Rugs… too many in just a short period of time.
Well, people got experience from other blockchains and came on BSC for quick cash as it should’ve been expected.
The number of rugs has slowed down a bit in the last couple of days, but is it over? No, and rugs will never stop appearing.
But can we learn how to spot sketchy aspects of a project?
Yes! And that’s what we’re going to be discussing today.
I will try to explain in great detail the points I made clear in the tweet above, along with others that I deem necessary.
Okay, I’m taking too long, here is a table of contents:
When it comes to a new project I have a list in mind of what I should look for. I’ll first give you the list here and then we can discuss each one in particular.
Keep in mind that those are just potential red flags that should alarm you, but that doesn’t mean the project is 100% safe or a scam. I'll explain the point above in the "The most important thing" part.
This will be the first red flag I’m going to be discussing today.
Rushed projects appear overnight and in less than 12 hours (most of the time) they have:
I also notice that the domains are registered just hours before launch, a major red flag for me, since it obviously takes more time to prepare a great project, but it only takes a few hours to fork an existing one.
This one is easy.
Just go to whois.domaintools.com, paste the link in the search bar, and then scroll down to “dates” to check how old a domain is.
Here we’ll have to check the contracts.
Most often than not fly-by projects don’t even edit their forked contracts properly, leaving clues that the project is rushed and the developers are careless.
The example above is taken from the infamous WineSwap rug-pull, where the MasterChef contract wasn’t even fully edited and the developers left in the main names of the Sushi functions.
Maybe the first thing that comes to mind to most people is to check contracts, but I like to do that as the last task.
Checking how the overall website looks gives me an idea about how much the developers have actually worked on the project before release.
Here I can even decide if it is worth investing in the project or not.
I tend to take a brief look around the website, mainly checking for:
Let’s take this random project I found on Twitter as an example.
I’ve found this project on Twitter after I was tagged by CryptoDeus in a post related to it, where he makes clear his concerns about it and warns people it might not be that safe to enter.
I’ll be honest with you, after checking out the website I feel the need to wash my hands…
It isn’t mainly about it looking bad, but more about the fact that it is clearly rushed, and when you rush something you’re clearly only looking for the end-goal, ignoring the path along the way.
In this step, we’ll take a look at how social media is handled by the team.
Because I like to be extra-careful and cherry-pick the projects I join I’ll also take a look at the overall appearance.
Let’s compare one of the first tweets of PancakeSwap to the first tweets of “Phoinikas”.
You can see:
Overall a nice tweet. I like it.
Also, the airdrop (at least for me) is kinda sketchy. Trying to market the project even before it is released.
Airdrops are a common thing projects do, especially new ones. But for me it can be a red flag. I'd like to encourage you to form your own opinion about everything. You have to decide what is a red flag for you and what isn't.
Tons of questions that were not responded to, some people were even asking “when rug?” and people that sent their wallet addresses (for the airdrop) were being banned.
Here comes my favorite thing, social media proof.
When it comes to a new project I can forgive the not-so-appealing website appearance and maybe try to not be too harsh on the social media management, but I’ll never forgive fake social media proof (fake likes, fake followers, fake Telegram members, etc).
Buying Twitter followers and Telegram members is extremely cheap, especially if you buy directly from providers and not from resellers (Not gonna teach you how, don’t even ask. Never buy fake social proof, it only hurts your growth).
As you can see, you can buy 5,000 Twitter followers and 5,000 Telegram members for a whopping $20.30 USD.
Let’s first learn how a fake Twitter account (a bot) looks like.
Fake accounts are easy to spot, especially the really cheap ones as stated in the disclaimer above.
Fake Telegram members are also semi-easy to spot.
As you can see there is a similarity here:
Let’s also see an example from WineSwap’s Telegram group.
These are higher quality.
In the example above you can see that after mass-joining the fake accounts only typed “hi” and “hello”, clearly not natural.
But, what makes spotting fake social media proof extremely easy is checking the followers list as a whole.
It is easier to see batches of fake accounts rather than trying to pick them individually.
Let me show you.
Let’s take a look at Phoinikas.Finance’s social media.
Seems like they have 1,796 Twitter followers and 1,841 Telegram members.
Okay, it doesn’t seem like much, does it? Well, it kinda is if you ask me, but not as much to raise immediate red flags.
WineSwap raised so many red flags at first because in their first day they had over 5,000 followers on Twitter and over 5,000 Telegram members.
