FREEDOM Deep Dive: Low Contract-Control Risk, High Holder-Concentration Risk
A review of FREEDOM using Smarts, BscScan, and BNB Chain RPC reads, covering contract permissions, owner state, Pancake reserves, top holders, and the core market-structure risks.
Generated: 2026-07-07
Subject: 0x9c118268a9bf6328b62ebf7d2be035fbc01d4444
Network: BNB Smart Chain
Token: FREEDOM
Executive Summary
FREEDOM is a verified-source BEP-20/ERC-20 token contract on BNB Smart Chain. The total supply is 1,000,000,000 FREEDOM, the current owner is the zero address, and the transfer mode is normal. Looking only at the contract code, this review did not find common high-risk backdoors such as external minting, blacklist controls, transfer taxes, pausing, proxy upgrades, or arbitrary balance seizure.
The deeper on-chain review, however, shows that the main risk is not contract permissions. It is holder concentration and market structure:
- The largest holder is
0x28816c4c4792467390c90e5b426f198570e29307, publicly labeled by BscScan asChangpeng Zhao. It holds700,000,000 FREEDOM, equal to70.00%of total supply. - The top 10 holders together hold about
807,830,353.6848 FREEDOM, or roughly80.7830%of total supply. - The second-largest holder,
0x38a2896ba9ac0d43711e40c44146a921ec5b8ebe, is a PancakeSwap pair contract. On-chain reads show token0 is FREEDOM and token1 is WBNB; the pool holds about54,113,364.7973 FREEDOMand82.0964 WBNB. - BscScan marks the token reputation as
Unknown, with about1,200holders. - Smarts and BscScan do not provide reliable USD price and market-cap fields for this token. If the Pancake pool reserves are used for a rough estimate, the result should be treated only as an instantaneous AMM-pool estimate, not an authoritative market cap.
Overall judgment: contract-level admin-backdoor risk is low; market-level concentration risk is high. In particular, the largest address holds 70% of supply, so any transfer, sale, or approval from that address could materially affect the market.
Data Sources
This report uses public sources and direct on-chain reads:
| Source | Use |
|---|---|
| Smarts contract docs | Contract classification, compiler, ERC-20 state, owner, risk controls |
| BscScan token page | Holder count, Token Rep, source code, ABI, top 50 holders |
BNB Chain RPC eth_call |
Pancake pair token0 / token1 / getReserves |
| BscScan address pages | Public address labels and contract-page labels |
| OKX onchainos token data | Attempted, but the interface triggered OKX Agent Payments Protocol payment confirmation and no paid request was continued |
Reference links:
- Smarts: https://smarts.md/bnb/0x9c118268a9bf6328b62ebf7d2be035fbc01d4444
- BscScan Token: https://bscscan.com/token/0x9c118268a9bf6328b62ebf7d2be035fbc01d4444
- BscScan Contract: https://bscscan.com/address/0x9c118268a9bf6328b62ebf7d2be035fbc01d4444
- Largest holder: https://bscscan.com/address/0x28816c4c4792467390c90e5b426f198570e29307
- Pancake pair address: https://bscscan.com/address/0x38a2896ba9ac0d43711e40c44146a921ec5b8ebe
How to Recheck with Smarts MCP
The contract state and permission findings in this report can be rechecked with Smarts MCP. Smarts MCP is useful for verifying:
| Check | What Smarts MCP can verify |
|---|---|
| Whether the contract is verified | Contract name, compiler version, contract classification, ERC-20 status |
| ERC-20 base state | name, symbol, decimals, totalSupply |
| Admin permissions | Whether Ownable exists, current owner() value, whether it is the zero address |
| Risk controls | Whether owner control, recent governance events, or risk warnings are detected |
| Address type | Contract / EOA, native balance, nonce, ENS information |
| Pair-contract screening | First classify related addresses as contracts or EOAs, then decide whether to read ABI or state |
MCP endpoint:
https://smarts.md/mcp
Contract reference:
bnb/0x9c118268a9bf6328b62ebf7d2be035fbc01d4444
Example prompt:
Tell me the current state of bnb/0x9c118268a9bf6328b62ebf7d2be035fbc01d4444
Related-address prompts:
Inspect 0x28816c4c4792467390c90e5b426f198570e29307 on BNB Smart Chain
Inspect 0x38a2896ba9ac0d43711e40c44146a921ec5b8ebe on BNB Smart Chain
Smarts MCP is useful for source code, ABI, ERC-20 state, and permission controls. It does not replace full market research. Holder rankings, LP ownership, trade history, price depth, and address relationships still need to be cross-checked with BscScan, DEX pools, RPC reads, and other data sources.
