What Is Solana's Token-2022 Standard? New Features and New Risks

The upgraded token standard that opens new possibilities — and new attack surfaces

Solana's original SPL Token standard, deployed in 2020, was a foundational but deliberately minimal design: create tokens, transfer them, optionally enable mint and freeze authority. It served the ecosystem well but lacked features that more sophisticated token designs required. The Token-2022 program (also called Token Extensions), deployed progressively from 2023, addresses this by introducing a suite of optional extensions that can be embedded directly into token behavior at the protocol level. These extensions represent genuine technical progress — but they also introduce risk vectors that didn't exist in the original standard and that many token buyers have never been warned about.

---

The key Token-2022 extensions — what each one does

Transfer Fee: Every token transfer automatically routes a configurable percentage to a designated fee recipient wallet. Unlike a simple sell tax coded into a contract, this fee applies to every transfer, including wallet-to-wallet sends, DEX trades, and protocol interactions. The fee rate can be set between 0 and 100% and can be changed by the fee authority. A transfer fee of 10% means 10% of every transaction is extracted — and if the fee authority changes the rate, holders have no recourse.

Transfer Hook: Executes custom program logic on every token transfer. A legitimate use case: requiring KYC verification before transfers can complete (for regulated securities). A malicious use case: transfer hook logic that blocks all transfers from non-whitelisted addresses — the mechanism behind Solana's most sophisticated honeypot tokens. Unverified transfer hooks should be treated as disqualifying flags.

Permanent Delegation: Grants a specified wallet the ability to transfer or burn tokens from any holder's account without their approval — at any time, indefinitely. This is broader than freeze authority (which only blocks; it can't move assets) and represents a near-complete override of token ownership. Any token with permanent delegation active should be treated with extreme caution.

Confidential Transfers: Hides transaction amounts using zero-knowledge proofs. Designed for privacy-preserving payments in institutional contexts. For retail tokens, confidential transfers primarily obscure the on-chain data that security tools use to detect wash trading and unusual patterns.

Non-Transferable Tokens: Tokens that cannot be moved out of the wallet that received them — a "soul-bound" mechanism. Legitimate for certificates, achievements, and identity tokens. Occasionally used in scam designs to create the appearance of locked supply without actual vesting.

Interest-Bearing Tokens: Tokens that automatically accrue a configurable interest rate, adjusting the token's displayed balance over time. The appearance of growing balance doesn't represent economic growth — it's a cosmetic display feature that can be used to create an illusion of yield without actual protocol revenue.

---

How Token-2022 changes the risk evaluation

For standard SPL tokens, the security checklist is relatively binary: check mint authority, check freeze authority, done. Token-2022 tokens require additional steps:

1. Check which extensions are active: On Solscan, a Token-2022 token's account info page lists all enabled extensions. Identify each one present.
2. Transfer fee rate and authority: What is the current fee rate? Can it be changed, and by whom? A 0% transfer fee with an active fee authority that can change it to 99% is not zero risk.
3. Transfer hook program verification: If a transfer hook is active, is the hook program publicly verified and documented? An unverified hook is functionally a black box.
4. Permanent delegation: Is permanent delegation active? If yes — who holds it? This is effectively a backdoor to every holder's balance.

---

How Hannisol handles Token-2022 tokens

Hannisol explicitly identifies Token-2022 tokens and flags each potentially dangerous extension as a separate risk factor. Transfer hooks without verified documentation, active permanent delegation, and transfer fee authorities with modification rights all contribute negatively to the Pump-Dump Risk and Exit Ability scores. A Token-2022 token with active permanent delegation receives the same critical-risk treatment as an SPL token with active freeze authority.

Check any Solana token's extension risk profile — including Token-2022 analysis — at Hannisol.