How to Check if a Token Is a Rug Pull
Rug pulls remain the most devastating scam in decentralized finance. In 2024 alone, investors lost over $2.8 billion to rug pulls across all chains. The good news: most rug pulls share common, detectable patterns. This guide walks you through 10 actionable steps to check whether a token is a rug pull before you risk a single dollar.
What Exactly Is a Rug Pull?
A rug pull occurs when the creators of a cryptocurrency token deliberately abandon the project after extracting investor funds. The term comes from the phrase "pulling the rug out from under someone." In practice, this means the developer drains liquidity from the trading pool, dumps a massive token allocation, or activates hidden contract functions that trap buyers. The token price collapses to near zero, and investors are left holding worthless tokens with no way to recover their money.
There are three main types of rug pulls: liquidity pulls (removing all pooled funds), sell-restriction scams (honeypots that prevent selling), and dump schemes (team wallets selling massive supply). Understanding how to check if a token is a rug pull can save you from catastrophic losses. The following 10 steps cover every major red flag.
10 Steps to Detect a Rug Pull
Follow these steps in order for every new token you consider buying. Each step targets a different attack vector that scammers exploit. Skipping even one check can leave you exposed.
Step 1: Check Liquidity Lock Status
Liquidity is the lifeblood of any decentralized token. When a developer adds liquidity to a pool, they receive LP (liquidity provider) tokens. If those LP tokens are not locked in a time-lock contract, the deployer can remove all liquidity at any moment, crashing the price to zero. This is the single most common rug pull method. Look for LP locks on services like Unicrypt, Team Finance, or PinkSale. A lock duration of at least 6 months is the minimum you should accept, and 12 months or longer is strongly preferred. Be cautious of locks that expire within days or weeks, as those are essentially meaningless. Also verify the percentage locked, because locking only 10% of LP while keeping 90% unlocked offers almost no protection. Coinibi displays liquidity lock status directly on every token page, saving you the manual lookup.
Step 2: Verify Contract Source Code
A legitimate token project publishes its smart contract source code on the block explorer so anyone can audit it. If the contract is unverified, you are effectively flying blind, trusting unknown bytecode with your money. Even verified contracts can be dangerous, though. Search for suspicious functions such as setFee, changeRouter, setMaxSellAmount, or mint. A function named setFee that can set the sell tax to 100% is functionally identical to a honeypot. Check whether the contract was copied from a known scam template by comparing its code hash against public databases. On Coinibi, our safety scanner automatically flags unverified contracts and highlights risky function signatures so you do not have to read Solidity yourself.
Step 3: Analyze Holder Distribution
Open the token holders tab on the block explorer and study the wallet distribution. If a single wallet (other than the liquidity pool or a burn address) holds more than 5% of the total supply, that is a significant concentration risk. A holder with 20% or more of supply can dump the price in seconds. Also check how many unique holders exist. A token with only 30 holders but a $2M market cap is almost certainly being artificially inflated. Watch for clusters of wallets that received tokens from the same source in the same block, because these are often sybil wallets controlled by one person. Coinibi's holder analysis shows top-holder percentages and flags concentrated supply automatically.
Step 4: Check Owner Permissions (Renounced?)
Smart contracts often have an owner address with special privileges: minting new tokens, changing tax rates, pausing transfers, or blacklisting wallets. A responsible team will renounce ownership after launch, which means sending the owner role to the zero address (0x000...dead) so nobody can invoke those privileged functions. Check the contract's owner() function on the block explorer. If ownership is still active, the deployer retains the ability to manipulate the contract after you buy. Be aware that some contracts use a proxy pattern where renouncing the visible owner does nothing because the real control sits behind a proxy admin. Coinibi checks for ownership renouncement and proxy patterns as part of its automated contract audit.
Step 5: Inspect Buy/Sell Tax
Many tokens implement a buy and sell tax to fund development, marketing, or reflections. Typical taxes range from 1% to 5%. However, rug pull tokens often set abnormally high sell taxes of 20%, 50%, or even 99%, making it nearly impossible to exit at a profit. Some contracts start with a reasonable tax and include a function that lets the owner raise it later. Simulate a trade before committing funds. Coinibi automatically simulates both buy and sell transactions to detect the effective tax rate. If the sell tax exceeds 10%, proceed with extreme caution. If it exceeds 30%, avoid the token entirely. Also check whether the tax can be modified by the owner after deployment, as a 2% tax today could become a 99% tax tomorrow.
