TL;DR: Enhanced security detection using advanced static source code analysis, plus real-time data invalidation for security and DexScreener updates.
Static Code Analysis
Mobula now performs deep static analysis on verified smart contracts, detecting vulnerabilities that traditional scanners miss.
What’s Detected
| Risk | Description |
|---|
| Balance Mutable | Hidden mint/burn functions, balance manipulation |
| Transfer Pausable | Owner can freeze transfers |
| Blacklist/Whitelist | Hidden address restrictions |
| Hidden Fees | Tax functions obfuscated in code |
| Self Destruct | Contract can be destroyed by owner |
How It Works
- Fetches verified source code from blockchain explorers
- Smart truncation prioritizes main contracts over library code
- Advanced pattern matching analyzes for security risks
- Results stored in
security field with detailed breakdowns in security_sources.static_analysis
Response Structure
Real-Time Cache Invalidation
Token data updates now trigger real-time cache flushes across all API instances via Redis pub/sub.
Affected Data Types
| Field | Source | Trigger |
|---|
security | Static Analysis | Security scan completes |
security | GoPlus | External security data updated |
dexscreener | DexScreener | Ad/boost status changes |
i18n | Token Handler | Localization updated |
Benefits
- API responses reflect latest data within seconds
- No stale security flags after re-analysis
- DexScreener paid status updates immediately
Static analysis is performed once per token (persisted in database) for efficiency. Re-analysis only occurs if source code changes.