The rug pull is the most common crypto-specific fraud - distinct from traditional investment scams because it exploits the open, permissionless nature of DeFi specifically. Creating a token and listing it on a decentralised exchange requires no permission, minimal technical skill, and minimal capital. Attracting buyers through marketing, influencer promotion, and community building requires only a compelling narrative and knowledge of how to manipulate social media. Stealing the deposited capital requires only the execution of a pre-built function in the token contract. The entire operation can be planned, executed, and completed in days - often generating hundreds of thousands or millions of dollars for the perpetrators. Understanding the mechanics precisely is the first step in not becoming a victim.
What Is a Rug Pull?
A rug pull occurs when the creators of a cryptocurrency project exit with investor funds - 'pulling the rug' from under holders who believed in the project. The metaphor is apt: the floor of value that holders assumed was there simply disappears, leaving their tokens worthless and their investment unrecoverable.
Rug pulls primarily occur in two contexts: DeFi liquidity pools on decentralised exchanges, and token projects that raise capital through initial sales before the developers drain the treasury or sell their allocation simultaneously - a coordinated dump that collapses the price.
Hard Rug Pulls
A hard rug pull involves malicious code built into the token contract from the start - designed to steal funds at the moment the developers choose to execute.
Honeypot contracts: The token is coded to allow unlimited buying but restrict selling - either completely or to a whitelist of developer-controlled addresses. Victims buy eagerly as the price rises (all buying, no selling). At peak, developers sell their allocation through the whitelisted function. Price collapses. Victims cannot sell. Everything is lost.
Backdoor drain function: A hidden function in the contract allows the developer to withdraw all liquidity at any time. Not visible without careful code review. Victims trade happily for days or weeks. Liquidity grows as more buyers enter. Developer executes the drain function. All liquidity is removed instantly. Token becomes worthless in seconds.
Soft Rug Pulls
A soft rug pull does not require malicious code - it exploits the voluntary actions available to any project founder.
Team token dump: Developers hold a large percentage of the total token supply - common in projects where 'team allocation' is 20-50% of supply. After launch, the token price rises as buyers accumulate. Developers sell their allocation gradually or suddenly - causing rapid price decline. Community is misled to believe in 'selling pressure from early investors.'
Liquidity removal: Developers provide their own liquidity to the DEX pool at launch - this is the capital that makes trading possible. As the project gains attention and the price rises, they remove their liquidity - token is still tradeable but with minimal depth, causing 90%+ price collapse on any significant sell order.
Slow abandonment: Development slows, then stops. Marketing promises unfulfilled. Team goes silent. Token loses all value gradually. This is the most common form - slower and less dramatic than sudden drains but equally effective at losing investors' money.
The Warning Signs
CRITICAL RED FLAGS:
✗ Anonymous team with no verifiable identity.
✗ No code audit from a reputable firm.
✗ Liquidity not locked - developers can remove it at any time.
✗ Team controls large % of supply with short or no vesting.
✗ Copied contract code with minor modifications - no original development.
✗ Unrealistic return promises.
✗ Pressure to buy quickly - artificial urgency.
✗ Influencer promotion without disclosure (paid promotion not identified as such).
✗ New project (under 3 months old) with no working product.
POSITIVE INDICATORS (not guarantees):
✓ Named, verifiable team with professional backgrounds.
✓ Code audit from Certik, PeckShield, Trail of Bits, or equivalent.
✓ Liquidity locked for 12+ months.
✓ Team vesting of 3-4 years minimum.
✓ Working product before token launch.
✓ Established community with genuine discussion.
✓ Transparent tokenomics with published unlock schedule.
Due Diligence Before Investing
□ Find the contract address on the official project website: Never use contract addresses from Telegram, Discord, or social media.
□ Check the contract on a block explorer (Etherscan, BscScan): Look for: verified source code, audit links, holder distribution. Top 10 holders should not hold 50%+ between them.
□ Check Token Sniffer or RugCheck.xyz: Perform automated contract analysis. Look for honeypot warnings, suspicious owner functions, unlocked liquidity.
□ Verify liquidity lock on Unicrypt or Team.Finance: Ensure the lock is verifiable on-chain, not just claimed in text.
□ Find the team: Search for verifiable professional LinkedIn or GitHub profiles.
□ Search outside official channels: Look up '[token name] scam' or '[token name] rug' on Reddit and Twitter/X.
□ Find and read the code audit: Review the summary to see if high-risk issues are listed.
The most commonly cited justification for skipping due diligence is speed - 'I need to buy now before the price goes up.' This urgency is almost always manufactured. Legitimate projects do not disappear in the time it takes to complete a 10-minute check. Projects that disappear in 10 minutes were always going to disappear. The urgency is a psychological manipulation technique. Slow down. Check first.