimited from $3.99/wk
No signup required · Results in seconds
Unlimited checks from $3.99 / week · Cancel anytime
Use the same email entered during checkout to restore access
Unlimited token checks active

Unlimited Token Risk Checks

Verify every contract before buying. Honeypot detection, LP lock analysis, and holder concentration reviews across Solana and EVM.
$5.6BFBI crypto losses 2023
$1B+FTC losses 2023
<5sper contract scan
Best Value -- Save 80%
Yearly Access
$39.99 / yr  ·  $3.33/mo
Popular
Monthly Access
$11.99 / month
Try it -- no commitment
Weekly Access
$3.99 / week · cancel anytime
SSL Secured Stripe Cancel anytime No hidden fees
No contracts. Cancel anytime from your account.
SOL ETH BASE ARB BNB POLY AVAX
Powered by Verixia
Live Detections
127 scans today
49K+Scans Run
6Chains
15+Risk Signals
FreeFirst Check
What the checker detects
Example signals · run a scan to see live results
⚠️Sell TaxDETECTED
💧LP LockUNLOCKED
🔑Mint AuthorityACTIVE
OwnershipRENOUNCED
🐋Whale Wallet42%
📅Token Age3 DAYS
🚨Approval RiskHIGH
CooldownACTIVE
🔄Last Update48H AGO
📉Liquidity 24h-12%
🚫Transfer LockENCODED
Freeze AuthENABLED
📋ContractVERIFIED
💰LP Depth$48K
🔗Blacklist FnPRESENT
paste a contract address above to run a live scan
🔍
Honeypot Detection
Simulates sell transactions to detect transfer locks, fee traps, and whitelist-only exit conditions before you buy in. Reads the contract directly — not market data. Works across Solana SPL tokens and all major EVM chains.
💧
Liquidity & Holders
Reviews pool depth, LP lock status, and top wallet percentages. Surfaces unlocked pools and concentrated wallets before the price collapses.
Results in Seconds
On-chain read — no API delays, no market data lag. Raw contract analysis returned in under 5 seconds.
Token verified? Swap at best price.
Route across Raydium, Orca, Meteora & 50+ DEXes — non-custodial, no KYC
Swap on Verixia →
SOL ETH BASE ARB BNB AVAX Powered by Verixia

Token Risk Analysis -- Contract, Liquidity & Holders

🔗 TL;DR

A token's risk lives in three places: contract permissions (can the dev mint, freeze, or block sells?), liquidity structure (is the LP locked and deep enough to exit?), and holder distribution (can a handful of wallets dump the entire float?). The checker above reads all three directly on-chain in under five seconds.

Scan time< 5 sec
Signals checked15+
Cost (first check)Free

A malicious token can be defined as a digital asset deliberately designed with on-chain mechanisms that disadvantage or trap holders, often causing unexpected losses or an inability to exit positions. This concept can sometimes be misunderstood because it is easy to conflate typical project risks—such as price volatility or market uncertainty—with the intentional embedding of harmful features within the token’s smart contract. Many investors assume that all tokens carry similar operational risks, but malicious tokens specifically incorporate features that exploit user trust or the underlying platform mechanics in ways that ordinary tokens do not. Recognizing this distinction matters because it helps separate tokens that carry inherent technical or market risk from those that are intentionally adversarial in their design.

On-chain, malicious tokens often implement transfer restrictions that prevent certain addresses from selling, known as honeypot mechanics. In cases that match this pattern, a token’s smart contract contains logic that will revert or block sell transactions under certain conditions, effectively locking holders into their positions. This can sometimes be detected by simulating sell transactions in a controlled environment to see if the contract denies the operation. However, the mere presence of sell restrictions alone does not necessarily confirm malicious intent, as some projects may impose temporary limits for legitimate reasons such as anti-bot measures or staged token releases. The key analytical insight is that honeypot mechanics become suspect when they disproportionately affect typical holders while sparing privileged accounts, suggesting a design that benefits insiders at the expense of others.

Another common mechanism found in malicious tokens involves control over liquidity pool tokens. In decentralized exchange ecosystems, liquidity pools provide the trading depth necessary for efficient market operations. When a malicious token’s deployer or a privileged account has the ability to withdraw liquidity suddenly, it can result in a severe loss of market depth, leaving holders unable to sell without causing a price crash. This pattern can sometimes be detected by examining whether the liquidity provider tokens are locked or timelocked, or whether the contract grants withdrawal rights to a single entity without transparent safeguards. While the ability to manage liquidity is necessary for some project functions, an unrestricted or secretive withdrawal right signals a structural risk where holders may be trapped once the liquidity is pulled. Importantly, liquidity control mechanisms alone do not prove malicious intent but highlight a potential for harm that deserves scrutiny.

