Security ItemsParameterDescriptionNotice
Contract Namecontract_nameIt describes the approved contract name.
Contract TagtagIt describes which dApp uses the contract. Example: "tag": "Compound"
Contract or notis_contractIt describes whether the address is a contract. "1" means true; "0" means false.
Creator Addresscreator_addressIt describes the creator address of the contract.When the address is not a contract ("is_contract"=0), it will return "null".
Deployed Timedeployed_timeIt describes the deployed time of the contract. The value is presented as a timestamp. Example: "deployed_time": 1626578345.When the address is not a contract ("is_contract"=0), it will return "null".
Open Sourceis_open_sourceIt describes whether this contract is open source. "1" means true; "0" means false.When the address is not a contract ("is_contract"=0), it will return "null".
Trust Listtrust_listIt describes whether the address is a famous and trustworthy one. "1" means true; "0" means that we have not included this address in the trusted list.Return "0" does not mean the address is not trustworthy. Maybe we just haven't included it yet.
Suspected Malicious Contractdoubt_listIt describes whether the address is a suspected malicious contract. "1" means true; "0" means that we have not found malicious behavior of this address.Return "0" does not mean it is safe. Maybe we just haven't found its malicious behavior.
Specific Malicious Behaviormalicious_behavior:[]It describes specific malicious behaviors.
"honeypot_related_address" means that the address is related to honeypot tokens or has created scam tokens.
"phishing_activities" means that this address has implemented phishing activities.
"blackmail_activities" means that this address has implemented blackmail activities.
"stealing_attack" means that this address has implemented stealing attacks.
"fake_kyc" means that this address is involved in fake KYC.
"malicious_mining_activities" means that this address is involved in malicious mining activities.
"darkweb_transactions" means that this address is involved in dark web transactions.
"cybercrime" means that this address is involved in cybercrime.
"money_laundering" means that this address is involved in money laundering.
"financial_crime" means that this address is involved in financial crime.
"blacklist_doubt" means that the address is suspected of malicious behavior and is therefore blacklisted.
"mixer" means this address is coin mixer address.
"sanctioned" means this address is sanctioned.
"gas_abuse" means this address is cheating other user's gas fee to mint other assets.
"reinit" means this address/contract has been deployed more than onces, and can be deployed again.
"fake_standard_interface" means this contract contains standard interfaces that do not conform the requirements of the standard protocol.
Returning an empty array means that no malicious behavior was found at that address.
Contract San Resultcontract_scanThis field describes the risk detection result for the spender contract.

(1)"owner": means owner address of the contract.
i. "owner_name": the function name of ownership.
If there is no return, means unknown.
ii. "owner_address": owner address of the contract.
No return means unknown.
iii. "owner_type":
" blackhole" : the owner is a blackhole address.
"contract" : the owner is a contract.
"eoa" : the owner is a common address (eoa).
"multi-address": the owner is an array/list.
null: the address is not detected.
No return means unknown.
(2)"privilege_withdraw":
It descirbes whether the contract owner can withdraw all the assets in the contract, without uses' permission.
"1" means true;
"0" means false;
"-1" means unknown.
(3)"withdraw_missing":
It describes whether the contract lacks withdrawal method. If it is missing, users will be unable to withdraw the assets they have putted in.
"1" means true;
"0" means false;
"-1" means unknown.,
(4)"blacklist":
It describes whether the contract has blacklist function that would block user from withdrawing their assets.
"1" means true;
"0" means false;
"-1" means unknown.,
(5)"selfdestruct":
It describes whether this contract can self destruct.
"1" means true;
"0" means false;
“-1” means unknown.
(6) "approval_abuse":
It describes whether the owner can spend the allowance that obtained by the contract. If so, this function could potentially be abused to steal user assets.
"1" means true;
"0" means false;
“-1” means unknown.
When “is_proxy”: 1, or "is_open_source": 0, it would return:
"contract_scan": {
"owner": {},
"privilege_withdraw": -1,
"withdraw_missing": -1,
"blacklist": -1,
"selfdestruct": -1,
"approval_abuse": -1
}.

When "is_contract": 0, it would return empty.
Risky Approvalrisky_approvalThis field describes whether there is explicit risk associated with this Approval.
"value": 1 indicates explicit risk, while "value": 0 indicates no explicit evidence of risk.
"risk"tell the detail of risk.