Rug Pull

🧨 RUG PULL (Liquidity Scam)

đź“Ś Definition: A rug pull is a type of fraud in decentralized finance (DeFi) where the developer(s) or token admins withdraw the funds from the liquidity pool without permission and abandon the project. It is most commonly seen in tokens traded on DEXs.

🔧 How It Works

  1. The developer creates an appealing token project to attract investor interest.

  2. A liquidity pool is established on a DEX (e.g., ETH/ABC).

  3. Users buy the token and contribute to the pool.

  4. Admin privileges embedded in the token contract (e.g., LP NFT withdrawal, transfer unlock) are used to:

    • If liquidity is not burned or not time-locked, the admin pulls the liquidit y. • When users attempt to sell their tokens, there is no liquidity to buy them.

  5. The token value drops to zero, and investors lose all their funds.

🧾Smart Contract Mechanisms Used

  • Ownable : Allows only the admin to execute certain functions.

  • removeLiquidity() privilege → Right to directly withdraw LP tokens.

  • transferOwnership() → Can be used to transfer power and set up a new rug.

  • LP NFTs that are not locked → Can be reclaimed by the admin.

🚨 Types of Rug Pulls

  1. Liquidity Withdrawal If LP tokens were not burned, the admin can directly take the funds.

  2. Sell Restriction (Anti-sell Mechanism) Buying is allowed, but selling is disabled or restricted to a whitelist (honeypot-like behavior).

  3. Inflating Supply and Dumping Combined with infinite-mint (mint-and-dump rug pull).

  4. DEX Listing and Quick Liquidity Drain After rapid listing and price pump from new investors, liquidity is immediately pulled.

  5. Indirect LP NFT Liquidity Reclaim If the admin hasn’t locked the LP NFT, they can withdraw it instead of burning, and rug the project.

🛡️ Ways to Protect Oneself:

Security Measure
Description

Liquidity Burn

LP NFT tokens are burned after being added to the exchange.

Check burn links shared by the project team (e.g: etherscan, bscscan)

Time Lock

LP tokens are locked for a set period; even the admin cannot withdraw.

Audited Contract Code

Prefer projects audited by firms like ethscan, CertiK.

Renounced Ownership

Choose contracts where admin privileges have been removed.

Check for Transfer Restrictions

Some tokens impose restrictions on.

PreviousCrypto Investors’ Guide to Avoiding Admin ScamsNextHoneypot

Last updated

Was this helpful?