Open-World Track Record

Every newly-deployed contract on 17 chains is scanned by Sentinel's audit engine within hours of deployment. The verdict is logged before anyone knows whether the contract will be exploited. After a 90+ day seasoning window, predictions are cross-referenced against real exploits — yielding a defensible, time-stamped track record that can't be revised post-hoc.

Coverage: verified-source contracts get the full deterministic engine pass. Unverified contracts (bytecode-only) get pattern-matched against rug-pull signal selectors with findings capped at MEDIUM severity. Each row below is tagged with its audit mode.

Scanned

836

contracts audited at deploy time

Detections

408

48.8% of scans had ≥1 finding

High-severity

CRITICAL/HIGH source-mode

Correlated

predictions matched to exploits

Hit rate

n/a

of correlated predictions were TP

Per-chain coverage

Where the engine is currently scanning. Distribution reflects deployment volume, not selective focus. The High-severity column counts CRITICAL/HIGH source-mode findings only; bytecode-mode detections caps at MEDIUM and aren't included here (see the Detections card above for total any-severity detections including bytecode-mode rug signals).

Chain	Scanned	High-severity	Rate
`eth`	591	1	0.2%
`avalanche`	122	0	0.0%
`base`	54	1	1.9%
`bsc`	48	1	2.1%
`arbitrum`	9	0	0.0%
`polygon`	8	0	0.0%
`celo`	1	0	0.0%
`linea`	1	0	0.0%
`moonbeam`	1	1	100.0%
`optimism`	1	0	0.0%

Last cycle 2026-05-02 13:43:22 UTC

Next cycle scheduling…

Cadence every 4h 48m

How to read the Risk score

Every row is scored 0–100 from its severity counts. Higher = more concerning. Verified-source contracts can reach 100; bytecode-only signals cap at 60 because pattern-matching on unverified bytecode can't reliably claim CRITICAL severity (precision discipline, not a missing feature).

80–100 Critical Multiple HIGH or any CRITICAL severity finding from verified-source analysis. Treat as actionable now — review the contract before any interaction.

60–79 High Either 1–2 HIGH-severity source findings or a fully-loaded bytecode rug profile (mint + blacklist + selfdestruct selectors stacked together).

30–59 Medium A typical bytecode-only signal load (2–3 rug-pattern selectors detected) or one source HIGH-severity finding alone. Worth reviewing.

1–29 Low A single MEDIUM/LOW finding — usually a structural concern (e.g. ownership pattern present) rather than an active rug signal.

0 Clean No rug-signal selectors detected. Doesn't mean "safe to use" — means "no pattern matched the engine's rule set." Always do your own due diligence.

Score formula: CRITICAL×55 + HIGH×30 + MEDIUM×12 + LOW×4 (capped at 100 source / 60 bytecode). Hover any row's score to see the exact severity breakdown that produced it. The verified-source / bytecode badge next to each address tells you which scoring ceiling applies.

Token risks & rug indicators

Newly-deployed tokens whose code shows rug-pull or honeypot signatures: hidden approvals, owner-drainable treasuries, fee-on-transfer pool drains, uncapped mints, and similar token-class concerns. Click any row's findings to see the full list.

