Risk / Admin controls / /

FREEDOM Deep Dive: Low Contract-Control Risk, High Holder-Concentration Risk

A review of FREEDOM using Smarts, BscScan, and BNB Chain RPC reads, covering contract permissions, owner state, Pancake reserves, top holders, and the core market-structure risks.

Generated: 2026-07-07

Subject: 0x9c118268a9bf6328b62ebf7d2be035fbc01d4444

Network: BNB Smart Chain

Token: FREEDOM

Executive Summary

FREEDOM is a verified-source BEP-20/ERC-20 token contract on BNB Smart Chain. The total supply is 1,000,000,000 FREEDOM, the current owner is the zero address, and the transfer mode is normal. Looking only at the contract code, this review did not find common high-risk backdoors such as external minting, blacklist controls, transfer taxes, pausing, proxy upgrades, or arbitrary balance seizure.

The deeper on-chain review, however, shows that the main risk is not contract permissions. It is holder concentration and market structure:

  • The largest holder is 0x28816c4c4792467390c90e5b426f198570e29307, publicly labeled by BscScan as Changpeng Zhao. It holds 700,000,000 FREEDOM, equal to 70.00% of total supply.
  • The top 10 holders together hold about 807,830,353.6848 FREEDOM, or roughly 80.7830% of total supply.
  • The second-largest holder, 0x38a2896ba9ac0d43711e40c44146a921ec5b8ebe, is a PancakeSwap pair contract. On-chain reads show token0 is FREEDOM and token1 is WBNB; the pool holds about 54,113,364.7973 FREEDOM and 82.0964 WBNB.
  • BscScan marks the token reputation as Unknown, with about 1,200 holders.
  • Smarts and BscScan do not provide reliable USD price and market-cap fields for this token. If the Pancake pool reserves are used for a rough estimate, the result should be treated only as an instantaneous AMM-pool estimate, not an authoritative market cap.

Overall judgment: contract-level admin-backdoor risk is low; market-level concentration risk is high. In particular, the largest address holds 70% of supply, so any transfer, sale, or approval from that address could materially affect the market.

Data Sources

This report uses public sources and direct on-chain reads:

Source Use
Smarts contract docs Contract classification, compiler, ERC-20 state, owner, risk controls
BscScan token page Holder count, Token Rep, source code, ABI, top 50 holders
BNB Chain RPC eth_call Pancake pair token0 / token1 / getReserves
BscScan address pages Public address labels and contract-page labels
OKX onchainos token data Attempted, but the interface triggered OKX Agent Payments Protocol payment confirmation and no paid request was continued

Reference links:

How to Recheck with Smarts MCP

The contract state and permission findings in this report can be rechecked with Smarts MCP. Smarts MCP is useful for verifying:

Check What Smarts MCP can verify
Whether the contract is verified Contract name, compiler version, contract classification, ERC-20 status
ERC-20 base state name, symbol, decimals, totalSupply
Admin permissions Whether Ownable exists, current owner() value, whether it is the zero address
Risk controls Whether owner control, recent governance events, or risk warnings are detected
Address type Contract / EOA, native balance, nonce, ENS information
Pair-contract screening First classify related addresses as contracts or EOAs, then decide whether to read ABI or state

MCP endpoint:

https://smarts.md/mcp

Contract reference:

bnb/0x9c118268a9bf6328b62ebf7d2be035fbc01d4444

Example prompt:

Tell me the current state of bnb/0x9c118268a9bf6328b62ebf7d2be035fbc01d4444

Related-address prompts:

Inspect 0x28816c4c4792467390c90e5b426f198570e29307 on BNB Smart Chain
Inspect 0x38a2896ba9ac0d43711e40c44146a921ec5b8ebe on BNB Smart Chain

Smarts MCP is useful for source code, ABI, ERC-20 state, and permission controls. It does not replace full market research. Holder rankings, LP ownership, trade history, price depth, and address relationships still need to be cross-checked with BscScan, DEX pools, RPC reads, and other data sources.

1. Basic Information

Item Result
Contract address 0x9c118268a9bf6328b62ebf7d2be035fbc01d4444
Network BNB Smart Chain
Contract name Token
Classification ERC-20 Token / BEP-20 Token
Token Name FREEDOM
Symbol FREEDOM
Decimals 18
Total Supply 1,000,000,000 FREEDOM
Compiler Solidity v0.8.20+commit.a1b79de6
Source Verified
Contract BNB balance 0 BNB
Current owner 0x0000000000000000000000000000000000000000
Current _mode 0, meaning normal transfer
BscScan Token Rep Unknown
BscScan holder count About 1,200

Smarts' ERC-20 state shows that price, market cap, and issuer fields are empty or unavailable, so those market fields cannot be confirmed from that source.

