Log in Sign up
← Field Notes · crypto ·

How to spot a rug pull before you buy: 10 contract red flags

Rug pulls cost crypto buyers billions every year. Almost all of them leave fingerprints in the contract itself. Here are the ten signals to check before you ever click 'Swap'.

A rug pull is when a token's developer drains liquidity, mints unlimited supply, or otherwise extracts value from holders — usually in a single transaction — after the price has been pumped. The token goes from "going to the moon" to unsellable in the time it takes a block to confirm.

Rug pulls cost crypto buyers an estimated $2.8B in 2024 alone. The vast majority of them — we estimate over 90% — leave fingerprints in the contract itself that you can check before you ever click Swap.

This guide is the checklist we use to score every token in our rug scanner. Read it once. Apply it forever.

1. Mint function present

If the contract has an active mint function, the deployer can create unlimited tokens whenever they want. They mint to themselves, sell into liquidity, and the price collapses.

Check: Does the contract have a mint, _mint, or mintTo function callable by the owner? On Etherscan/BscScan/Solscan, search the verified source for "function mint".

Red flag weight: 30 points (critical).

Mitigant: The mint function being renounced (ownership transferred to the zero address) means it can't be called by anyone. Confirm with the owner() reading 0x000....

2. Liquidity not locked or lock expires soon

The deployer's liquidity pool tokens (LP tokens) represent claim on the liquidity backing the token. If the deployer holds these LP tokens, they can withdraw all the paired ETH/SOL/USDC in a single transaction — the classic rug.

Check: Are the LP tokens locked in a known locker contract (UniCrypt, Team.Finance, Pinksale, etc.) for a meaningful duration? "Meaningful" means at least 6 months for a serious project, 1–2 years for confidence.

A lock for 30 days is functionally no lock. The deployer is signaling intent to pull.

Red flag weight: 25 points.

3. Top 10 wallets hold > 50% of supply

If a small number of wallets control most of the float, those wallets can crash the price by dumping anytime.

Check: On Etherscan/BscScan, the "Holders" tab shows distribution. Add up the top 10 (excluding the burn address and LP contract).

  • More than 50% in top 10: high risk.
  • More than 70% in top 10: critical risk.

Sometimes the deployer fragments their bag across many wallets to hide concentration. Use a chain explorer's "wallet age" filter or Bubblemaps to detect wallets funded from the same source.

Red flag weight: 15 points.

4. Contract not verified

If the source code isn't verified on the block explorer, you're trusting compiled bytecode you can't read. Every honest project verifies.

Check: On the token's explorer page, look for the green checkmark on "Contract Source Code Verified".

Red flag weight: 10 points (rarely seen on legitimate tokens — if unverified, this alone should be disqualifying).

5. Honeypot test fails (the unsellable trap)

The most malicious rugs let buyers buy the token but block sells. The price chart looks beautiful — only up. Until you try to sell.

Check: Run the contract through a honeypot detector before buying:

These tools simulate a buy + sell in a forked chain to confirm sells work.

Red flag weight: 40 points (instant critical — this alone is a rug).

6. Trading cooldown or max-transaction limits

The contract may enforce a max wallet size (e.g., "no wallet may hold > 2% of supply") or transaction cooldowns. These can be legitimate anti-snipe measures at launch, but persistent restrictions let the deployer paint volume and prevent large sells.

Check: Read the contract source for _maxTxAmount, _maxWalletSize, cooldownEnabled, or similar.

Red flag weight: 10 points — yellow flag, not necessarily fatal, but check the deployer's history.

7. Owner can pause trading

A pause function that the owner can call to halt all transfers means the deployer can freeze the token at any time — typically right before pulling liquidity, so nobody can front-run the rug.

Check: Source code search for pause, _pause, _beforeTokenTransfer with a "trading enabled" gate.

Red flag weight: 15 points.

8. No social, no website, no audit

Real projects have something. Twitter with engagement, a website, a Discord with real conversations, an audit from a known firm (CertiK, Hacken, OtterSec, etc.).

Be careful here: an audit from "AuditFinance" or "TechRate" generally doesn't mean much. Top-tier audit firms only.

Red flag weight: 10 points.

9. Token age < 7 days

The vast majority of rugs happen within the first week. Tokens that survive past day 14 are dramatically less likely to rug — not because the team got more ethical, but because the type of operator who rugs typically does it fast.

Red flag weight: 5 points.

10. Deployer wallet funded by a known scam wallet

This one is on-chain forensics. The wallet that deployed the contract — where did it get its initial gas? If it traces back to a mixer (Tornado Cash, Railway, etc.) or a wallet associated with previous rugs, the deployer is likely a serial rugger.

Check: Use Arkham, BreadCrumbs, or our influencer/wallet tracker (coming soon) to trace the deployer.

Red flag weight: 30 points (huge signal when present).

How to score what you find

Add up the weights for every flag the contract trips. We bin into:

  • 0–20: Low risk. Probably safe to buy if the rest of your thesis checks out.
  • 21–40: Medium risk. Take a small position only if you understand the specific flags.
  • 41–69: High risk. Strong signal to avoid.
  • 70+: Critical. Walk away.

A single honeypot trip (40 points) or mint-not-renounced (30) + unlocked-liquidity (25) is enough to disqualify.

What rugs don't show up in contract scans

The checklist catches contract-level rugs. It doesn't catch:

  • Soft rugs — team abandons the project, ships nothing, slowly sells over months.
  • Insider dumps — team sells slowly into liquidity over a long period (often visible in holder distribution over time, but harder to flag instantly).
  • Exit scams from CEX listings — token gets listed on a sketchy exchange, exchange disappears.
  • Governance rugs — voting power is concentrated; a "community vote" mints new tokens to the team.

These need different tools and longer time horizons.

What we built

The United Trappers Rug Scanner runs all ten checks (plus a few we don't advertise publicly) on any contract address in any chain we support. Paste address, get score, save the result. Try it on the dashboard once you sign up.

Free tier gives you 3 scans per day. Pro is 25. Elite is unlimited.

The honest bottom line

You can't avoid every rug. New attack vectors emerge. Deployers get more sophisticated. The checklist above catches the obvious ones — which is, generously, 85% of rugs by dollar volume.

The other 15% will get someone. Don't let it be you because you didn't check the obvious.

Want this in your inbox?

The daily trap report drops at 7 AM ET. Free forever tier.

Join the trappers