Security (rug-check)
On-chain rug-check, read straight off the chain: is the mint/freeze authority renounced, is the metadata mutable, any Token-2022 transfer fee, top-10 concentration, and creation.
Path parameters
| Field | Type | Description |
|---|---|---|
mintrequired | string | Token mint address (base58). |
Query parameters
| Field | Type | Description |
|---|---|---|
networkoptional | mainnet | devnet | Network to read. Devnet returns an empty payload (with a note) until its ingestor lands. default mainnet |
Response fields
| Field | Type | Description |
|---|---|---|
mintAuthorityRenounced | boolean | true = no more tokens can ever be minted. |
freezeable | boolean | true = a freeze authority exists (balances can be frozen). |
mutableMetadata | boolean | null | Can the name/logo still be changed (DAS). |
updateAuthority | string | null | The metadata update authority. |
isToken2022 | boolean | Owned by the Token-2022 program. |
transferFee | object | null | { basisPoints, maxFee } for Token-2022 fee tokens, else null. |
nonTransferable / permanentDelegate | boolean / string | Token-2022 hazards. |
supply | object | { raw, decimals, uiAmount }. |
topHolders.top10AccountsPct | number | null | % held by the top-10 token ACCOUNTS (incl. LP/burn); null = unknown. |
creation | object | { slot, unixTime, exact, olderThanScan } — only populated when exact=true. |
top10AccountsPct counts token ACCOUNTS — AMM/LP pool vaults and burn accounts included — so a high number isn't necessarily insider concentration. null = supply unknown.
creation is reported only when our bounded signature scan reaches the genuine first signature (exact=true) — which it does for brand-new tokens. For an older, actively-traded token it returns null + olderThanScan=true (= not newly created).