Risks Breakdown
The Glider API identifies and labels various risk types in smart contracts. Below is a list of all currently detectable risks.
Centralized Mint
An external authority can create (mint) new tokens.
This can dilute holders and manipulate token supply.
risk_centralized_mint
High
Hidden Fees
The contract includes a fee that’s not clearly declared in transfers.
Receivers may get fewer tokens than expected.
risk_hidden_fees
High
Unauthorized Token Approvals
An external authority can approve token transfers on behalf of users.
This may allow unauthorized spending.
risk_unauthorized_token_approvals
High
Proxy
The contract is upgradeable via a proxy.
Its logic can be changed at any time — making behavior unpredictable.
risk_proxy
High
Selfdestruct
The contract can be destroyed.
When triggered, it erases all stored values, including balances.
risk_selfdestruct
High
Centralized Burn
An external authority can burn tokens from user balances.
This reduces supply and can affect holder value.
risk_centralized_burn
High
Blacklist
Specific users can be blocked from transferring tokens.
This introduces censorship and central control.
risk_blacklist
High
Transfer event amount mismatch
The amount emitted in the transfer event does not match the actual amount of the balance change. This can be used to misguide the blockchain indexers, user-facing applications and end users by showing them inconsistent transfer history and balances.
risk_token_transfer_event_amount_mismatch
High
Cooldown checks
Transfers are subject to cooldown periods or timed delays.
This may prevent immediate token movement.
risk_transfer_time_constraints
Medium
Basic Transfer Fee
The contract includes an optional, declared fee on transfers.
While visible, it still alters expected amounts.
risk_basic_transfer_fee
Medium
External Call in Transfer
Transfers depend on other contracts.
External code can influence whether or how transfers succeed.
risk_external_call_in_transfer
Medium
Balance Manipulation
Balances can be altered using functions outside typical mint/burn/transfer logic.
This adds unpredictability to user balances.
risk_balance_manipulation_in_non_standard_functions
Medium
Pausable
An external authority can pause the contract.
All transfers or functions may be temporarily disabled.
risk_pausable
Medium
Blockable Transfer
Transfers can be blocked under certain conditions (e.g. large amounts, cooldowns, specific addresses).
This can freeze tokens for certain users.
risk_blockable_transfer
Medium
No Transfer event emitted
The token's transfer functions lack transfer event emission, which can cause problems with blockchain indexers and user-facing applications not being able to show the transfer history and balances correctly.
risk_not_emmiting_transfer_event_in_transfer_function
Medium
Approval event not emitted
The token's approve function lacks approval event emission, which can cause problems with blockchain indexers and user-facing applications to show the approval history and state correctly.
risk_not_emmiting_approval_event_in_approve_function
Medium
Whitelist
Transfers are allowed only between approved addresses.
This favors certain users and limits token flow.
risk_whitelist
Low
Asset Withdrawal
The contract can move tokens from its balance.
Relevant if the contract is expected to hold funds.
risk_excessive_token_withdrawal
Informational
ETH Balance Sweep
The contract can move ETH from its balance.
This matters if ETH is sent to the contract.
risk_eth_balance_sweep
Informational
Upgradeable
The contract is intended to be used as logic for proxy contracts.
This doesn’t affect it directly but makes it part of a larger upgradeable system.
risk_upgradeable
Informational
Assembly usage in transfer
The token's transfer functions use assembly code, there is a probability that this can be used to obfuscate the transferring logic.
risk_assembly_usage_in_transfer_function
Informational
Not fully ERC20 compliant
The token's contract does not fully implement all of the ERC20 standard's requirements.
risk_not_erc20_full_compliance
Informational
Last updated