Solana Token Risk Scanner
Paste a Solana token contract address. We pull the on-chain authorities, supply, top-10 holder concentration, and pool liquidity from public RPCs in your browser — no signup, no logging, nothing leaves your tab.
How to read the result
The scanner runs four on-chain checks plus a liquidity lookup. Here is what each grade actually means in practice.
| Grade | Meaning |
|---|---|
| LOW | Authorities renounced, holders reasonably distributed, healthy liquidity. The structural risks are gone — but a "LOW" rug check is not the same as "this coin will go up." Memecoin risk is intrinsic. |
| LOW-MED / MEDIUM | Mostly fine, but one or two caution signs. Common patterns: top-10 holds 40–70% (whale-exit risk), or total liquidity is thin (<$50k). Position-size accordingly. |
| HIGH | One severe structural flaw. Usually mint or freeze authority not renounced. The developer has technical ability to wreck holders any moment. |
| CRITICAL | Multiple severe flaws. Walk away. No legitimate token launched in 2026 needs both an active mint authority and active freeze authority. |
What this tool does not catch
Being honest about the limits matters more than the tool itself.
- Honeypot contracts. Some tokens pass authority checks but contain custom logic (often via Token-2022 transfer hooks) that lets the developer block sells silently. We don't simulate trades.
- Sandwich / MEV risk on the buy. This is a structural risk of the launch venue (Pump.fun, Raydium), not the token contract — nothing on-chain to detect from the mint alone.
- Authority that was renounced then re-claimed. A handful of exploits in 2024–2025 used a multisig setup where renounce was reversible. Our check sees the current state only.
- Social / coordination risk. If 5 wallets that pass distribution checks are coordinated off-chain, the on-chain numbers look fine right up to the dump. We can't see Telegram.
- Wash trading. DexScreener volume includes wash trades. A token with $1M reported volume might have $5k of real buys.
If you want automated, continuous monitoring against these risks during an active position — not a one-off check before buying — that's where Solana sniper bots earn their fee. They run mint/freeze/holder/LP checks against every pool you might enter, on every block, and refuse the buy automatically. See Trojan, BullX, and Maestro for which ones implement these filters and how reliably.
Common Solana scams this scanner catches
These are the rug-pull patterns the four structural checks above will flag concretely. They cover roughly 70–80% of the Pump.fun-era launches that lose retail money — the rest is honeypot logic and off-chain coordination that no static scanner can see.
- Mint authority not renounced → unlimited supply printing. The developer can mint a billion more tokens at any time and dump them into the pool. Our
getAccountInfo → mintAuthoritycheck shows you exactly which wallet still holds this power, and grades the token CRITICAL if it's notnull. This is the single most common Solana memecoin rug vector in 2024–2026. - Freeze authority active → wallet lockup. The developer can flip your wallet to a frozen state and prevent you from selling at all. We highlight this as HIGH risk even when other checks pass. Most reputable launches renounce freeze authority at the same time they renounce mint authority.
- Top-10 holder concentration over 40% → coordinated dump risk. If a handful of wallets own most of the supply, they can dump it in one block and crater the price before you can exit. Our
getTokenLargestAccountscheck shows the concentration percentage inline and grades: < 25%→ distributed, low concern25–40%→ typical for new launches, watch the chart40–70%→ elevated risk> 70%→ almost certainly a pump-and-dump setup- No liquidity pool or pool under $5k → exit liquidity trap. You can buy in, but there's no real pool to sell into. We query DexScreener for any indexed pool against this mint; if nothing comes back, or the total liquidity is under $5k, we flag CRITICAL. A pool between $5k–$50k is WARN territory — fine for small punts, not for size.
- Renounced authority on a brand-new mint with single-wallet supply → "trust-then-dump" setup. Even if mint and freeze are both renounced (looks clean), if the top wallet still holds 60%+ of supply, the renouncement is theater. Our scanner flags this combination explicitly in the verdict line.
If you want a concrete walkthrough of how these checks integrate into a full trading flow, the Solana memecoin sniping beginner's guide covers wallet setup and the realistic risk math first; then come back and use this scanner before each trade.
