The past week has been absolutely phenomenal for me. Not only I was able to save myself from Squid Games fiasco, I also managed to create my own token called the PandaToken. While I do not intend to make money off it in any way, it gave me a very important insight. If a non coder can create a token in under $2 and 20 minutes, anyone else can. This series of events led me to talk about rug pulls or crypto specific scams where developers run away with the investor money. While I did talk about that in detail here, in this blogpost I want to discuss how you can spot a rug pull even before getting screwed over. There are some evident red flags to look out for and we shall be discussing all of them. How to spot a rug pull? Let’s go!
A. Liquidity Lock:
As mentioned in the previous blogpost, the most common way to conduct a rug pull is sucking out liquidity from a liquidity pool. If you are wondering what these terms mean, I would request you to go ahead and read the blogpost on working of a Decentralized Exchange here.
For a quick context, to enable trading of a token on a DEX, one needs to provide liquidity. That’s the only way for general public to trade that coin. In order to prove that a team is serious about their project, a lot of good projects lock in their liquidity. Basically, they lock in their funds with a third party, so that they cannot withdraw liquidity even if they want to.
Now there is no straight forward way to check this out. You might have to checkout the LP token holders and see if any of those addresses is a burn address. In other words, you could see if the maximum liquidity provider has an inaccessible address. This would mean they won’t be able to withdraw liquidity from there.
You could also try to reach out to the team through Telegram, Discord etc. and ask them for the proof. In turn, they should be able to share a transaction hash which would prove the lock in period.
Other than that, the time period for which funds are locked is of equal importance. Locking funds for a couple of months is far less secure as compared to a project that has locked it for decades.
B. Holding Pattern
Real beauty of blockchain lies in the fact that everything is out there in the public domain. So, you could actually check which address holds what percentage of a particular token.
And if top 10 addresses hold a significant chunk (>50%), it is quite evident that something malicious is going on in the background. These holders could basically bring the price to zero if they were to sell their holdings.
These could be developers who kept a chunk for themselves. Or even may be a random whale. Either way, they’re both detrimental for a retail investor if they decide to defraud.
Our infamous dog, Shiba Inu is a culprit of this. Top 10 addresses hold 65% of $SHIB.
These days projects are publishing third party audit reports which basically validate the legitimacy of the project. These agencies audit the project on code, tokenomics and team.
Any good project out there would definitely be audited. So if you plan to invest in something that isn’t, it might not be a good choice after all.
D. Social Media and Community
A very important aspect of gauging a project. If a project has a vibrant community across all social media platforms with a lot of engagement, it basically means that team is serious about what they are doing.
One thing to keep in mind here is to check if the following is genuine and there are actual people engaging with the content and not bots.
On the other end of the spectrum, if the project does not have any social media accounts, it just dents the overall credibility. Because that way you have nowhere to reach out to in case of any questions.
If you really wish to find a benchmark in terms of community management, checkout Instagram and Twitter handles of CoinDCX. They’re putting out killer memes to drive traffic and generate a credibility for their exchange.
Another subset of this aspect would be the project website. If there isn’t one, it’s most likely a scam. And if there is one, you should actually validate the quality of work done on the site to understand the seriousness behind it.
E. Code Review
Time to review the code. Well, if you are from a coding background, this should be rather easy for you. However, if you aren’t you can use some tools like codesniffer which would tell you that uniqueness of a code in terms of percentage.
If a token source code is 80% similar to other codes, it is extremely likely to be a copy paste job and hence a rug pull. For why a serious developer who wants to grow in crypto space resort to copying source code right?
There you have it. Next time FOMO takes over, you have a fair chance of giving yourself some headspace and understanding what is actually up with the project that you are planing to put your hard earned money in.
Until then, stay safe, stay awake and DYOR. Btw, have you ever been caught up in a crypto scam?
Until Next Time. . .
Btw, if you are a seasoned trader or just testing the waters with derivatives, here’s an exchange specifically meant for that. Head over to MCS using this link. Still not convinced? Join the vibrant community that is talking about MCS on Telegram, here.
For our beloved “non readers”, I also do quick carousels on these topics over Instagram. Come join the fun. Hit me up here.