Smart Contract Smart Contract
Audit Pricing Blog Resources
Get Started

Token Risk Profile Database

This database catalogues known smart contract integration risks for major ERC20 tokens. Each profile documents the specific vulnerability, affected chains, contract addresses, and safe integration patterns.

These risks are real-world issues — not theoretical. USDT has caused countless integration bugs, AMP was used in the Uniswap V1 reentrancy exploit, and WETH's permit no-op contributed to the Multichain incident.

Missing Return Data

USDT HIGH
Tether USD
Missing Return Data
BNB HIGH
BNB (ERC20)
Missing Return Data
OMG HIGH
OmiseGO
Missing Return Data

No Revert on Transfer Failure

BAT HIGH
Basic Attention Token
No Revert on Transfer Failure
HT HIGH
Huobi Token
No Revert on Transfer Failure
cUSDC HIGH
Compound USD Coin
No Revert on Transfer Failure
ZRX HIGH
0x Protocol Token
No Revert on Transfer Failure
COMP MEDIUM
Compound
No Revert on Transfer Failure

ERC777 Transfer Hooks (Reentrancy Risk)

AMP HIGH
Amp
ERC777 Transfer Hooks (Reentrancy Risk)
imBTC HIGH
imBTC
ERC777 Transfer Hooks (Reentrancy Risk)

Permit No-Op / Non-Standard Permit

WETH MEDIUM
Wrapped Ether
Permit No-Op / Non-Standard Permit
DAI MEDIUM
Dai Stablecoin
Permit No-Op / Non-Standard Permit

Blocklist / Freezable

USDC MEDIUM
USD Coin
Blocklist / Freezable

Fee-on-Transfer / Rebasing

PAXG MEDIUM
Paxos Gold
Fee-on-Transfer / Rebasing
stETH MEDIUM
Lido Staked Ether
Fee-on-Transfer / Rebasing

Upgradeable Proxy Token

sUSD MEDIUM
Synthetix USD
Upgradeable Proxy Token
TUSD MEDIUM
TrueUSD
Upgradeable Proxy Token
Security Resources
Vulnerability Glossary · Security Blog · Token Risk Profiles
Chain Guides
Ethereum · Polygon · Arbitrum · Base · BNB Chain
ERC Standard Security
ERC20 · ERC721 · ERC1155 · ERC777 · ERC4626 · ERC2612 · ERC4337
© 2026 Smart Contract Audit — Privacy · Terms · Refund Policy