Chain	Address	Scanned	What an attacker can do	Risk
`eth`	`0xee2b…1ed7` bytecode	2026-05-02 13:05:07 UTC	Contract has an owner — privileges may not be renounced · Owner can transfer admin to a fresh wallet pre-rug · Contract can self-destruct and drain ETH (bytecode signal)	24
`eth`	`0x9f66…fd67` bytecode	2026-05-02 13:04:49 UTC	Contract has an owner — privileges may not be renounced · Owner can transfer admin to a fresh wallet pre-rug · Ownership is renounceable — verify it actually was renounced	12
`eth`	`0x4c97…5cd6` bytecode	2026-05-02 13:04:10 UTC	Contract has an owner — privileges may not be renounced · Owner can transfer admin to a fresh wallet pre-rug · Ownership is renounceable — verify it actually was renounced	12
`eth`	`0x118e…defa` bytecode	2026-05-02 13:04:01 UTC	Contract has an owner — privileges may not be renounced	0
`eth`	`0x02e4…b9b0` bytecode	2026-05-02 13:03:57 UTC	Contract has an owner — privileges may not be renounced · Owner can transfer admin to a fresh wallet pre-rug	12
`eth`	`0xa5ec…4bd0` bytecode	2026-05-02 13:03:37 UTC	Contract has an owner — privileges may not be renounced · Ownership is renounceable — verify it actually was renounced · Trading was/is gated by owner (bytecode signal)	12
`eth`	`0x0833…2976` bytecode	2026-05-02 13:03:15 UTC	Contract has an owner — privileges may not be renounced · Owner can transfer admin to a fresh wallet pre-rug · Ownership is renounceable — verify it actually was renounced	12
`eth`	`0xe85d…d8df` bytecode	2026-05-02 13:02:47 UTC	Contract has an owner — privileges may not be renounced · Owner can transfer admin to a fresh wallet pre-rug	12
`eth`	`0x42a3…aeb6` bytecode	2026-05-02 13:02:23 UTC	Contract has an owner — privileges may not be renounced · Ownership is renounceable — verify it actually was renounced · Trading was/is gated by owner (bytecode signal)	12
`eth`	`0xf211…a979` bytecode	2026-05-02 13:01:57 UTC	Owner can mint extra supply (bytecode signal) · Contract has an owner — privileges may not be renounced · Owner can transfer admin to a fresh wallet pre-rug · … Owner can mint extra supply (bytecode signal) Contract has an owner — privileges may not be renounced Owner can transfer admin to a fresh wallet pre-rug Ownership is renounceable — verify it actually was renounced	24
`eth`	`0xe894…06e5` bytecode	2026-05-02 13:01:50 UTC	Contract has an owner — privileges may not be renounced · Owner can transfer admin to a fresh wallet pre-rug · Ownership is renounceable — verify it actually was renounced	12
`eth`	`0xeb3b…8dce` bytecode	2026-05-02 13:01:46 UTC	Contract has an owner — privileges may not be renounced · Owner can transfer admin to a fresh wallet pre-rug	12
`eth`	`0xa50a…4ade` bytecode	2026-05-02 13:01:26 UTC	Contract has an owner — privileges may not be renounced · Ownership is renounceable — verify it actually was renounced · Trading was/is gated by owner (bytecode signal)	12
`eth`	`0x258c…8094` bytecode	2026-05-02 13:01:07 UTC	Contract has an owner — privileges may not be renounced · Owner can transfer admin to a fresh wallet pre-rug	12
`eth`	`0x74e6…b2fa` bytecode	2026-05-02 13:00:51 UTC	Contract has an owner — privileges may not be renounced	0
`eth`	`0xe3eb…1f70` bytecode	2026-05-02 13:00:42 UTC	Contract can self-destruct and drain ETH (bytecode signal)	12
`eth`	`0x9e57…ea4a` bytecode	2026-05-02 13:00:33 UTC	Contract has an owner — privileges may not be renounced · Owner can transfer admin to a fresh wallet pre-rug · Ownership is renounceable — verify it actually was renounced	12
`eth`	`0x7413…a392` bytecode	2026-05-02 13:00:28 UTC	Contract has an owner — privileges may not be renounced · Owner can transfer admin to a fresh wallet pre-rug · Contract can self-destruct and drain ETH (bytecode signal)	24
`eth`	`0x78be…5cc8` bytecode	2026-05-02 13:00:14 UTC	Owner can halt all transfers (bytecode signal)	12
`eth`	`0x1a94…ce6b` bytecode	2026-05-02 13:00:02 UTC	Contract has an owner — privileges may not be renounced · Ownership is renounceable — verify it actually was renounced	0
`eth`	`0x978e…3214` bytecode	2026-05-02 12:59:43 UTC	Contract has an owner — privileges may not be renounced · Ownership is renounceable — verify it actually was renounced · Trading was/is gated by owner (bytecode signal)	12
`eth`	`0x5a21…056e` bytecode	2026-05-02 12:59:36 UTC	Contract has an owner — privileges may not be renounced · Ownership is renounceable — verify it actually was renounced	0
`eth`	`0x3c7a…46d1` bytecode	2026-05-02 12:59:35 UTC	Contract has an owner — privileges may not be renounced · Owner can transfer admin to a fresh wallet pre-rug · Ownership is renounceable — verify it actually was renounced	12
`eth`	`0x17c4…3eea` bytecode	2026-05-02 12:59:28 UTC	Contract has an owner — privileges may not be renounced · Owner can transfer admin to a fresh wallet pre-rug · Contract can self-destruct and drain ETH (bytecode signal)	24
`eth`	`0x6e8d…3dc4` bytecode	2026-05-02 12:59:09 UTC	Owner can halt all transfers (bytecode signal)	12
`eth`	`0x4a0b…7827` bytecode	2026-05-02 12:59:04 UTC	Contract has an owner — privileges may not be renounced · Owner can transfer admin to a fresh wallet pre-rug	12
`eth`	`0x146b…fd7b` bytecode	2026-05-02 12:58:58 UTC	Contract has an owner — privileges may not be renounced · Ownership is renounceable — verify it actually was renounced · Trading was/is gated by owner (bytecode signal)	12
`eth`	`0x2194…8900` bytecode	2026-05-02 12:58:55 UTC	Contract can self-destruct and drain ETH (bytecode signal)	12
`eth`	`0x93a1…afd6` bytecode	2026-05-02 12:58:50 UTC	Contract has an owner — privileges may not be renounced · Ownership is renounceable — verify it actually was renounced	0
`eth`	`0xca20…5d9b` bytecode	2026-05-02 12:58:47 UTC	Contract can self-destruct and drain ETH (bytecode signal)	12
`bsc`	`0x83f1…c7e8` verified-source	2026-05-01 15:36:00 UTC	Drains tokens via hidden approval · Contract forces unwanted ETH inflow	59
`bsc`	`0xadbe…4809` verified-source	2026-04-29 03:56:58 UTC	Admin can drain treasury directly · External call return value ignored · Fee-on-transfer token can drain LP pool · … Admin can drain treasury directly External call return value ignored Fee-on-transfer token can drain LP pool Fee on transfer	84

