A mint function gives the token creator the ability to generate new tokens from nothing. This power, when unrestricted, is equivalent to a government printing unlimited currency — except in crypto, the creator can do it instantly and silently, then sell the newly minted tokens into the liquidity pool to drain everyone else's investment.

How the Mint Exploit Works

The attack is straightforward and devastating:

  1. Token launches with a fixed supply of 1 billion tokens. Everything looks normal.
  2. Liquidity is added and people buy. The pool contains real SOL, ETH, or BNB contributed by buyers.
  3. Creator mints another 1 billion tokens — doubling the supply instantly. These new tokens appear only in the creator's wallet.
  4. Creator sells the newly minted tokens into the liquidity pool. Because the pool treats these as valid tokens, the creator receives real currency in exchange.
  5. Pool drained. The massive sell pressure from the new supply crashes the price to near zero. The creator has the real currency; buyers have worthless tokens.
Even locked LP cannot prevent this A mint exploit works even when liquidity is locked or burned. The creator does not need to remove LP tokens — they drain the pool by flooding it with newly minted tokens and selling them through normal DEX swaps. LP lock protects against liquidity removal, not against supply inflation.

Mint Authority on Different Chains

Solana (SPL tokens)

Solana tokens have an explicit mint authority field. When a token is created, the creator is assigned as the mint authority by default. They can choose to revoke this authority, permanently disabling minting. If mint authority is not revoked, new tokens can be created at any time. RugCheck clearly displays whether mint authority has been revoked.

EVM chains (Ethereum, BSC, Base)

On EVM chains, minting capability depends on whether the smart contract includes a mint function. GoPlus Security checks the is_mintable flag. Some contracts hide the mint capability behind innocently named functions or proxy contracts, making detection harder without automated tools.

When Mint Functions Are Legitimate

Not all tokens with mint capabilities are scams. Legitimate use cases include:

  • Stablecoins (USDC, USDT) — new tokens are minted when users deposit fiat currency
  • Governance tokens with planned emission schedules — new tokens are minted as staking or farming rewards
  • Bridge tokens — tokens are minted on the destination chain when locked on the source chain

The key difference: legitimate minting is controlled by smart contracts with transparent rules, not by a single wallet with unlimited discretion. For newly launched meme tokens, community tokens, or any token without a clear technical reason for minting, retaining mint authority is a red flag.

How to Avoid Mint Exploits

  1. Check mint authority. Use RugCheck for Solana — it shows mint authority status clearly. For EVM tokens, Honeypot.is and TokenSniffer check for mintable contracts.
  2. Remember: LP lock does not prevent mint exploits. Even with burned LP, a mint function can drain the pool through oversupply. Check BOTH LP status AND mint authority.
  3. Be skeptical of new tokens retaining mint. If a meme token keeps mint authority and the creator has no published reason for it, assume the worst.
Check Mint Authority with ChainLens RugCheck mint authority + GoPlus is_mintable + contract analysis. Detects hidden mint functions. Free.

Frequently Asked Questions

What is a mint function exploit?

The creator generates unlimited new tokens and sells them into the pool, draining all real currency. Works even with locked LP because the creator sells through normal swaps, not by removing liquidity.

Should all tokens revoke mint authority?

Meme tokens and community tokens have no reason to keep it. Stablecoins and governance tokens may legitimately need it, but with transparent, contract-controlled rules — not single-wallet discretion.