Rug pulls and token scams: patterns, red flags, and tracing limits
Taxonomy of token-level fraud
Liquidity rug: Developers pair a hype token with ETH or stablecoins, attract buys, then remove liquidity or dump team wallets.
Honeypot: You can buy but not sell because transfer functions revert unless you are on an allowlist.
Hidden mint / upgrade proxy: Admin keys can inflate supply or replace implementation to steal balances.
Fake “audit” branding: Logos copied; no real audit or audits scoped narrowly.
On-chain signals analysts review
- Ownership renounced? If not, what owner powers remain?
- Tax variables modifiable? Excessive sell tax is a soft rug vector.
- LP tokens locked or held by EOAs controlled by insiders?
- Concentrated top holders created minutes before launch?
Recovery reality after the rug
If funds moved through decentralized mixers equivalents, privacy pools, or rapid cross-chain hops, civil recovery becomes harder—not impossible in all jurisdictions, but slower. If insiders cashed out through identifiable CEX accounts, tracing adds leverage. Honest firms explain which branch you are on before billing large retainers. Our tracing article describes deliverables.
Prevention beats post-mortem
Use block explorers to read verified source (when available), check token age and holder distribution, avoid “exclusive” presales from cold DMs, and cap experimental buys. Combine with the checklist.