GoPlus: In the past three quarters, more than 560,000 potentially risky tokens were discovered on 5 major L2 chains, affecting more than 13.6 million user addresses

Author: GoPlus

Introduction

With the rapid development of Web3.0, more and more users have begun to enter this field and invest. Among them, in the field of on-chain investment, meme coin has become the most favorite and most attractive investment object for users. Meme coins have the characteristics of fast issuance, high rise and fall, and anonymity of the issuer. However, a large number of fraud gangs have taken advantage of users' enthusiasm for meme coins, disguised themselves as meme coins, and carried out a large number of fraudulent activities against users on the chain. These criminals take advantage of the characteristics of smart contracts to design various risky tokens, trick users into investing, and make illegal profits by triggering code backdoors and other methods. These risky tokens usually have the following characteristics: contract creators have unlimited rights to issue new tokens, users can only buy but not sell, malicious black and white list settings, transaction taxes can be maliciously tampered with, etc. Once users purchase these tokens, they are likely to suffer irreparable losses of funds. In order to deal with the increasingly serious risk of fraud, it is particularly important to identify and warn of risky tokens. This article will analyze the situation of risky tokens on five popular Ethereum second-tier networks (Base, Arbitrum, Optimism, Blast, Mantle) in the past three quarters based on the GoPlus Security API and real on-chain data, with a view to providing Provide references and warnings to users.

Method description

Data source

• GoPlus Security API

GoPlus Security API is an open, license-free Web3.0 security provided by the GoPlus team for the majority of Web3.0 developers and end users Data API service. This service provides professional developers in the technical field with the ability to protect their users and meet the security needs of C-side users.

• The transaction data on each chain is mainly collected and queried through DUNE

Analysis method

Based on the GoPlus Security API, we scanned a total of 564,180 potentially risky tokens on the 5 Top L2 Chains (users passed Integrated product calls to GoPlus Security API).

We conducted data analysis and visualization on the above suspected risky tokens based on DUNE, and formed an open source dashboard, showing three data indicators:

1. the number of unique traders involved in suspected risky tokens
2. the transaction amount involved in suspected risky tokens
3. all suspected risky tokens contract addresses

The sample period of the data in this article is within the past three quarters. Specifically, it is from August 1, 2023 to May 24, 2024. Since the Blast chain will be launched in March 2024, its sample period begins in March 2024, but some ERC20 tokens on its chain have been issued in February 2024.

Definition of Risk Tokens

The definition of risk tokens in this article mainly comes from Token Risk Classification (TRC). The detailed definition of each condition below can be found in TRC. Specifically, this article considers smart contracts that meet any of the following conditions as potentially risky tokens.

• Honeypot (TRC-001): The token has a "honeypot" mechanism where users can buy but not sell
• OwnershipRetrieval (TRC-003): Token ownership can be retrieved maliciously
• AntiWhale (TRC-014) : Token contracts can restrict transactions by large holders, and specific users may not be able to cash out freely.
• TransferPausable (TRC-011): Token transfer can be paused, and user funds may be maliciously frozen
• SlippageModification (TRC-010): Token contracts can modify slippage arbitrarily, and users may suffer unpredictable losses
• BlacklistFunction (TRC-008): The token contract can set a blacklist, and certain users may not be able to transfer and trade freely
• WhitelistFunction (TRC-013): The token contract can set a whitelist, and certain users may not be able to transfer and trade freely
• TradingCooldown (TRC-016): The token contract can set a trading cooling period, and users may not be able to trade in time
• SelfDestruction (TRC-006): The token contract can self-destruct, and the tokens held by the user may suddenly disappear.
• ExternalCall (TRC-007): Token contracts can call external contracts, and there is a risk of being maliciously exploited
• PersonalSlippageModification (TRC-012): The slippage of a specific user can be modified, and the target user may suffer directional losses
• AntiWhaleModification (TRC-015): Transaction limits for large holders can be modified, which may further harm the interests of specific users
• BalanceManipulation (TRC-004): Token balances can be modified arbitrarily, and the number of tokens held by a user May change suddenly
• HiddenOwnership (TRC-005): The identity of the token owner is hidden, making it difficult to track the responsible party
• FullSaleRestriction (TRC-009): The token contract can completely restrict the sale, and the holder may Unable to cash out in time.
• FullBuyRestriction: The token contract can completely restrict purchases, and the holder may not be able to cash out in time.
• NotOpenSource: The token contract code is not open source

