Token Sniffer Review: A Crypto Scam Detection Tool for 2026
A new scam token is created on Ethereum roughly every four minutes. That number comes from Solidus Labs, the company that now owns Token Sniffer, and it is not even the worst stat. Solidus also estimates that around 8% of every token ever launched on Ethereum is a rug pull. Eight percent. Two hundred thousand scams sitting in the data, plus thousands more being deployed every week across BSC, Solana, Base, and the next ten chains nobody has heard of yet. The financial damage to retail traders runs into the billions.
Token Sniffer exists to help retail investors mitigate that risk because nobody has time to read every line of every smart contract before they ape into a new pool. The tool plugs a contract address in, runs a battery of automated contract analysis tests on the website, and spits out a score from 0 to 100 plus a pass/fail "Smell Test." Free to use. No login required. The whole service runs online and has become one of the most widely used scam-detection layers in the decentralized finance community. In 2026 it is still one of the first stops most traders make before throwing money at a freshly launched token.
This Token Sniffer review walks through what the tool actually does, how the scoring system works, which blockchains it covers, the API and enterprise plans for power users, the limitations worth knowing about, and how it stacks up against De.Fi, GoPlus, and Honeypot.is. By the end you will know whether Token Sniffer is the right scam-detection layer for your trading workflow or whether you should pair it with something else.
What Is Token Sniffer? Inside the Crypto Scam Tool
Token Sniffer is a free web-based smart contract security platform for crypto tokens. You give it a contract address, it runs a list of automated tests to analyze both the source code and the on-chain behavior, and it outputs a clean report with an audit score, a series of test results, and a holder distribution view. The whole thing runs in your browser, takes about thirty seconds, and is genuinely usable by people who have never read a line of Solidity in their lives. The tool is built to help users identify and verify token safety before they buy.
The tool is owned by Solidus Labs, a New York-based crypto compliance and risk monitoring firm. Solidus acquired Token Sniffer on October 27, 2022, and announced the deal alongside the launch of its Web3 AML product. Solidus itself was founded in 2018 by three ex-Goldman Sachs engineers (Asaf Meir, Praveen Kumar, and Chen Arad) and has raised over $65 million across two rounds: a $20 million Series A in 2021 and a $45 million Series B in May 2022 led by Liberty City Ventures, with backing from Evolution Equity Partners, Hanaco Ventures, Declaration Partners, and the Fidelity-affiliated Avon Ventures. The customer list for Solidus's broader HALO market-surveillance platform includes FalconX, HashKey, BitMEX, Luno, and Amber Group. That institutional backbone is part of why Token Sniffer survived the post-2022 contraction in crypto tooling while a lot of weekend-project competitors quietly went dark.
The scale of the database is part of the pitch. According to Solidus's own counters, Token Sniffer has tracked tens of millions of tokens since launch and flagged millions of them as scams. The Plisio coverage from August 2025 cites 2.2 million tokens monitored and around 296,000 flagged scam cases at the time, while more recent search snippets put the totals closer to 46.8 million tokens and 5.8 million flagged scams. Either way, this is one of the largest open scam databases in crypto.
How to Use tokensniffer.com to Check a Token
Using tokensniffer.com is the kind of thing you can finish during a coffee break. The whole flow takes about six clicks.
- Open tokensniffer.com in any browser
- Paste the contract address (or the token name) into the search bar
- Pick the right network from the dropdown (Ethereum is the default)
- Solve a one-time CAPTCHA so the bots cannot scrape the API for free
- Read the automated audit report that loads
- Cross-reference whatever you find with at least one other source before you trade
That is it. There is no account to create, no email to enter, no paywall in front of the basic scan. The report itself is dense but readable: an overall score at the top, a Smell Test pass/fail badge, a list of green checks and red flags for the individual tests, links to the contract on Etherscan, the deployment date, the LP lock status, the holder distribution, and a section that flags whether the contract source code looks suspiciously similar to a known rug pull template.
The "similar to known rugs" check is one of the more underrated features. Token Sniffer maintains a fingerprint database of every contract it has ever flagged as a scam, and when a new token gets deployed using copy-pasted code from a previous rug, the report calls it out before the price action even has a chance to develop. That alone has saved a lot of traders from walking into the same trap twice.
Inside the Token Sniffer Scoring System
The Token Sniffer score runs from 0 to 100. Higher is better, lower is worse, and there are a few absolute cliffs along the way that matter more than the raw number. The score itself is calculated as a percentage of green checks across the test categories, but a token can fail outright (regardless of how many other checks it passes) on a small set of "auto-fail" conditions.
