So you found a token with a slick website, a Telegram full of rocket emojis, and a chart that only goes up — and now you’re wondering whether it’s real or a trap. Token Sniffer — sometimes searched as a “coin sniffer” or just tokensniffer — is the tool a lot of people reach for at exactly that moment. In plain terms, it’s a free web app that reads a token’s smart contract, runs a batch of automated safety checks, and hands you back a score from 0 to 100 plus a pass/fail verdict it calls the “Smell Test.” Paste in a contract address, wait about thirty seconds, and you get a readable report on whether the thing is likely a scam.
Here’s why that matters: in 2025, crypto scams pulled in at least $14 billion on-chain, a number Chainalysis projects could climb past $17 billion as more illicit wallets get identified. Worse, the scams are getting more efficient — the average payment to a scam address jumped from $782 in 2024 to $2,764 in 2025, a 253% increase. A single tool won’t make you bulletproof, but knowing how to read one properly is the difference between catching an obvious rug and funding someone’s exit. This guide walks from the basics up to the technical edge — what the tool is, who actually uses it, where it falls short, and whether you’d ever want to build your own version.
What Is Token Sniffer?
Token Sniffer is a smart-contract scanner for crypto tokens. You give it a contract address; it analyzes both the source code and the on-chain behavior of that token, then returns an audit score and a list of test results you can read without knowing how to program. It bills itself as the first and most-used app of its kind, it’s free to use, and it currently supports 15 chains — mostly EVM-compatible networks like Ethereum, BSC, and Base, plus Solana, covering where the bulk of token launches happen.
The tool isn’t a side project run by an anonymous dev. It’s owned by Solidus Labs, a New York-based crypto compliance and risk-monitoring firm founded in 2018 by three former Goldman Sachs engineers. Solidus describes itself as the category-definer for crypto-native market integrity solutions — trade surveillance, transaction monitoring, and threat intelligence. That backing is part of why the tool has stuck around while flashier competitors came and went.
Smart contract: self-executing code deployed to a blockchain that runs exactly as written, with no way to pause or reverse it once live. A token is a smart contract — which is why reading that contract tells you almost everything about how the token will behave. See the Ethereum Foundation’s smart contract documentation for the technical definition.
Who Built It and Why It’s Credible
Token Sniffer was created by Matt Bomhoff, who later joined Solidus when the company acquired the tool in October 2022. The acquisition wasn’t cosmetic — Token Sniffer’s technology now feeds directly into Solidus’ enterprise platform, HALO, used by exchanges and trading firms to screen tokens at scale.
That institutional history gives the tool a kind of credibility most scanners can’t claim. Token Sniffer has been cited by the U.S. Department of the Treasury and referenced in testimony before the Senate Banking Committee, making it an established authority on smart contract screening. When a government department references your scam database, you’ve moved past “random crypto tool” territory.
Why Do You Need a Tool Like Token Sniffer?
The honest answer is volume. Thousands of new tokens are deployed every single day across Ethereum, Solana, Base, and BSC, and nobody — not you, not a professional auditor — can read every contract before deciding whether to buy. Automated scanning exists because manual review doesn’t scale to that firehose.
And the junk isn’t a rounding error. Token Sniffer’s own monitoring puts the scale in hard numbers: the system watches more than 30,000 new contracts created daily and accurately designates 50–75% of all newly deployed tokens as scams. Read that again — most new tokens are malicious or worthless. Solidus Labs has estimated a new scam token is deployed roughly every four minutes on average. Token Sniffer exists to filter that majority out fast.
The Specific Risks It’s Looking For
Before you can read a Token Sniffer report, it helps to know the three traps it’s built to catch. Each one is a distinct flavor of theft, and the tool tests for all three.
| Risk | What Happens | How It Traps You |
| Honeypot | The contract lets you buy but silently blocks selling | Your funds are locked the moment you enter |
| Rug pull | Developers drain the liquidity pool or dump their supply | The token becomes worthless and untradeable |
| Impersonator | A fake token copies the name/symbol of a real one | You buy the wrong asset thinking it’s legit |
These aren’t theoretical. Token Sniffer is used to detect impersonation scams and has identified 250,000 rug pulls since 2021. The point of the tool isn’t to predict the future — it’s to flag the patterns that have already burned thousands of people.
