MemeCoin seems to be still gaining attention recently. At the beginning of this month (August), Pumpfun announced two updates:
- Token creation is completely free. Anyone (without any technical knowledge) can issue tokens with one click through Pumpfun. The original 0.02 SOL fee that the creator needs to bear will be borne by the first buyer after the corresponding token is created.
- When a token completes its Bonding Curve, the creator will also receive a reward of 0.5 SOL, which comes from the migration fee of Pumpfun, regardless of whether the creator has held or still holds the token.
Additional knowledge: What is Bonding Curve?
Bonding Curve is a mathematical model that is widely used in fields such as token economy and automated market making (AMM). It is mainly used to determine the relationship between the price and supply of tokens through algorithms. Several common curve types include linear, exponential and logarithmic curves. Each type has its own specific mathematical expression for calculating the relationship between the price of a token and its supply. In the field of DeFi, this curve is usually designed so that as the supply of tokens increases, the price of the token will also increase. This is to incentivize early investors who buy when the supply of tokens is low (lower prices) and can obtain potential returns as the market expands. As shown in the figure below, it shows the relationship between the Pumpfun bonding curve and the price and number of tokens.
As of the time of writing, the number of tokens created through the Pumpfun platform is 1,827,856, as shown in the figure below.
If we add the tokens created through other launch platforms or launch tools, it is estimated that the number of MemeCoins created in the crypto field is at least 2 million. In addition to becoming an ultimate PVP Gambling venue, the current MemeCoin field seems to have entered a state of "everyone issuing coins".
It was under this scale effect that Sun Ge (Justin Sun) officially came on the scene. On August 12, SUNIO, a DEX under the TRON ecosystem, officially launched SunPump. A few days later (August 16), with Sun Ge's continued promotion, SUNDOG launched on SunPump broke the $100 million mark in market value in just three days, and the number of MemeCoins created on SunPump has exceeded 12,000, and the cumulative revenue has exceeded 4.5 million TRX. As shown in the figure below.
Many people actually understand that in the world of MemeCoin, as a zero-sum game, if a few people make a lot of money, it is because the vast majority of people lose money.
A few days ago (August 19), a Twitter user did a statistics, taking the Pumpfun we mentioned above as an example: only 70 traders (accounting for 0.0028%) made a profit of more than 1 million US dollars; 924 traders (accounting for 0.037%) made a profit of more than 100,000 US dollars; 11,936 traders (accounting for 0.477%) made a profit of more than 10,000 US dollars; 76,567 traders (accounting for 3.061%) made a profit of more than 1,000 US dollars. In general, among the users who traded through Pumpfun (the platform currently has a total of 3.534 million wallet addresses that have participated in transactions), only 20% of traders achieved profits (income greater than 0), and the remaining 80% were losses. As shown in the figure below.
Moreover, the MemeCoin space is also full of various Rug Pulls. About 99% of MemeCoin Rugs only allow 1% of people (including insiders) to make considerable profits, and the rest of the participants are basically reduced to leeks. Therefore, for anyone who wants to make money from MemeCoin games, the first thing to consider or pay attention to is how to avoid participating in such Rug projects.
What is Rug Pull?
Rug Pull literally means carpet pulling force, which means packing up and running away in plain language. It refers to the behavior of project creators abandoning the project and running away, leaving investors with worthless tokens.
At present, there are two common forms of Rug Pull: hard pulls and soft pulls. The main methods of the former are malicious code (hidden vulnerabilities in smart contracts) and liquidity theft, and the main method of the latter is token dumping (quickly smashing the market after pulling it up).
Among them, soft pull is probably the most common one. For example, after someone with ulterior motives creates MemeCoin, they use some means to quickly raise the price of the corresponding token to attract more people to buy it. Then the creator will quickly sell the tokens he holds at the right time, causing the price to return to zero, so as to complete the harvest. As shown in the figure below.
Next, let’s continue to expand on this topic and sort out how to avoid participating in this kind of Rug project.
1. Anonymous or unknown team
At present, most of the creators of MemeCoin are anonymous or unknown, but in order to make the MemeCoin they created look more real, some project parties often forge some identities to deceive the trust of the majority of participants.