Auto-fail categories include:
- The contract is on Solidus Labs's known malicious contract list
- The contract is a serial rugpull token from the fingerprint database
- The token is impersonating a legitimate, well-known project
- The contract is associated with phishing infrastructure
If any one of those trips, the report turns red and the score gets dragged toward zero no matter what else looks clean. The Smell Test is a separate yes/no badge that runs a real swap simulation against the contract to verify you can actually buy and then sell the token (which is the whole point of a honeypot test). If the simulated sell fails, the badge turns red and the report flags a likely honeypot.
Here is roughly how to read the score in practice, based on what most Token Sniffer users and secondary sources have settled on over time.
| Score band | Meaning | Action |
|---|---|---|
| 80-100 | Reliable contract, all major checks passed | Still do your own research, but it cleared the basics |
| 50-79 | Caution, mixed signals or moderate red flags | Read every test result before trading |
| Below 50 | High risk, multiple red flags | Walk away unless you really know what you are doing |
| Smell Test FAIL | Honeypot risk (cannot sell) | Do not buy under any circumstances |
Sources: Token Sniffer reports, Bitbond review, Pluang guide, Solidus Labs documentation.
The score is not perfect. A token can score 100 on day one and still get rugged a week later if the team waits and then exercises a hidden mint function nobody flagged. The score is a snapshot of contract risk at the moment of the scan, not a guarantee about future behavior. Use it as a filter, not as a verdict.
Smart Contract Tests Inside the Token Sniffer Solution
The Token Sniffer solution runs a battery of smart contract tests covering the categories where rug pulls and honeypots typically hide. Some are simple yes/no checks, some require a swap simulation, some look at on-chain holder data. Together they cover most of the obvious red flags in one report.
Headline tests include the following.
- Source code verification, which checks whether the contract source is published on Etherscan, BscScan or the relevant explorer. Unverified source is an instant red flag.
- Honeypot detection via swap simulation, which verifies the token can be both bought and sold from a real wallet.
- Liquidity pool lock status, including how long the LP is locked and where.
- Owner permission scan that flags whether the owner can mint new tokens, blacklist holders, change buy and sell fees, or pause transfers.
- Ownership renouncement check, which confirms whether the owner role has been sent to the zero address.
- Tax analysis on the buy and sell fees encoded into the contract.
- Holder concentration check, looking at what percentage of supply is held by the top wallets and whether any of those wallets are flagged.
- Contract similarity scan, which fingerprints the bytecode against a database of known rug pull templates and flags suspicious code patterns.
- Proxy detection, which alerts you when a contract is upgradeable and the team can swap out the logic later.
Each test contributes to the overall score. The owner permission tests and the honeypot simulation are the ones that move the needle most aggressively. A token where the owner can mint unlimited supply will basically never score above the danger zone, and a token that fails the honeypot simulation will get an automatic Smell Test FAIL regardless of everything else.
Honeypot and Rug Pull Scam Detection in Token Sniffer
The honeypot side of the scam detection logic is the most important feature of the entire tool. A honeypot is a token you can buy but cannot sell. The contract has been engineered so that the buy function works fine (which lets the price chart pump) but the sell function reverts on every wallet except a small whitelist. Retail traders pile in, the scammer drains the liquidity, and everyone else is stuck holding bags they cannot exit.
Token Sniffer detects honeypots by simulating a real swap on a forked version of the chain. It buys a tiny amount of the token and then immediately tries to sell it. If the sell reverts, the report flags the contract as a likely honeypot and the Smell Test badge turns red. This single test has caught some of the most expensive scams in DeFi history before retail money got in, and it remains the marketplace standard for fast honeypot screening.
Rug pull detection works differently. A rug pull is a token that can be sold but where the team eventually pulls the liquidity (or mints new supply, or activates a hidden tax, or any of about a dozen variations) and crashes the price to zero. Token Sniffer's rug pull detection works by fingerprinting the contract code against its database of known rug pulls and by checking the owner's privilege functions. If the contract looks like a copy of a previous scam, or if the owner can pull liquidity at any moment, the report says so up front.
The combined effect is that most of the obvious scams now get caught on the first scan. The clever scams still slip through, which is why Token Sniffer is best treated as the first filter rather than the only one.
