The world of cryptocurrency offers abundant opportunities, particularly in relation to new tokens with smaller market capitalizations. These tokens often possess a significantly higher potential for growth compared to BTC or ETH. Many individuals aspire to discover the next Dogecoin, a token that can increase in value by a factor of 100 within a month.
Nevertheless, investing in smaller projects also entails substantial risks. Numerous projects may initially appear promising but end up being fraudulent within a short period of time. Therefore, it is crucial for wise investors to conduct their own research (DYOR) before making any investment decisions.
However, what factors should one be cautious of during the DYOR process? How can common scams and deceptive tactics be avoided when investing?
This guide will provide you with several tips and strategies that can assist you in evading the numerous scams that occur on a daily basis. It is important to note that even with the application of these guidelines, investing still carries inherent risks. Nonetheless, after reading this guide, you will be better equipped to swiftly identify and avoid scams.
1. Smart Contract Scan
Tokens like BEP-20 and ERC-20 are essentially smart contracts that allow you to interact with them. These smart contracts include the token’s functionalities, such as the transaction tax system, swap protocol, and total supply.
Tools like http://www.bscheck.eu can be used to identify scam contracts. These tools search for common scams and problems, such as:
Honeypot code – It allows you to buy tokens but prevents you from selling them.
Contract owner – Has the ownership of the contract been renounced? If not, the owner can make changes to the smart contract later on, potentially introducing scam code.
Dev wallet info – Do the developers hold a significant number of coins? If they do, they could suddenly sell them in the market, depleting all liquidity.
LP (liquidity) info – Has the liquidity been burned? Does the developer still possess the LP tokens? If they do, it’s concerning because they can withdraw the liquidity at any time.
Top token holders – Are there large holders with a high percentage of tokens? They could quickly sell off the entire value of the token.
If any of these issues arise, exercise caution or consider avoiding the project altogether.
2. Rugpulls – Analyzing Locked Liquidity
Based on what we’ve observed, rug pulls are the most prevalent form of scam. A rug pull occurs when the liquidity of a token traded on decentralized exchanges (DEXs) such as Uniswap or PancakeSwap is suddenly withdrawn, rendering the token worthless and preventing investors from buying or selling it.
Token developers have two options to prevent liquidity from being pulled away: burning or locking. However, it’s important to first have a brief understanding of how liquidity functions.
While anyone can provide liquidity, it is commonly done by the token developers themselves. For instance, in the case of the BNB/SAFEMOON token pair, the SafeMoon developers can supply a certain amount of BNB and SAFEMOON to PancakeSwap, thus contributing liquidity. When users trade on PancakeSwap, they either add BNB and receive SAFEMOON in return (buying SAFEMOON with BNB), or they add SAFEMOON and receive BNB in return (selling SAFEMOON for BNB).
Therefore, this liquidity is essential for trading on DEXs like PancakeSwap and Uniswap. When liquidity is provided, the provider receives LP tokens. These tokens serve as proof of owning a share in the liquidity pool, and they can be exchanged for the provider’s stake in the liquidity pool. In our example, they could obtain BNB and SAFEMOON in return.
Now, consider the scenario where the liquidity provider loses access to the LP tokens. In such a case, the liquidity cannot be removed, enabling investors to continue trading.
Burning LP tokens
Token developers can ensure maximum security and reliability by transferring their LP tokens to a burn address, such as the commonly utilized 0x000…00dEad. To verify this action, you may request the developers to provide evidence of the LP token transaction to this specific or comparable address. By doing so, they prevent any possibility of redeeming the LP tokens and removing liquidity.
Locking LP tokens
The token developers have an alternative choice to temporarily secure their LP tokens within a smart contract. This means that they would be unable to access the tokens for a specific period, such as 6 months.
When researching a particular token, you can inquire with the token developers about the duration and evidence of their locked liquidity.
3. Investigate Website, Social Channels
Take a look at the project’s website and compare the information, such as the smart contract, with their other channels. Scammers often put less effort into creating an attractive website with comprehensive information compared to legitimate projects. Be cautious if the website only consists of a single page displaying the smart contract and a Telegram link.
After that, examine the Telegram group, Twitter account, and potentially Discord server and Reddit activity. Is there a significant amount of interaction? Does the Telegram group have a decent number of users online in proportion to the total number of users? A low number of online users may indicate that the Telegram group is filled with bots to create a false impression of activity. The same applies to Twitter: if they have a large number of followers but minimal interaction on their tweets, exercise caution.
4. CoinGecko / CoinMarketCap / Exchanges Listings
In Telegram groups discussing tokens, there is a common question: “When will CoinGecko (CG) or CoinMarketCap (CMC) list a particular token?” Both CoinGecko and CoinMarketCap have their own processes and criteria for listing tokens, which typically take several days or weeks. Although there are instances where scams manage to get listed, being listed on CoinGecko or CoinMarketCap can generally serve as a reasonable indicator of a project’s legitimacy.
Compared to statistical websites, exchanges have even more stringent requirements for listing tokens. If a project is listed on a reputable exchange like gate.io, for instance, the likelihood of it being a scam decreases even further. The number of listings a project has correlated with its level of legitimacy.
5. Security Audits
There is a significant amount of information that requires your attention. Understanding smart contracts can be challenging, and fraudulent activities can be effectively disguised. However, there are reputable companies, such as https://techrate.org/, that offer a paid service for evaluating smart contracts. You can access a comprehensive list of their completed smart contract audits at https://github.com/TechRate/Smart-Contract-Audits.
It is essential to search for security audits conducted by trustworthy companies like these and ensure their authenticity. This verification process enhances the credibility of the project and reduces the likelihood of scams facilitated through the smart contract.
6. Doxxed devs
The term “doxxed” refers to the act of revealing someone’s identity. While it typically carries a negative connotation, in the context of cryptocurrency, “doxxed developers” is considered positive. It implies that the developers of a token have willingly disclosed their true identities and appearance, which can be seen as a trustworthy gesture. Nevertheless, caution is advised, as they might still be employing counterfeit identities.
7. Use Your Common Sense
Ultimately, a project may fulfill all the necessary requirements, yet it can still turn out to be fraudulent. It is crucial to exercise caution and rely on your intuition when making investments. When encountering something that appears excessively favorable, such as a project guaranteeing a 100% BNB profit in just one week, it often indicates that it is indeed too good to be true.