Step 6: Look for Honeypot Functions
A honeypot is a specific type of rug pull where the contract allows buys but blocks sells entirely. The mechanism can vary: a hidden blacklist that auto-adds every buyer, a transfer-pause function, a max-sell-amount set to zero, or an approval manipulation that revokes DEX approvals for sellers. The result is the same: you can buy but you can never sell. Before buying any token, simulate a sell transaction. Coinibi runs a honeypot simulation on every token automatically and displays the result as a clear pass or fail indicator. If a token is flagged as a potential honeypot, do not buy it under any circumstances. Read our detailed guide on honeypot detection for more information: What Is a Honeypot Token?
Step 7: Evaluate Trading Volume vs Holders
Healthy tokens have trading volume that is proportional to their holder count and market cap. A token with 50 holders but $500K daily volume is suspicious because the volume is likely being fabricated through wash trading. Conversely, a token with 10,000 holders but almost zero volume might indicate that holders are trapped and cannot sell. Compare the number of buy transactions to sell transactions. In a legitimate market, you should see a roughly balanced ratio. If the buy-to-sell ratio is 10:1 or higher, it could mean selling is restricted or heavily taxed. Watch for repeating patterns in transaction sizes and timing, because automated wash trading bots tend to create identifiable patterns.
Step 8: Research the Team
Anonymous teams are not automatically scams. Many successful crypto projects were built by pseudonymous developers. However, complete anonymity combined with other red flags is a major warning sign. Search for the team on LinkedIn, Twitter/X, GitHub, and crypto forums. Have they built previous projects? Do those projects still exist, or did they disappear after launch? Check if the team wallet addresses have a history of deploying and abandoning tokens. A deployer address that has created 15 tokens in the past month, all of which went to zero, is almost certainly a serial scammer. Blockchain analytics tools can trace wallet histories across chains.
Step 9: Check Social Media & Community
Examine the project's Telegram group, Discord server, and Twitter/X account. Legitimate projects have organic discussion, questions, and engagement. Rug pull projects often have bot-filled Telegram groups where every message is aggressive hype like "1000x guaranteed" and "buy now or miss out forever." Check the age of the social accounts. A Twitter account created last week with 50K followers likely purchased those followers. Look at the quality of engagement: are replies thoughtful or just emoji spam? Does the team answer technical questions, or do they deflect and ban anyone who asks about the contract? A project that silences legitimate concerns is hiding something.
Step 10: Use Automated Safety Tools (Coinibi)
Manual checks are essential, but automated tools can catch things humans miss and do it in seconds instead of hours. Coinibi combines all of the checks above into a single safety score for every token. Our scanner analyzes contract verification, ownership status, liquidity locks, holder distribution, buy/sell tax simulation, honeypot detection, and more. Each check is weighted and combined into a 0-100 safety score displayed on every token page. Scores below 30 indicate high risk. Scores above 70 suggest the token has passed basic safety checks, though no tool can guarantee a token is safe. Use Coinibi alongside your own research for maximum protection. Visit our token checker tool to scan any token instantly by pasting its contract address.
Quick Checklist
Use this summary table as a fast reference before buying any token. Print it, bookmark it, or save a screenshot to your phone.
| # | Check | Priority | Pass? |
|---|---|---|---|
| 1 | Liquidity locked for 6+ months | Required | โ |
| 2 | Contract source code verified | Required | โ |
| 3 | No single holder above 5% supply | Important | โ |
| 4 | Ownership renounced or multisig | Required | โ |
| 5 | Sell tax below 10% | Required | โ |
| 6 | Honeypot simulation passes | Critical | โ |
| 7 | Volume proportional to holders | Important | โ |
| 8 | Team has verifiable history | Recommended | โ |
| 9 | Organic social media engagement | Recommended | โ |
| 10 | Coinibi safety score above 70 | Recommended | โ |
Common Red Flags at a Glance
If you spot even two or three of these warning signs together, walk away. A legitimate project will rarely trigger multiple red flags at once.
- !Unlocked liquidity or lock expiring within days
- !Unverified contract source code on the block explorer
- !Single wallet holding more than 20% of total supply
- !Ownership not renounced and deployer wallet is active
- !Sell tax above 15% or dynamically changeable by owner
- !Zero successful sell transactions in trade history
- !Freshly created social accounts with purchased followers
- !Team bans users who ask technical questions in chat
How Coinibi Helps You Stay Safe
Coinibi's token checker combines all 10 checks into a single automated scan. Paste any contract address and get an instant safety report covering liquidity lock status, contract verification, holder distribution, ownership status, buy/sell tax simulation, and honeypot detection. Each factor is weighted and combined into a 0-100 safety score.
