SolidityScan Security API
  • Introduction
    • πŸ“‹Overview of SolidityScan
    • πŸ’‘Key Features
    • πŸ’»Supported Platforms
  • Getting Started
    • ⭐Web Application
      • ⏩QuickScan
      • Scan a Online Git Repository
      • Scanning a Deployed Contract
      • πŸ—ƒοΈUpload and Scan Solidity Project
      • πŸ‘¨β€πŸ’ΌOrganisation
    • βš™οΈAPIs
      • πŸ”Generating Private Key
      • 🌐SolidityScan Private API
        • WebSocket API
          • Project Scan
          • Verified Contract Scan
          • Project Quick Scan
          • Project Threat Scan
          • File Upload Scans
          • Scan Lifespan and Events
        • HTTP API
      • RustScan API
      • πŸ”Vulnerability Score API V1
      • πŸ’’ThreatScore API V1
      • ThreatScore API V2
      • SolidityScan WebSocket Events
        • Private QuickScan WS
        • πŸ”Private ThreatScan WS
        • WS references
      • βš™οΈPostman Collection
      • Platform Info
    • πŸ“‘SolidityScan SDK
    • Platform Parameters
      • Arbitrum
        • Arbiscan
        • Blockscout
      • Asset Chain
        • Blockscout
      • Astar
        • Blockscout
        • SubScan
      • Aurora
        • Aurora Explorer
      • Avalanche
        • Snowtrace
        • Routescan
      • Base
        • BaseScan
        • Blockscout
      • BlackFort
        • Blockscout
      • BOBA
        • Routescan
      • Binance
        • Bscscan
      • BuildBear
        • BuildBear
      • Camino
        • Blockscout
      • Celo
        • Celo Explorer
        • Blockscout
      • Chiliz
        • Routescan
      • Connext
        • Blockscout
      • Creditcoin
        • Blockscout
      • Cronos
        • Cronos Explorer
      • Darwinia
        • SubScan
      • Ethereum Classic
        • Blockscout
      • Ethereum
        • Etherscan
        • Blockscout
      • Etherlink
        • Blockscout
      • Fantom
        • Ftmscan
      • 5ireChain
        • 5ireChain
      • Flare
        • Routescan
      • Fuse
        • Fuse Explorer
        • Blockscout
      • Gnosis
        • Blockscout
      • Hemi
        • Blockscout
      • Immutable
        • Blockscout
      • IOTA
        • Blockscout
      • Japan Open Chain
        • Blockscout
      • Lightlink
        • Blockscout
      • Linea
        • LineaScan
        • Blockscout
      • Lisk
        • Blockscout
      • LUKSO
        • Blockscout
      • Metis
        • Routescan
      • Moonbeam Network
        • SubScan
      • Neon
        • Blockscout
      • Nordek
        • Nordekscan
      • Omni
        • Blockscout
      • One World Chain
        • Blockscout
      • Optimism
        • Optimism
        • Blockscout
      • Peaq Network
        • SubScan
      • Playnance
        • Blockscout
      • Polkadot
        • SubScan
      • Polygon
        • Polygonscan
        • Blockscout
      • re.al
        • Blockscout
      • Redstone
        • Blockscout
      • Reef
        • ReefScan
      • Reya
        • Blockscout
      • Rootstock
        • Blockscout
      • Shibarium
        • Blockscout
      • Shimmer
        • Blockscout
      • Soneium
        • Blockscout
      • Stability
        • Blockscout
      • Tron
        • Tronscan
      • XDC
        • BlocksScan
      • Zetachain
        • Blockscout
      • zkSync
        • Blockscout
  • Integrations
    • GitHub
    • BitBucket
    • GitLab
    • Slack
    • VS Code
    • Remix
  • Audit Reports
    • πŸ“’QuickScan Report
    • πŸ“’Generate and Publish Reports
  • Pricing
    • πŸ’°SolidityScan Pricing
Powered by GitBook
On this page
  1. Getting Started
  2. APIs

ThreatScore API V1

PreviousVulnerability Score API V1NextThreatScore API V2

Last updated 4 months ago

SolidityScan Public API [Example]

curl --location --request GET 'https://api.solidityscan.com/api/v1/threatscan/1/1/0x4ee38aa8d7449a177119e983610D73e9ace932dA' \
--header 'Authorization: Token {{token}}'
{
    "scan_report": {
        "contract_address": "0xa579472f17b6E1b6C5dED2A785067a89EC536ce8",
        "contract_chain": "mainnet",
        "contract_platform": "etherscan",
        "contract_url": "https://etherscan.io/address/0xa579472f17b6E1b6C5dED2A785067a89EC536ce8",
        "contractname": "AddOnAi",
        "is_quick_scan": true,
        "request_type": "threat_scan",
        "ts_scan_details": [
            {
                "gas": 74953.0,
                "issue_code_findings_enabled": false,
                "issue_description": "<p>The simulation for the scanned contract indicates that this token incorporates antiwhale measures. These measures are designed to prevent large holders from impacting the market significantly, ensuring fairer distribution and trading practices.</p>",
                "issue_dynamic_desc": "Antiwhale Simulation - Token Has Antiwhale Measures",
                "issue_id": "TRANSACTION_STIMULATION_WHALE_MODULE",
                "issue_name": "TOKEN IS ANTIWHALE",
......

