For todays article, we are going to take a look at one of the darker parts of crypto, how they work, and what you can look for in order to help prevent yourself from falling victim to one of these scams.
Please note I am on vacation the week of August 8-13 and no articles will be coming out that week.
For the usual disclosure, I am not a financial advisor, I don’t even work in finance at all. My day job is as a telecommunications software engineer. Treat everything you read here as some educational resources and not financial advice.
What Are Rug Pulls
Rug pulls are a type of crypto scam, where the developer team will create a token, get’s it’s value pumped up, and then walk away with all of the money, leaving nothing for the people that bought into the token. With how easy and inexpensive it is to create and launch a crypto token, this is a pretty common scam tactic, so it’s worth knowing about and knowing what some of the warning signs of an impending rug pull are.
There are three main ways that a scammer can conduct a rug pull, and we’ll talk a walk through each to see what you can watch for to help you avoid getting rekt.
This is one of the more common types of rug pull scams, but also one of the easiest for you to watch out for. In previous articles I talked about how liquidity pools work, but we’ll do a little refresher here using an example of how they can be used in a rug pull.
Let’s say I create a token and mint out 1,000,000,000 of them, and I go create a pair on PancakeSwap and I put in all of the tokens plus 1 BNB. I do a little advertising and people buy some of the tokens and now there is say 500,000,000 tokens, and 20 BNB (obviously made up numbers, but I don’t want to do the math on it). I can then go and use my LP tokens, and yank the entire think out, gaining myself 19 BNB, and making all of the tokens that everyone bough worthless, as there is no liquidity for them to trade against.
This one is relatively straight forward to watch out for, basically any development team that is not trying to rug pull you, should be willing to either lock up the LP tokens into a 3rd party time lock vault, or straight up burn them. I personally think the time lock option is the better one, simple because it gives the team the option in the future to move liquidity to another protocol, but either one of them at least protect the users from having the liquidity pulled out from under them.
Pump and Dump
This is another of the common tactics used in a rug pull, and this one is a little harder to catch before it happens. It’s also common enough to have it’s own term for it , the ole pump and dump. The way this scam works is that the developer teams, and sometimes their friends and colleagues will all get allocations of the initial token minting, or at the very least be given the option to purchase the tokens for a very low cost.
After the initial allocations are all handed out, the rest of the tokens are added to a liquidity pool and the team will start advertising and getting people to buy the tokens and start making the price rise up quickly. Once the price hits a good level where all the early holders are going to make money, they start selling off their positions and pulling out all the value that other people added when they bought into the project.
This of course will crash the price out and make it so everybody else loses money, while the developers and early investors tend to make off like bandits.
One good way to help look for these possibilities is to use a tool like Etherscan and look at the holders list, see how many large wallets are holding large positions. People holding 2% or more, could very easily crash the price just by selling off their positions, so look for how many there are, and if they purchased their tokens from the exchange pair, or if they were allocated it from the deployer account.
It’s also important to factor in the burn address. Some developers will mint an exceptionally large supply of the tokens, and burn most of them, to hide the actual percentage of circulating supply that the large wallets hold. If you see a burn address that holds a significant portion of a premined token, you have to ask yourself why? If they wanted a lower supply of tokens, why not just mint less of them?
This can also be combatted by the developers themselves by implementing things like time locked balances, where the team allocations can be locked up and prevented from being sold off early on after launch, or code that prevents someone that holds a very large percentage of the tokens from being able to sell them off in a short period of time, so if a team is including features like this, and you can validate the code is actually good and works, and is being utilized, this can help alleviate some of the fears the team may rug pull you.
This third one is a little harder to detect, and that is the developer team can add code to the smart contract, that makes it impossible for anyone but themselves to be able to sell the token. Or they will say that you need to pay X amount to unlock the ability to sell the tokens. This one is worse because then you’ll pay them the money and they won’t unlock the tokens, and often times these ones are just airdropped to you, with huge amounts of value, and try and trick you with that into handing over what looks like a small amount in comparison.
Since this one involves the code itself, it can be a little harder for non-developers to spot. But, a lot of people out there are developers, and they are taking a look at these projects and making posts about what they find, so if a project is a scam, there is a high probability someone has already figured it out.
One big red flag on this one would be if the project does not release the source code for their smart contract, or they do release the code on say Github, but they do not validate that code on say Etherscan. If it’s not validated on the blockchain explorer, I would be highly skeptical that whatever code they put into the repo would be what was actually deployed to the network.
The other big thing to look for in this one is security audits, especially in larger projects. This is actually good for a couple of reasons. First, it means the code was reviewed and tested by a reputable source, so you can be more assured that there is nothing nefarious in there. It can also help the developers spot a defect in their code. It does not necessarily need to be a scam, a developer can make a simple mistake that could lead to problems as well. This is not foolproof of course, everyone makes mistakes, so a security audit does not necessarily mean no risk.
As you can see, there are a number of ways that a rug pull can be done in a number of ways, but there are red flags that can tip you off to them, and there are things you can look for in order to help mitigate the risk a bit. Crypto is a risky game, so it’s important to keep your wits about you, and do your own research into any projects you’re considering throwing some money into.
Socials And Other Links
You can also sign up for my newsletter which I send out every Friday with news and whatnot from the crypto space, delivered right to your inbox!
You can also find links to resources such as research and news sites over at this link.
Want some more content right now? Check out some of my previous posts:
A few referral links, in case you are interested in the service, and it also helps me out.
Binance – large centralized exchange – referral link saves you 10% on trading fees
Coinbase – basic crypto exchange – referral link gets you bonus crypto on first deposit
Cointiply – very good crypto faucet and earning site – no bonus for you on this referral unfortunately
Originally Posted On My Website: https://ninjawingnut.xyz/2021/08/06/rugpulls/