Supported Blockchains in the Token Sniffer Tool
The official Token Sniffer API documentation lists 15 supported networks as of 2026. That is a meaningful expansion from the original Ethereum-only days and covers most of the chains where memecoin and DeFi launches actually happen.
| Layer | Supported chains |
|---|---|
| Ethereum L1 + L2s | Ethereum, Arbitrum, Optimism, Base, Blast |
| EVM alt-L1s | BNB Smart Chain, Polygon, Avalanche, Fantom, Cronos, Oasis, KCC, Harmony, Gnosis |
| Non-EVM | Solana |
Source: Token Sniffer API documentation as compiled by the research brief.
The notable additions in the last year are Base (which is now one of the highest-volume chains for memecoin launches thanks to Coinbase's distribution) and Solana (which is where pump.fun and the entire 2024-2025 memecoin boom happened). Solana support in particular matters because Solana tokens use a completely different program model from EVM contracts, and most older sniffer tools cannot scan them at all. Token Sniffer worked through that gap and ships a native Solana scanner now.
What is missing is also worth knowing. Sui, Aptos, TON, and most of the newer non-EVM L1s are not yet supported as of early 2026. If you trade on those chains, you need a chain-specific tool.
Token Sniffer API, Access, and Enterprise Plans
For most retail traders, the free web UI is the only thing they will ever use. For builders and institutions there is a paid API tier, plus an enterprise contract through Solidus Labs's HALO platform.
| Plan | Price | Limits | Best for |
|---|---|---|---|
| Free web UI | $0 | Unlimited human scans with CAPTCHA | Retail traders, researchers, journalists |
| Sniffer Pack Pro API | $99/month | 500 scans per day | Wallet integrations, indie trading bots, dashboards |
| Enterprise | Custom | 5,000+ scans/day, real-time alerts, historical rug pull DB access | Exchanges, market makers, compliance teams |
Sources: Token Sniffer API tier documentation, Solidus Labs HALO product pages.
The tokensniffer API tier is where Token Sniffer becomes genuinely useful inside another product. Several wallet apps and trading dashboards now show a Token Sniffer score inline next to a token before you confirm a swap, and that integration is built on the $99/month Pack Pro tier, which lets teams secure their users with real-time risk checks. The enterprise tier is where Solidus pulls in the bigger customers like exchanges and market makers who need to screen thousands of tokens a day for compliance and risk reasons. HALO customers (FalconX, HashKey, BitMEX, Luno, Amber Group) get access to the same underlying database that powers the public Token Sniffer site.
Token Sniffer vs De.Fi, GoPlus, and Honeypot.is
Token Sniffer does not exist in a vacuum. The crypto scam-detection space has matured a lot since 2022, and there are now four or five tools that cover overlapping ground with meaningful differences. Here is the honest comparison.
| Tool | Best at | Weak at | Pricing |
|---|---|---|---|
| Token Sniffer | Brand recognition, honeypot swap simulation, similarity database, Solana coverage, free retail UX | Smaller chain catalog than GoPlus, scoring lag on brand-new tokens | Free + $99/mo API |
| De.Fi Scanner | Governance depth, tiered risk categorization, broader contract complexity analysis | Less focus on memecoin honeypots specifically | Free + paid tiers |
| GoPlus Security API | Largest chain coverage (30+ chains), heaviest API integration across wallets | Less polished retail UX, more aimed at developers | Free + custom enterprise |
| Honeypot.is | Fastest single-purpose honeypot check, dead simple UI | Limited to ETH and BSC, no broader scoring | Free |
| Quick Intel | Strong on EVM L2s, real-time alerts | Smaller user base | Free + custom |
Where Token Sniffer wins: brand recognition (it is the tool that traders actually name when they talk about "checking a token"), the swap-simulation honeypot test, the contract similarity database, and the institutional backing from Solidus Labs. Where it loses: GoPlus has wider chain coverage, De.Fi has deeper governance analysis, and Honeypot.is is faster for the narrow case where you only care about whether something can be sold.
The smart workflow is to use more than one. Most experienced DEX traders run Token Sniffer first as the main scan, then drop the same address into Honeypot.is for a fast cross-check, then look at Bubblemaps or De.Fi for holder distribution and governance details. Each tool catches different things, and stacking them costs nothing because they are all free.
Token Sniffer Limitations and False Positives
Token Sniffer is not magic, and treating it like an audit report is the fastest way to lose money. Three real limitations are worth knowing.
First, false positives on low-liquidity tokens. New tokens with shallow liquidity pools sometimes fail tests for reasons that are not actually about scam intent. The score might come back at 30 or 40 just because there are not enough holders yet, or because the LP has not been locked yet on day one. That does not always mean the token is a scam. It means the score is unreliable until the token has aged a bit.
