TOKEN AUDIT // LAYER 1
The Token Audit module executes a multi-module forensic analysis on EVM and Solana tokens. Every finding is produced by Sentinacle’s own engine reading directly from the blockchain — no third-party security APIs are used.
The analysis runs in parallel across six independent modules, each contributing findings to the final Trust Score.
Analysis Modules
01 · Dynamic Transaction Simulation
EVM tokens (Ethereum, Arbitrum, BSC, Base, Polygon, HyperEVM…)
Sentinacle forks the current live chain state using Anvil and executes real on-chain transactions against the deployed bytecode:
- Simulates a buy of the token via the liquidity pool.
- Attempts to sell 100% of the acquired tokens.
- Measures the exact result: tokens received, tax withheld, and whether the sell transaction reverts.
This is the gold-standard signal. If the sell reverts — it’s a honeypot. The measured buy and sell tax percentages are exact values, not estimates. A clean simulation (not honeypot, sell tax < 50%) adds +20 points to the Trust Score and halves the weight of any conflicting signals from lower-confidence sources.
Solana tokens
The engine reads the SPL Mint Account directly from the RPC to verify:
- Mint Authority: If active, the issuer can create unlimited new tokens at any time.
- Freeze Authority: If active, the issuer can freeze any holder’s wallet, preventing them from selling.
- Raydium Pool: The engine checks whether an active liquidity pool exists for the token.
A clean Solana simulation (no honeypot, active pool) adds +5 points to the Trust Score.
02 · Governance & Control Analysis
Identifies who controls the contract and what powers they retain:
| Finding | Description | Risk |
|---|---|---|
| Hidden Owner | Ownership stored in a non-standard slot — not visible via standard owner() call | CRITICAL |
| Modifiable Slippage | Developer can set buy/sell tax to any value dynamically | HIGH |
Privileged setFee / pause | Owner-only functions that alter contract economics or halt trading | HIGH |
| Unrenounced Ownership | Standard ownership active — developer retains admin rights | MEDIUM |
| Gnosis Safe / Timelock | Ownership controlled by multisig or time-delayed governance | ✓ POSITIVE |
03 · Liquidity Pool Analysis
Evaluates whether the liquidity backing the token is secure:
| Finding | Description | Risk |
|---|---|---|
| Single wallet > 80% of LP | One address controls most of the pool — classic rug pull setup | CRITICAL |
| LP not locked or burned | Liquidity can be withdrawn at any time by the provider | HIGH |
| LP locked (Unicrypt, Team.Finance) | Liquidity is locked in a verifiable time-lock contract | LOW (neutral) |
| LP burned | Liquidity permanently destroyed — cannot be withdrawn | ✓ POSITIVE |
04 · Token Distribution Analysis
EVM: Computes holder concentration from on-chain Transfer event logs. Identifies wallets controlling disproportionate supply.
Solana: Reads the top token accounts directly via getTokenLargestAccounts RPC, resolving program-owned vaults (excluded from concentration calculation) to identify real individual wallets.
| Concentration Level | Risk |
|---|---|
| Top 10 wallets > 80% of supply | CRITICAL |
| Top 10 wallets > 50% of supply | HIGH |
| Top 10 wallets > 30% of supply | MEDIUM |
| Well distributed | ✓ LOW / INFO |
05 · On-Chain Behavioral Analysis
Detects patterns in the contract’s transaction history:
- Deployer wallet age and prior project history.
- Interaction with known obfuscation services (Tornado Cash pools — hardcoded addresses).
- Unusual Transfer event patterns: mass consolidation, LP drain sequences.
06 · Bytecode Analysis (Contracts Without Source Code)
When source code is not verified on-chain, the bytecode is decompiled and scanned for dangerous opcode patterns:
| Pattern | Description | Risk |
|---|---|---|
SELFDESTRUCT | Contract can be permanently destroyed, erasing all token balances | HIGH |
Dynamic DELEGATECALL | Contract delegates execution to an arbitrary external address | HIGH |
| Transfer hook patterns | Conditional logic in transfer functions that may block certain addresses | MEDIUM |
Note: Contracts without verified source code receive a fixed -12 point penalty regardless of other findings. This is a moderate signal — many legitimate contracts are unverified — but it limits the maximum achievable Trust Score without a clean simulation to compensate.
Understanding Trust Score Findings
What is NOT penalized
Several patterns are commonly flagged by legacy scanners but are not penalized by Sentinacle due to high false-positive rates:
- Proxy contracts — Standard in legitimate upgradeable protocols (Uniswap, Aave, USDC).
- Mint function / Mintable — Normal for stablecoins, governance tokens, and most DeFi protocols.
- Blacklist / Pausable — Required by regulatory-compliant stablecoins (USDC, USDT).
- Anonymous team — Not an on-chain security signal.
These findings, when sourced from external APIs, are filtered as known false positives.
Simulation Veto
When Sentinacle’s own simulation confirms the token is not a honeypot and sell tax is below 50%, penalties from external data sources are automatically halved. Direct on-chain evidence supersedes inferred signals.
EVM vs Solana: Key Differences
| Dimension | EVM | Solana |
|---|---|---|
| Simulation method | Anvil live fork — real transactions | Mint Account + Raydium pool check |
| Simulation confidence | Gold standard (+20 pts bonus) | Moderate (+5 pts bonus) |
| Honeypot detection | Direct sell revert confirmation | Freeze authority + no pool = likely honeypot |
| Holder analysis | Transfer event log reconstruction | getTokenLargestAccounts RPC (excl. vaults) |
| Supply inflation risk | Mint function in bytecode | Mint Authority active on Mint Account |
⚠️ Disclaimer: Automated heuristic analysis. Does not constitute financial advice. Always perform your own due diligence (DYOR).