Bible Network Crypto DeFi Onchain RWA AI Agent Stablecoin Chain SAFU CryptoTax DeFAI AGI Claude Me Claude Skill Claude Design Claude Cowork
Independent Media
Not affiliated with any project
The Deepest Crypto Knowledge Base
crypto-bible.com
LATEST
The Blockchain Most Retail Investors Have Never Heard Of Just Out-Earned Ethereum by 5x in Fees  ·  Why Your Stop-Loss Always Gets Hunted First: A Complete Crypto Position Sizing and Risk Management Guide  ·  Is PoS or PoW More Secure? The Real Difference Between Miners and Validators — And Why the Answer Is More Complicated Than You Think  ·  You Got a Call from 'Binance Support' That Sounded Completely Real: How AI Voice Deepfake Scams Are Fooling Even Experienced Crypto Users  ·  Why Token Unlocks Always Catch You at the Top: A Complete Guide to Vesting Schedules  ·  Wrapped Tokens Explained: Why Bitcoin Needs a 'Disguise' to Trade on Ethereum
scams

Rug Pulls and Fake Projects: A Due-Diligence Checklist Before You Buy a New Token

30-Second Version · For the impatient
Due diligence lowers your odds of stepping on a mine — but what decides whether it cripples you is how big a position you put on.

Full Explanation +
01 · Why did this happen?

What exactly is a rug pull, and how does it differ from a token simply falling? A rug pull is the team "actively and maliciously" zeroing out your assets, not natural market movement. The typical flow: the team pumps price and liquidity to draw retail in, and once enough money accumulates, pulls the pool's liquidity all at once or dumps heavily and leaves, so the token instantly loses any counterparty to sell to and collapses near zero. The difference: in an ordinary drop you can still sell to cut losses; a rug pull often leaves you unable to sell at all, because the pool has already been drained.

02 · What is the mechanism?

What types of rug pulls are there, and what's the key to spotting each? Roughly three. One, hard liquidity pull: the team directly removes pool funds — the key is whether liquidity is locked; unlocked can be pulled anytime. Two, a malicious contract backdoor: code lets only the team sell, mint infinitely, or freeze your trades — the key is whether there's a credible contract audit. Three, a soft rug: the team doesn't grab outright but abandons ship and offloads slowly — the key is whether the team is doxxed and shows ongoing development and communication. The shared early warning across all three is "anonymous team + unlocked liquidity + no audit."

03 · How does it affect me?

Before buying into a new project, what exactly should due diligence check? One, team: is it doxxed with verifiable past work and track record — pure anonymity warrants much higher caution. Two, liquidity: is it locked, for how long, and by whom — unlocked can be drained anytime. Three, contract: has it been audited by a reputable firm, and does the report have unresolved high-risk items. Four, holder distribution: use a Block Explorer to see whether tokens are highly concentrated in a few wallets — over-concentration means a few people can dump. Five, value: what real need does it solve, versus just a "next 100x" narrative. The more thoroughly you check these five, the less likely you become the bag holder.

04 · What should I do?

Even with thorough due diligence, how else do you protect yourself? The core is position sizing. However careful your DD, it can't rule out risk 100% — a team can turn bad later, an audited contract can still have holes, the market always has new tricks. So the real safety net is: for any new project not validated over time, commit only an amount you can fully afford to lose, one whose going to zero wouldn't affect your life. Spread your funds; don't heavily bet a single new token at once. DD decides the odds of stepping on a mine; position size decides the damage when you do — do both together, neither alone.

Full Content +

In crypto, a project running off is one of the fastest ways for beginners to lose money. A rug pull is when a project team, after drawing in large sums, suddenly pulls liquidity or dumps, sending the token to zero in an instant and leaving investors wiped out. This piece teaches the basic due diligence to do before you buy into a new token.

What a rug pull is

Literally, "pulling the rug out from under you so you fall." The team first uses marketing, airdrops, and high returns to draw people in and pump the price and liquidity; once enough money is in, they pull liquidity all at once or dump and leave, stranding retail with a pile of unsellable tokens.

Three common methods

One, pulling liquidity: the team removes the funds in the trading pool so your coins can't be sold anymore. Two, a malicious contract: a backdoor is hidden in the code — for example, only the team can sell, or it can mint infinitely. Three, a soft rug: instead of an outright grab, the team quietly abandons development and slowly dumps, and the project drifts to zero.

