Ethereum · Smart Contract Security · Updated Jun 09, 2026

Is Worldcoin Safe? WLD

On-chain security analysis — is it a scam or legit?

Contract 0x163f…8753 DexScreener ↗
Critical Risk
Volume 24h
$283.0K
Liquidity
$277.1K
Price
$0.4144
Token Age
2y
Top 10 Holders
69.7%

Security Checklist

3/5 checks passed
Contract VerifiedPass
Ownership RenouncedFail
No Mint FunctionPass
Liquidity LockedFail
Not a ProxyPass

Security Analysis

The WLD token contract implements an ERC20 token with an initial supply cap and a controlled inflation mechanism. The contract utilizes OpenZeppelin's Ownable2Step for robust ownership management and includes explicit checks for input validation and supply caps. Key findings include the complexity and potential for higher-than-stated effective inflation rates in certain scenarios, and the significant centralized control over token supply by the owner and minter roles. While the code quality is high, these economic and governance risks warrant careful consideration.

The WLD contract is technically sound, leveraging established libraries and adhering to good coding practices. However, the high degree of centralized control over token supply and the complex inflation mechanics introduce significant economic and governance risks. It is strongly recommended to implement multi-signature wallets for critical roles (owner, minter) and ensure transparent communication regarding the inflation model's nuances. For enhanced security and operational resilience, consider a Premium Deploy option. This would involve deploying the contract through a battle-tested multi-signature wallet (e.g., Gnosis Safe) for the owner role, and potentially integrating with a robust monitoring solution to track supply changes and minter activities in real-time.

Audit Summary

The WLD token contract implements an ERC20 token with an initial supply cap and a controlled inflation mechanism. The contract utilizes OpenZeppelin's Ownable2Step for robust ownership management and includes explicit checks for input validation and supply caps. Key findings include the complexity and potential for higher-than-stated effective inflation rates in certain scenarios, and the significant centralized control over token supply by the owner and minter roles. While the code quality is high, these economic and governance risks warrant careful consideration.

Final Recommendation: The WLD contract is technically sound, leveraging established libraries and adhering to good coding practices. However, the high degree of centralized control over token supply and the complex inflation mechanics introduce significant economic and governance risks. It is strongly recommended to implement multi-signature wallets for critical roles (owner, minter) and ensure transparent communication regarding the inflation model's nuances. For enhanced security and operational resilience, consider a Premium Deploy option. This would involve deploying the contract through a battle-tested multi-signature wallet (e.g., Gnosis Safe) for the owner role, and potentially integrating with a robust monitoring solution to track supply changes and minter activities in real-time.

Category Ratings

TechnicalLow
6/10

The WLD contract demonstrates strong technical foundations (7.1 Architecture, 7.2 Code Security). It inherits from battle-tested OpenZeppelin contracts (ERC20, Ownable2Step), ensuring standard compliance and robust access control (7.3 Access Control). Solidity 0.8.19 provides default checked arithme

GovernanceHigh
6/10

The contract design presents significant governance and economic considerations (7.4 Economic, 7.5 Governance). The owner has substantial power, including a one-time initial mint up to 10 billion tokens and the ability to set an arbitrary minter address. The minter then controls ongoing inflation, w

UpgradesLow
6/10

The WLD contract is not designed as an upgradeable proxy (7.7 Upgrades). Its logic is immutable once deployed, meaning no upgrade safety issues are present. Any future changes to the token's core logic would require a new contract deployment and a migration process.

Security Findings

4 total
2 High 1 Low 1 Info
H-01HighUnresolved

Inflation Rate Exceeds Stated Cap in Edge Cases

The `mintInflation` function's logic, as acknowledged in the contract's own documentation, allows for the effective inflation rate over certain periods to exceed the `inflationCapWad` (up to `(1 + inflation cap)^2 - 1`). This means that while a nominal inflation cap is defined, the actual token supply dilution experienced by holders could be higher than a simple interpretation of the `inflationCapWad` might suggest, potentially leading to unexpected economic outcomes.

