Skip to main content
The Token Security endpoint lets you retrieve security and restriction information for a token by contract address. This helps you identify potential red flags like honeypots, restrictive transfer mechanics, high fees, and risky contract capabilities across chains like Solana, Ethereum, BNB Chain, Base, and more. It also provides holder distribution signals and additional risk indicators for faster due diligence.

What this endpoint does

With this API, you can:
  • Retrieve comprehensive token security information for a token on EVM and Solana chains
  • Return data about contract and burned holdings where supported
  • Return buy and sell fee percentages
  • Return transfer restrictions like max wallet, max buy, max sell, and max transfer where supported
  • Return holder concentration signals like top 10 and top 50 holdings percentages
  • Return contract risk indicators such as honeypot, blacklist, pausability, minting, and balance manipulation flags
  • Return static code analysis status for verified EVM contracts when available

What you’ll need

  • Basic knowledge of REST APIs
  • A token address
  • A Mobula API key
Note: All Mobula endpoints require an API key.
Get a free API key: Here Optional:
  • DexScreener (to find token addresses to test)

When to use Token Security

Use this endpoint when you want to:
  • Run due diligence checks before trading or integrating a token
  • Detect restrictive mechanics like honeypots, blacklists, or transfer pauses
  • Evaluate fee structures that can make trading expensive
  • Assess holder concentration risk using top holder distribution fields
  • Check whether a token can be minted or frozen by an authority
  • Display safety badges or warnings in community tools and dashboards
If you want wallet-level swaps and transfers to pair with security checks, use: Wallet Activity If you want all wallet swaps/trades over time, use: Wallet Trades If you want market-level stats (price, liquidity, volume) for the pools a token trades on, use: Market Details

Walkthrough to Get Token Security

1. Prepare your query

The Token Security endpoint requires two parameters:
ParameterDescription
blockchainBlockchain name or chain ID (example: evm:1, solana:solana, ethereum, bsc, base)
addressToken contract address (EVM) or token mint address (Solana)
Tip: Make sure you select the correct chain, such as Solana or Ethereum.

2. Find a token address to test with DexScreener

To get a real token address:
  • Open DexScreener
  • Pick a token
  • Open its token page (or open a pair page for the token)
  • Copy the token contract address (or Solana mint address)
This address is used as the address parameter.

3. Fill the API form

Enter the blockchain and paste the token address into address, then click Send.

Reviewing the response

Here are the key fields to interpret in the token security response: Core identifiers
  • address / chainId: Token contract address and chain identifier
Holdings and supply signals
  • contractHoldingsPercentage: Percentage of total supply held by the contract itself when available
  • burnedHoldingsPercentage: Percentage of supply burned when available
  • burnRate: Burn ratio as a decimal string when provided
Holder distribution risk
  • top10HoldingsPercentage / top50HoldingsPercentage / top100HoldingsPercentage / top200HoldingsPercentage: Holder concentration signals. Higher concentration can indicate control risk.
Fees
  • buyFeePercentage / sellFeePercentage: Fee percentages applied on buy or sell transactions
Transfer restrictions and limits (chain dependent)
  • maxWalletAmountRaw: Maximum wallet balance limit when present
  • maxBuyAmountRaw / maxSellAmountRaw: Max buy or sell size when present
  • maxTransferAmountRaw: Max transfer amount when present
Contract risk indicators
  • isHoneypot: Honeypot detection signal when available
  • transferPausable: Whether transfers can be paused
  • isBlacklisted / isWhitelisted: Whether the contract includes blacklist or whitelist mechanics
  • balanceMutable: Whether balances can be arbitrarily modified
  • modifyableTax: Whether fees can be changed after deployment
  • selfDestruct: Whether the contract can self-destruct
Token capabilities
  • isMintable: Whether supply can be minted
  • isFreezable: Whether accounts can be frozen on chains that support it
Static analysis
  • staticAnalysisStatus: Status of AI-powered static analysis for eligible EVM contracts
  • staticAnalysisDate: When analysis was last performed if completed
Other useful fields
  • renounced: Ownership renounced signal when available
  • locked: LP lock ratio when provided
  • lowLiquidity: Low liquidity warning field when present
  • liquidityBurnPercentage: Percent of LP tokens burned when available
  • isLaunchpadToken: Whether the token originated from a bonding curve or launchpad mechanism
  • proTraderVolume24hPercentage: Estimated share of 24h volume from terminal UI flows

Try It Live with Mobula Token Security Demo (UI)

You can also test this endpoint using our demo UI: Demo UI Homepage Token Security Demo UI Docs

Summary

The Token Security endpoint helps you:
  • Retrieve security signals for a token by blockchain and contract address
  • Detect red flags like honeypots, blacklists, transfer pauses, minting, and balance manipulation
  • Evaluate fees, holder concentration, and optional static analysis results when available
  • Visualize security data instantly in the Token Security Demo UI

Try Mobula for Free

Try our free API today and start building in minutes.
Get your free API key: Here