Token Security Analysis

Comprehensive token security analysis including honeypot detection and rug pull risk assessment.

Try it Live

Open in Swagger UI → to test these endpoints interactively.

Endpoints

Endpoint	Description	Price
`GET /api/security/token/{address}`	Full token analysis	$0.02
`GET /api/security/rugcheck/{address}`	Rug pull risk check	$0.01

GET /api/security/token/{address}

Comprehensive token security analysis with risk scoring.

Request

curl "https://api.web3identity.com/api/security/token/0xdAC17F958D2ee523a2206206994597C13D831ec7?chain=ethereum"

Query Parameters

Parameter	Type	Default	Description
`chain`	string	`ethereum`	Chain: ethereum, bsc, polygon, arbitrum, base

Response

{
  "token": {
    "address": "0xdAC17F958D2ee523a2206206994597C13D831ec7",
    "name": "Tether USD",
    "symbol": "USDT",
    "decimals": 6,
    "totalSupply": "96789012345000000",
    "chain": "ethereum"
  },
  "security": {
    "score": 85,
    "risk": "LOW",
    "summary": "Established token with some centralization concerns",
    "flags": ["centralized", "blacklist_function"],
    "lastUpdated": "2026-02-08T16:30:00Z"
  },
  "checks": {
    "isOpenSource": true,
    "isProxy": false,
    "isMintable": true,
    "isPausable": true,
    "ownershipRenounced": false,
    "hasBlacklist": true,
    "canSelfDestruct": false,
    "hasHiddenOwner": false,
    "hasTradingCooldown": false,
    "hasTransferFee": false,
    "isHoneypot": false,
    "antiWhale": false,
    "taxModifiable": false
  },
  "trading": {
    "canBuy": true,
    "canSell": true,
    "buyTax": 0.0,
    "sellTax": 0.0,
    "transferTax": 0.0,
    "maxTxAmount": null,
    "maxWalletAmount": null
  },
  "ownership": {
    "owner": "0xC6CDE7C39eB2f0F0095F41570af89eFC2C1Ea828",
    "isContract": true,
    "isMultisig": false,
    "renounced": false,
    "functions": {
      "mint": true,
      "pause": true,
      "blacklist": true,
      "changeOwner": true
    }
  },
  "liquidity": {
    "pools": 342,
    "totalLiquidity": 5678901234,
    "mainDex": "Uniswap V3",
    "mainPair": "USDT/WETH",
    "locked": false,
    "lockUntil": null
  },
  "holders": {
    "total": 5678901,
    "top10Percentage": 45.2,
    "top50Percentage": 78.5,
    "contractHolders": 3456
  },
  "contract": {
    "verified": true,
    "compiler": "v0.4.18",
    "age": "2286 days",
    "createdAt": "2017-11-28T00:00:00Z",
    "transactions": 98765432
  }
}

GET /api/security/rugcheck/{address}

Quick rug pull risk assessment.

Request

curl "https://api.web3identity.com/api/security/rugcheck/0x1234567890123456789012345678901234567890?chain=ethereum"

Response

{
  "token": {
    "address": "0x1234567890123456789012345678901234567890",
    "name": "Example Token",
    "symbol": "EXMPL",
    "chain": "ethereum"
  },
  "riskScore": 75,
  "risk": "HIGH",
  "verdict": "Potential rug pull indicators detected",
  "factors": {
    "liquidityLocked": false,
    "lockDuration": null,
    "ownershipRenounced": false,
    "mintFunction": true,
    "pauseFunction": true,
    "topHoldersConcentration": 85.6,
    "contractAge": 12,
    "hasAudit": false,
    "honeypotRisk": false,
    "hiddenOwner": false
  },
  "warnings": [
    {
      "severity": "HIGH",
      "message": "Liquidity is not locked",
      "detail": "Developers can remove liquidity at any time"
    },
    {
      "severity": "HIGH",
      "message": "Top 10 holders own 85.6% of supply",
      "detail": "High concentration risk"
    },
    {
      "severity": "MEDIUM",
      "message": "Contract is only 12 days old",
      "detail": "New token with limited track record"
    },
    {
      "severity": "MEDIUM",
      "message": "Owner can mint new tokens",
      "detail": "Supply can be inflated"
    },
    {
      "severity": "MEDIUM",
      "message": "No audit found",
      "detail": "Code has not been professionally reviewed"
    }
  ],
  "recommendations": [
    "Wait for liquidity lock",
    "Monitor holder distribution",
    "Start with small position",
    "Check for audit"
  ]
}