But, let’s check them as a whole, should we?
Let’s take a quick look at the accounts that follow Phoinikas.Finance on Twitter.
Okay… well, I think that’s obvious enough and doesn’t need to be explained.
Let’s check who liked their posts, those must be real people!
Okay… there is still hope on their Telegram!
Please be real people…
I think I just lost faith in humanity at this point.
I need to do something real quick…
I’m back, had to wash my hands a second time.
It is extremely obvious that the project bought fake Twitter followers, likes, and Telegram members.
Also, you can see a discrepancy when it comes to the engagement on their Twitter posts.
There is a clear discrepancy between the engagement the giveaway had and their other posts. Yes, a giveaway is supposed to get more engagement, but not that much.
Tip: If a random project that's one or two days old already has thousands of followers it should immediately be a red flag for you and you should start looking into it.
Anyway, at this point, I think it is clear that the above project bought some fake stuff to make it look more legitimate.
Let’s move on to other things you should look for.
Well…
I just came back home, looking forward to continuing writing the article only to see that the website “phoinikas.finance” now redirects to a clone of “turing.finance” (whatever that project is) and that they rugged.
Imagine rugging while an article about “how to spot a potential rug” is using you as an example of a potential rug.
Man, this world is wild.
This one is a bit harder to come through, but I felt like including it here.
Intrusive marketing is when projects use bots and/or fake accounts to “spread the word” about a project on Twitter on random people’s posts and/or tag a massive amount of people in a project’s post.
Let’s take both situations at a time.
As you can see in the picture above this fake account is trying to silently shill WineSwap in CryptoBethany’s posts.
This is a silent way of making people aware that the project exists, and believe it or not many people ape into random projects on Twitter, so this strategy is working.
Mass tagging is quite straight forward. Just a bot tagging random people in the replies of the project’s posts.
You can’t really save yourself from being tagged by bots as they tag people that follow another project or people that liked a certain tweet (since people that liked the tweet tend to be more active on social media).
Anyway, mass tagging isn’t as bad on Twitter as it is on Instagram.
Many thanks to Defi Khaled for helping me write this part.
Now, here we come to the real deal.
You can fake anything, but you can’t fake code.
When it comes to contracts there are four main things I look for:
Let’s take each one at a time and explain it.
A contract is verified only when you can see the green check-marks on its bscscan.com page.
When a contract is verified it means that the developer added a human-readable version that’s an exact match of the actual code.
Nothing more, nothing less. It just means that the contract you see it’s the real one.
You should immediately run from YF MasterChef contracts:
If you see the above, you can’t read it.
While every project has unverified contracts at some point (especially the ones with runtime logic such as games) you have to be very careful with it.
The MasterChef contract and other main contracts of a project should always be verified.
The same applies to non-verified contracts that are readable.
If a contract has the human-readable version but it isn’t verified it means that what’s shown to you isn’t the actual code, so the developers might be trying to hide something from you.
Here is how a mint function looks like on BSCScan’s UI.
And here it’s how it looks like in code.
A mint function allows the contract owner to create more tokens “out of thin air”.
The rugging method using the _mint function is when the owner gives himself a bunch of tokens and then sells them, bringing the price of the token to almost $0.00 USD and screwing everyone over.
No, absolutely not.
A mint function is needed, especially when tokens are minted every block for rewards (in the case of yield farms such as PancakeSwap, Thugs, Narwhalswap, etc)
Well, this is a tough one.
Always make sure there is a need for it.
Yield Farms and other projects with unlimited supply will always have a mint function because that’s what their project relies on, but if you’re trading a token that is supposed to have a maximum supply but it has a _mint function then it should raise a red flag.
A wonderful thing for tokens that have a maximum supply is when the developers set the owner of the contract to the dead address (0x00…dead) like beefy.finance did with their $BIFI token.
A time-lock delays the function’s orders for the time specified in the time-lock, and the call will be public on BSCScan until the execution of said orders.
Yes and no.
Don’t let Timelock be a buzzword; they’re only as effective as their usage, not inherent safety.
While yes, the calls will be public until the execution and anybody can read them you’ll also need someone to be constantly checking for changes.
Set up an alert on the time-lock contract.
You can do it by adding the contract to your watch-list within BSCscan and you’ll be notified via e-mail every time the time-lock does a transaction.