DEX & MEV exposures

Newly-deployed contracts whose code is exposed to sandwich attacks, oracle manipulation, AMM-spot-price abuse, flashloan-driven governance hijacks, or first-depositor inflation.

Chain	Address	Scanned	What an attacker can do	Risk
`base`	`0xa6da…ff3c` verified-source	2026-04-30 00:22:56 UTC	Drains tokens via hidden approval · Trade can complete at any price · Outcome depends on miner timestamp · … Drains tokens via hidden approval Trade can complete at any price Outcome depends on miner timestamp Approval can be front-run for theft State change emits no event (off-chain blind) Hardcoded address can't be updated Novel excessive external calls Privilege concern flagged by AI review	100

Smart-contract vulnerabilities

Newly-deployed contracts flagged for general security concerns: reentrancy, arbitrary external calls, unsafe math, time-dependence, signature replay, and similar.

Chain	Address	Scanned	What an attacker can do	Risk
`eth`	`0x6228…e67e` verified-source	2026-05-02 12:54:56 UTC	tx.origin auth lets attacker impersonate user · Precision loss in division-then-multiply · Type cast truncates without check · … tx.origin auth lets attacker impersonate user Precision loss in division-then-multiply Type cast truncates without check Variable shadowing Transfer gas stipend Fee on transfer Privilege concern flagged by AI review	90
`eth`	`0x7bc8…2d89` verified-source	2026-05-01 13:59:27 UTC	Numeric overflow corrupts balances · Calls any address with attacker data · Outcome depends on miner timestamp · … Numeric overflow corrupts balances Calls any address with attacker data Outcome depends on miner timestamp Privileged function lacks proper guard External-call concern flagged by AI review Arithmetic concern flagged by AI review	100
`eth`	`0x8f57…19ec` verified-source	2026-04-29 23:45:41 UTC	Calls any address with attacker data · Math without overflow guards · Block data used without validation · … Calls any address with attacker data Math without overflow guards Block data used without validation Floating pragma External call in unbounded loop Push payment dos Fee on transfer External-call concern flagged by AI review	100
`bsc`	`0xdb60…d441` verified-source	2026-04-29 03:56:57 UTC	ETH can be deposited but never withdrawn · Privileged function lacks proper guard · Precision loss in division-then-multiply · … ETH can be deposited but never withdrawn Privileged function lacks proper guard Precision loss in division-then-multiply Variable shadowing Fee on transfer	100
`moonbeam`	`0x3e65…408c` verified-source	2026-04-25 22:01:18 UTC	Unbounded loop · Uncapped mint · Floating pragma · … Unbounded loop Uncapped mint Floating pragma Unsafe downcast no check Hardcoded address can't be updated	100

Correlated exploits

True positives (engine flagged before exploit) and false negatives (engine missed) — the headline of the track record.

⏳

Seasoning in progress

No correlated exploits yet. The track record is built by waiting — predictions are recorded at scan time and cross-referenced against real exploits as they surface in the wild. The 90+ day window prevents post-hoc selection bias.

How the track record is built

Continuous scanning: every newly-deployed contract on supported chains is audited automatically. Verified-source contracts run through the full deterministic engine that powers paid audits. Unverified contracts are bytecode-pattern-matched against rug-pull signal selectors — these findings carry a bytecode badge and are capped at MEDIUM severity.
Tamper-proof commitment: each verdict is recorded together with a cryptographic fingerprint of the engine version, so predictions cannot be revised after the fact.
Pre-exploit-only TP rule: a prediction only counts as a true positive if it was logged BEFORE the exploit timestamp. Anything else is excluded — no post-hoc selection.
Periodic correlation: logged predictions are cross-referenced against curated exploit feeds at regular intervals. Outcomes are written back as TP / FN.
Public surface: this page. Programmatic access ships after the seasoning window closes.

Last data point: 2026-05-02 13:43:22 UTC · Engine version 4.2.0 · No retroactive edits possible

Sentinel Security Agent