Risk Scoring

Security Score (0-100)

Range	Risk Level	Description
90-100	✅ LOW	Safe, established token
70-89	⚠️ MEDIUM	Some concerns, proceed cautiously
50-69	🟠 HIGH	Multiple red flags
0-49	🔴 CRITICAL	Likely scam, avoid

Risk Factors & Weights

Factor	Weight	Description
Liquidity not locked	+30	Devs can rug
Owner can mint	+20	Supply inflation risk
Top 10 hold >50%	+25	Dump risk
Contract < 30 days	+15	Unproven
No audit	+10	Unknown vulnerabilities
Hidden owner	+35	Anonymous control
Honeypot	+100	Cannot sell
High sell tax (>10%)	+20	Exit difficulty

SDK Examples

JavaScript

import { Web3IdentityClient } from '@web3identity/sdk';

const client = new Web3IdentityClient();

// Full token security analysis
const analysis = await client.analyzeTokenSecurity(
  '0xdAC17F958D2ee523a2206206994597C13D831ec7',
  { chain: 'ethereum' }
);

console.log(`${analysis.token.symbol} Security Score: ${analysis.security.score}/100`);
console.log(`Risk Level: ${analysis.security.risk}`);

// Check specific risks
if (analysis.checks.isHoneypot) {
  console.log('⛔ HONEYPOT - Cannot sell!');
}

if (analysis.checks.hasTransferFee && analysis.trading.sellTax > 10) {
  console.log(`⚠️ High sell tax: ${analysis.trading.sellTax}%`);
}

if (!analysis.ownership.renounced && analysis.ownership.functions.mint) {
  console.log('⚠️ Owner can mint more tokens');
}

// Quick rug check
const rugCheck = await client.checkRugPull(
  '0x1234567890123456789012345678901234567890',
  { chain: 'ethereum' }
);

console.log(`\nRug Pull Risk: ${rugCheck.risk}`);
console.log(`Score: ${rugCheck.riskScore}/100`);

if (rugCheck.riskScore > 70) {
  console.log('\n🚨 HIGH RISK - Warnings:');
  rugCheck.warnings.forEach(w => {
    console.log(`  [${w.severity}] ${w.message}`);
  });
  
  console.log('\n💡 Recommendations:');
  rugCheck.recommendations.forEach(r => {
    console.log(`  - ${r}`);
  });
}

// Holder concentration check
const holderRisk = analysis.holders.top10Percentage > 50;
console.log(`\nHolder concentration: ${holderRisk ? '⚠️ HIGH' : '✅ OK'}`);
console.log(`Top 10 holders own: ${analysis.holders.top10Percentage}%`);

Python

from web3identity import Client

client = Client()

# Analyze token security
analysis = client.analyze_token_security(
    '0xdAC17F958D2ee523a2206206994597C13D831ec7',
    chain='ethereum'
)

print(f"{analysis['token']['symbol']} Security Analysis:")
print(f"  Score: {analysis['security']['score']}/100")
print(f"  Risk: {analysis['security']['risk']}")
print(f"  Summary: {analysis['security']['summary']}")

# Check critical risks
critical_checks = {
    'Honeypot': analysis['checks']['isHoneypot'],
    'Hidden Owner': analysis['checks']['hasHiddenOwner'],
    'Self Destruct': analysis['checks']['canSelfDestruct']
}

print("\n🔍 Critical Checks:")
for check, value in critical_checks.items():
    status = '❌ YES' if value else '✅ NO'
    print(f"  {check}: {status}")

# Rug pull check
def should_invest(address, chain='ethereum'):
    rug = client.check_rug_pull(address, chain=chain)
    
    if rug['riskScore'] > 80:
        return False, "EXTREME RISK - Do not invest"
    elif rug['riskScore'] > 60:
        return False, "HIGH RISK - Wait for improvements"
    elif rug['riskScore'] > 40:
        return True, "MEDIUM RISK - Small position only"
    else:
        return True, "LOW RISK - Proceed with caution"

safe, reason = should_invest('0x1234567890123456789012345678901234567890')
print(f"\nInvestment Decision: {reason}")

