Rug pulls have become one of the most common scams in the cryptocurrency space, costing investors billions of dollars every year. A rug pull occurs when the creators of a token drain liquidity, abandon the project, or manipulate the supply to steal investor funds — often within hours or days of launch. Understanding how to identify the warning signs before committing your money is essential for anyone navigating the world of decentralised finance and meme coins.
This guide breaks down the specific red flags, on-chain indicators, and due diligence steps you should follow before buying any new cryptocurrency token.
What Exactly Is a Rug Pull?
A rug pull is a type of exit scam where token creators exploit the mechanics of decentralised exchanges to steal funds from buyers. The most common method involves creating a token, pairing it with a valuable cryptocurrency (like SOL or ETH) in a liquidity pool, promoting it aggressively to attract buyers, and then withdrawing all the liquidity — leaving holders with tokens that have zero value and no way to sell.
There are several variations. A hard rug pull involves the developers simply draining the liquidity pool and disappearing. A soft rug pull involves gradually selling off large holdings, slowly depressing the price while maintaining the appearance of an active project. Both result in significant losses for regular buyers who entered based on false promises.
Red Flag 1: Unlocked or Controlled Liquidity
The single most important thing to check before buying any new token is the status of the liquidity pool. If the LP tokens are held in the developer’s wallet — meaning they can withdraw them at any time — this is the most direct rug pull risk.
Legitimate projects either lock their liquidity through a time-lock contract or, better yet, burn the LP tokens entirely. Burned LP tokens are permanently destroyed, making it mathematically impossible for anyone to remove the liquidity. You can verify this by checking the LP token address on a blockchain explorer like Solscan or Etherscan and confirming the tokens were sent to a known burn address.
Red Flag 2: Active Mint Authority
If the token’s mint authority is still enabled, the creators can produce unlimited additional tokens at any time. This allows them to inflate the supply, crash the price, or simply create and sell massive amounts of tokens against real buyer liquidity.
On Solana, you can check whether mint authority has been revoked by examining the token’s metadata on Solscan. Look for the “Mint Authority” field — if it shows a wallet address rather than being disabled or null, the supply is not fixed and additional tokens could be created. Trustworthy projects disable mint authority permanently at launch and provide on-chain proof.
Red Flag 3: Enabled Freeze Authority
Freeze authority gives the token creator the ability to freeze any wallet’s tokens, preventing the holder from selling or transferring them. This creates a honeypot scenario where you can buy the token but cannot sell it — a devastatingly effective scam mechanism.
Always verify that freeze authority is disabled before purchasing. Like mint authority, this is visible in the token’s on-chain metadata. Any legitimate token should have freeze authority permanently revoked at launch.
Red Flag 4: Suspicious Token Distribution
Examine the top holders of the token using a blockchain explorer. If a small number of wallets hold a disproportionately large percentage of the supply — say, five wallets holding 40% or more — those holders can crash the price at any time by selling simultaneously.
Also watch for “bundled” wallets — many wallets that all bought in the same transaction block at launch, which often indicates a single entity using multiple wallets to disguise concentrated holdings. Healthy token distribution means no single wallet (apart from the liquidity pool and clearly labelled project wallets) should hold more than a few percent of total supply.
Red Flag 5: Hidden or Excessive Transaction Taxes
Some scam tokens include hidden buy or sell taxes in their smart contract — sometimes as high as 50% or more on sells. This means when you attempt to sell, a massive portion of your tokens are taken as a “tax,” effectively trapping your investment.
Before buying, check whether the token contract includes any transfer taxes. On Solana SPL tokens, standard tokens don’t have built-in tax mechanisms, but custom programmes can implement them. The safest approach is to look for tokens that explicitly have 0% buy and sell taxes, verified through the token’s contract code or project documentation.
Red Flag 6: Anonymous Team With No Track Record
While anonymity is valued in crypto culture, it also provides cover for scammers. A completely anonymous team with no verifiable track record, no public-facing presence, and no community engagement history is a significant risk factor.
This doesn’t mean every anonymous project is a scam — many legitimate developers prefer pseudonymity. But look for other trust signals: long-standing social media accounts, consistent community engagement, transparent wallet disclosures, and verifiable on-chain actions that match what the team claims. The more transparency a project offers, the lower your risk.
Red Flag 7: Unrealistic Promises and Pressure Tactics
Promises of guaranteed returns, “100x potential,” and urgent calls to buy immediately before a deadline are classic manipulation tactics. Legitimate projects don’t need to pressure you into buying quickly — they can stand on the merits of their technology, tokenomics, and community.
Be especially wary of projects that focus exclusively on price predictions rather than utility, community value, or transparent operations. If the entire pitch is “buy now before it moons,” there’s usually very little substance behind it.
Your Due Diligence Checklist
Before buying any new token, verify each of these items:
Check that liquidity pool tokens are burned or locked with verifiable proof. Confirm that mint authority is permanently disabled. Confirm that freeze authority is permanently disabled. Review token distribution for suspicious concentration. Verify there are no hidden transaction taxes. Research the team’s history and community presence. Read the whitepaper or project documentation for substance. Check that wallet addresses are publicly disclosed and trackable.
No single green flag guarantees a project is safe, but the absence of red flags significantly reduces your risk. The few minutes spent on due diligence can save you from devastating losses.
Protecting Yourself Is the First Step
The crypto space offers genuine opportunities, but it also attracts bad actors who exploit newcomers. Education is your best defence. The more you understand about how rug pulls work mechanically, the more quickly you can identify them before committing your funds.
Always do your own research. Always verify on-chain. And remember: if something sounds too good to be true in crypto, it almost always is.