Token Filters (Security)
Token security filters for verifying legitimacy, authorities, and developer history.
Overview
Token filters provide crucial information about the token’s security configuration, age, and the developer’s track record. These filters are essential for identifying potentially fraudulent projects.
| Filter | Type | Operator | Description |
|---|---|---|---|
mint-authority | Enum/Address | = | Control who can create new tokens |
freeze-authority | Enum/Address | = | Control who can freeze token accounts |
token-program | Enum | = | Token standard used |
token-age | Time Range | between | Age of the token since creation |
dev-deployed-tokens | Integer Range | between | Count of tokens deployed by developer |
dev-holdings | Percentage Range | between | Percentage of supply held by developer |
Filter Details
mint-authority
Control who can create new tokens.
Risk Level: High
Operator: =
Max Addresses: 25 (when using specific)
Possible Values:
| Value | Description |
|---|---|
'none' | No mint authority - supply is fixed (safest) |
'any' | Any mint authority exists - supply can be inflated |
'specific' | Specific address(es) only - whitelist up to 25 addresses |
Value Format:
type MintAuthorityValue =
| 'none' // Fixed supply
| 'any' // Any authority
| string // Single address
| string[]; // Multiple addresses (max 25)Why It Matters:
- If mint authority exists, the developer can create unlimited new tokens
- This dilutes existing holders and can crash the price to zero
- Always prefer
'none'for safety
Example Configuration:
mint-authority: 'none' # Only trade tokens with revoked mintfreeze-authority
Control who can freeze token accounts.
Risk Level: High
Operator: =
Max Addresses: 25 (when using specific)
Possible Values:
| Value | Description |
|---|---|
'none' | No freeze authority - accounts cannot be frozen (safest) |
'any' | Any freeze authority exists - accounts can be frozen |
'specific' | Specific address(es) only - whitelist up to 25 addresses |
Value Format:
type FreezeAuthorityValue =
| 'none' // No freezing possible
| 'any' // Any authority
| string // Single address
| string[]; // Multiple addresses (max 25)Why It Matters:
- If freeze authority exists, a malicious actor could freeze your wallet
- Frozen accounts cannot transfer or sell tokens
- Effectively creates a “soft rug” where you own worthless frozen tokens
Example Configuration:
freeze-authority: 'none' # Only trade tokens without freeze capabilityWarning: This is a critical safety filter. Tokens with active freeze authority can lock your funds permanently.
token-program
Filter by Solana token standard.
Operator: =
Possible Values:
| Value | Name | Description |
|---|---|---|
'token-program' | Token Program (Legacy) | Original SPL Token standard - simple and battle-tested |
'token-2022' | Token Extensions | SPL Token-2022 with advanced features but potential risks |
Token-2022 Features to Consider:
- Transfer fees
- Interest-bearing tokens
- Permanent delegates
- Non-transferable tokens
- Default frozen accounts
Example Configuration:
token-program: 'token-program' # Only legacy tokens (safest)Note: Token-2022 tokens require additional Security Flags checks.
token-age
Filter tokens by how long they’ve existed since creation.
Operator: between
Max Age: 157,680,000 seconds (5 years)
Value Structure:
{
min: number, // Minimum age
max: number, // Maximum age
unit: TimeUnit // Time unit
}Time Units: seconds | minutes | hours | days | weeks | months | years
Default: { min: 0, max: 5, unit: 'years' }
Difference from pool-age: Token may exist before liquidity is added. A token could be days old but have a brand new pool.
Use Cases:
- Identify pre-planned launches (token created days before pool)
- Verify token maturity
- Detect rushed scam deployments
Red Flags:
| Pattern | Risk Level | Interpretation |
|---|---|---|
| token-age is less than pool-age | Suspicious | Token created after pool (rare, usually error) |
| token-age = pool-age | Normal | Standard launch |
| token-age >> pool-age | Varies | Token existed before pool - could be legitimate or recycled |
Example Configuration:
token-age:
min: 1
max: 24
unit: 'hours'dev-deployed-tokens
Number of tokens previously deployed by the developer.
Operator: between
Value Type: Integer
Max Value: 1,000
Value Structure:
{
min: number, // Minimum token count
max: number // Maximum token count
}Default: { min: 0, max: 1000 }
Risk Interpretation:
| Count | Interpretation | Risk Level |
|---|---|---|
| 0-1 | First deployment | Unknown - No history |
| 2-10 | Moderate experience | Low-Medium |
| 10+ | Possible serial scammer | High - Red flag |
Example Configuration:
dev-deployed-tokens: [0, 5] # Avoid serial deployersWarning: High count almost always indicates a rug pull operator testing multiple tokens until one gets traction.
dev-holdings
Percentage of total supply held by the developer.
Operator: between
Unit: Percentage (0-100%)
Value Structure:
{
min: number, // Minimum percentage
max: number // Maximum percentage (capped at 100)
}Default: { min: 0, max: 100 }
Risk Levels:
| Percentage | Risk Level | Interpretation |
|---|---|---|
| > 50% | Critical | Developer controls majority |
| 30-50% | High | Large dump potential |
| 15-30% | Medium | Significant holdings |
| 5-15% | Low | Reasonable for active development |
| under 5% | Very Low | Well distributed |
| 0% | Check | Either sold or using different wallet |
Example Configuration:
dev-holdings: [0, 15] # Maximum 15% held by developerNote: 0% dev holdings isn’t always good - it could mean they already dumped or are using multiple wallets.
Recommended Configurations
Maximum Safety
mint-authority: 'none'
freeze-authority: 'none'
token-program: 'token-program'
dev-deployed-tokens: [0, 3]
dev-holdings: [0, 10]
token-age:
min: 1
max: 24
unit: 'hours'Standard Protection
mint-authority: 'none'
freeze-authority: 'none'
dev-deployed-tokens: [0, 10]
dev-holdings: [0, 20]
token-age:
min: 5
max: 60
unit: 'minutes'Sniper Mode (High Risk)
mint-authority: 'none'
freeze-authority: 'none'
dev-deployed-tokens: [0, 5]
token-age:
min: 0
max: 5
unit: 'minutes'Related Filters
- Security Flags - Token-2022 specific security checks
- Pool Filters - Ownership distribution and pool age
- Base Metrics - Liquidity