Rug pulls are the most common way people lose money on new tokens. The good news: almost every rug
mechanism is built into the contract or the liquidity before launch — so it’s
checkable before you buy, not just explainable after.
§01 · how rugs work
Four mechanisms, all pre-built.
A rug takes your money out one of four ways: a dev dump (the team sells its large allocation and tanks the price); a liquidity pull (developers yank the pool, leaving nothing to sell into); a sell block / honeypot (the contract lets you buy but not sell); or an infinite mint (the owner prints new supply and dilutes you). Each is set up in the contract or the pool ahead of time — which is the whole reason a check can catch it.
§02 · check before you buy
Five on-chain red flags.
Active ownership — the owner can still change the rules (vs. renounced).
Mint function — supply can be inflated.
Blacklist / trading toggle — the owner can block your sells later (a latent honeypot).
Thin or unlocked liquidity — easy to pull, high slippage.
Sell reverts in simulation — the token can’t actually be sold.
None of these needs you to trust the team. They’re facts in the contract and the pool — exactly what an on-chain safety check reads.
pre-buy rug/honeypot check
# One call: ownership, mint, blacklist/trading-toggle, liquidity, honeypot simulation + a verdict.
curl -s -X POST https://true402.dev/api/v1/base/token-report \
-H 'content-type: application/json' \
-d '{"token":"0x<token-address>"}'
# { "verdict": { "rating": "avoid|caution|ok", "score": 0-100, "reasons": [...] },
# "recentPulls": [...] } # liquidity-removal events = a rug in progress
§03 · watch after
A rug in progress is visible.
Even a token that checked out can rug later when liquidity is removed. That removal is an on-chain Burn event — so a liquidity-pull feed shows the rug as it happens, in time to exit. true402 surfaces recent removals on a token’s pools in the same report (recentPulls).
On-chain checks catch the mechanical rugs — honeypots, mint, owner kill-switches, no/locked liquidity, removals. They can’t read intent: a clean contract with a team that simply dumps is still possible. Treat the verdict as “no mechanical trap found,” not “guaranteed safe,” and size accordingly. Related: bought a token and can’t sell it · honeypots explained.
§06 · questions
Answered for machines.
What is the best way to avoid a crypto rug pull?
Check the token on-chain before you buy, because most rug mechanics are visible in the contract and the pool. The four checks that catch the majority: is ownership renounced (or can the owner change the rules), can the supply be minted, is there real and locked liquidity, and — most important — can the token actually be sold (a buy/sell simulation). A token that fails any of these is a pass. Tools like true402 run all four in one call on Base for about $0.005, with no account, so you can gate every buy on the result.
How do crypto rug pull scams work?
A rug pull takes investor money out of a hyped token in one of a few ways: the team dumps its own large allocation and tanks the price; the developers pull the liquidity pool so there is nothing left to sell into; the contract limits or blocks sells (a honeypot) so money only flows in; or the owner mints new supply and dilutes everyone. The common thread is that the mechanism is built into the contract or the liquidity setup before launch — which is exactly why it can be checked beforehand.
How can you tell if a token is a rug pull before investing?
Look for the on-chain red flags: active (non-renounced) ownership, a mint function, an owner who can blacklist sellers or toggle trading, thin or unlocked liquidity, and a sell path that reverts in a buy/sell simulation. Recent liquidity-removal events on the token’s pools are a rug in progress. None of these requires trusting the team’s marketing; they are facts in the contract and the pool that a structural safety check reads directly.
Can you recover money from a rug pull?
Usually not. If liquidity was pulled or the sell path is blocked at the contract level, there is nothing off-chain that can reverse it, and anyone offering paid "recovery" is a second scam. Revoke any token approvals you granted, abandon the position, and shift effort to prevention — checking the next token before you buy it, not after.