A developer can set the ownership address of a contract to the dead address (0x000…dead) and make the contract completely untouchable, but remember that this also means everything has to be perfectly done before the execution and that in case of an emergency the developers can’t help since they don’t have access to it themselves.
I prefer a trustworthy team and a time-lock rather than an untouchable contract.
The decentralized world might look scary at first glance.
It can be complicated, it requires a lot of research and most of the time there are going to be risks that come with it.
But should that discourage you from joining new projects?
Absolutely not.
Taking safety precautions and investing only what you can afford to lose is the way to go.
The thing that gets people stuck in rugs is greed. It is the idea of getting rich quick, going all-in in a one-hour old project thinking they will have those x100 gains overnight.
Be safe out there.
Stop dreaming about overnight success and focus on continuously growing instead.
Let’s re-cap what you should look for when considering joining a new project.
This is how I personally check out the projects.
On top of what I already said, as a final note, ask yourself the following: Is it too good to be true?
If the answer is yes, take a step back, and analyze the situation, assign yourself some limits, and try to be careful with it.
Stay safe!
You might also want to read: How To Keep Your Funds SAFE — MetaMask Guide
—
The Ape 🦍
Follow: Twitter
.png)
MDEX is the decentralized exchange (DEX) platform built on Heco, the Huobi exchange blockchain. It is strategically positioned as the optimal choice for Eco-token transactions and the largest DeFi ecosystem with DEX, IMO, and DAO integration.
It is a decentralized exchange based on Automated Market Maker (AMM) technology on the HECO and Binance Smart Chain (BSC) with a tune of over $5 billion in total value locked. They aim to create cross-chain compatibility between leading chains to create a composite DEX ecosystem.
MDEX became the first project to integrate a dual mining mechanisms into its ecosystem. It utilizes a Liquidity and Transaction mining mechanism:
Liquidity Mining: Various liquidity pairs are available on its LP mining platform, including LP and single stakes. Currently, the platform holds one of the largest TVLs on the Heco chain. They offer a wide range of LP tokens available in the Heco ecosystem.
Its APYs are the largest on the Heco chain and quite competitive with other Dexes available in other chains. Users can start accessing the LP mining incentives and APYs by connecting to the pool.
Transaction Mining: MDEX is the first platform to integrate transaction mining which rewards users for transacting on the platform. By trading using the DEX, users get rewarded for all trade actions done on the DEX.
High APY revenue of transaction mining up till 26th Feb 2021 (source: mdex.com)
Decentralized Autonomous Organization (DAO): MDEX runs a DAO structure using its token MDX to achieve governance. MDX holders can propose to initiate a token listing by voting or collateralizing.
Initial Miner Offering (IMO): Similar to the Initial Coin Offering (ICO) on the Ethereum chain and the Initial Dex Offering (IDO) on BSC Dex chains, MDEX will standardize fundraising activities. Fundraising will be facilitated through its IMO platform. The token will help achieve a standard fundraising token based on the HT-IMO, the decentralized fundraising protocol on MDEX.
The platform is active with various incentives mechanism for its numerous LP pools, listings, and pairs. By interacting with its official Medium handle, can stay updated with the new pools, revised reward mechanisms, and new additions and information.
Four days ago, the platform passed its Certik audit, according to the team, “with flying colors.”
The project has a 93/100 score which shows a healthy indication of its codes and its platform features as safe for use.
MDX token distribution
The project is dubbed the “DeFi Golden Shovel” in Chinese cryptocurrency circles. The immediate roadmap plan is on achieving cross-chain interoperability with various chains.
The platform is looking prime to go multichain with the integration of top chains such as BSC and ETH to achieve a multi-chain era in DEX. According to its released Medium post:
“MDEX will gradually support ETH (layer 2 network), BSC, OKExChain, DOT, NEAR, and other public chains so that assets are inter-connected. In this way, we seek to build a pan-eco transaction protocol.”
On January 6, the project went online.
On January 19, liquidity mining & trading mining were open; the liquidity of the day reached US$275 million; and the transaction volume amounted to US$521 million.
On January 24 (18 days after its launch), the single-day transaction volume exceeded US$1 billion.
On February 1 (26 days after its launch), the liquidity exceeded US$ 1 billion.
On February 3, the Boardroom (Board of Directors) mechanism was launched, and the MDEX ecological fund, worth $15 million USD in MDEX was established.
On February 19, the single-day transaction volume exceeded US$2 billion.