1. Basic Information
| Item | Result |
|---|---|
| Contract address | 0x9c118268a9bf6328b62ebf7d2be035fbc01d4444 |
| Network | BNB Smart Chain |
| Contract name | Token |
| Classification | ERC-20 Token / BEP-20 Token |
| Token Name | FREEDOM |
| Symbol | FREEDOM |
| Decimals | 18 |
| Total Supply | 1,000,000,000 FREEDOM |
| Compiler | Solidity v0.8.20+commit.a1b79de6 |
| Source | Verified |
| Contract BNB balance | 0 BNB |
| Current owner | 0x0000000000000000000000000000000000000000 |
Current _mode |
0, meaning normal transfer |
| BscScan Token Rep | Unknown |
| BscScan holder count | About 1,200 |
Smarts' ERC-20 state shows that price, market cap, and issuer fields are empty or unavailable, so those market fields cannot be confirmed from that source.
2. Contract Design and Permissions
Main contract structure:
contract Token is FourERC20, Ownable
The core logic is in Token3.sol:
uint public constant MODE_NORMAL = 0;
uint public constant MODE_TRANSFER_RESTRICTED = 1;
uint public constant MODE_TRANSFER_CONTROLLED = 2;
uint public _mode;
bool private _initialized;
Initialization function:
function init(
string memory name,
string memory symbol,
uint256 totalSupply
) public onlyOwner {
require(!_initialized, "Token: initialized");
_initialized = true;
_init(name, symbol);
_mint(owner(), totalSupply);
_mode = MODE_TRANSFER_RESTRICTED;
}
Pre-transfer control:
function _beforeTokenTransfer(
address from,
address to,
uint256 amount
) internal virtual override {
super._beforeTokenTransfer(from, to, amount);
if (_mode == MODE_TRANSFER_RESTRICTED) {
revert("Token: Transfer is restricted");
}
if (_mode == MODE_TRANSFER_CONTROLLED) {
require(from == owner() || to == owner(), "Token: Invalid transfer");
}
}
Mode setter:
function setMode(uint256 v) public onlyOwner {
if (_mode != MODE_NORMAL) {
_mode = v;
}
}
Key interpretation:
- After initialization, the token first enters restricted-transfer mode.
- Only the owner can call
setMode(). - Once
_modebecomesMODE_NORMAL, the condition insidesetMode()prevents later mode changes. - The current owner is the zero address, so owner permissions are effectively disabled.
In the current state:
- The contract cannot be initialized again.
- It cannot mint again.
- It cannot restore owner control.
- It cannot change transfer mode.
- It cannot pause transfers or move back into controlled-transfer mode.
3. Common Contract-Risk Checks
| Risk item | Finding | Notes |
|---|---|---|
| External mint | Not found | _mint() is only called inside init(); the contract is already initialized and has no owner |
| External burn | Not found | _burn() is not exposed as public/external |
| Blacklist | Not found | No blacklist mapping or restriction list in source |
| Whitelist | Not found | No whitelist mapping in source |
| Transfer tax | Not found | _transfer() does not take tax or route fees |
| Fee wallet | Not found | No fee wallet / marketing wallet found |
| Pause function | Not found | No pause/unpause |
| Proxy upgrade | Not found | Not a proxy; no implementation/admin slot |
| Arbitrary balance seizure | Not found | No owner sweep of user balances |
| Trading restriction | Historical, currently inactive | _mode could restrict transfers historically; current _mode=0 and owner is zero |
The contract is closer to a "standard ERC-20 plus initialization-stage transfer switch." The largest remaining contract-level risk is lack of governance: if the project later needs a fix or migration, the contract has no admin entry point.
