Token Security & Validation
Is this token safe to touch? Conyr validates every token on first sight and watches it for the rest of its life — authority risks, manipulation, and rugs — and streams security events the moment they fire. Detection runs on the same sub-second pipeline as the rest of the data, so a rug shows up as it happens, not on the next batch.
Validation status
Every token resolves to a status: pending · processing · validated · suspicious · rugged. Token metadata and the authority flags (is_mintable, is_freezable, deployer) live on Token Price & Info.
Status is severity-monotonic: once a token is rugged it stays rugged, and a late validated can never quietly downgrade a confirmed rug. Build trust UI on this guarantee.
Suspicious activity
L3 GET /v1/token/{mint}/suspicious-activity
The one call for “what’s wrong with this token right now” — persisted flags plus live manipulation signals, with the funding-abuse summary embedded.
| Field | Type | Description |
|---|---|---|
status | string | clean · suspicious · rugged |
flagged_reasons | string[] | Persisted reasons recorded when the token was flagged |
flagged_time / rugged_time | string | null | When flagged / when the rug was confirmed |
live_activity_flags | string[] | Live funding-abuse reason codes active right now |
funding_abuse | object | null | Embedded funding-abuse summary |
curl -H "Authorization: Bearer $API_KEY" \
"https://api.conyr.ai/v1/token/EPjFWd.../suspicious-activity"{
"token_mint": "EPjFWd...",
"status": "suspicious",
"flagged_reasons": ["High wash trade volume", "Bundle dumping detected"],
"flagged_time": "2026-03-07T12:00:00Z",
"rugged_time": null,
"live_activity_flags": ["SEED_WAVE_HEAVY", "FARM_FUNDED_FRESH_WALLETS"],
"funding_abuse": { "...": "see Funding Abuse" }
}live_activity_flags and funding_abuse populate independently of the persisted flags — a token can read clean and still surface a live signal. Use live_activity_flags as the single “what’s suspicious now” list.
Security signal
L3 GET /v1/token/{mint}/signal
A synthesized severity verdict that folds validation, bundles, wash trades, and funding abuse into one rollup — the fastest way to get a single “how risky is this token” read without composing the individual endpoints yourself.
Live security stream
L3 Channel token:{mint}:security
Security events pushed the instant they’re detected — no batching.
| Event type | Fires when |
|---|---|
bundle_detected | A coordinated bundle is detected on the token |
wash_trade_flagged | A wash-trade pattern is flagged |
rug_detected | A rug is confirmed |
suspicious_activity | Funding abuse or other manipulation surfaces |
coordination_alert | A coordinated campaign activates |
Each event carries a severity level, an evidence summary, and the affected wallets.
ws.send(JSON.stringify({ op: "subscribe", channels: ["token:EPjFWd...:security"] }));