Learn · Risk

How to spot a rug pull

A rug pull is when the people behind a token extract its value and leave holders with something worthless — by draining liquidity, minting and dumping supply, or simply abandoning the project. Rugs are deliberate and engineered, which means the warning signs are often visible on-chain before the trap springs. Learning to read them is the single most valuable defensive skill for anyone trading newer tokens. This article catalogs the red flags and the checks that catch most rugs before you buy.

Unlocked or removable liquidity

The classic rug is a liquidity pull: the team removes the pool's funds, collapsing the price to near zero. The defense is verifying that liquidity is locked in a time-lock contract or burned, and checking the actual unlock date — a lock that expires next week is barely a lock. If liquidity can be withdrawn freely by the team, the rug requires nothing but a single transaction, and you should assume it can happen at any time.

Dangerous contract permissions

Read what the contract can do. A mint function lets the team print unlimited new supply and dump it on the market. A blacklist or pause function lets them stop you from selling while they exit — the mechanism behind many honeypots. Hidden or adjustable transfer taxes can quietly confiscate value on every trade. Each of these is a lever the team can pull against holders, and their presence in an anonymous project is a serious warning.

Concentrated holdings

Examine the holder distribution. If the deployer or a handful of wallets control most of the supply, they can crash the price by selling at any time, and you are the buyer on the other side. Watch for many fresh wallets funded from the same source, a common trick to fake decentralization. Broad, organic distribution is reassuring; concentration in a few hands is a structural trap waiting to close.

A pre-buy checklist

Before buying any new token, run the same short routine: verify the full contract address from an official source, confirm liquidity is locked or burned and check the unlock date, read the contract for mint/blacklist/tax functions, inspect holder distribution, and confirm ordinary wallets have sold successfully — ideally with a small test sell of your own. Passing all of these does not guarantee safety, but failing any one of them is reason enough to walk away.

Legal

Risk disclosure

XAUConnect is a non-custodial swap aggregator. Digital assets are volatile and may lose value rapidly. Content on this page is educational and not investment advice. Verify every contract address on the official block explorer before approving a transaction.

Frequently asked questions

What is the most common type of rug pull?

A liquidity pull, where the team removes the pool's funds and the price collapses. Verifying locked or burned liquidity and its unlock date is the primary defense.

Which contract permissions are red flags?

Mint functions, blacklist or pause functions, and hidden or adjustable transfer taxes — all give the team levers to dump supply or stop you from selling.

Why does holder distribution matter?

If a few wallets hold most of the supply, they can crash the price at will. Watch for many fresh wallets funded from one source faking decentralization.

Can a checklist guarantee a token is safe?

No. Passing the checks reduces risk but does not eliminate it. Failing any single check, however, is reason enough to avoid the token.

Live execution

Trade on XAUConnect

Open the swap page to compare live routes, set slippage, and sign from your own wallet — fully non-custodial.

Open swap Explore markets

Continue exploring

Related markets, guides & networks

Curated next steps based on this topic — deepen your research before you trade.

Guides

Articles

Platform

Discover live markets
Charts, launches, and indexed pools across seven networks.

Build programmatically

Swap via API for bots and AI agents — quotes, builds, and cross-chain routes.

Developer quickstart