Additionally, malicious tokens may retain mint or freeze authorities, which can dramatically alter token economics and holder rights. Mint authority enables the issuer to create unlimited new tokens, which can dilute existing holders and depress the token’s value through inflationary supply increases. Freeze authority allows the issuer to lock or restrict token transfers for specific addresses, effectively immobilizing tokens held by certain users. These permissions rely on smart contract functions that check caller permissions and enforce conditional logic. While such features can sometimes serve legitimate purposes—such as regulatory compliance or emergency freeze capabilities—their presence is a structural control over token behavior rather than a market outcome. This distinction is critical because it means the token’s code itself embeds powers that can override normal market dynamics, potentially enabling adversarial actions against holders.

Many users mistakenly believe that malicious tokens primarily relate to price manipulation or market volatility, but these external factors are only part of the picture. The core issue centers on the token’s embedded control over transferability and supply. For instance, having mint authority does not directly manipulate price but empowers the issuer to inflate supply arbitrarily, which can indirectly undermine price stability and holder value. Similarly, freeze authority controls whether holders can move or sell their tokens, introducing a layer of centralized control inconsistent with a trustless environment. These features can sometimes be hidden behind complex or obfuscated smart contract code, requiring technical expertise to identify and interpret correctly. Therefore, understanding maliciousness involves analyzing the token’s programmed capabilities rather than merely observing market behavior or speculative dynamics.

To further deepen this analysis, one must consider the interplay between holder concentration and these structural permissions. Tokens with highly concentrated ownership, where a few addresses control a large fraction of the supply, can sometimes amplify the risks posed by malicious code. For example, if a small group holds the majority of tokens and also controls minting or liquidity withdrawal permissions, they can exert outsized influence over market conditions and token availability. This concentration can sometimes be a red flag when combined with adversarial mechanisms but should be evaluated in context since some tokens naturally have uneven distribution during early stages or in specific use cases. The pattern itself does not confirm maliciousness but raises questions about the governance and risk model embedded in the token’s design.

Understanding the concept of a malicious token enables one to ask whether a token’s smart contract includes mechanisms that can prevent selling, mint new tokens arbitrarily, freeze balances, or withdraw liquidity without safeguards. This inquiry transcends surface-level metrics like market capitalization or trading volume and focuses on the token’s fundamental trust assumptions. Without this insight, investors cannot reliably differentiate between tokens that are risky due to market conditions and those that are risky due to embedded adversarial code. While the presence of these features does not guarantee malicious intent, it provides a critical lens to evaluate the token’s structural risk profile and informs a more nuanced approach to security analysis in decentralized finance.

Pre-buy on-chain checklist

  • Mint authority renouncedConfirms supply is capped — no new tokens can be issued post-launch.
  • LP locked or burnedLiquidity cannot be removed in a single transaction. Lock duration and locker contract are both verifiable on-chain.
  • !Top 10 holders under 40%Lower concentration means coordinated dumps are mechanically harder. Above 40% is a structural caution.
  • !No active freeze authorityActive freeze means wallets can be paused at the contract level — no exit possible during a freeze.
  • ×No transfer restrictionsThe transfer function should accept any holder selling. Encoded sell blocks, whitelist exits, and hidden tax functions are honeypot signatures.

Frequently asked questions

Related Risk Guides

Verify the contract address before you buy in. Paste it into the scanner above for the full on-chain breakdown.

Why on-chain signals matter

🔒
Non-custodial Your wallet keys never leave your device. Funds move directly between wallets through the smart contract — Verixia holds nothing.
No account required No sign-up, no KYC, no email. Connect your wallet and swap. Disconnect at any time — no ongoing permissions required.
Solana + EVM Checks SPL tokens and EVM contracts across Ethereum, Base, Arbitrum, BNB Chain, Polygon, and Avalanche.
VR
Verixia Research
On-chain Solana DeFi analysis
Verixia Research analyzes Solana DeFi mechanics, token risk patterns, and DEX aggregator routing using verified market data from DexScreener combined with structural pattern analysis. All ratings derive from observable on-chain signals, not editorial opinion.
📖 How we analyze 👤 About 🔗 Sources: DexScreener market data, structural pattern analysis
⚙ Methodology
Every risk verdict is generated from three on-chain reads run in parallel: (1) direct contract bytecode analysis for honeypot patterns, mint/freeze authority, and blacklist functions; (2) liquidity pool inspection for LP lock status, depth, and removable percentage; (3) holder distribution from token-account snapshots. No editorial opinion is layered on the output. Read the full methodology →