Heuristics
The scanner runs a small set of focused checks. Each produces zero or more Flags with a category and severity.
Categories
| Category | What it covers |
|---|---|
mint | Presence and access control on mint() |
ownership | Owner identity: EOA, contract, multisig (Safe), timelock, renounced |
pause | OpenZeppelin Pausable, custom paused flags |
blacklist | Address blocklists / denylists |
fee | Fee-on-transfer, mutable tax rates |
proxy | EIP-1967 UUPS / transparent / beacon proxies |
v4-hook | Uniswap V4 hook permission bits encoded in the address |
staking | Staking surface, admin emergency withdraws |
liquidity | LP token sitting in a known locker (Unicrypt, PinkLock, Team.Finance, Onchain) |
distribution | Top-holder concentration, bundled wallets |
verification | Etherscan source verification |
misc | selfdestruct, raw delegatecall, rebasing supply |
Severity
Severities map to point deductions:
| Severity | Deduction |
|---|---|
| info | 0 |
| low | 3 |
| medium | 8 |
| high | 18 |
| critical | 35 |
Bonuses are applied for verified source (+5), renounced ownership (+10),
timelock owner (+8), and Safe multisig owner (+6). Clamped to [0, 100].
Bundled-wallet detection
The scanner pulls the top 50 holders from Etherscan, finds the 20 holders
ranked 2–21, and checks how many cluster within ±5% of the median of that
group. If five or more wallets cluster and collectively hold > 30% of
supply, a wallet-bundling high-severity flag fires.
This is intentionally conservative — it catches launch sniper farms and pre-mine distributions without false-positiving on protocols with many medium-sized treasury wallets.