A Word on Where This Is Heading
The threat keeps shifting, which is why a scanner is necessary but never sufficient. Chainalysis reported that impersonation scams — criminals posing as trusted entities or using fake tokens and websites — were up a jaw-dropping 1,400% year over year heading into 2026. Tools have to keep escalating to match the people trying to beat them, and no single check can keep pace alone. That tension — automation versus an adversary that adapts — runs through everything below.
How Token Sniffer Works: Reading the Report
Using the tool is genuinely simple, which is most of its appeal. Get the token’s contract address from a block explorer or a platform like DEX Screener, paste it into the search bar at tokensniffer.com, and read the report it generates. The score regenerates every 15 minutes, so it reflects reasonably current on-chain state rather than a stale snapshot.
The headline number is the audit score, out of 100 — and here’s a counterintuitive detail worth internalizing. On the Token Sniffer report, a higher score means lower risk, which is the opposite of how some older scam tools worked. The report itself spells out the caveat directly: a high score doesn’t guarantee safety, because automated scanners can miss hidden malicious code. Treat the score as one input, not a verdict.
The Four Analyses Behind the Score
The score isn’t a black box. It’s built from four categories of checks, and understanding each one lets you read past the number to the actual reasoning.
First, Swap Analysis confirms whether the token is sellable — the core honeypot test — and checks the buy and sell fees. As a rule of thumb, fees under 5% are considered reasonable; anything higher is a flag. Second, Contract Analysis verifies whether the source code is published on a block explorer, whether ownership has been renounced, and whether the creator retains special permissions to alter the contract or drain liquidity.
Third, Holder Analysis maps token distribution — it checks how concentrated the supply is, flagging cases where the creator wallet or any single holder controls more than 5% of the circulating supply. Concentration is a manipulation risk: if one wallet holds half the tokens, that wallet controls the price. Fourth, Liquidity Analysis checks whether the liquidity pool is locked or burned, and for how long. The benchmark here is whether at least 95% of liquidity is secured for a reasonable duration; if it isn’t, a developer can pull the pool and rug the token at will.
Two Features That Make It Readable for Non-Coders
Token Sniffer adds two touches that turn raw data into something a beginner can actually use. The Bubble Map is a visual diagram of token transfers between the top 100 holders and other wallets — creator addresses show as orange, burn addresses as red, and top holders as blue. Each bubble links to a block explorer, so you can click through and trace any wallet’s history yourself. Suspicious clusters jump out visually in a way a table of addresses never would.
The second feature is the Similar Contracts list, which surfaces other tokens deploying near-identical code. This works because Token Sniffer analyzes both source code and bytecode against a database of over 10,000 scam code patterns built from five years of research. When you search a token and see a long list of “100% likeness” copies with names like a dozen variations of the same meme, that’s the fingerprint of a serial scammer churning out clones — and a strong signal to walk away.
Who Actually Uses Token Sniffer?
The tool serves three pretty different audiences, and knowing which one you’re in shapes how you’d use it. The progression runs from casual checking to programmatic, at-scale screening.
The first and largest group is retail investors and traders doing a quick gut-check before a swap. The typical flow takes about two minutes: copy the address, scan the report, look for a Smell Test pass, a score above 80, and no known rug fingerprint — then confirm with a second tool before deciding. For this group the free web interface is the only thing they’ll ever touch, and that’s by design.
The second group is developers and trading-bot operators who need checks built into their software rather than run by hand. This is where the paid API comes in. The Sniffer Pack Pro plan costs $99 per month and provides 500 unique token or address requests per day, with a basic rate limit of five requests per second. That’s enough to wire scam-filtering into a sniping bot that screens out obvious traps before placing orders. The third group is exchanges, financial institutions, and enterprise compliance teams, who use the Enterprise Pack — priced on request, it provides 5,000+ token requests per day plus access to full scam and non-scam token lists from the last 24 hours.
If you’re newer to how tokens behave on a network in the first place, NOWNodes’ guide to blockchain testnets is a low-stakes place to see contracts and transactions in action before you risk real money. And for a closer look at how tokens actually live on-chain, NOWNodes’ Ethereum node overview explains how wallets and dApps read and write contract data.