Therefore, in addition to being cautious about anonymous team projects, you should also conduct necessary background research on the so-called public project identities. Don't think that a project is reliable just because you see a foreigner's profile picture and various so-called institutional identity backgrounds. You should have some basic judgment skills of your own. For example, you can search for their historical information through platforms such as Google and Twitter to assist in understanding.
Or, if they have a corresponding Twitter account, you can also consider using some third-party tools, such as TwitterScore, tweetscout, getmoni, etc., which have been introduced in previous articles of Hualihuawai. As shown in the figure below.
2. Token liquidity
Liquidity theft is also a common Rug method. Generally, in order to start a transaction, the creator of MemeCoin must add liquidity to the pool (such as creating a BRETT/SOL trading pair), and whether the liquidity is locked is currently one of the main methods for checking and judging its security.
Liquidity lock mainly involves destroying LP (liquidity pool). After destruction, the pool cannot be withdrawn (in plain words, it ensures that the assets in the liquidity pool can no longer be withdrawn by the project party). Common ways of destruction include sending tokens to a black hole address or transferring Owner permissions to a black hole address.
There are two common black hole addresses now:
0x000000000000000000000000000000000000000
0x000000000000000000000000000000000000dead
These black hole addresses are like wallet addresses that no one can claim. This address does not belong to anyone, and the assets deposited into it cannot be controlled (taken away) by anyone.
Conversely, if the liquidity of a token is not locked, it means that the creator has the authority to directly withdraw all funds from the liquidity pool, which makes it easy for liquidity theft to occur (the creator runs away with the money). Once such behavior occurs, all tokens purchased by investors will be reduced to zero.
Therefore, if the liquidity pool can be locked (the percentage of locked liquidity must be checked), the risk of the creator directly withdrawing from the pool and running away will be greatly reduced.
Currently, many tools provide functional modules for checking the lock status of liquidity pools, such as Rugcheck (applicable to Solana chain) introduced in the previous article of Hualihuawai. The tool is very easy to use. Just paste the contract address of the corresponding token into the input box of the website and click the check button to see the specific detection details. If you see the test result marked as Good, it means that the risk of Rug is relatively low (but it does not mean that there is no risk at all. Some malicious tokens that are hidden deeper may not be detected). As shown in the figure below.
3. Token holdings
Generally, when a developer creates a contract, a portion of the tokens are used for liquidity, and the developer may keep the rest. Therefore, in addition to checking the lock status of the liquidity pool, you should also pay attention to the token holdings.
If a large portion of the token supply is held by a small number of holders (such as insiders), the token price will be vulnerable to manipulation. They will quickly drive up the token price while selling their tokens to the leeks, and the result is often that the leeks exchange their real money (SOL/ETH) for a large number of zero-value coins.
Therefore, if you are skeptical about the price trend of a token, you might as well use the corresponding block browser to check the number of token holders, such as etherscan (Ethereum browser), bscscan (BSC chain browser), solscan (Solana browser), etc.
Here we simply take solscan as an example for demonstration:
After entering the solscan website, paste the token contract address you need to check into the search box, and then click the Holders tab button on the page to see the specific coin holding ratio, as shown in the figure below.
We can focus on observing the data in the Percentage column on the Holders page. If the holders are distributed relatively evenly and no single or several wallets hold a large share, then the probability of Rug appearing in the project is relatively low.
4. The relevance of holding a wallet
The relatively even distribution of holders mentioned above is only a theoretical hope, because there is another problem that we cannot ignore, that is, although we may not find that a single or a few wallets have a relatively large proportion, this does not rule out that they (insiders) have dispersed the tokens into multiple wallets.
For example, if the developer distributes 10% of the token supply to 5 wallet addresses, each containing only 2% of the tokens, and uses this decentralized approach to create a good token distribution display, then this situation is difficult for ordinary users to intuitively discover through the Holders page in the blockchain browser.
Therefore, we also need to use some third-party tools to check the correlation between key wallets, such as Arkham, breadcrumbs, bubblemaps and other tools mentioned in previous articles by Hualihuawai.
Here we simply take bubblemaps as an example for demonstration:
After entering the bubblemaps website, first switch to the corresponding chain in the upper left corner, then paste the token contract address into the search box for query, and you can observe the connection between each wallet through the bubble map, as shown in the figure below.