Second, false negatives on clever scams. A determined scammer who reads the Token Sniffer methodology can engineer a contract that passes all the obvious tests on launch and then activates a hidden behavior later. Hidden mint functions behind a delay, time-locked privileges that unlock after the score is generated, proxy upgrades that swap in malicious logic after the fact. None of these get caught by a one-shot scan, and Token Sniffer cannot promise to catch them.
Third, scoring lag on brand-new tokens. The scan updates roughly every ten minutes. On a token that was deployed two minutes ago, the report you see might be out of date by the time you read it. The honeypot simulation runs in real time, so that part is current, but the score and the holder distribution can lag.
The general advice from anyone who has been doing this for a while: if a token scores below 70, walk away, no matter how good the chart looks. If it scores above 80, treat that as the bare minimum to even consider trading it, then do at least one more check before you commit any money. Token Sniffer is the first filter, never the last. Use it to help you make informed decisions, not as a substitute for them, and combine it with on-chain intelligence from other tools when the trade really matters. That habit alone will protect more capital than any single tool can on its own.
How Traders Use Token Sniffer Before a Buy
In practice, most active DEX traders fold Token Sniffer into a two-minute pre-trade ritual. The ritual usually looks like this. A token shows up on DEX Screener or GeckoTerminal with a chart that looks promising. Before clicking buy, the trader copies the contract address, pastes it into Token Sniffer, scans the report, and looks for three specific things. Smell Test pass. Score above 80. No copy of a known rug fingerprint. If all three are clean, the trader runs the same address through one more tool (usually Honeypot.is for a fast confirmation) and then decides whether the trade fits the rest of their thesis.
That whole flow takes maybe two minutes. Traders who skip it tend to be the same traders posting "rugged again" screenshots on Twitter every other week. The cost of running the scan is zero. The cost of skipping it can be your entire position. The math is brutal and it has not changed in years.
The same flow scales up for traders who run automated bots. The Sniffer Pack Pro API at $99/month gives you 500 programmatic scans a day, which is more than enough to wire Token Sniffer into a sniping bot that filters out the obvious scams before placing orders. A handful of trading dashboards do exactly this and surface the Token Sniffer score alongside price and volume on every new pair.
Token Sniffer Pros and Cons for Crypto Investors
The honest summary, without the marketing gloss.
| Pros | Cons |
|---|---|
| Free unlimited web scans with no signup | Score can lag for brand-new tokens (10-min refresh) |
| Owned by institutional firm Solidus Labs | False positives on low-liquidity new launches |
| 15 supported chains including Solana | Not a substitute for a full smart contract audit |
| Honeypot detection via real swap simulation | Sui, Aptos, TON not yet supported |
| Contract similarity database for known rugs | Clever scams with delayed activation can slip through |
| Clean, beginner-friendly UI | Limited governance / proxy depth vs De.Fi |
| API tier ($99/mo) for wallet and bot integration | Not the largest chain catalog (GoPlus covers more) |
| 46M+ tokens scanned, 5M+ flagged scams | CAPTCHA required to discourage scraping |
| Used by multiple DEX dashboards as embedded score | Best used in a multi-tool stack, not alone |
Who Token Sniffer is for: anyone who trades fresh tokens on DEXes and wants a fast, free first filter against the most obvious scams. Active memecoin traders, DeFi degens, retail investors trying to verify a token before they buy, and developers integrating risk scoring into their own products.
Who it is not for: anyone who wants a full security audit (you need a real audit firm for that), anyone trading exclusively on chains Token Sniffer does not yet cover, and anyone who treats a clean score as a guarantee instead of a starting point.
Should You Use Token Sniffer in 2026?
Yes, almost certainly. If you trade tokens on a DEX more than once a month, Token Sniffer should already be a tab in your browser before you click buy. The free tier covers everything most retail users will ever need, the Solana support closes the biggest gap that existed a year ago, and the institutional backing from Solidus Labs means the tool is going to be around for a while. For anyone integrating risk checks into a wallet, a bot, or a dashboard, the Sniffer Pack Pro API at $99/month is one of the cheaper meaningful security layers you can add.
The caveat is the same one that applies to every automated security tool. A good score is a green light, not a guarantee. Pair Token Sniffer with at least one other check (Honeypot.is for speed, De.Fi for governance, Bubblemaps for holder distribution) and you will catch the vast majority of scams before they catch you. Stack the tools, do not rely on any single one, and assume the next clever rug is already out there waiting.