Recommendation: Ensure all public-facing documentation, whitepapers, and communications clearly explain this nuanced behavior of the inflation mechanism, providing concrete examples of how the effective inflation rate can vary. Consider adding monitoring tools to track actual inflation rates and compare them against expected values. If possible, explore alternative inflation mechanisms that provide a stricter, more predictable cap over any given period.
H-02HighUnresolved

Centralized Control over Token Supply

The contract grants significant power to the `owner` and subsequently to the `minter` address. The `owner` can perform a one-time mint up to `INITIAL_SUPPLY_CAP` (10 billion tokens) and then designate an arbitrary `minter`. The `minter` can then continuously mint new tokens, subject only to the inflation rules. This high degree of centralized control over the token supply introduces a significant trust assumption and potential single point of failure if the owner or minter keys are compromised or misused, or if the roles are maliciously exercised.

Recommendation: Implement a multi-signature wallet (e.g., Gnosis Safe) for both the `owner` and `minter` roles to distribute control and reduce the risk of a single point of compromise. Consider a time-locked mechanism for critical actions like `setMinter` to allow for community review or emergency intervention, enhancing transparency and security.
L-01LowUnresolved

Immutability of Inflation Unlock Time

The `inflationUnlockTime` is set once in the constructor based on `inflationLockPeriod_ + block.timestamp` and cannot be modified thereafter. While this provides predictability, it removes flexibility to adjust the inflation start time in response to unforeseen market conditions, regulatory changes, or governance decisions. This immutability could become a limitation if the project requires adaptive economic parameters in the future.

Recommendation: If future flexibility is desired, consider adding a governance-controlled mechanism (e.g., via a DAO or a multi-sig) to adjust the `inflationUnlockTime` within predefined bounds, or to pause/unpause inflation. If immutability is a strict design choice, ensure this is clearly communicated to all stakeholders as a core property of the token's economic model.
I-01InformationalUnresolved

Non-Renounceable Ownership

The `renounceOwnership` function is explicitly overridden to revert, preventing the owner from ever relinquishing control of the contract. This is a deliberate design choice to ensure continuous oversight and prevent accidental or malicious renunciation of the owner role, which is critical given the owner's extensive powers.

Recommendation: This is a design decision. No action is required unless the project's long-term decentralization strategy changes. Ensure this design choice is well-documented and understood by all stakeholders, highlighting that ownership will always reside with the designated address(es).

Frequently Asked Questions

Is Worldcoin a scam?

Based on the provided data, Worldcoin (WLD) exhibits several risk factors commonly associated with potential scams, though this analysis doesn't definitively label it one. The critical concerns include ownership not being renounced, extreme token centralization with 69.7% in top 10 holders, and unlocked liquidity. These factors create significant avenues for malicious action or market instability, warranting extreme caution from investors.

Is Worldcoin safe to buy?

Investing in Worldcoin (WLD) carries a critical risk, indicated by its 75/100 risk score, making it unsafe for risk-averse investors. Key safety concerns include the unrenounced contract ownership, allowing the deployer control. The vast majority of tokens (69.7%) are concentrated in the top 10 wallets, posing a high centralization risk. Furthermore, unlocked liquidity means funds could be withdrawn, impacting market stability significantly.

Has Worldcoin been audited?

The provided data confirms that the Worldcoin (WLD) contract is verified on Ethereum, meaning its code is publicly available for inspection. However, contract verification is not the same as a comprehensive security audit by an independent third party. The data provided does not explicitly state whether Worldcoin has undergone a formal security audit. Investors should seek audit reports if available.

Would You Like a More Detailed Audit of Worldcoin?

Our AI-powered scanner gives you a deeper, real-time smart contract analysis — free, no signup required.

Get Detailed Audit
Run Free Audit →