On February 25th, MDEX ranked first in the CoinMarketCap global DEX rankings. It accounted for 53.48% of global DEX trading volume. The daily transaction volume reached a whopping $5 billion USD.
March 10 marked 51 days of MDEX being live. The cumulative transaction volume exceeded $100 billion USD.
On March 12, the total amount of repurchased and burnt MDX exceeded 10 million.
On March 16, MDEX Version 2.0 was released.
On March 18, the 24-hour transaction volume exceeded US$2.2 billion.TVL exceeded US$2.3 billion which builds a new record.
On March 19, in total 143 million MDX are distributed in the form of transaction mining subsidies + liquidity mining rewards, worth US$577 million.
The transaction fees over the first two months were over US$340 million. The platform's 7-day transaction fees rank 3rd, only after Bitcoin and Ethereum.
On Apr 8, Mdex launched on BSC, supporting single currency mining, liquidity mining, trading mining and asset cross-chain.
Within two hours of launch on Binance Smart Chain, the TVL of MDEX exceeded $1.5 billion. The total transaction volume exceeded $268 Million and the TVL on HECO and BSC is now over 5 billion.
The high transaction fees on the Ethereum saw a slice in ETH dominance. Many users in the DeFi sector have gravitated to other blockchain infrastructures like Huobi and Binance Smart Chain.
MDEX integration of other chains like ETH and BSC in the future will make it a multichain DEX service. It will offer unique features like transaction mining and an increase in TVL. Due to the user incentive mechanism of transaction mining and repurchase rewards, MDEX currently has relatively low transaction costs, and users benefit from transactions. Overall, MDEX presents low fees, incentives for transactions, low slippage, and ever-increasing LP pairs will make the platform attractive to users and maintain its dominance as the leading DEX in the ecosystem.
Overall it is vital to proceed with caution when purchasing tokens that have just been listed. For those who have not already read our articles on safety in the BSC it is crucial to reference the following items, HERE and HERE.
This is a paid press release, BSC.News does not endorse and is not responsible for or liable for any content, accuracy, quality, advertising, products, or other materials on this page. Readers should do their own research before taking any actions related to the company. BSC.News is not responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods, or services mentioned in the press release.
For those who wish to learn more about MDEX, check out the following resources and media pages:
Lola (AMA HOST): Can the team member of HOLDEFI say hi?
Cengiz: Hi everybody, Glad to be here. I'm from Holdefi project and ready to answer your questions.
Feel free to ask anything about Holdefi ☺️
Lola (AMA HOST): You're welcome Cengiz. Glad to have you with us today.
Hope you're good.
Cengiz:Thanks
Me too😉😊
Lola (AMA HOST): Good👍
Let's move on to the questions.
At the 2nd half, the Community would be dropping their questions and you can pick any 3 questions of your choice.
Shall we start now
Cengiz: OK lets start.
Q1. Can we get to know more about you and your team? What are your roles and past experiences?
Cengiz:We are a +30 person company based in Turkey and have more than four years of experience in the cryptocurrency and blockchain world. We had a lot of success in the local sector, and today we are looking to implement our first global project.
Lola (AMA HOST): Great. What a team! More than team. And How have been your experience with them?
What's your role?
Cengiz: I am content leader of this lovely team.
We have Blockchain Development team, Web development, Marketing, R&D, Content, Graphic Design and management.
Lola (AMA HOST): Ohh. Great.
Q2. A lot of Projects are either on BSC or ETH. Rare to see Multichain Projects. Why did you choose to be on both? Is there anything behind this great move?
Cengiz: We have developed Holdefi on ethereum blockchain from the start. But today it is not hidden to anyone that BSC growth was really amazing and has its own community and fans. So we have decided to launch Holdefi protocol and token also on BSC besides ethereum.
Lola (AMA HOST): That's really good
Q3. Holdefi is an Opensource non-custodial money market protocol that allows users to be depositors or borrower. How can users participate?
Cengiz: Depositors provide liquidity to the market to earn a passive income, and everyone can borrow from this liquidity and repay it after a while. The Borrower must add collateral before borrowing any tokens. The value of the collateral should be greater than the value of the assets they want to borrow. This collateral is, in fact, a guarantee that they will repay the borrowed assets.
Lola(AMA HOST): Okay. Aside from the Collateral, will there be any interest?
Cengiz: No.
