Here is an overview of risks and scams your dApp will be able to detect with W3A API.
Critical risks
This category features critical risks that can lead to asset theft or significant transaction restrictions.
| Risk | Mechanism | Coverage |
|---|---|---|
| Phishing website | A scam website that pretends to be a well-known and reliable project (ex. use of homoglyphs or typosquatting) and manipulates users into revealing their crypto wallet credentials, clicking on malicious links, or signing dangerous signature requests. | ✅ |
| Wallet drainer | A malicious transaction that allows scammers to steal most of a user's ETH and ERC-20 tokens. | ✅ |
| Honeypot | A token that will be almost impossible to transfer or sell due to high commission fees or contract restrictions. | ✅ |
| Fake token | A fake token that exploits the original token’s address in its name. | ✅ |
| Wash traded token | A token with artificially inflated price and demand. | ✅ |
| Poisoning attack | A transaction with a scam address that mimics an address a user has interacted with before. The fake address appears in the user’s transaction history as a result of a poisoning attack. | ✅ |
| Risky token approvals | Approvals to malicious or compromised dApps. | ✅ |
| Token management restrictions | A token that does not allow its holder to transfer or grant approvals for it. | ✅ |
| Risky contract permissions | A token that allows its contract owner to manage it as they see fit: transfer, burn, block or grant token approvals without the holder’s consent. | ✅ |
| ERC-20/ETH direct transfer | A risky transaction that will transfer your assets but guarantees no assets in return. | ✅ |
| Scam zero address | A malicious transaction involving a fake address that mimics 0x00000...00000 address. | ✅ |
| Suspicious deployer | A transaction with a wallet address that took part in malicious contract creation. | ✅ |
| Anti-whale restrictions | A contract that restricts the number of token transactions if there is an excessive amount of specific tokens on a user’s balance. | ✅ |
| Contract self-destruction | A contract can self-destruct, potentially leading to the loss of assets. | ✅ |
| Metamorphic contract | A contract owner can change its code as they like and potentially make it malicious. | ✅ |
| Oversupply minting | A contract that allows for token minting beyond the maximum supply limit, which can negatively affect the token price. | ✅ |
| No DEX pair | A token that has no trading pair and thus can’t be sold. | ✅ |
| Volatile token liquidity | A token with a weak DEX pair, which may negatively affect the token price when selling. | ✅ |
Moderate risks
While these risks are categorized as moderate, they can still have a negative impact on asset security and the transaction process.
| Risk | Mechanism | Coverage |
|---|---|---|
| ETH lock | A contract can lock ETH, causing a user to lose their tokens. | ✅ |
| Custom block- and allowlists | A contract owner can add users to their special allow and blocklists, potentially restricting their token transactions. | ✅ |
| Hidden token minting | A contract owner can secretly mint as many new tokens as they wish, which can negatively affect the token price. | ✅ |
| Reentrancy attacks | A contract is prone to reentrancy attacks that target ETH and other tokens. It may allow scammers to continuously call the withdraw function and drain the contract funds. | ✅ |
| Unchecked transfer and send | A contract transfers and sends assets without validating the transfer's successful completion. If it fails, a user won't receive any assets or get back the tokens sent. | ✅ |
| Delegated call | A contract can delegate calls to other contracts, which could result in unpredictable outcomes. | ✅ |
| Obsolete functionality | A contract uses an outdated tx.origin function, which makes it vulnerable. | ✅ |
| Incorrect ERC-721/ERC-20 interface | An incorrect ERC-721/ERC-20 contract interface results in reduced functionality or deviation from generally accepted workflow. | ✅ |
| Arbitrary send ETH/ERC-20 | A contract can send ETH/ERC-20 tokens to random addresses. | ✅ |
| Upgradable contract | A contract can upgrade, which could result in unpredictable outcomes. | ✅ |
| Trading cooldown | A contract can restrict a user’s number of transactions for some time. | ✅ |
| Hardcoded logic | A contract has hardcoded addresses, which can be a sign of suspicious activity. | ✅ |
Suspicious activity
This category highlights illegal or dangerous activities contracts and wallet addresses were involved in.
| Activity | Mechanism | Coverage |
|---|---|---|
| Terrorist financing | An address associated with terrorist financing. | ✅ |
| Fake | An address involved in the creation of fake assets. | ✅ |
| Scam | An address involved in fraud schemes. | ✅ |
| Compromised | An address is compromised or can jeopardize a user's address. | ✅ |
| Mixer | An address belongs to a mixing service that enables anonymous and untraceable transactions. | ✅ |
| Sanctions | An address is under sanctions. | ✅ |
| Exchange | An address linked to suspicious crypto exchanges. | ✅ |
| Rug pull | An address involved in rug pull scams. | ✅ |
| Ponzi | An address involved in Ponzi schemes. | ✅ |
| Impersonation | An address mimics some other address or is associated with such activity. | ✅ |
| Contract exploit | An address exploits flaws in contracts’ or protocols’ logic to its advantage. | ✅ |
| Phishing | An address involved in phishing. | ✅ |
| Gambling | An address involved in gambling. | ✅ |
| Extortion | An address involved in extortion. | ✅ |
| Heist | An address involved in asset theft. | ✅ |
| Bug | An address related to bugs on some contracts or projects. | ✅ |
| Theft | An address involved in asset theft. | ✅ |
| Darknet | An address related to the darknet. | ✅ |
| Spam | An address that generates spam or is associated with such activity. | ✅ |
| Other | The suspicious activity of an address is not related to any specific category. | ✅ |