As scammers evolve and create more elaborate schemes, identifying scam tokens in DeFi has become increasingly difficult. Here are five tools that can be used to help identify scam tokens, and hopefully help prevent your loss of capital.
Disclaimer: This is not an exhaustive list, nor will these tools provide 100% accuracy when determining a token's integrity. Please DYOR, and as always, use them at your own risk.
Dextools is available for use with Ethereum and Binance Chain, and is a great platform to quickly see what is going on with a token. After searching for the token contract address, you will be able to sort the list of all the buys and the sells happening for a token by clicking the "Type" category. If you don't see any sell orders, there is a chance you are looking at a honeypot, or there is some type of restriction on selling in place.
In this example with a FLOKI clone, you can see that not a single wallet address has sold the token:
Bonus: If you see only green candles on the chart across all timeframes, chances are, nobody has been able to sell.
This being said, if you do see some visible sell orders, there is still no guarantee that it is not a honeypot scam. Some scammers will "whitelist" a few addresses (while "blacklisting" the majority of the rest) simply to give the appearance of normal trading activity for the pair.
Unicrypt is a great tool that can be used to quickly check liquidity status for a specific token. If the token creator's initial liquidity is locked, then they can't withdraw the funds (rug pull), effectively stealing funds from you, the token holder.
***Please note: Keep an eye out for a short time-lock on the liquidity. Sometimes scammers will "lock up" the tokens for only a couple days, then when the time is up, pull the rug.
A Block Explorer
A block explorer is the ultimate source of all information about a token. Here you will be able to dive as deep as you want into the the liquidity pool, comprehensive transaction data, token contract code, token creator's address and more.
One easy place to start is the "comments" section. To get there, copy and paste the token contract address into the search box, then click the "comments" tab.
The comments section of a token contract should not be too heavily relied upon, as anyone can post whatever they want. However it can still be a great place to look for any red flags. In this example above, the token holders have posted warnings to others about the scam, and even went as far as finding a picture of the scammer himself. If you see any red flags like this, then it's time to dig a little deeper and confirm any indicators.
Next, you could look into the contract creator's address to see if they have removed any liquidity (aka LP tokens) from the pool. The creator's address can be found in the upper right side of the token contract page (using the same example as above).
From here you can look for the initial provision of liquidity, and also see if any liquidity has been removed.
In this transaction, the creator provided 100 BNB ($28.5k USD) of initial liquidity to the BNB-CINU pool. Then, less than 1 hour later, they removed 1,723 BNB ($484k USD) of stolen funds from the pool, and sent it out to other various wallets.
Yet another level of confirmation is to look at the liquidity pool itself. From the contract creator's provision or removal transactions, we can find the pool's contract address (in this case, labelled "Pancake LP's"). This will provide a different view of the transactions above, and indicate how much liquidity is left in the pool.
De.Fi Scanner quickly checks smart contracts for vulnerabilities or unsafe practices. Just input the contract address of your token or NFT, like "0x1234abcd5678," and wait a few minutes for the scan to finish. The tool is especially useful for 1inch users who want to ensure their trades are secure. It's user-friendly and designed to give you peace of mind. The tool is still in development, but you can find more details about upcoming features in our documentation.
Token Sniffer is an easy tool which can be used to search for various tokens on both Ethereum and Binance Chain. Simply copy and paste the token contract address into the search bar, and TokenSniffer will provide info on exploits, a brief contract audit, and more. Another useful feature is the list of known scams and hacks, which is a great place to quickly see if a suspected token is listed.
BSC Check is a BNB Chain specific tool that is also very easy to use. Simply enter the token contract in the search bar, and BSC Check will show you:
Contract owner status - Is the liquidity renounced/locked?
Is there known honeypot code in written into the contract?
Developer's wallet info
Liquidity Pool info
Top token holders
Token Review platforms
3 tools to help identify honeypot tokens