Collatoral is only a guarantee for repaying the borrowed assets.
Lola (AMA HOST): Okay. Thanks 😊
Q4. What offer do you have for HLD token holders?
Cengiz: HLD has many use cases include but are not limited to: Protocol governance, Burning, Liquidity mining, staking, Revenue sharing.
I will also share some links at last for reading more about the details.
Lola (AMA HOST): Okay. That would be nice.
Q5. Is there any requirements to join in the HLD IDO? And what should participants expect?
Cengiz: Our IDO has been finished. Now HLD is being traded on PancakeSwap and UniSwap. HLD also being added to centralized exchanges in the near future.
Lola (AMA HOST): All right. Thanks for the Update.
Q6. Can you also tell the Community about the revenue sharing and Liquidity mining?
Cengiz: Liquidity mining in summary means when people provide liquidity to Holdefi protocol they can earn/mine HLD token.
Revenue sharing also means Holdefi protocol revenue from the fees will be shared with the token holders.
Q7. What's the Future plans of this HOLDEFI?
Cengiz: Staking, competitions, Holdefi-V2, and many many plans are coming. We have a whole long-term plan that I do not want to spoil now😉, but our path is very long and certainly, those who joined us from the beginning could be very lucky.
Lola (AMA HOST): Wow! That's quite impressive. Then we are ready to journey with you to the Future. ☺️
Q8. Can you explain to the community about HLD pools?
Cengiz: If you mean HLD pools on UniSwap and PancakeSwap, Liquidity provided tokens by the team are going to be locked for years.
Lola (AMA HOST): Can you give exact period? Like for how many years?
Cengiz: We did not make final decision yet but I think at least 4 years. Maybe we will do that with the third party like TrustSwap. We will announce to the community when we made it.
Q9. Can you tell the Community what makes your Project different from others?
Cengiz: I can mention some of them here.
At Holdefi we have a feature called Promotion that we can do it on different markets which is Increase interest rates.
This feature helps us to increase the liquidity of our pools quickly and grow fast.
or on the otherside, we can decrease the borrow rate for borrowers to attract them to the platform
We seperate the market and collateral pools so that users can withdraw their money at any time. it is what other platforms do not have right now!
This pic also can describe promotion feature better.
Again community can find more details in our documents. I will share the links in the end of our conversation.
Lola (AMA HOST): All right.
Q10. Do share with us all the links that the readers can find out more and also follow the development of the project.
Cengiz: Holdefi website:
Lola (AMA HOST): Thanks Cengiz.
Can we also have the roadmap or is there a lite paper link we can check through too?
Cengiz:Yes you can find our whitepaper and other details at https://docs.holdefi.com/
Lola (AMA HOST): Okay. That's great.
Q11. Lastly, our favourite question in BSC News, do you have any alpha or juicy news that you can share with us today?
Cengiz:
We are in the last phases of Holdefi codes audit and tests, So Holdefi mainnet will be launched at the end of April early May.😊
Lola (AMA HOST): Great. Can't wait for it!
Cengiz: 🙈
Lola (AMA HOST): Thanks for this wonderful AMA, short and Precised. 😊
Cengiz: Thank you for inviting me here for this AMA.
Let’s talk about how to spot a potential rug.
Rugs… too many in just a short period of time.
Well, people got experience from other blockchains and came on BSC for quick cash as it should’ve been expected.
The number of rugs has slowed down a bit in the last couple of days, but is it over? No, and rugs will never stop appearing.
But can we learn how to spot sketchy aspects of a project?
Yes! And that’s what we’re going to be discussing today.
I will try to explain in great detail the points I made clear in the tweet above, along with others that I deem necessary.
Okay, I’m taking too long, here is a table of contents:
When it comes to a new project I have a list in mind of what I should look for. I’ll first give you the list here and then we can discuss each one in particular.
Keep in mind that those are just potential red flags that should alarm you, but that doesn’t mean the project is 100% safe or a scam. I'll explain the point above in the "The most important thing" part.
This will be the first red flag I’m going to be discussing today.
Rushed projects appear overnight and in less than 12 hours (most of the time) they have:
I also notice that the domains are registered just hours before launch, a major red flag for me, since it obviously takes more time to prepare a great project, but it only takes a few hours to fork an existing one.
This one is easy.
Just go to whois.domaintools.com, paste the link in the search bar, and then scroll down to “dates” to check how old a domain is.