2. Contract Design and Permissions

Main contract structure:

contract Token is FourERC20, Ownable

The core logic is in Token3.sol:

uint public constant MODE_NORMAL = 0;
uint public constant MODE_TRANSFER_RESTRICTED = 1;
uint public constant MODE_TRANSFER_CONTROLLED = 2;
uint public _mode;

bool private _initialized;

Initialization function:

function init(
    string memory name,
    string memory symbol,
    uint256 totalSupply
) public onlyOwner {
    require(!_initialized, "Token: initialized");
    _initialized = true;
    _init(name, symbol);
    _mint(owner(), totalSupply);
    _mode = MODE_TRANSFER_RESTRICTED;
}

Pre-transfer control:

function _beforeTokenTransfer(
    address from,
    address to,
    uint256 amount
) internal virtual override {
    super._beforeTokenTransfer(from, to, amount);
    if (_mode == MODE_TRANSFER_RESTRICTED) {
        revert("Token: Transfer is restricted");
    }
    if (_mode == MODE_TRANSFER_CONTROLLED) {
        require(from == owner() || to == owner(), "Token: Invalid transfer");
    }
}

Mode setter:

function setMode(uint256 v) public onlyOwner {
    if (_mode != MODE_NORMAL) {
        _mode = v;
    }
}

Key interpretation:

  1. After initialization, the token first enters restricted-transfer mode.
  2. Only the owner can call setMode().
  3. Once _mode becomes MODE_NORMAL, the condition inside setMode() prevents later mode changes.
  4. The current owner is the zero address, so owner permissions are effectively disabled.

In the current state:

  • The contract cannot be initialized again.
  • It cannot mint again.
  • It cannot restore owner control.
  • It cannot change transfer mode.
  • It cannot pause transfers or move back into controlled-transfer mode.

3. Common Contract-Risk Checks

Risk item Finding Notes
External mint Not found _mint() is only called inside init(); the contract is already initialized and has no owner
External burn Not found _burn() is not exposed as public/external
Blacklist Not found No blacklist mapping or restriction list in source
Whitelist Not found No whitelist mapping in source
Transfer tax Not found _transfer() does not take tax or route fees
Fee wallet Not found No fee wallet / marketing wallet found
Pause function Not found No pause/unpause
Proxy upgrade Not found Not a proxy; no implementation/admin slot
Arbitrary balance seizure Not found No owner sweep of user balances
Trading restriction Historical, currently inactive _mode could restrict transfers historically; current _mode=0 and owner is zero

The contract is closer to a "standard ERC-20 plus initialization-stage transfer switch." The largest remaining contract-level risk is lack of governance: if the project later needs a fix or migration, the contract has no admin entry point.

4. Holder Structure

BscScan's holder page shows the top 1,000 holders and roughly 1,200 total holders. The top 10 addresses are:

Rank Address / Label Balance Share of supply
1 0x28816c4c4792467390c90e5b426f198570e29307 / BscScan label Changpeng Zhao 700,000,000 70.0000%
2 0x38a2896ba9ac0d43711e40c44146a921ec5b8ebe / Pancake pair contract 53,050,173.7663 5.3050%
3 0x8fabe392df90b06ad610c33f41bb1abd78a5fc20 11,978,303.0501 1.1978%
4 0x615559b64e505f9008fea2c145e79e2864b30a1e 7,062,603.0169 0.7063%
5 0xd874259110c6e086f1d2fee474b73e69b8f5dab0 6,683,515.4620 0.6684%
6 0x15ec0ad2f8b8ad896ed496069e7bae3d42e2bcc1 6,079,494.8309 0.6079%
7 0xfaae28ab1e48a97143adc9cc6dc0cd7dfff6322a 5,973,433.5872 0.5973%
8 0x3050a6255f56328fe0ff97f6ac3184989fb3021e 5,927,825.6736 0.5928%
9 0x74b70fc16aec51477190284207ab45edab196efe 5,660,349.7005 0.5660%
10 0x9663a1e99b66e7c934fe861b9c41078a10ed8ae6 5,414,654.5973 0.5415%

Top 10 total: 807,830,353.6848 FREEDOM, about 80.7830% of total supply.

Important notes:

  • The percentage field on the BscScan holder page returned 0.0000%, which is clearly inconsistent with balances and total supply. This report therefore calculates share as balance / 1,000,000,000.
  • The Changpeng Zhao label on the largest holder comes from BscScan's public label. It is not cryptographic proof of identity. It means the explorer labels the address as CZ-related, but it does not by itself prove who currently controls the private key.

5. Largest Holder Review

Address: 0x28816c4c4792467390c90e5b426f198570e29307

Previous address checks showed:

  • The BscScan page title is labeled Changpeng Zhao.
  • The address is an EOA, not a contract.
  • It has visible BNB Chain activity and a meaningful BNB balance.
  • It is currently the largest FREEDOM holder, with 700,000,000 FREEDOM.

Risk meaning:

  1. If the address is actually controlled by CZ or a related entity, FREEDOM's narrative may become tightly tied to that public label.
  2. If the address only passively received an airdrop or a project transfer, that does not imply active endorsement by CZ.
  3. Regardless of the true controller, 70% concentration makes the market highly sensitive to one address.
  4. This address should be monitored for FREEDOM transfers, approvals, pool deposits, or sales.

6. Liquidity Structure

Second-largest holder:

0x38a2896ba9ac0d43711e40c44146a921ec5b8ebe

BscScan shows this address as a Pancake-related contract. BNB Chain RPC reads return:

Method Return
token0() 0x9c118268a9bf6328b62ebf7d2be035fbc01d4444, FREEDOM
token1() 0xbb4cdb9cbd36b01bd1cbaebf2de08d9173bc095c, WBNB
getReserves() About 54,113,364.7973 FREEDOM / 82.0964 WBNB

Using the BNB price shown on BscScan at the time, about $582.68, a rough estimate gives:

  • WBNB-side value in the pool: about $47,831.
  • Assuming equal value on both AMM sides, total pool liquidity: about $95,662.
  • Implied FREEDOM pool price: about 0.0000015171 WBNB, or about $0.000884.
  • If that pool price is multiplied by total supply, fully diluted valuation is about $884,000.

These numbers are only instantaneous reserve-based estimates from one pool. They are not authoritative market-cap data. For a highly concentrated token, AMM pool price can be significantly affected by small trades and large-holder behavior.

7. Market-Structure Risks

1. One address holds 70%

This is the most important risk in the report. The largest address holds 700 million tokens, or 70% of total supply. Even if the contract cannot mint more tokens, a single large holder can change market structure through transfers, sales, liquidity provision/removal, or approvals.

2. The top 10 holders exceed 80%

The top 10 addresses hold about 80.78% in total. This means distribution is not broad. Future price and liquidity depend more on a few addresses than on organic trading by a wide holder base.

3. Liquidity is small relative to supply

The Pancake pool has about 54.11M FREEDOM and 82.10 WBNB. Relative to 1B total supply and the 700M largest holder, pool liquidity is not large enough to absorb major selling.

4. Token Rep is Unknown

BscScan shows Token Rep as Unknown. That does not mean the token is malicious, but it does mean the explorer does not provide positive reputation confirmation. For a new or low-visibility token, source, deployer, initial distribution, and project announcements need extra verification.

5. Limited external public information

Direct searches for the contract address did not find reliable independent reporting or official explanation. When external information is limited, the token name, public labels, or short-term price action should not be treated as proof of credibility.

8. On-Chain Signals to Keep Monitoring

Suggested monitoring targets:

  1. Whether 0x28816c4c4792467390c90e5b426f198570e29307 transfers out FREEDOM.
  2. Whether the largest address approves Pancake, Uniswap, routers, or unknown contracts.
  3. Whether WBNB reserves in the Pancake pair 0x38a2896b...c5b8ebe fall quickly.
  4. Whether LP ownership is locked, burned, or concentrated in one controllable address.
  5. Whether the top 10 unknown addresses share funding sources, deployers, or batch-distribution patterns.
  6. Whether many small addresses receive tokens and immediately sell or consolidate.
  7. Whether new pools redirect main liquidity.
  8. Whether an official announcement explains the nature of the 70% holding.

9. Overall Rating

Dimension Rating Reason
Contract-permission risk Low Owner is renounced; no mint/tax/blacklist/upgrade found
Governability risk Medium Owner is zero address, so future fixes or governance are unavailable
Holder-concentration risk High Largest address holds 70%; top 10 hold about 80.78%
Liquidity risk Medium-high Main pool has about 82 WBNB, small relative to concentrated holdings
External-information risk Medium-high Token Rep Unknown and limited independent public information
Overall risk High Clean code does not offset highly concentrated holder structure

Final Judgment

The FREEDOM contract is not a typical high-risk token contract with transfer taxes, blacklists, minting, or upgrade backdoors. The current owner is the zero address, _mode=0, and the contract is mostly no longer changeable by an administrator.

The real issue is token distribution: the address labeled by BscScan as Changpeng Zhao holds 70% of total supply, and the top 10 holders hold more than 80%. FREEDOM's practical risk is therefore driven mainly by large-holder behavior and liquidity depth, not by contract code.

To improve certainty, the next step should be transaction-history and address-relationship mapping: trace the deployer, initial mint recipient, the transfer path for the 700M tokens, LP creation transaction, current LP-token ownership, and whether the largest holder actively interacted with the FREEDOM contract or trading pool.

Disclaimer

This article is a research note based on public on-chain data and block-explorer pages. It is not a complete security audit and is not investment advice. Block-explorer labels, AMM pool prices, and holder pages can change over time; always recheck current on-chain state before making any trade.