4. Holder Structure
BscScan's holder page shows the top 1,000 holders and roughly 1,200 total holders. The top 10 addresses are:
| Rank | Address / Label | Balance | Share of supply |
|---|---|---|---|
| 1 | 0x28816c4c4792467390c90e5b426f198570e29307 / BscScan label Changpeng Zhao |
700,000,000 |
70.0000% |
| 2 | 0x38a2896ba9ac0d43711e40c44146a921ec5b8ebe / Pancake pair contract |
53,050,173.7663 |
5.3050% |
| 3 | 0x8fabe392df90b06ad610c33f41bb1abd78a5fc20 |
11,978,303.0501 |
1.1978% |
| 4 | 0x615559b64e505f9008fea2c145e79e2864b30a1e |
7,062,603.0169 |
0.7063% |
| 5 | 0xd874259110c6e086f1d2fee474b73e69b8f5dab0 |
6,683,515.4620 |
0.6684% |
| 6 | 0x15ec0ad2f8b8ad896ed496069e7bae3d42e2bcc1 |
6,079,494.8309 |
0.6079% |
| 7 | 0xfaae28ab1e48a97143adc9cc6dc0cd7dfff6322a |
5,973,433.5872 |
0.5973% |
| 8 | 0x3050a6255f56328fe0ff97f6ac3184989fb3021e |
5,927,825.6736 |
0.5928% |
| 9 | 0x74b70fc16aec51477190284207ab45edab196efe |
5,660,349.7005 |
0.5660% |
| 10 | 0x9663a1e99b66e7c934fe861b9c41078a10ed8ae6 |
5,414,654.5973 |
0.5415% |
Top 10 total: 807,830,353.6848 FREEDOM, about 80.7830% of total supply.
Important notes:
- The percentage field on the BscScan holder page returned
0.0000%, which is clearly inconsistent with balances and total supply. This report therefore calculates share asbalance / 1,000,000,000. - The
Changpeng Zhaolabel on the largest holder comes from BscScan's public label. It is not cryptographic proof of identity. It means the explorer labels the address as CZ-related, but it does not by itself prove who currently controls the private key.
5. Largest Holder Review
Address: 0x28816c4c4792467390c90e5b426f198570e29307
Previous address checks showed:
- The BscScan page title is labeled
Changpeng Zhao. - The address is an EOA, not a contract.
- It has visible BNB Chain activity and a meaningful BNB balance.
- It is currently the largest FREEDOM holder, with
700,000,000 FREEDOM.
Risk meaning:
- If the address is actually controlled by CZ or a related entity, FREEDOM's narrative may become tightly tied to that public label.
- If the address only passively received an airdrop or a project transfer, that does not imply active endorsement by CZ.
- Regardless of the true controller, 70% concentration makes the market highly sensitive to one address.
- This address should be monitored for FREEDOM transfers, approvals, pool deposits, or sales.
6. Liquidity Structure
Second-largest holder:
0x38a2896ba9ac0d43711e40c44146a921ec5b8ebe
BscScan shows this address as a Pancake-related contract. BNB Chain RPC reads return:
| Method | Return |
|---|---|
token0() |
0x9c118268a9bf6328b62ebf7d2be035fbc01d4444, FREEDOM |
token1() |
0xbb4cdb9cbd36b01bd1cbaebf2de08d9173bc095c, WBNB |
getReserves() |
About 54,113,364.7973 FREEDOM / 82.0964 WBNB |
Using the BNB price shown on BscScan at the time, about $582.68, a rough estimate gives:
- WBNB-side value in the pool: about
$47,831. - Assuming equal value on both AMM sides, total pool liquidity: about
$95,662. - Implied FREEDOM pool price: about
0.0000015171 WBNB, or about$0.000884. - If that pool price is multiplied by total supply, fully diluted valuation is about
$884,000.
