xflux

Memecoin rug pull strategy

This post is neither financial advice nor written with any malicious intent as a participant in the crypto world. It is intended to share the knowledge I have studied and to express my hope for a decrease in the number of victims of rug pulls.

The pumps of meme coins, starting with Pepe Coin in May 2023, would become historic records, and it would be great if the severity of rug pulls is also documented.

In rug pulls, the primary strategy typically involves creating a deceptive cryptocurrency project that attracts investors’ attention. Here are some common elements of a rug pull strategy:

  1. Hype Generation: The project team initiates a marketing campaign to generate hype and create a sense of excitement around the coin. This can involve social media promotion, influencers, community engagement, and promises of significant returns.
  2. Token Distribution: The team distributes a significant portion of the tokens to themselves or to early participants at low prices. This gives them a substantial share of the token supply.
  3. Liquidity Pool Manipulation: The team establishes a liquidity pool, usually on a decentralized exchange (DEX) platform. They provide initial liquidity or encourage investors to contribute to it. The goal is to make the coin seem legitimate and attract more buyers.
  4. Price Pump: The team or their associates execute trades that artificially pump the price of the coin. This creates a FOMO (fear of missing out) effect, luring more investors to buy in.
  5. Exit Strategy: Once the price reaches a desired peak and the team has accumulated enough profits, they execute their exit strategy. This involves selling off their tokens and withdrawing liquidity from the pool, causing the price to collapse.
  6. Abandonment: After executing the rug pull, the team disappears, leaving investors with worthless or significantly devalued tokens.

It’s important to note that rug pulls are fraudulent activities and can lead to substantial financial losses for unsuspecting investors. Therefore, it is advisable to conduct thorough research, exercise caution, and be aware of the risks associated with investing in meme coins or any cryptocurrency project.

During the peak of the Pepe frenzy, I came across a memecoin on Dextools (let’s say X coin), and it was following the basic strategy of a rug pull. The basic strategy was as follows:

  1. Mint X meme coin
  2. Create liquidity pool
  3. Put some liquidity via bot
  4. Build ecosystem trust
  5. Freely give away a good amount of the coin to whales
  6. Wait for victims
  7. Once a victim buys the coin, lock their wallet to prevent them from selling (pump happens here)
  8. Make a few sells to deceive victims
  9. Wait for more victims
  10. Remove the liquidity and pull the rug

The points mentioned above are simple enough for any crypto participants to comprehend. However, there are a lot of detailed plans for each step, and these details specifically target victims with average knowledge of crypto and blockchain.

Yeah, that X coin cheater managed to obtain a total of 37.93397783 ETH and disappeared. The victims were small investors who wanted to ride the wave of the memecoin pump.

I am going to hide all the trackable public transactions and addresses since any web3 developer can easily copy the rug smart contract code, reuse it, and create more rug scams.

The Smart Contract of this rug pull coin was intentionally designed with functionalities that prevent the buyer from selling the coin. Initially, I read the smart contract and visually scanned the function names on Etherscan, without noticing any suspicious functions. However, I soon realized that the function names were deliberately misleading and intended to deceive readers like me who were reviewing the SC code.

The cheater purposely named the backdoor functions in a way that seemed completely different, leading to incorrect interpretations. For example, functions like `approveVote`, `approveAirdropClaim`, or `grantReward` were used.

The cheater initially minted a total of 1000B coins.

Then, the cheater created the Uniswap V2 pool with a total of 700,000,000,000 coins and 2.5 ETH ($4,431.03). Additionally, the cheater locked another 300,000,000,000 coins using one of the token locking dApps.

This was the first trap that the cheater created to gain social trust within the ecosystem. As a result, victims may have believed that 30% of the tokens were locked based on the rug pull token’s Smart Contract. Furthermore, the existence of function calls related to airdrops or voting in the Smart Contract might have led victims to assume that this meme coin had plans beyond being just a meme.

