Token Scan Methodology
CertiK Token Scan identifies risks in real-time by combining static, dynamic, and on-chain detection techniques. These three layers enable us to detect both obvious and deeply hidden token threats.
On-Chain Data Inspection
The scan inspects token metadata directly from the blockchain, including:
- Token ownership and holder distribution
- DEX liquidity and trading pairs
- Proxy contract type
- Total supply and minting capabilities
This layer helps catch red flags such as centralized ownership, unusual liquidity setups, or suspicious proxy structures.
Static Code Analysis
Using a rule-based engine, the static scanner evaluates source code (when available) for known malicious patterns, such as:
- Modifiable tax or fee functions
- Blacklist or whitelist logic
- Hidden owner or privileged mint functionality
- Unsafe external calls
Dynamic Behavior Analysis
Some threats only appear during runtime. CertiK Emulator emulates live trading behavior to uncover:
- Honeypots (unable to sell after buying)
- Tokens that revert or fail on normal transfers
- Backdoors allowing owners to drain liquidity or bypass restrictions
These simulations happen in a forked, isolated environment using real DEX data to ensure accurate and safe analysis.