Here we’ll have to check the contracts.
Most often than not fly-by projects don’t even edit their forked contracts properly, leaving clues that the project is rushed and the developers are careless.
The example above is taken from the infamous WineSwap rug-pull, where the MasterChef contract wasn’t even fully edited and the developers left in the main names of the Sushi functions.
Maybe the first thing that comes to mind to most people is to check contracts, but I like to do that as the last task.
Checking how the overall website looks gives me an idea about how much the developers have actually worked on the project before release.
Here I can even decide if it is worth investing in the project or not.
I tend to take a brief look around the website, mainly checking for:
Let’s take this random project I found on Twitter as an example.
I’ve found this project on Twitter after I was tagged by CryptoDeus in a post related to it, where he makes clear his concerns about it and warns people it might not be that safe to enter.
I’ll be honest with you, after checking out the website I feel the need to wash my hands…
It isn’t mainly about it looking bad, but more about the fact that it is clearly rushed, and when you rush something you’re clearly only looking for the end-goal, ignoring the path along the way.
In this step, we’ll take a look at how social media is handled by the team.
Because I like to be extra-careful and cherry-pick the projects I join I’ll also take a look at the overall appearance.
Let’s compare one of the first tweets of PancakeSwap to the first tweets of “Phoinikas”.
You can see:
Overall a nice tweet. I like it.
Also, the airdrop (at least for me) is kinda sketchy. Trying to market the project even before it is released.
Airdrops are a common thing projects do, especially new ones. But for me it can be a red flag. I'd like to encourage you to form your own opinion about everything. You have to decide what is a red flag for you and what isn't.
Tons of questions that were not responded to, some people were even asking “when rug?” and people that sent their wallet addresses (for the airdrop) were being banned.
Here comes my favorite thing, social media proof.
When it comes to a new project I can forgive the not-so-appealing website appearance and maybe try to not be too harsh on the social media management, but I’ll never forgive fake social media proof (fake likes, fake followers, fake Telegram members, etc).
Buying Twitter followers and Telegram members is extremely cheap, especially if you buy directly from providers and not from resellers (Not gonna teach you how, don’t even ask. Never buy fake social proof, it only hurts your growth).
As you can see, you can buy 5,000 Twitter followers and 5,000 Telegram members for a whopping $20.30 USD.
Let’s first learn how a fake Twitter account (a bot) looks like.
Fake accounts are easy to spot, especially the really cheap ones as stated in the disclaimer above.
Fake Telegram members are also semi-easy to spot.
As you can see there is a similarity here:
Let’s also see an example from WineSwap’s Telegram group.
These are higher quality.
In the example above you can see that after mass-joining the fake accounts only typed “hi” and “hello”, clearly not natural.
But, what makes spotting fake social media proof extremely easy is checking the followers list as a whole.
It is easier to see batches of fake accounts rather than trying to pick them individually.
Let me show you.
Let’s take a look at Phoinikas.Finance’s social media.
Seems like they have 1,796 Twitter followers and 1,841 Telegram members.
Okay, it doesn’t seem like much, does it? Well, it kinda is if you ask me, but not as much to raise immediate red flags.
WineSwap raised so many red flags at first because in their first day they had over 5,000 followers on Twitter and over 5,000 Telegram members.
But, let’s check them as a whole, should we?
Let’s take a quick look at the accounts that follow Phoinikas.Finance on Twitter.
Okay… well, I think that’s obvious enough and doesn’t need to be explained.
Let’s check who liked their posts, those must be real people!
Okay… there is still hope on their Telegram!
Please be real people…
I think I just lost faith in humanity at this point.
I need to do something real quick…
I’m back, had to wash my hands a second time.
It is extremely obvious that the project bought fake Twitter followers, likes, and Telegram members.
Also, you can see a discrepancy when it comes to the engagement on their Twitter posts.
There is a clear discrepancy between the engagement the giveaway had and their other posts. Yes, a giveaway is supposed to get more engagement, but not that much.
Tip: If a random project that's one or two days old already has thousands of followers it should immediately be a red flag for you and you should start looking into it.
Anyway, at this point, I think it is clear that the above project bought some fake stuff to make it look more legitimate.
Let’s move on to other things you should look for.
Well…
I just came back home, looking forward to continuing writing the article only to see that the website “phoinikas.finance” now redirects to a clone of “turing.finance” (whatever that project is) and that they rugged.