Where the data comes from
| Check | Source | API |
|---|---|---|
| Mint authority | Solana mainnet RPC | getAccountInfo → mintAuthority |
| Freeze authority | Solana mainnet RPC | getAccountInfo → freezeAuthority |
| Supply + decimals | Solana mainnet RPC | getAccountInfo → supply / decimals |
| Top-10 holders | Solana mainnet RPC | getTokenLargestAccounts |
| Liquidity & price | DexScreener | /latest/dex/tokens/{mint} |
Everything runs in your browser. Nothing is logged on our side. If the public RPC is rate-limiting, the tool falls back to a community RPC; if you want to use your own Helius/QuickNode endpoint, you can — but for one-off checks the public RPC is fine.
Why we built this
Most "Solana rug checker" sites that show up in search are either:
- Telegram bot front-ends that ask you to paste your wallet seed phrase ("for advanced analysis") — never do this,
- Pure data redirects to Birdeye/Solscan with no actual verdict, or
- Paid "audit" pages that charge $99 to run the same five RPC calls.
We're an independent review site for Solana trading tools. Running this scanner costs us nothing, the data is public, and the people who care about checking mint authority on a $50 punt are often the same people who eventually want a real bot with these checks built-in. That funnel is the whole business model — we'd rather you check it here first.
FAQ
Is this scanner accurate?
The four on-chain checks (mint authority, freeze authority, supply, top-10 holders) come straight from Solana mainnet RPCs, so they're exactly as accurate as the chain itself. The liquidity number is DexScreener's snapshot — it lags real-time pools by a few seconds and includes wash trades, but the order of magnitude is reliable. What it cannot do is catch honeypot logic, off-chain coordination, or sophisticated multisig setups where authorities were renounced but can be re-claimed.
What's the difference between this and Solscan / Birdeye / Rugcheck?
Solscan and Birdeye are explorers — they show you raw data and expect you to interpret it. Rugcheck.xyz gives you a numeric score but the methodology is opaque. This scanner shows you the same five checks every Solana sniper bot's anti-rug filter is built on, with the actual on-chain values inline, so you can see why a token is rated CRITICAL and not just that it is.
Does this work for Token-2022 / Token Extensions?
The scanner reads any SPL mint, including Token-2022 mints. But Token-2022 adds extensions (transfer hooks, transfer fees, confidential transfers) that can hide honeypot behavior. The four authority/supply/holder checks still work, but a clean grade on a Token-2022 mint should not be over-trusted — manually verify the extensions on Solscan before sizing up.
Why isn't this catching a token I know is rugged?
Probably one of three reasons: (1) the rug happened after authority renounce — common pattern, developer renounces mint authority, builds trust, then dumps a coordinated supply controlled by wallets that pass the top-10 check; (2) it's a honeypot via transfer-hook logic that doesn't show up in authority checks; or (3) the pool was drained recently and we're reading a post-drain snapshot. The scanner shows structural risk at the moment you scan. It can't replace continuous monitoring or social-layer judgment.
Can I run this offline / programmatically?
Yes — the whole logic is in this page's source. Two fetch calls to a Solana RPC and one to DexScreener. Copy the JavaScript from view-source, point it at your own RPC endpoint, and it works the same. We don't have a public API on top of this because honestly there's nothing to wrap — the underlying data is already public.
Why did you make this free?
Because the gatekeeping in this space is fake. Every Solana sniper bot runs essentially these checks before letting you buy a token — they're just doing it on every new pool, automatically, on every block. We review those bots here and earn a referral fee when readers sign up. Giving away the one-off check is what makes the bot review actually useful: you understand what the bot is doing for you instead of trusting a black box.
Related reading
- Trojan on Solana — Review — has the most aggressive anti-rug filter set of the major bots, blocks buys automatically when mint authority is active
- BullX — Review — also runs structural checks but allows manual override
- Maestro — Review — multichain, the per-chain filter sets are documented in the review
- Getting Started Guide — the wallet-setup section is worth reading once before you scan your first token
- All free Solana tools — the rest of the tool library (wallet PNL tracker and launch sniffer are next on the build queue)
Compare bots that run these checks automatically → All Solana bot reviews