The Limitations: Where Token Sniffer Falls Short
This is the part casual users skip and experienced ones obsess over. Token Sniffer is useful precisely because you understand its blind spots — and it has real ones. Treating a green score as a guarantee is how people get rugged while feeling safe.
The biggest limitation is dynamic risk. The tool analyzes a contract’s current state, but smart contracts and their metadata can sometimes be altered after launch. A token that passes today can have malicious code injected or ownership re-enabled tomorrow. As one summary of the tool’s weaknesses put it, a contract that isn’t a honeypot now doesn’t mean it won’t become one later — the mutable nature of some contracts means scams can be implemented long after launch. The score is a photograph, not a live feed.
There are two more gaps worth naming. Token Sniffer relies entirely on public, on-chain data — hidden off-chain arrangements, private deals, or social-engineering plays are invisible to it. And chain coverage, while broad, isn’t universal: the tool covers the major EVM networks plus Solana, but newer non-EVM chains like Sui, Aptos, and TON aren’t supported as of early 2026. If you trade on those, you’ll need a chain-specific tool instead. False positives and false negatives happen in both directions, which is exactly why no serious user relies on the score alone.
What the Founder Himself Says
It’s telling that the people who built these tools are the most insistent you not over-trust them. In a Solidus Labs discussion on token scams, Matt Bomhoff, the founder of Token Sniffer, broke down how the tool detects rug pulls in real time using blockchain transparency — while emphasizing that the most effective protection combines smart contract analysis, automated detection, and investor best practices rather than any single tool.
That framing matters. Asaf Meir, Solidus’ founder and CEO, has made a similar point publicly — arguing that the ability to flag smart contract scams in real time and surface manipulative behavior is essential both for protecting consumers and for letting the industry grow safely. The tool is a layer of defense, explicitly designed to sit alongside others — not to replace your own judgment.
Token Sniffer Alternatives Worth Knowing
Because no single scanner is complete, the smart move is stacking two or three that cover each other’s gaps. The crypto scam-detection space has matured a lot since 2022, and several tools now sit comfortably alongside Token Sniffer, each bringing something it doesn’t. Here’s how the main options compare.
| Tool | Strongest At | What It Adds to Your Checks |
| Honeypot.is | Fast honeypot simulation | A quick second opinion on sellability before you commit |
| GoPlus Security | Open API, real-time risk data | Easy integration into wallets and dashboards |
| De.Fi (Scanner) | Governance and permission analysis | Deeper read on owner privileges and contract control |
| Bubblemaps | Visual holder-cluster analysis | Clearer view of wallet relationships and concentration |
| Quick Intel | Multi-chain real-time contract checks | Coverage on some chains the others miss |
The practical recipe most experienced traders follow: run the address through Token Sniffer for the full report, confirm honeypot status on Honeypot.is for speed, and check holder distribution on a tool like Bubblemaps if anything looks off. Stack the checks, trust none of them blindly, and assume the next clever rug is already out there. Token Sniffer covers Solana alongside the major EVM chains, but for newer non-EVM networks like Sui or TON you’ll still want a chain-specific tool to fill the gap.
Could You Build Your Own Self-Custodial Token Checker?
Here’s where it gets interesting for the more technical reader. Token Sniffer is a third-party service — you trust their analysis and their uptime. But every check it runs is, at bottom, reading public blockchain data. That raises a fair question: could you build a self-custodial version that answers to no one but you?
In principle, yes — and the building blocks are all public. Most of the checks a coin sniffer like this runs map to readable on-chain signals: contract verification status comes from block explorers, honeypot detection can be done by simulating a buy-and-sell transaction, holder concentration is a straightforward query of token-balance data, and liquidity-lock status is verifiable against known locker contracts. Token Sniffer’s own API exposes exactly these primitives — token information, on-chain metrics like top holders and liquidity, and Smell Test results including the token score. A self-built tool would query the chain directly, run the same logic locally, and keep you fully in control of the data and the rules.