A beautiful green candle chart is something that crypto traders cannot ignore. The cheater meticulously planned this, and as a result, this sell-blocked coin experiences a continuous increase in green candles over time.

Additionally, the cheater operated a bot capable of buying and selling. The bot was whitelisted by the cheater and allowed to engage in trading activities. Initially, I suspected it was conducting a frontrun attack, but that turned out not to be the case. The bot was actually buying at low prices and selling at higher prices. Its true purpose was not a frontrun attack.

The role of this bot was to contribute to drawing the chart and create the illusion of active buying and selling. It was designed to deceive victims into believing that there was genuine trading activity taking place.

The cheater began spreading the scam coin to whales, not solely to create transactions targeting the whales’ addresses. The cheater demonstrated cunning by utilizing their own budget. They prepared a second wallet containing some ETH, which was used to purchase their own coin on a decentralized exchange (DEX), while setting the recipient’s address as the whales’ addresses. This created the appearance that the whales themselves had bought the scam coin.

As the victims fell for the bait, they began buying the scam coin, causing the Uniswap pool to accumulate ETH. However, when buyers eventually wanted to sell the coin, they discovered that the cheater had already blocked their wallets in the token Smart Contract. It became evident that the Smart Contract was specifically designed to blacklist buyers and prevent them from selling the coin.

It appears that the function approveSwap needed to be called immediately after the victim purchased the scam coin, specifically right after the token transfer was completed. Upon investigating the time interval between the victim’s buy call and the execution of approveSwap, it was found to be approximately 2 seconds after the token transfer was completed. This suggests that the cheater was monitoring the transfers, waiting for the buy event, and then executing the approveSwap. This process was likely automated or performed by another bot.

Once the approveSwap was executed on the targeted victim, they became unable to sell or transfer the coin altogether.

As time passed, the number of victims increased, and the chart showed significant upward movement. However, at a later point, Dextools indicated a suspicious pool and issued a warning.

At this point, the cheater decided to execute the rug pull, causing unrealized victims to become realized victims. The cheater proceeded to remove the liquidity from the Uniswap pool, leaving the victims with no means to recover their investments.

A total of $67,179 worth of victims’ ETH was transferred to Binance 4, and unfortunately, it is now lost forever. This outcome is undoubtedly disheartening and frustrating for the victims. Fuck.

I have always wondered how rug pulls work, and this was a good opportunity for me to learn about it. I wanted to understand the level of effort, time, and budget required to deceive people, and based on the above study, it appears to be at least 6 ETH.

  • Token SC deployment gas: 0.21 ETH ($450)
  • Uniswap V2 Pool deployment gas: 0.21 ETH ($450)
  • Uniswap V2 Pool initial liquidity: 2.5 ETH ($4,431.03)
  • Token Lock: 0.081 ETH ($180)
  • Free giveaway to whales via DEX: potentially another 3 ETH ($5,526)

However, based on the initial and maximum liquidity in the Uniswap pool, which amounted to approximately $120,445 or around 65 ETH, the cheater only withdrew 37 ETH from the pool. Additionally, the cheater spent approximately 6 ETH to set up all the necessary environments. This implies that at least 22 ETH worth of liquidity remained in circulation.

Initially, I believed that such a strategy could be managed by an individual, but after conducting this study, I now realize that at least 6 ETH is required to establish the basic infrastructure. With 6 ETH equating to around $11,000, it becomes evident that this is not an amount easily expendable for an individual. It appears that this type of operation is more feasible for team-based cheaters or organized groups.

Please note that my understanding is based on the information provided, and there may be variations or additional factors to consider.

In conclusion, the study of this rug pull incident has shed light on the effort, resources, and coordination involved in executing such scams. It emphasizes the importance of caution and due diligence in the cryptocurrency space, as well as the need for continued vigilance against deceptive practices.

Posted

in

,

by

chris.xflux

I am a software engineer who enjoys building things. Please share your interest with me – chrisyoum[at]gmail.com