Skip to content

forta-network/forta-solidus-bot

Repository files navigation

Token Sniffer Rug Pull Detector

About the Developer

Solidus Labs is the category-definer for crypto-native market integrity solutions - trade surveillance, transaction monitoring, and threat intelligence. More information about Solidus is contained at the bottom of the documentation.

Description

This bot detects rug pulls by comparing the smart contract source code and bytecode against a database of thousands of known scam patterns using the Token Sniffer API. It supports the same scam detection functionality as the Token Sniffer web site.

How it Works

The bot listens to the websocket stream of newly detected rug pulls from the Token Sniffer API. As new token smart contracts are deployed on-chain and/or source code is verified on the respective block explorer web site, Token Sniffer searches the contract source code against a database of known scam code patterns much in the same way a virus scanner searches executable programs for known virus code patterns. For tokens without verified source code available a token may be alerted as a scam based on bytecode similarity to known scam contracts. The bot emits an alert the contains information about the token and the type(s) of scam detected.

Supported Standards

  • ERC-20

Supported Chains

  • Ethereum
  • BNB Smart Chain (BSC)
  • Polygon
  • Arbitrum
  • Optimism
  • Fantom
  • Avalanche
  • Cronos
  • Gnosis
  • KCC
  • Oasis
  • Harmony
  • Base

Alerts

  • SCAM-TOKEN-NEW

    • Fired when a new token has been flagged as a scam by the code scanner
    • Severity is always set to "Critical"
    • Type is always set to "Scam"
    • uniqueKey: A unique hash derived from chain_id, address, deployer_addr, name, symbol, and created_at
    • addresses: A list containing the rug pull contract address and contract deployer address
    • protocol: The name of the token as required by ERC-20
    • source: The blockchain identifier for the token
    • Metadata:
      • chain_id - The blockchain identifier for the token
      • address - The contract address for the token
      • deployer_addr - The address that deployed the token contract
      • name - The name of the token as required by ERC-20
      • symbol - The symbol of the token as required by ERC-20
      • created_at - The datetime that the token contract was deployed on chain
      • exploit_id - An integer identifier for the code rule that was triggered
      • exploit_name - A string description of the code rule that was triggered
      • exploit_type - A comma-separated list of strings describing the categories of the scam code detected. Possible values include:
        • honeypot
        • hidden mint
        • hidden fee modifier
        • hidden transfer
        • hidden balance modifier
        • hidden max transaction amount modifier
        • LP block
        • blocklist/allowlist
        • fake ownership renounce
        • mint to multiple wallets during creation
        • restricted selling
        • external contract
  • SCAM-TOKEN-FALSE-POSITIVE

    • Fired when a false positive was identified manually for a token contract and its deployer
      • Removes the previous label for this entity
    • Severity is always set to "info"
    • Type is always set to "info"
    • uniqueKey: A unique hash specific to this alert. Derived from chain_id, address, deployer_addr, name, symbol of the previously generated labels.
    • source: The blockchain identifier for the token

Labels

  • rug pull Contract

    • entityType: EntityType.Address
    • label: "rug pull contract"
    • entity: rug pull address
    • confidence: 0.99
    • metadata:
      • chain_id - The blockchain identifier for the token
      • address - The contract address for the token
      • deployer_addr - The address that deployed the token contract
      • name - The name of the token as required by ERC-20
      • symbol - The symbol of the token as required by ERC-20
      • created_at - The datetime that the token contract was deployed on chain
      • exploit_id - An integer identifier for the code rule that was triggered
      • exploit_name - A string description of the code rule that was triggered
      • exploit_type - A comma-separated list of strings describing the categories of the scam code detected.
  • rug pull Contract Deployer

    • entityType: EntityType.Address
    • label: "rug pull contract deployer"
    • entity: rug pull deployer address
    • confidence: 0.99
    • metadata:
      • chain_id - The blockchain identifier for the token
      • address - The contract address for the token
      • deployer_addr - The address that deployed the token contract
      • name - The name of the token as required by ERC-20
      • symbol - The symbol of the token as required by ERC-20
      • created_at - The datetime that the token contract was deployed on chain
      • exploit_id - An integer identifier for the code rule that was triggered
      • exploit_name - A string description of the code rule that was triggered
      • exploit_type - A comma-separated list of strings describing the categories of the scam code detected.

Test Data

Test suite in ./src/agent.spec.ts.

Data Sources

Smart contract source code provided by:

License

The bot is released under the Forta Bot License.

About the Developer

Solidus Labs is the category-definer for crypto-native market integrity solutions - trade surveillance, transaction monitoring, and threat intelligence. Our mission is to enable safe crypto trading throughout the investment journey across all centralized and DeFi markets. As the founder of industry-leading initiatives like the Crypto Market Integrity Coalition and DACOM Summit, and in everything we do, Solidus is deeply committed to ushering in the financial markets of tomorrow.

Solidus Labs has been an active member of the Forta community from the beginning. We joined the first community call in Fall 2021 and have provided regular feedback since then. We are also an active user of the Forta Network.

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published