What You’d Actually Need to Pull It Off
The honest tradeoff is real. A do-it-yourself checker gives you independence — no rate limits, no subscription, no trusting a third party’s scoring choices — but you’d be rebuilding five years of accumulated scam-pattern research from scratch, which is the genuinely hard part. The on-chain queries are tractable; matching against a database of over 10,000 scam code patterns is what separates a hobby script from a production tool.
To even start, you’d need reliable, low-latency access to on-chain data across whichever networks you care about — which means dedicated blockchain infrastructure rather than flaky public endpoints. If that’s a direction you’re exploring, NOWNodes’ infrastructure for developers covers how to get clean, fast access to chain data across 100+ networks without running the servers yourself. For most people, the build-versus-buy math favors using an existing scanner. But if you’re a developer who wants full control over the logic and no dependency on a third party’s roadmap, a self-custodial checker is a legitimately achievable project — just go in knowing the scam-fingerprint database is the moat, not the queries.
Conclusion
Token Sniffer earns its place as a first stop because it does one thing well: it turns a contract address into a readable safety report in about thirty seconds, for free, with the institutional weight of Solidus Labs behind it. The tool currently monitors over 2.2 million tokens and nearly 300,000 identified scams — a database built from years of watching how rugs actually work.
But the through-line of this whole guide is that a scanner is a layer, not a shield. With at least $14 billion lost to crypto scams in 2025 and impersonation scams up 1,400% year over year, the people building these tools are the first to tell you that combining automated checks with your own research is the only approach that holds up. Run Token Sniffer, confirm with a second tool, read the contract signals yourself, and never let a green score switch off your skepticism. That’s the difference between using the tool well and trusting it blindly — and in this market, that difference is your money.
FAQ
What is Token Sniffer?
Token Sniffer is a free, web-based smart contract scanner owned by Solidus Labs. You paste in a token’s contract address, and it runs automated security tests — honeypot detection, contract verification, holder distribution, and liquidity analysis — returning an audit score from 0 to 100 and a pass/fail “Smell Test.”
Is Token Sniffer free to use?
Yes. The web interface at tokensniffer.com is free and requires no login. There are paid API tiers for developers and enterprises — the Sniffer Pack Pro starts at $99/month for 500 token requests per day — but individual users checking one token at a time pay nothing.
What does the Token Sniffer score mean?
The score runs from 0 to 100, where a higher score means lower risk. It’s calculated from swap, contract, holder, and liquidity checks. Importantly, even a perfect 100 isn’t a guarantee of safety — automated scanners can miss hidden or dynamic malicious code, so the score is a starting point for research, not a final verdict.
Which blockchains does Token Sniffer support?
Token Sniffer supports 15 chains, mostly EVM-compatible networks including Ethereum, BSC, Base, Polygon, Arbitrum, Avalanche, Fantom, and Optimism, plus Solana. Some newer non-EVM chains like Sui, Aptos, and TON aren’t supported as of early 2026, so you’ll need a chain-specific tool for those.
Can Token Sniffer detect honeypots?
Yes. Honeypot detection is one of its core checks — the Swap Analysis confirms whether a token can actually be sold, not just bought. For a fast second opinion, many users cross-check honeypot status on a dedicated tool like Honeypot.is.
Is Token Sniffer accurate?
It’s accurate enough to be cited by the U.S. Treasury and used by major exchanges through Solidus’ HALO platform — but it isn’t infallible. It can produce false positives and false negatives, and it can’t see dynamic risks like a contract being altered after launch or off-chain arrangements. Use it as one layer alongside other tools and your own due diligence.
What’s the difference between Token Sniffer and a manual audit?
Token Sniffer runs automated pattern-matching in seconds against a database of known scam fingerprints; a manual audit is a human expert reading the contract line by line. The scanner scales to the thousands of tokens launched daily but catches only known patterns. A manual audit is far more thorough but slow and expensive — they serve different purposes.
Can I build my own version of Token Sniffer?
Technically yes — the underlying checks all read public on-chain data, and you can query contract verification, holder concentration, and liquidity locks directly. The hard part isn’t the queries; it’s replicating the database of over 10,000 scam code patterns built from years of research. For most people, using an existing scanner is the better trade, but a self-custodial checker is achievable for developers who want full control.