These numbers are only instantaneous reserve-based estimates from one pool. They are not authoritative market-cap data. For a highly concentrated token, AMM pool price can be significantly affected by small trades and large-holder behavior.
7. Market-Structure Risks
1. One address holds 70%
This is the most important risk in the report. The largest address holds 700 million tokens, or 70% of total supply. Even if the contract cannot mint more tokens, a single large holder can change market structure through transfers, sales, liquidity provision/removal, or approvals.
2. The top 10 holders exceed 80%
The top 10 addresses hold about 80.78% in total. This means distribution is not broad. Future price and liquidity depend more on a few addresses than on organic trading by a wide holder base.
3. Liquidity is small relative to supply
The Pancake pool has about 54.11M FREEDOM and 82.10 WBNB. Relative to 1B total supply and the 700M largest holder, pool liquidity is not large enough to absorb major selling.
4. Token Rep is Unknown
BscScan shows Token Rep as Unknown. That does not mean the token is malicious, but it does mean the explorer does not provide positive reputation confirmation. For a new or low-visibility token, source, deployer, initial distribution, and project announcements need extra verification.
5. Limited external public information
Direct searches for the contract address did not find reliable independent reporting or official explanation. When external information is limited, the token name, public labels, or short-term price action should not be treated as proof of credibility.
8. On-Chain Signals to Keep Monitoring
Suggested monitoring targets:
- Whether
0x28816c4c4792467390c90e5b426f198570e29307transfers out FREEDOM. - Whether the largest address approves Pancake, Uniswap, routers, or unknown contracts.
- Whether WBNB reserves in the Pancake pair
0x38a2896b...c5b8ebefall quickly. - Whether LP ownership is locked, burned, or concentrated in one controllable address.
- Whether the top 10 unknown addresses share funding sources, deployers, or batch-distribution patterns.
- Whether many small addresses receive tokens and immediately sell or consolidate.
- Whether new pools redirect main liquidity.
- Whether an official announcement explains the nature of the 70% holding.
9. Overall Rating
| Dimension | Rating | Reason |
|---|---|---|
| Contract-permission risk | Low | Owner is renounced; no mint/tax/blacklist/upgrade found |
| Governability risk | Medium | Owner is zero address, so future fixes or governance are unavailable |
| Holder-concentration risk | High | Largest address holds 70%; top 10 hold about 80.78% |
| Liquidity risk | Medium-high | Main pool has about 82 WBNB, small relative to concentrated holdings |
| External-information risk | Medium-high | Token Rep Unknown and limited independent public information |
| Overall risk | High | Clean code does not offset highly concentrated holder structure |
Final Judgment
The FREEDOM contract is not a typical high-risk token contract with transfer taxes, blacklists, minting, or upgrade backdoors. The current owner is the zero address, _mode=0, and the contract is mostly no longer changeable by an administrator.
The real issue is token distribution: the address labeled by BscScan as Changpeng Zhao holds 70% of total supply, and the top 10 holders hold more than 80%. FREEDOM's practical risk is therefore driven mainly by large-holder behavior and liquidity depth, not by contract code.
To improve certainty, the next step should be transaction-history and address-relationship mapping: trace the deployer, initial mint recipient, the transfer path for the 700M tokens, LP creation transaction, current LP-token ownership, and whether the largest holder actively interacted with the FREEDOM contract or trading pool.
Disclaimer
This article is a research note based on public on-chain data and block-explorer pages. It is not a complete security audit and is not investment advice. Block-explorer labels, AMM pool prices, and holder pages can change over time; always recheck current on-chain state before making any trade.