Base

The number of new tokens on the Base chain and the number of new suspected risky tokens

In the past three quarters, Base A total of 573,484 ERC20 tokens were added to the chain, of which 381,790 new suspected risky ERC20 tokens were scanned, accounting for approximately 66.6%! That is, in the past three quarters, more than half of the newly issued ERC20 tokens on the Base chain are suspected risk tokens.

The trend of the number of new ERC20 tokens on the Base chain is to first decrease and then increase significantly. Especially since March 2024, the number of new ERC20 tokens on the Base chain has increased significantly. In April 2024, the largest number of new ERC20 tokens were added to the Base chain, reaching 240,000.

The number of new suspected risky ERC20 tokens on the Base chain is highly positively correlated with the number of new ERC20 tokens, and the trends of the two are similar.

The number of user addresses involved in suspected risky tokens on the Base chain

Before March 2024, the number of addresses involved in suspected risky tokens on the Base chain was relatively stable, approximately in the range of 230,000-300,000 . But overall, the number of addresses involved in suspected risky tokens on the Base chain is generally on the rise, growing slowly from 287,000 in August 2023 to 372,000 in February 2024. Since then, there has been a steep peak, reaching 1.135 million and 1.994 million in March and April 2024 respectively. Although it has dropped to 1.301 million in May 2024, it is still much higher than the same period in 2023, and May 2024 is not yet over. It can be seen that as time goes by, the risk of fraud faced by users on the Base chain continues to intensify.

Arbitrum

The number of new tokens and new suspected risky tokens on the Arbitrum chain

In the past three quarters, a total of 95,203 ERC20 tokens have been added to the Arbitrum chain. Among them, the number of new suspected risky ERC20 tokens scanned was 85,633, accounting for about 89.9%!

The number of new ERC20 tokens on the Arbitrum chain is relatively stable and has a slight upward trend. From August 2023, there will be 8,520 new ones, and by April 2024, there will be 12,349 new ones.

Similar to the Base chain, the number of new suspected risky tokens on the Arbitrum chain is highly positively correlated with the number of new ERC20 tokens, and the trend is consistent.

The number of user addresses involved in suspected risky tokens on the Arbitrum chain

The number of addresses involved in suspected risky tokens on the Arbitrum chain shows a clear upward trend, especially from March 2024 to May 2024 During this period, the number increased significantly. The number of addresses involved in suspected risky tokens on the Arbitrum chain increased from 36,000 in August 2023 to 3.78 million in May 2024, an increase of approximately 105 times!

Suspected risky tokens on the Arbitrum chain affected 3.78 million users in May 2024, seriously threatening the security of users’ assets.

Optimism

Optimism The number of new tokens on the chain and the number of new suspected risky tokens

In the past three quarters, a total of 73,737 ERC20 tokens have been added to the Optimism chain, of which 70,089 new suspected risky ERC20 tokens have been scanned, accounting for about 95%! That is, in the past three quarters, about 95% of the newly added ERC20 tokens on the Optimism chain are suspected risk tokens!

The number of new ERC20 tokens on the Optimism chain is also highly positively correlated with the new number of suspected risky ERC20 tokens.

The trend of the number of newly added ERC20 tokens is first to increase and then to decrease. During the cryptocurrency bull market from March to May 2024, the chain in the previous article saw a significant increase in the number of new ERC20 tokens, while the number of new ERC20 tokens on the Optimism chain was relatively small, with an average monthly growth of about 4500 ERC20 tokens.

