Token Sniffer is dead simple: paste a smart contract address into the tool to scan for telltale signs of a scam. But that doesn’t really scale for companies that need to check hundreds of tokens in a day.
That’s why Solidus Labs, the blockchain security firm that acquired Token Sniffer last year, is rolling out Token Sniffer API subscriptions for larger clients like decentralized exchanges and trading bots. With it, customers can programmatically run sniff tests on more than 2 million tokens across 12 blockchains, including Ethereum, BNB Smart Chain, Polygon, Arbitrum, and Optimism.
Token Sniffer helps detect two of the most common token scams: rug pulls and honeypots.
Rug pulls involve a newly launched token that’s sold to hapless investors and then abandoned by its creators. Once the developers sell their share of tokens, the unsuspecting users who bought them are left with a worthless asset. Honeypots start the same way, with a new token offering, but the perpetrators stop users from reselling their tokens.
But there are others, like impersonation scams. When Coinbase launched its layer 2, Base, Token Sniffer identified four different tokens on the Fantom and Ethereum networks trying to use the company’s big news for a grift.
Solidus Labs says it has found more than 250,000 rug pulls since 2021, estimating that there’s a new scam token created every 4 minutes—about as long as it’ll take to read this article. Last year alone, rug pulls are estimated to have impacted 2 million users, according to a Solidus data analysis.
Its tool has also been getting upwards of tens of thousands of unique visitors per day since DeFi started to take off in 2021.
“Simultaneously, we’ve been getting inbound requests from DEXs and professional traders for a scalable way to use TokenSniffer, and this API option is a natural next step to provide the industry tools against the rug pull epidemic,” Arad said.
The new API subscriptions will be offered in two tiers, ranging from $100 to $200 per month. Solidus Labs chief operating officer Chen Arad said for anyone content to check tokens one at a time, the web tool will remain free.
That’s because Solidus said it doesn’t want safety for the average decentralized finance user locked behind a paid API endpoint.
“If my grandmother wants to use DeFi she doesn’t have to worry about someone rug pulling her or wash trading and taking a cut off the bottom and off the top,” Arad said. “That’s also a part of accessibility. If something is open to everyone, but it’s not safe, in my opinion, it’s inaccessible. And that’s the bottom line here.”
In fact, a quick search for Token Sniffer on Twitter mostly turns up mentions from developers bragging about their safety score or users grilling token issuers about why their smart contract has been flagged as a honeypot.
Arad, a former journalist and university lecturer, founded the company in 2018 with ex-Goldman Sachs engineers Asaf Meir and Praveen Kumar. It touts some notable backers: Former Commodities Future Trading Commission chair Chris Giancarlo and former SEC commissioner Troy Paredes.