# Batch check multiple tokens
tokens = [
    '0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48',  # USDC
    '0xdAC17F958D2ee523a2206206994597C13D831ec7',  # USDT
    '0x6B175474E89094C44Da98b954EedeAC495271d0F'   # DAI
]

print("\n📊 Batch Security Check:")
for token in tokens:
    analysis = client.analyze_token_security(token, chain='ethereum')
    print(f"  {analysis['token']['symbol']}: {analysis['security']['score']}/100 ({analysis['security']['risk']})")

cURL Examples

# Check USDT security
curl "https://api.web3identity.com/api/security/token/0xdAC17F958D2ee523a2206206994597C13D831ec7?chain=ethereum"

# Check token on BSC
curl "https://api.web3identity.com/api/security/token/0x1234567890123456789012345678901234567890?chain=bsc"

# Quick rug check
curl "https://api.web3identity.com/api/security/rugcheck/0x1234567890123456789012345678901234567890?chain=ethereum"

# Check new token on Base
curl "https://api.web3identity.com/api/security/token/0xabcdef0123456789abcdef0123456789abcdef01?chain=base"

Rate Limits

Tier	Rate Limit	Notes
Free	100 requests/day	No payment required
Paid	Unlimited	$0.01-$0.02 per call via x402

Common Use Cases

Pre-Trade Safety Check

// Check token before buying
async function safeToTrade(address, chain = 'ethereum') {
  const [security, rugCheck] = await Promise.all([
    client.analyzeTokenSecurity(address, { chain }),
    client.checkRugPull(address, { chain })
  ]);
  
  // Critical deal-breakers
  if (security.checks.isHoneypot) {
    return { safe: false, reason: 'HONEYPOT - Cannot sell' };
  }
  
  if (security.checks.hasHiddenOwner) {
    return { safe: false, reason: 'Hidden owner - High risk' };
  }
  
  // High risk factors
  if (rugCheck.riskScore > 75) {
    return {
      safe: false,
      reason: 'High rug pull risk',
      warnings: rugCheck.warnings
    };
  }
  
  // Medium risk - proceed with caution
  if (security.security.score < 70) {
    return {
      safe: true,
      caution: true,
      reason: 'Medium risk - small position only',
      maxInvestment: 'low'
    };
  }
  
  return { safe: true, reason: 'Security checks passed' };
}

const check = await safeToTrade('0x1234...');
console.log(check);

Portfolio Risk Scanner

// Scan entire portfolio for risks
async function scanPortfolio(walletAddress) {
  // Get wallet tokens (from balances endpoint)
  const balances = await client.getWalletBalances(walletAddress);
  
  // Check security for each token
  const risks = await Promise.all(
    balances.tokens.map(async token => {
      const security = await client.analyzeTokenSecurity(
        token.address,
        { chain: token.chain }
      );
      
      return {
        token: token.symbol,
        address: token.address,
        balance: token.balance,
        valueUSD: token.valueUSD,
        riskScore: security.security.score,
        risk: security.security.risk,
        flags: security.security.flags
      };
    })
  );
  
  // Sort by risk
  return risks.sort((a, b) => a.riskScore - b.riskScore);
}

const portfolioRisks = await scanPortfolio('0xYourAddress');
const highRisk = portfolioRisks.filter(t => t.risk === 'HIGH' || t.risk === 'CRITICAL');

if (highRisk.length > 0) {
  console.log('⚠️ High risk tokens in portfolio:');
  highRisk.forEach(t => {
    console.log(`  ${t.token}: $${t.valueUSD} (${t.risk})`);
  });
}

Contract Verification — Check contract source
Token Analysis — General token analysis
Wallet Balances — Portfolio tracking
Token Prices — Price data

Endpoints​

GET /api/security/token/{address}​

Request​

Query Parameters​

Response​

GET /api/security/rugcheck/{address}​

Request​

Response​

Risk Scoring​

Security Score (0-100)​

Risk Factors & Weights​

SDK Examples​

JavaScript​

Python​

cURL Examples​

Rate Limits​

Common Use Cases​

Pre-Trade Safety Check​

Portfolio Risk Scanner​

Related Endpoints​

Endpoints

GET /api/security/token/{address}

Request

Query Parameters

Response

GET /api/security/rugcheck/{address}

Request

Response

Risk Scoring

Security Score (0-100)

Risk Factors & Weights

SDK Examples

JavaScript

Python

cURL Examples

Rate Limits

Common Use Cases

Pre-Trade Safety Check

Portfolio Risk Scanner

Related Endpoints