I got tired of checking every token manually before buying, so I built a scanner into my Telegram trading bot that gives a 0-100 safety score in seconds.
The scanner runs on Solana and checks every token against a set of on-chain signals. Here is what it looks at and why each signal matters.
The Scoring System
Every token starts at 100 and loses points for red flags. The final score determines the verdict:
- 70-100: Relatively safe
- 40-69: Moderate risk
- 0-39: High risk
This is not financial advice — a high score does not mean a token will go up. It just means the token is less likely to be an outright scam.
Signal 1: Mint Authority
The first thing the scanner checks is whether the mint authority is still enabled on the token.
If mint authority is active, the token creator can mint unlimited new tokens at any time, diluting everyone who holds them. This is the easiest rug pull mechanism — just mint a billion tokens and dump them on the market.
Score impact: -30 points if mint authority is enabled.
The check is straightforward — call getAccountInfo on the mint address and look at the parsed data:
const accRes = await rpc("getAccountInfo", [mint, { encoding: "jsonParsed" }]);
const info = accRes.result.value.data.parsed.info;
if (info.mintAuthority) {
score -= 30;
flags.push("Mint authority enabled");
}
Signal 2: Freeze Authority
Freeze authority lets the token creator freeze any wallet's token account, preventing them from selling. This is used in some legitimate tokens (like USDC, where Circle can freeze accounts for compliance), but for a random Solana token it is almost always a red flag.
Score impact: -20 points if freeze authority is enabled.
Signal 3: Top Holder Concentration
This is the most important signal after mint authority. The scanner checks the largest token accounts and calculates what percentage the top holder owns.
const holdersRes = await rpc("getTokenLargestAccounts", [mint]);
const holders = holdersRes.result.value;
const totalSupply = holders.reduce(
(s, h) => s + parseFloat(h.uiAmountString || 0), 0
);
const topPct = (parseFloat(holders[0].uiAmountString) / totalSupply) * 100;
If one wallet holds 50%+ of the supply, that is a near-guaranteed dump waiting to happen. Even 20%+ is concerning.
Score impact:
- Top holder > 50%: -30 points
- Top holder > 20%: -15 points
- Top holder < 20%: no penalty
Signal 4: Holder Count
Fewer than 10 unique token accounts usually means the token just launched and has no real distribution. This is not necessarily a scam, but it increases risk.
Score impact: -10 points if fewer than 10 holders.
Signal 5: Jupiter Verification
Jupiter maintains a list of verified tokens — projects that have gone through their listing process. Being verified does not guarantee safety, but it is a meaningful signal that the project has some legitimacy.
Score impact:
- Verified: no penalty
- Listed but not verified: -5 points
- Not on Jupiter at all: -15 points
Putting It Together
The scanner runs all five checks in parallel for speed:
const [accRes, jupRes, holdersRes] = await Promise.all([
rpc("getAccountInfo", [mint, { encoding: "jsonParsed" }]),
getTokenInfo(mint),
rpc("getTokenLargestAccounts", [mint]),
]);
Then applies penalties and generates a verdict. The whole process takes about 1-2 seconds.
Does It Work?
It has caught several dumps before they happened — tokens with scores under 20 where the top holder owned 60%+ of supply and mint authority was still active. Those are the easy ones.
Where it fails: sophisticated rugs where the team distributes tokens across many wallets to make the holder concentration look healthy, then coordinates a dump. No on-chain scanner catches those without off-chain intelligence.
But for the low-effort scams that make up the majority of Solana rugs, a simple scoring system like this catches most of them. Combined with the auto-sniper (which only fires on tokens above a configurable score threshold), it significantly reduces the number of bad trades.
The scanner is free to use in the bot: t.me/solscanitbot — just send /scan <token_address> or paste any token address to see its score.
Part of a series: Building a Solana Trading Bot | MEV Protection
Top comments (0)