Tutorial

How to Check if a Crypto Token is a Rug Pull

Learn how to spot rug pulls before they happen. A step-by-step guide to analyzing any ERC-20 or Solana token for red flags — mint functions, liquidity locks, holder concentration, and more.

Blog
C
ChainRaven Team·March 27, 2026·8 min read

Rug pulls cost crypto investors billions every year. The pattern is always the same: a team launches a token, hypes it on social media, attracts liquidity — then dumps everything and disappears. The project "rugs" the community.

The good news? Most rug pulls leave clear on-chain fingerprints before they happen. Here's how to spot them.

What Is a Rug Pull?

A rug pull is a type of crypto exit scam where developers abandon a project and run off with investor funds. There are two main types:

  • Hard rug: The team drains the liquidity pool and disappears overnight. Your token becomes worthless instantly.
  • Soft rug: The team slowly sells their holdings over time ("slow dump"), leaving retail investors holding the bag.

Both types are preventable if you know what to look for.

Step 1: Check for Mint Authority

The risk: If a contract has an active mint function, the team can create unlimited new tokens at any time. They mint millions of tokens, dump them on the market, and crash the price.

What to look for:

  • Is there a mint() function in the contract?
  • Who controls it — the owner, a multisig, or nobody?
  • Has ownership been renounced?

On Solana, this translates to "freeze authority" and "mint authority" — both should ideally be disabled or set to a null address for a trustworthy token.

Green flags: Ownership renounced, or mint function clearly disabled. Red flags: Active mint authority controlled by a single wallet, especially the deployer.

Step 2: Examine Liquidity Lock Status

The risk: If there's no lock on the liquidity pool (LP), the team can pull it all out at once — leaving you unable to sell your tokens. This is the classic "rug pull" move.

What to look for:

  • Is LP locked? For how long? (6 months minimum is a common standard)
  • Is LP burned? Burned LP is permanent and the strongest form of protection.
  • What percentage of total liquidity is locked?

Green flags: LP burned to a dead address, or locked for 1+ years via a reputable locker. Red flags: No lock, short lock (under 30 days), or only a small percentage locked.

Step 3: Analyze Holder Concentration

The risk: If a small number of wallets hold a large percentage of the token supply, they can crash the price by selling simultaneously.

What to look for:

  • How much does the top holder control? More than 20% is a concern.
  • Are there many wallets holding small amounts, or a few wallets holding most of the supply?
  • Does the deployer wallet still hold significant tokens?

Green flags: Distributed holders, no single wallet over 5%, deployer holds <1%. Red flags: Top 10 wallets control >60% of supply, deployer still holds large amounts.

Step 4: Check for Blacklist and Pause Functions

The risk: Blacklist functions let the team freeze any wallet from trading. Pause functions can stop all transfers entirely. These are often used in "honeypot" scams where you can buy but never sell.

What to look for:

  • Is there a blacklist() or addToBlacklist() function?
  • Can the contract be paused by the owner?
  • Are there adjustable tax parameters that could be raised to 100%?

Green flags: No blacklist function, no pause function, fixed tax rates. Red flags: Active blacklist controlled by deployer, high adjustable taxes (can be changed to 99%).

Step 5: Verify the Contract Source Code

The risk: Unverified contracts are hiding something. You can't audit what you can't read.

What to look for:

  • Is the source code verified on Etherscan/Basescan/etc.?
  • Does the code match what the team claims the token does?
  • Are there hidden functions not mentioned in the documentation?

Green flags: Verified source code, clean and readable, matches documentation. Red flags: Unverified bytecode, proxy patterns that obscure the real logic.

Step 6: Check for Upgradeable Proxy Patterns

The risk: If a contract is upgradeable (uses a proxy pattern like EIP-1967), the team can swap out the underlying logic at any time — including adding malicious functionality after launch.

What to look for:

  • Is the token contract a proxy?
  • Who controls the upgrade mechanism?
  • Is there a timelock on upgrades?

Green flags: Non-upgradeable contract, or upgrades controlled by a timelock or multisig. Red flags: Single-owner upgradeable proxy with no timelock.

How to Scan a Token in 30 Seconds

Doing all of this manually takes hours. ChainRaven's free rug pull scanner does it automatically:

  1. Go to chainraven.com/scanner
  2. Paste any ERC-20 or Solana token contract address
  3. Select the chain (Ethereum, Base, Solana, etc.)
  4. Get an instant risk score from 0–100 with a breakdown of every signal

The scanner checks all six factors above — plus holder distribution, LP status, market data, and more — and gives you a single risk score:

ScoreLevelWhat It Means
0–30LowFew or no risk signals
31–60MediumSome signals present — research further
61–80HighMultiple red flags — high caution
81–100ExtremeSevere signals — very likely a scam

Quick Reference Checklist

Before buying any token, run through this list:

  • Source code verified on-chain
  • No active mint authority (or renounced)
  • Liquidity locked or burned
  • No blacklist or pause functions
  • Top holders not overly concentrated
  • No single-owner upgradeable proxy
  • Team has a public track record

No single red flag guarantees a rug pull. But the more boxes are checked, the higher the risk. Use the scanner, trust your research — and never invest what you can't afford to lose.

Share this article