Red flags

An anonymous or unverifiable team; liquidity that isn't locked and can be pulled anytime; a contract with no credible audit; tokens highly concentrated in a few wallets; guaranteed high returns or an emphasis on referral bonuses; a community that's all price-shilling with no substantive product discussion. The more that appear, the further you should stay away.

A due-diligence checklist before buying

Check whether the team is doxxed and has a track record; confirm whether liquidity is locked and for how long; look for a contract audit report; use on-chain tools to check whether token holdings are overly concentrated; assess what real need it actually solves versus just a narrative. What you can't verify, better to miss than to size up heavily.

Accept one reality

No amount of due diligence guarantees 100% safety — this market always has new tricks, and even audited contracts can fail. What truly protects you is position sizing: for any unverified new project, only commit an amount you can fully afford to lose. Due diligence lowers the odds of stepping on a mine; position control decides whether stepping on one hurts you badly.

An easily missed signal: the smell of the community

Beyond hard metrics, the community's vibe says a lot. A healthy project's community discusses product, tech, and actual progress; a high-risk one's community is almost all "when's the exchange listing," "next 100x," "get in before you miss it" shilling. When a group has no substantive discussion of the product itself, only emotion and price, its value is usually propped up entirely by narrative — and coins held up by narrative alone run off the fastest. Treat the community as the project's health check: it's not how lively it is, but what the liveliness is about.

Diagram
How a Rug Pull Works圖解呈現 Rug Pull 的典型流程:項目方先用行銷與空投吸引買盤 → 幣價與流動性被炒高 → 團隊一次性抽走流動性或大量拋售 → 代幣價格瞬間歸零、散戶想賣也賣不掉。並標示最大的三個危險信號:匿名團隊、流動性未鎖、合約未審計。How a Rug Pull Works1. Hype + airdropsdraw buyers in2. Price pumpedliquidity flows in3. Team pullsliquidity / dumps4. Price → 0holders stuckBiggest red flags: anonymous team + unlocked liquidity + no audit.Do the due diligence before you buy — not after.
Feel free to share. Please credit the source.
Ask a Question
Please enter at least 10 characters
Related Articles
DeFi 101: What Decentralized Finance Is and What It Lets You Do
academy · Jun 05
Rug Pull Identification Guide: Six Early Warning Signals Worth Carefully Checking Before You Invest
scams · Jun 11
Seven Crypto Scams Beginners Hit Most: Fake Support, Fake Airdrops, Pig-Butchering, and How to Spot Them
scams · Jun 03
Why Token Unlocks Always Catch You at the Top: A Complete Guide to Vesting Schedules
encyclopedia · Jun 23
More Related Topics
Where to Keep Your Stablecoins Safely: CEX, Self-Custody, or DeFi — A Beginner’s Guide to Choosing the Right Custodian
Stablecoin Bible
Stablecoins are stable — but custody is what determines whether you can actually access that money when you need it. Coins on an exchange are “a debt the exchange owes you” — millions learned this the hard way the day FTX and Celsius collapsed.
#defi#hack#security
How to Choose a Crypto AI Agent Service: Five Evaluation Frameworks to Avoid Marketing Traps
AI Agent Bible
Before authorizing an Agent service, ask four questions: are its authorization boundaries code-enforced or just promises? Can you see complete reasoning logs for every operation? Is there a third-party audit report? Who holds the private key? Only when all four have clear answers should you consider authorization. A beautiful interface is not evidence of safety.
#hack#security
Crypto Agent Pre-Launch Security Checklist: 12 Mandatory Items from Testnet to Mainnet
AI Agent Bible
12 mandatory security items before launching a crypto Agent: no plaintext private keys, complete wallet isolation, ERC-20 approval limits, no credentials in System Prompt, backend write tool validation, Schema validation layer, independent confirmation channel for high-value ops, daily spend circuit-breaker, market anomaly circuit-breaker, complete four-layer logs. Missing even one is not acceptable.
#hack#security
Tool Use Mechanism Complete Breakdown: How AI Agents 'Act,' and Why This Design Determines Whether They Can Be Trusted
AI Agent Bible
An AI Agent's LLM doesn't actually execute any tool — it only outputs 'I want to do this' requests; your backend code does the real execution. This design is the foundation of all security: the execution layer is under your control, and security validation is added there. How well tools are designed determines whether an Agent can be trusted.
#hack#security