The number of user addresses involved in suspected risky tokens on the Optimism chain

The number of addresses involved in suspected risky tokens on the Optimism chain is significantly lower than the above two chains. Before March 2024, the volume fluctuated relatively little. From March to May 2024, the number of addresses involved in suspected risky tokens on the Optimism chain increased significantly.

Since from March to May 2024, the number of new suspected risky ERC20 tokens on the Optimism chain was relatively small, but the number of addresses involved in suspected risky tokens increased significantly during this period. This phenomenon may be due to the former suspected risky tokens affecting a large number of users during the cryptocurrency bull market, or it may be due to the small number of newly added suspected risky tokens during this period affecting a large number of users.

BlastThe number of new tokens on the Blast chain and the number of new suspected risky tokens

The Blast chain will be launched on the mainnet in March 2024, but in February 2024, the number of new tokens on the Blast chain There have already been transactions, so there is only data from February to May 2024.

In the past three quarters, a total of 13,859 ERC20 tokens have been added to the Blast chain, of which 12,608 new suspected risky ERC20 tokens have been scanned, accounting for approximately 91%.

The number of new ERC20 tokens on the Blast chain is on a downward trend. After the Blast chain's mainnet went online in March 2024, a large number of ERC20 tokens were rapidly added, and then the number of new tokens gradually decreased. About 91% of the newly added ERC20 tokens are suspected risk tokens.

The number of user addresses involved in suspected risky tokens on the Blast chain

After the launch of the Blast chain mainnet in March this year, users have grown rapidly and transactions on the chain have been active. Data shows that in March 2024, the number of addresses involved in suspected fraudulent contracts on the Blast chain was as high as 642,000, which is close to the 663,000 on the Optimism chain, indicating that transactions on suspected risky tokens on the Blast chain are very active. Before May is over, the number of addresses involved in suspected risky tokens has reached 218,000, which may reach a record high. As an emerging L2 chain, Blast chain has begun to see signs of fraud, which deserves high vigilance.

MantleThe number of new tokens and new suspected risky tokens on the Mantle chain

In the past three quarters, a total of 5,645 ERC20 tokens have been added to the Mantle chain. Among them, the number of new suspected risky ERC20 tokens scanned was 3801, accounting for about 67.3%.

The proportion of new ERC20 tokens on the Mantle chain and the proportion of new suspected risky ERC20 tokens are on a downward trend.

The number of new suspected risky tokens on the Mantle chain is the least among the five chains.

The number of user addresses involved in suspected risky tokens on the Mantle chain

The number of addresses involved in suspected risky tokens on the Mantle chain is generally smaller, even lower than the newly launched Blast chain. However, data shows that this indicator is generally on an upward trend, gradually rising from 1,519 to about 54,000, an increase of more than 35 times. Therefore, the problem of fraud on the Mantle chain also deserves a high degree of vigilance.

Summary

In general, with the rapid growth in the number of addresses involving suspected risky tokens in various Layer-2 Ethereum networks, the investment environment faced by users has become increasingly harsh. The data clearly shows that as the popularity of these networks increases, so does the risk of encountering scams, especially those related to Meme tokens. This trend is evident in all analyzed networks. As the entire field continues to evolve, we all need to remain vigilant and proactively guard against these threats. As an open, permissionless and user-driven Web3 modular user security layer, GoPlus Network provides users with full life cycle protection of transactions. It utilizes decentralized user security networks and advanced AI-driven security solutions to provide in-depth risk analysis and provide users with intelligent and efficient security services. If users encounter any security issues, we will do our best to help solve them.

The above is the detailed content of GoPlus: In the past three quarters, more than 560,000 potentially risky tokens were discovered on 5 major L2 chains, affecting more than 13.6 million user addresses. For more information, please follow other related articles on the PHP Chinese website!