This API will return the count of total vulnerabilities detected by SolidityScan and the security score of the Smart Contract for a contract address whose contract code is verified on the supported explorers.

BuildBear Example:

curl --location --request GET 'https://api.solidityscan.com/api/v1/threatscan/10/Bottom_R5-D4_de9d270c/0x1aa51bc7eb181ce48ce626bf62f8956fa9555136'
--header 'Authorization: Token {{token}}' 
{
    "scan_report": {
        "contract_address": "0x1aa51bc7eb181ce48ce626bf62f8956fa9555136",
        "contract_platform": "buildbear",
        "contract_url": "https://buildbear.io/0x1aa51bc7eb181ce48ce626bf62f8956fa9555136",
        "contractname": "PAWZONE",
        "node_reference_id": "Bottom_R5-D4_de9d270c",
        "threat_score": "84.62",
        "threat_scan_details": [
            {
                "issue_description": "The contract’s source code is verified.Source code verification provides transparency for users interacting with smart contracts. Block explorers validate the compiled code with the one on the blockchain. This also gives users a chance to audit the contracts.",
                "issue_id": "QUICK_SCAN_IS_SOURCE_CODE_VERIFIED",
                "issue_name": "IS SOURCE CODE VERIFIED",
                "issue_status": "pass"
            },
            {
                "issue_description": "The contract cannot mint new tokens. The _mint functions was not detected in the contracts.Mint functions are used to create new tokens and transfer them to the user’s/owner’s wallet to whom the tokens are minted. This increases the overall circulation of the tokens.",
                "issue_id": "QUICK_SCAN_PRESENCE_OF_MINTING_FUNCTION",
                "issue_name": "PRESENCE OF MINTING FUNCTION",
                "issue_status": "pass"
            },
            {
                "issue_description": "The tokens can be burned in this contract.Burn functions are used to increase the total value of the tokens by decreasing the total supply.",
                "issue_id": "QUICK_SCAN_PRESENCE_OF_BURN_FUNCTION",
                "issue_name": "PRESENCE OF BURN FUNCTION",
                "issue_status": "fail"
            },
            {
                "issue_description": "The contract can not be compiled with an older Solidity version.Pragma versions decide the compiler version with which the contract can be compiled. Having older pragma versions means that the code may be compiled with outdated and vulnerable compiler versions, potentially introducing vulnerabilities and CVEs.",
                "issue_id": "QUICK_SCAN_SOLIDITY_PRAGMA_VERSION",
                "issue_name": "SOLIDITY PRAGMA VERSION",
                "issue_status": "pass"
            },
            {
                "issue_description": "The contract was found to be using ERC-20 token standard.ERC-20 is the technical standard for fungible tokens that defines a set of properties that makes all the tokens similar in type and value.",
                "issue_id": "QUICK_SCAN_IS_ERC20_TOKEN",
                "issue_name": "IS ERC-20 TOKEN",
                "issue_status": "pass"
            },
            {
                "issue_description": "This is not a Pausable contract.If a contract is pausable, it allows privileged users or owners to halt the execution of certain critical functions of the contract in case malicious transactions are found.",
                "issue_id": "QUICK_SCAN_PAUSABLE_CONTRACTS",
                "issue_name": "PAUSABLE CONTRACTS",
                "issue_status": "pass"
            },
            {
                "issue_description": "Critical functions that add, update, or delete owner/admin addresses are not detectedThese functions control the ownership of the contract and allow privileged users to add, update, or delete owner or administrative addresses. Owners are usually allowed to control all the critical aspects of the contract. ",
                "issue_id": "QUICK_SCAN_CRITICAL_ADMINISTRATIVE_FUNCTIONS",
                "issue_name": "CRITICAL ADMINISTRATIVE FUNCTIONS",
                "issue_status": "pass"
            },
            {
                "issue_description": "The contract cannot be self-destructed by owners.selfdestruct() is a special function in Solidity that destroys the contract and transfers all the remaining funds to the address specified during the call. This is usually access-control protected.",
                "issue_id": "QUICK_SCAN_CONTRACT_TOKEN_SELF_DESTRUCT",
                "issue_name": "CONTRACT/TOKEN SELF DESTRUCT",
                "issue_status": "pass"
            },
            {
                "issue_description": "The contract is not vulnerable to ERC-20 approve Race condition vulnerability.ERC-20 approve function is vulnerable to a frontrunning attack which can be exploited by the token receiver to withdraw more tokens than the allowance. Proper mitigation steps should be implemented to prevent such vulnerabilities.",
                "issue_id": "QUICK_SCAN_ERC20_RACE_CONDITION",
                "issue_name": "ERC20 RACE CONDITION",
                "issue_status": "pass"
            },
        ],
        "scanner_reference_url": "https://solidityscan.com/quickscan/0x1aa51bc7eb181ce48ce626bf62f8956fa9555136/buildbear/Bottom_R5-D4_de9d270c?ref=buildbear"
    },
    "status": "success"
}
βš™οΈ
πŸ’’
53KB
response.json