Risks Breakdown
The Hexens Data API identifies and labels various risk types in smart contracts. Below is a list of all currently detectable risks.
Centralized Mint
An external authority can create (mint) new tokens.
This can dilute holders and manipulate token supply.
High
Hidden Fees
The contract includes a fee that’s not clearly declared in transfers.
Receivers may get fewer tokens than expected.
High
Unauthorized Token Approvals
An external authority can approve token transfers on behalf of users.
This may allow unauthorized spending.
High
Proxy
The contract is upgradeable via a proxy.
Its logic can be changed at any time — making behavior unpredictable.
High
Selfdestruct
The contract can be destroyed.
When triggered, it erases all stored values, including balances.
High
Centralized Burn
An external authority can burn tokens from user balances.
This reduces supply and can affect holder value.
High
Blacklist
Specific users can be blocked from transferring tokens.
This introduces censorship and central control.
High
Cooldown checks
Transfers are subject to cooldown periods or timed delays.
This may prevent immediate token movement.
Medium
Basic Transfer Fee
The contract includes an optional, declared fee on transfers.
While visible, it still alters expected amounts.
Medium
External Call in Transfer
Transfers depend on other contracts.
External code can influence whether or how transfers succeed.
Medium
Balance Manipulation
Balances can be altered using functions outside typical mint/burn/transfer logic.
This adds unpredictability to user balances.
Medium
Pausable
An external authority can pause the contract.
All transfers or functions may be temporarily disabled.
Medium
Blockable Transfer
Transfers can be blocked under certain conditions (e.g. large amounts, cooldowns, specific addresses).
This can freeze tokens for certain users.
Medium
Whitelist
Transfers are allowed only between approved addresses.
This favors certain users and limits token flow.
Low
Asset Withdrawal
The contract can move tokens from its balance.
Relevant if the contract is expected to hold funds.
Informational
ETH Balance Sweep
The contract can move ETH from its balance.
This matters if ETH is sent to the contract.
Informational
Upgradeable
The contract is intended to be used as logic for proxy contracts.
This doesn’t affect it directly but makes it part of a larger upgradeable system.
Informational
Last updated