Imagine rugging while an article about “how to spot a potential rug” is using you as an example of a potential rug.
Man, this world is wild.
This one is a bit harder to come through, but I felt like including it here.
Intrusive marketing is when projects use bots and/or fake accounts to “spread the word” about a project on Twitter on random people’s posts and/or tag a massive amount of people in a project’s post.
Let’s take both situations at a time.
As you can see in the picture above this fake account is trying to silently shill WineSwap in CryptoBethany’s posts.
This is a silent way of making people aware that the project exists, and believe it or not many people ape into random projects on Twitter, so this strategy is working.
Mass tagging is quite straight forward. Just a bot tagging random people in the replies of the project’s posts.
You can’t really save yourself from being tagged by bots as they tag people that follow another project or people that liked a certain tweet (since people that liked the tweet tend to be more active on social media).
Anyway, mass tagging isn’t as bad on Twitter as it is on Instagram.
Many thanks to Defi Khaled for helping me write this part.
Now, here we come to the real deal.
You can fake anything, but you can’t fake code.
When it comes to contracts there are four main things I look for:
Let’s take each one at a time and explain it.
A contract is verified only when you can see the green check-marks on its bscscan.com page.
When a contract is verified it means that the developer added a human-readable version that’s an exact match of the actual code.
Nothing more, nothing less. It just means that the contract you see it’s the real one.
You should immediately run from YF MasterChef contracts:
If you see the above, you can’t read it.
While every project has unverified contracts at some point (especially the ones with runtime logic such as games) you have to be very careful with it.
The MasterChef contract and other main contracts of a project should always be verified.
The same applies to non-verified contracts that are readable.
If a contract has the human-readable version but it isn’t verified it means that what’s shown to you isn’t the actual code, so the developers might be trying to hide something from you.
Here is how a mint function looks like on BSCScan’s UI.
And here it’s how it looks like in code.
A mint function allows the contract owner to create more tokens “out of thin air”.
The rugging method using the _mint function is when the owner gives himself a bunch of tokens and then sells them, bringing the price of the token to almost $0.00 USD and screwing everyone over.
No, absolutely not.
A mint function is needed, especially when tokens are minted every block for rewards (in the case of yield farms such as PancakeSwap, Thugs, Narwhalswap, etc)
Well, this is a tough one.
Always make sure there is a need for it.
Yield Farms and other projects with unlimited supply will always have a mint function because that’s what their project relies on, but if you’re trading a token that is supposed to have a maximum supply but it has a _mint function then it should raise a red flag.
A wonderful thing for tokens that have a maximum supply is when the developers set the owner of the contract to the dead address (0x00…dead) like beefy.finance did with their $BIFI token.
A time-lock delays the function’s orders for the time specified in the time-lock, and the call will be public on BSCScan until the execution of said orders.
Yes and no.
Don’t let Timelock be a buzzword; they’re only as effective as their usage, not inherent safety.
While yes, the calls will be public until the execution and anybody can read them you’ll also need someone to be constantly checking for changes.
Set up an alert on the time-lock contract.
You can do it by adding the contract to your watch-list within BSCscan and you’ll be notified via e-mail every time the time-lock does a transaction.
A developer can set the ownership address of a contract to the dead address (0x000…dead) and make the contract completely untouchable, but remember that this also means everything has to be perfectly done before the execution and that in case of an emergency the developers can’t help since they don’t have access to it themselves.
I prefer a trustworthy team and a time-lock rather than an untouchable contract.
The decentralized world might look scary at first glance.
It can be complicated, it requires a lot of research and most of the time there are going to be risks that come with it.
But should that discourage you from joining new projects?
Absolutely not.
Taking safety precautions and investing only what you can afford to lose is the way to go.
The thing that gets people stuck in rugs is greed. It is the idea of getting rich quick, going all-in in a one-hour old project thinking they will have those x100 gains overnight.
Be safe out there.
Stop dreaming about overnight success and focus on continuously growing instead.
Let’s re-cap what you should look for when considering joining a new project.
This is how I personally check out the projects.
On top of what I already said, as a final note, ask yourself the following: Is it too good to be true?
If the answer is yes, take a step back, and analyze the situation, assign yourself some limits, and try to be careful with it.
Stay safe!
You might also want to read: How To Keep Your Funds SAFE — MetaMask Guide
—
The Ape 🦍
Follow: Twitter
