Solidus Labs is the category-definer for crypto-native market integrity solutions - trade surveillance, transaction monitoring, and threat intelligence. More information about Solidus is contained at the bottom of the documentation.
This bot detects rug pulls by comparing the smart contract source code and bytecode against a database of thousands of known scam patterns using the Token Sniffer API. It supports the same scam detection functionality as the Token Sniffer web site.
The bot listens to the websocket stream of newly detected rug pulls from the Token Sniffer API. As new token smart contracts are deployed on-chain and/or source code is verified on the respective block explorer web site, Token Sniffer searches the contract source code against a database of known scam code patterns much in the same way a virus scanner searches executable programs for known virus code patterns. For tokens without verified source code available a token may be alerted as a scam based on bytecode similarity to known scam contracts. The bot emits an alert the contains information about the token and the type(s) of scam detected.
- ERC-20
- Ethereum
- BNB Smart Chain (BSC)
- Polygon
- Arbitrum
- Optimism
- Fantom
- Avalanche
- Cronos
- Gnosis
- KCC
- Oasis
- Harmony
- Base
-
SCAM-TOKEN-NEW
- Fired when a new token has been flagged as a scam by the code scanner
- Severity is always set to "Critical"
- Type is always set to "Scam"
uniqueKey
: A unique hash derived fromchain_id
,address
,deployer_addr
,name
,symbol
, andcreated_at
addresses
: A list containing the rug pull contract address and contract deployer addressprotocol
: The name of the token as required by ERC-20source
: The blockchain identifier for the token- Metadata:
chain_id
- The blockchain identifier for the tokenaddress
- The contract address for the tokendeployer_addr
- The address that deployed the token contractname
- The name of the token as required by ERC-20symbol
- The symbol of the token as required by ERC-20created_at
- The datetime that the token contract was deployed on chainexploit_id
- An integer identifier for the code rule that was triggeredexploit_name
- A string description of the code rule that was triggeredexploit_type
- A comma-separated list of strings describing the categories of the scam code detected. Possible values include:honeypot
hidden mint
hidden fee modifier
hidden transfer
hidden balance modifier
hidden max transaction amount modifier
LP block
blocklist/allowlist
fake ownership renounce
mint to multiple wallets during creation
restricted selling
external contract
-
SCAM-TOKEN-FALSE-POSITIVE
- Fired when a false positive was identified manually for a token contract and its deployer
- Removes the previous label for this entity
- Severity is always set to "info"
- Type is always set to "info"
uniqueKey
: A unique hash specific to this alert. Derived fromchain_id
,address
,deployer_addr
,name
,symbol
of the previously generated labels.source
: The blockchain identifier for the token
- Fired when a false positive was identified manually for a token contract and its deployer
-
rug pull Contract
entityType
: EntityType.Addresslabel
: "rug pull contract"entity
: rug pull addressconfidence
: 0.99metadata
:chain_id
- The blockchain identifier for the tokenaddress
- The contract address for the tokendeployer_addr
- The address that deployed the token contractname
- The name of the token as required by ERC-20symbol
- The symbol of the token as required by ERC-20created_at
- The datetime that the token contract was deployed on chainexploit_id
- An integer identifier for the code rule that was triggeredexploit_name
- A string description of the code rule that was triggeredexploit_type
- A comma-separated list of strings describing the categories of the scam code detected.
-
rug pull Contract Deployer
entityType
: EntityType.Addresslabel
: "rug pull contract deployer"entity
: rug pull deployer addressconfidence
: 0.99metadata
:chain_id
- The blockchain identifier for the tokenaddress
- The contract address for the tokendeployer_addr
- The address that deployed the token contractname
- The name of the token as required by ERC-20symbol
- The symbol of the token as required by ERC-20created_at
- The datetime that the token contract was deployed on chainexploit_id
- An integer identifier for the code rule that was triggeredexploit_name
- A string description of the code rule that was triggeredexploit_type
- A comma-separated list of strings describing the categories of the scam code detected.
Test suite in ./src/agent.spec.ts
.
Smart contract source code provided by:
- Ethereum: Etherscan (https://etherscan.io/)
- BSC: BSCScan (https://bscscan.com/)
- Polygon: PolygonScan (https://polygonscan.com/)
- Arbitrum: ArbiScan (https://arbiscan.io/)
- Optimism: Optimism Explorer (https://optimistic.etherscan.io/)
- Fantom: FTMScan (https://ftmscan.com/)
- Avalanche: SnowTrace (https://snowtrace.io/)
- Cronos: Cronos Explorer (https://cronos.crypto.org/explorer)
- Gnosis: Blockscout (https://blockscout.com)
- KCC: KCC Explorer (https://explorer.kcc.io/)
- Oasis: Oasis Explorer (https://explorer.emerald.oasis.dev')
- Harmony: Harmony Explorer (https://explorer.harmony.one)
The bot is released under the Forta Bot License.
Solidus Labs is the category-definer for crypto-native market integrity solutions - trade surveillance, transaction monitoring, and threat intelligence. Our mission is to enable safe crypto trading throughout the investment journey across all centralized and DeFi markets. As the founder of industry-leading initiatives like the Crypto Market Integrity Coalition and DACOM Summit, and in everything we do, Solidus is deeply committed to ushering in the financial markets of tomorrow.
Solidus Labs has been an active member of the Forta community from the beginning. We joined the first community call in Fall 2021 and have provided regular feedback since then. We are also an active user of the Forta Network.