5. Is there any malicious code in the contract?
In some cases, the creator may add special code to the contract to achieve some ulterior motives, such as continuing to mint more tokens, preventing sales (honeypot), etc.
Several friends were deceived because of participating in the honeypot project. For example, someone would recommend a MemeCoin with a good growth trend to him, and then ask him to buy it. After buying it, he found that he quickly earned 2 times, 3 times, or even more. At this time, he thought he was only one step away from his dream of getting rich. In addition, the people who recommended him to buy the coin brainwashed and deceived him, so he invested more money. But when he wanted to sell it, he found that this coin can only be bought, but not sold.
There seems to be no perfect solution for this type of malicious code currency. We can only deal with it in the following ways:
- Test trading. For example, you can buy a small amount of tokens first, then try to sell them immediately. If you cannot sell them, please stay away from them immediately.
- Honeypot detection. There are many tools that can be used to check honeypots, such as rugdoc (supports BSC chain), honeypot (supports Ethereum chain, BSC and Base chain), rugcheck (supports SOL chain), solsniffer (supports SOL chain), bscheck (supports Ethereum chain, BSC chain), etc., which have been introduced to you in previous articles by Hualihuawai. As shown in the figure below.
But here we need to remind you that on-chain tools can only be used as an auxiliary, because these tools are all for routine inspection of smart contracts. I have tested before that the same contract address with malicious code can be detected in some honeypot detection tools, while some tools will show normal data. It is even said that some tool platforms can turn the corresponding inspection modules into normal data display by paying money. Therefore, to judge whether a project is a Pixiu, it may still need to be considered comprehensively, and should not rely on the detection results of a single tool.
6. Creator sniping to buy tokens
For the five items mentioned above, at least we can check them through observation or with the help of some tools, but the behavior of creators buying tokens in batches is currently the most difficult to check and judge.
For example, although we see that the creator (developer) has already released 100% of the token supply to LP, we cannot rule out that after creating LP, he will use some technical means to use multiple new wallets that have no connection with each other to snipe (priority buy) tokens.
As a result, for creators:
First, they will get priority to obtain most of the token supply through sniping, and this process will not arouse suspicion from others (it is also difficult for ordinary people to find evidence of suspicion). At the same time, this operation also directly drives the rapid rise in token prices.
Secondly, because the creators already control most of the LP tokens, they can easily continue to raise the price of the tokens, and with the help of some effective promotion and publicity, further attract people's attention and FOMO, and then many people will buy the token under the influence of FOMO sentiment.
Thirdly, developers may also use some special tools to sandwich transactions in user wallets based on MEV (the core attack method of MEV is sandwich attack) to obtain more benefits.
In this case, we can try to make some auxiliary judgments in the following way (using etherscan browser for a simple demonstration):
Step 1. Paste the LP address (which can be seen in the corresponding DEX transaction details page) into the block browser for search, and then go to the Token Transfer button, as shown in the figure below.
Step 2: Click the Advanced filter button on the right to find the transaction statistics chart (histogram) in the new page that opens, as shown in the figure below.
Step 3. Continue to click on the first day’s trading chart in the bar chart (i.e. the first trading bar chart), and then click on Last (last page) in the page number label at the bottom right corner of the page to view the changes in trading data after adding liquidity, as shown in the figure below.
This page mainly displays the wallets that preempted the transactions. You may also find that many transactions are sniped by robots (such as Banana Gun). If you can find a suspicious wallet here, you can further use the tools introduced in previous articles such as Arkham, Debank, alphatrace, etc. to detect whether the corresponding wallet address is a newly created wallet (that is, the historical transaction record only has this kind of token).
Generally speaking, normal users will not use multiple new wallet addresses to perform batch transactions for a certain token. Therefore, if such transactions exist, it cannot be ruled out that they are operated by insiders (of course, this is only a guess and does not mean that all new wallets belong to insiders).
In short, through the above methods, I believe you can avoid participating in those Rug Pull projects to a certain extent. But this is only an auxiliary means. The most important thing is actually your own risk management and position management. I still keep the previous advice unchanged: if you like adventure, then participating in MemeCoin is definitely fine, but it is recommended that the investment in such projects should not exceed 10% of the position at most, and be prepared for the possibility of zero at any time.
