What are Rugpulls and Honeypots in Crypto?
/ / What are Rugpulls and Honeypots in Crypto?

What are Rugpulls and Honeypots in Crypto?

Rugpulls and Honeypots – what’s it all about?

I currently trade smaller coins for a living and make decent money from it and I’m learning every day. I get in very early, ride the hype to the top and then cash out. Many of them are what you would call shitcoins. But almost equally as many others are simply new projects that have a real purpose and are just getting started. After all, every project has to start somewhere. Pancakeswap for example started on the Binance Smart Chain and is now one of the largest exchanges. There are what we call Rugpulls and Honeypots all over the place – and here’s how to avoid them.

Read also: How to do your own research for crypto

And then there are the real scam coins, which is what you usually read about when people lose all their money. Yes, you can lose money the “natural” way if the project simply doesn’t take off as expected, but the vast majority of losses are caused by scams. Since I deal with this on a daily basis, I thought it would be good to write a quick guide to help you guys who may be buying these smaller coins detect those scams and hopefully prevent you from losing your money on Rugpulls and Honeypots.

The vast majority of scams can be divided into either Rugpulls or Honeypots. So let’s start.


Why are they called rugpulls? Imagine you’re standing on a carpet. You’re safe because the carpet is your support. Now, this evil guy comes along and pulls out the rug underneath your feet. That’s a rugpull. You lost your support. It works the same way with coins. When you buy a coin, it is usually supported by a Liquidity Pool. It’s a collection of funds that are locked in the contract and provide a “pool” for you to buy and sell coins. Rather than waiting for someone to come along to match your buying or selling, you use the pool to trade faster.

What the scammers do is they launch a new coin, attach a liquidity pool to it and wait for people to start buying coins. Once enough people have bought the coin, the scammer will pull the liquidity pool, run off with the money and leave you with a worthless coin.

You won’t find out until it’s too late. It’s usually that moment when your coin’s value drops from maybe $0.0034823 down to $0.0000000 or $0.0000002.

A rugpull example on a ERC-20 token
A rugpull example on a ERC-20 token


To be honest, I never found an explanation as to why they are called honeypots, but you can pretty much figure out why on your own. It’s basically a pot of honey where your money gets stuck and can’t leave. They are often less obvious to the untrained eye and therefore also often more difficult to detect, even for people who trade smaller coins on a daily basis. Experienced traders routinely fall victim to honeypots because they see a coin pumping and jump in without verifying everything first.

What the scammers do is basically insert a piece of code into the contract which allows only their own wallets to withdraw from the coin. They launch the coin and people start buying. You see the coin pumping and think wow, this is amazing. It’s just going up and up. There are little or no red candles on the chart. You will likely stay for a while until you think it’s enough and try to cash out. And that’s when you notice that you can’t because the contract says nobody except specific wallets can cash out. Your money is stuck forever and there is nothing you can do about it. The scammer can withdraw at any time, though. Some of these scams go on for days or weeks and people think they found a real gem of a coin that is going to the moon and will keep buying.

Dynamic distributed honeypot based on blockchain
Dynamic distributed honeypot based on blockchain

Okay, I’ve had enough. How can I protect myself?

The best protection is not to trade with these small coins at all. Or at least not until you have some real experience with legit coins. And often experienced traders will not even touch these coins because it’s too dangerous. Any of the top 100 coins on CoinMarketCap for example are very likely to be safe. Scammers usually don’t allow the scams to get too big. It can happen, but it’s very rare. But you don’t listen to me, right? So, let me at least try to help you not get scammed too often.

Read also: Top 101 crypto coins grouped by usage and purpose

The vast majority of these scams happen on either the Ethereum Chain or the Binance Smart Chain. Because it’s very easy and relatively cheap for the scammers to launch these coins over and over again with different names and make lots of money.

There are tools that help you detect red flags and avoid these coins. If the coin you’re purchasing is on the Ethereum chain, use Etherscan. If it’s on Binance Smart Chain, use BscScan. Find out the Token ID for your coin and enter it on the corresponding website. On the next page, go to “Token Tracker”. You will see a tab that says “Holders”. There, you can see all the wallets holding tokens and the liquidity pools. Unfortunately, there are many combinations of things you have to watch out for.

Red flags

  1. No dead coins. A project is fairly safe from a rugpull (but not a honeypot) if more than 50% of coins are in a dead wallet (usually identified as 0x000000000000000000000000000000000000dead). Watch out if less than 50% or no coins are dead.

  2. Large wallet holders. Stay away from coins where one or a few wallets hold most tokens.

  3. Unlocked liquidity pools. Even if they have liquidity pools locked, they could unlock them if the contract allows them to. You could dig deeper into the contracts but that usually requires coding knowledge.

  4. No audit. If they are audited by a reputable company, the chance of Rugpulls and Honeypots is almost always eliminated.

Another great resource is Token Sniffer. Enter the Token ID on the top right and look for the results of the “Automated Contract Audit”. If there are any alerts, stay away from the project. The “No prior similar token contracts” is sometimes a false flag alert, because many projects use contract templates these days.

If your coin is on the Binance Smart Chain, you can go to PooCoin, again enter the Token ID and watch the charts. If you notice no wallets selling or only one or two wallets doing all the selling, stay away from it. It’s most likely a honeypot. If many wallets are selling, it’s not a honeypot.

One more thing, there are also “slow rugpulls”

These are much harder to detect. What the scammers usually do is create a perfectly legit-looking coin with no other warning signs, but they distribute a large number of coins across hundreds of wallets only they have access to. For example, 20% of coins are distributed to 500 wallets of 0.04% each. As people start buying the coin and the price increases, they will slowly start dumping (selling) their coins in order to generate money. People will keep buying and they will keep dumping until all their wallets are empty. These are super hard to detect, but the most reliable way to detect them is to use Etherscan or BscScan to check for many wallets with the same % amount of tokens.

As you can see, protecting yourself from scams is a lot of work and this is by no means a complete guide and it won’t guarantee that you won’t get scammed. Not even experienced traders are 100% safe from scams and teaching someone all the things to watch out for would require coding knowledge and weeks or months of practice, but I believe it’s a fairly good starting point. You can always do your own research from here and learn more.

And remember, unless you’re absolutely okay with losing all your money, stay away from these high-risk Rugpulls and Honeypots.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *