Security Analysis

Analyze tokens and contracts for security risks.

Try it Live

Open in Swagger UI → to test these endpoints interactively.

Endpoints

Endpoint	Description	Price
GET /api/security/token/{address}	Token analysis	$0.01
GET /api/security/contract/{address}	Contract check	$0.02
GET /api/security/honeypot/{address}	Honeypot detection	$0.01
GET /api/security/rugpull/{address}	Rug pull risk	$0.02

---

GET /api/security/token/{address}

Comprehensive token security analysis.

Request

curl https://api.web3identity.com/api/security/token/0xa0b86991c6218b36c1d19d4a2e9eb0ce3606eb48

Response

{
  "token": {
    "address": "0xa0b86991c6218b36c1d19d4a2e9eb0ce3606eb48",
    "name": "USD Coin",
    "symbol": "USDC",
    "decimals": 6
  },
  "security": {
    "score": 95,
    "risk": "LOW",
    "flags": []
  },
  "checks": {
    "isOpenSource": true,
    "isProxy": true,
    "isMintable": true,
    "ownershipRenounced": false,
    "hasBlacklist": true,
    "canPause": true,
    "hasHiddenOwner": false,
    "hasTradingCooldown": false,
    "isHoneypot": false
  },
  "ownership": {
    "owner": "0x...",
    "isMultisig": true,
    "threshold": "4 of 7"
  },
  "liquidity": {
    "pools": 156,
    "totalLiquidity": 5678901234
  }
}

Risk Levels

Score	Risk	Description
90-100	LOW	Safe, established token
70-89	MEDIUM	Some concerns
50-69	HIGH	Multiple red flags
0-49	CRITICAL	Likely scam

---

GET /api/security/honeypot/{address}

Quick honeypot detection.

Response

{
  "address": "0x...",
  "isHoneypot": false,
  "simulatedBuy": {
    "success": true,
    "tax": 0.3
  },
  "simulatedSell": {
    "success": true,
    "tax": 0.3
  },
  "buyTax": 0.3,
  "sellTax": 0.3,
  "transferTax": 0
}

Honeypot Indicators

• ❌ Sell fails completely
• ⚠️ Sell tax > 10%
• ⚠️ Buy/sell tax mismatch > 5%
• ⚠️ Hidden transfer functions

---

GET /api/security/rugpull/{address}

Rug pull risk assessment.

Response

{
  "address": "0x...",
  "riskScore": 25,
  "risk": "LOW",
  "factors": {
    "liquidityLocked": true,
    "lockDuration": "365 days",
    "ownershipRenounced": false,
    "topHoldersConcentration": 15.2,
    "contractAge": "2 years",
    "hasAudit": true,
    "auditor": "OpenZeppelin"
  },
  "warnings": []
}

Risk Factors

Factor	Weight
Liquidity not locked	+30
Owner can mint	+20
Top 10 hold >50%	+25
Contract < 30 days	+15
No audit	+10

---

GET /api/security/contract/{address}

Full contract security analysis.

Response

{
  "address": "0x...",
  "isVerified": true,
  "compiler": "0.8.19",
  "license": "MIT",
  "proxy": {
    "isProxy": true,
    "implementation": "0x...",
    "admin": "0x..."
  },
  "functions": {
    "total": 45,
    "external": 23,
    "risky": ["selfdestruct", "delegatecall"]
  },
  "vulnerabilities": [],
  "slither": {
    "high": 0,
    "medium": 1,
    "low": 3
  }
}

---

SDK Examples

JavaScript

import { Web3IdentityClient } from '@web3identity/sdk';

const client = new Web3IdentityClient();

// Full token analysis
const analysis = await client.analyzeToken(
  '0xa0b86991c6218b36c1d19d4a2e9eb0ce3606eb48'
);

console.log(`Security Score: ${analysis.security.score}/100`);
console.log(`Risk Level: ${analysis.security.risk}`);

// Quick honeypot check
const honeypot = await client.checkHoneypot(tokenAddress);
if (honeypot.isHoneypot) {
  console.log('⛔ HONEYPOT DETECTED');
}

// Rug pull risk
const rugRisk = await client.checkRugPull(tokenAddress);
console.log(`Rug Risk Score: ${rugRisk.riskScore}`);

Python

from web3identity import Client

client = Client()

# Analyze token
analysis = client.analyze_token('0xa0b86991c6218b36c1d19d4a2e9eb0ce3606eb48')
print(f"Risk: {analysis['security']['risk']}")

# Check honeypot
honeypot = client.check_honeypot(token_address)
if honeypot['isHoneypot']:
    print("⛔ HONEYPOT!")

cURL Examples

# Full token analysis
curl https://api.web3identity.com/api/security/token/0xa0b86991c6218b36c1d19d4a2e9eb0ce3606eb48

# Quick honeypot check
curl https://api.web3identity.com/api/security/honeypot/0x...

# Rug pull risk
curl https://api.web3identity.com/api/security/rugpull/0x...

# Contract analysis (with chain parameter)
curl "https://api.web3identity.com/api/security/contract/0x...?chain=base"

---

Best Practices

Always check before interacting with new tokens:

const analysis = await client.analyzeToken(tokenAddress);

if (analysis.security.risk === 'CRITICAL') {
  console.log('⛔ Do not interact');
} else if (analysis.security.risk === 'HIGH') {
  console.log('⚠️ Proceed with caution');
}

---

Related Endpoints

• Token Prices — Price and market data
• Trending Tokens — Trending tokens
• Gainers & Losers — Top movers
• Wallet Balances — Portfolio data