| Security Items | Parameter | Description | Notice |
|---|---|---|---|
| Contract Name | contract_name | It describes the approved contract name. | |
| Contract Tag | tag | It describes which dApp uses the contract. Example: "tag": "Compound" | |
| Contract or not | is_contract | It describes whether the address is a contract. "1" means true; "0" means false. | |
| Creator Address | creator_address | It describes the creator address of the contract. | When the address is not a contract ("is_contract"=0), it will return "null". |
| Deployed Time | deployed_time | It describes the deployed time of the contract. The value is presented as a timestamp. Example: "deployed_time": 1626578345. | When the address is not a contract ("is_contract"=0), it will return "null". |
| Open Source | is_open_source | It describes whether this contract is open source. "1" means true; "0" means false. | When the address is not a contract ("is_contract"=0), it will return "null". |
| Trust List | trust_list | It describes whether the address is a famous and trustworthy one. "1" means true; "0" means that we have not included this address in the trusted list. | Return "0" does not mean the address is not trustworthy. Maybe we just haven't included it yet. |
| Suspected Malicious Contract | doubt_list | It describes whether the address is a suspected malicious contract. "1" means true; "0" means that we have not found malicious behavior of this address. | Return "0" does not mean it is safe. Maybe we just haven't found its malicious behavior. |
| Specific Malicious Behavior | malicious_behavior:[] | It describes specific malicious behaviors. "honeypot_related_address" means that the address is related to honeypot tokens or has created scam tokens. "phishing_activities" means that this address has implemented phishing activities. "blackmail_activities" means that this address has implemented blackmail activities. "stealing_attack" means that this address has implemented stealing attacks. "fake_kyc" means that this address is involved in fake KYC. "malicious_mining_activities" means that this address is involved in malicious mining activities. "darkweb_transactions" means that this address is involved in dark web transactions. "cybercrime" means that this address is involved in cybercrime. "money_laundering" means that this address is involved in money laundering. "financial_crime" means that this address is involved in financial crime. "blacklist_doubt" means that the address is suspected of malicious behavior and is therefore blacklisted. "mixer" means this address is coin mixer address. "sanctioned" means this address is sanctioned. "gas_abuse" means this address is cheating other user's gas fee to mint other assets. "reinit" means this address/contract has been deployed more than onces, and can be deployed again. "fake_standard_interface" means this contract contains standard interfaces that do not conform the requirements of the standard protocol. | Returning an empty array means that no malicious behavior was found at that address. |
| Contract San Result | contract_scan | This field describes the risk detection result for the spender contract. (1)"owner": means owner address of the contract. i. "owner_name": the function name of ownership. If there is no return, means unknown. ii. "owner_address": owner address of the contract. No return means unknown. iii. "owner_type": " blackhole" : the owner is a blackhole address. "contract" : the owner is a contract. "eoa" : the owner is a common address (eoa). "multi-address": the owner is an array/list. null: the address is not detected. No return means unknown. (2)"privilege_withdraw": It descirbes whether the contract owner can withdraw all the assets in the contract, without uses' permission. "1" means true; "0" means false; "-1" means unknown. (3)"withdraw_missing": It describes whether the contract lacks withdrawal method. If it is missing, users will be unable to withdraw the assets they have putted in. "1" means true; "0" means false; "-1" means unknown., (4)"blacklist": It describes whether the contract has blacklist function that would block user from withdrawing their assets. "1" means true; "0" means false; "-1" means unknown., (5)"selfdestruct": It describes whether this contract can self destruct. "1" means true; "0" means false; “-1” means unknown. (6) "approval_abuse": It describes whether the owner can spend the allowance that obtained by the contract. If so, this function could potentially be abused to steal user assets. "1" means true; "0" means false; “-1” means unknown. | When “is_proxy”: 1, or "is_open_source": 0, it would return: "contract_scan": { "owner": {}, "privilege_withdraw": -1, "withdraw_missing": -1, "blacklist": -1, "selfdestruct": -1, "approval_abuse": -1 }. When "is_contract": 0, it would return empty. |
| Risky Approval | risky_approval | This field describes whether there is explicit risk associated with this Approval. "value": 1 indicates explicit risk, while "value": 0 indicates no explicit evidence of risk. "risk"tell the detail of risk. |