Our token security analysis system scans tokens across 60+ blockchain networks in real time. Every new token that appears on a decentralized exchange is automatically evaluated within seconds of its first trade. You can browse the live feed to see safety scores updating in real time or search for a specific token by address or name. For a deeper understanding of how liquidity impacts token safety, read our liquidity analysis guide.
Real-World Rug Pull Patterns
Understanding past rug pulls helps you recognize future ones. While every scam has unique details, the playbook is remarkably consistent.
The Hype Launch
Deployer creates a token with an exciting name, buys social media promotion, and launches with unlocked liquidity. After 12-48 hours of organic buying, they pull all liquidity and vanish.
The Slow Drain
Token launches legitimately but the team wallet gradually sells 1-2% per day over weeks. By the time holders notice the declining price, most of the supply has been dumped.
The Tax Trap
Token launches with 2% buy/sell tax. After accumulating holders, the owner raises sell tax to 50-99%. Holders can technically sell, but they lose almost everything to tax.
The Fake Project
Scammer copies an entire website, whitepaper, and roadmap from a legitimate project. They change the contract address and promote it as the official token. Buyers discover the real project too late.
What to Do If You Suspect a Rug Pull
If your research raises multiple red flags, do not hesitate. Exit your position immediately, even at a small loss, because a small loss is infinitely better than a total loss. If you have already been rugged, document the contract address, deployer wallet, and all transaction hashes. Report the scam to the block explorer, relevant DEX platform, and community channels. While fund recovery is extremely rare, documented evidence helps protect other traders and may assist law enforcement in tracking serial scammers.
Further Reading
Deepen your crypto safety knowledge with these related guides.
How to Spot a Rug Pull
Warning signs and red flags every trader should know
Read guide โ๐ฏWhat Is a Honeypot Token?
How scam tokens trap buyers and how to detect them
Read guide โ๐งLiquidity Analysis Guide
Understanding liquidity pools, locks, and what they mean for safety
Read guide โ๐Token Security Analysis
Deep dive into automated contract security scanning
Read guide โBrowse the complete crypto glossary for definitions of terms used in this guide, or visit the token checker to scan a token right now.
Frequently Asked Questions
How to check if a token is a rug pull?
Check the liquidity lock status, verify the contract source code, analyze holder distribution, confirm ownership is renounced, inspect buy and sell tax rates, simulate a sell to detect honeypot functions, compare trading volume to holder count, research the team, review social media engagement, and use automated safety tools like Coinibi.
What is the most common type of rug pull?
The most common rug pull is a liquidity pull, where the developer removes all liquidity from the trading pool after enough buyers have entered. This crashes the token price to zero instantly. Other common types include sell-restriction rug pulls (honeypots) and unlimited minting, where the deployer creates massive new supply and dumps it.
Can a locked liquidity token still rug pull?
Yes, but it is much harder. If liquidity is genuinely locked in a reputable time-lock contract, the deployer cannot pull liquidity until the lock expires. However, some projects use fake lock contracts that can be bypassed. Others rug pull through different methods like minting unlimited tokens or raising the sell tax to 100%. A liquidity lock is necessary but not sufficient.
Is an unverified contract always a scam?
Not always, but it is a major red flag. Some legitimate projects delay verification by a few hours after launch. However, if a contract remains unverified for more than 24 hours, treat it as highly suspicious. Without verified source code, you cannot know what the contract actually does. Always wait for verification before investing.
What Coinibi safety score is considered safe?
Tokens scoring above 70 on the Coinibi safety scale have passed most automated checks, including contract verification, liquidity lock, and honeypot simulation. Scores between 40 and 70 warrant caution and manual review. Scores below 30 indicate high risk. No automated score can guarantee safety, so always combine it with your own research.
How quickly do most rug pulls happen after launch?
Most rug pulls occur within the first 24 to 72 hours after a token launches. Scammers want to collect as much liquidity as possible while hype is at its peak, then exit before scrutiny builds. Some slow rug pulls take weeks or months, gradually selling off supply or raising taxes. This is why ongoing monitoring with tools like Coinibi is important.
Don't Trade Blind
Paste any contract address into Coinibi and get an instant rug pull risk assessment with liquidity, contract, and holder analysis.
๐ก๏ธ Check a Token Now โ