What is Rug pull?

How it works

The simplest rug-pull pattern:

1. Deployer launches a token, pairs it with ETH/USDC on a DEX, seeds a small liquidity pool
2. Marketing pumps the token; price rises 10×, 50×, sometimes 1000×
3. Buyers pile in via DEX, depositing real assets (USDC, ETH) into the pool
4. Deployer pulls all the liquidity out — the pool is now empty of value, the token's "price" goes to zero
5. Deployer walks with the deposited USDC/ETH

Variants include:

• Hidden mint function. Deployer mints unlimited new tokens and dumps them on the pool.
• Honeypots. Smart contract restricts selling — buyers can't exit no matter what.
• Slow rug. Team draws "salaries" from the treasury until it's drained over months.
• Soft rug. Founder simply abandons the project, deletes social media; no acute theft, just slow collapse.

Example

A 2022 Solana memecoin: launched with anonymous deployer, pumped from $50k market cap to $40M in three days off Twitter influencers. On day four, the deployer drained the LP, sold ~$1.2M of pre-allocated tokens, and deleted the Discord. Holders couldn't sell — the bots that had been buying earlier disappeared once liquidity went to zero. Token chart on Birdeye shows the classic vertical drop to $0.

Why it matters

Anti-rug due diligence, in rough order of importance:

• Liquidity locked or burned? Tools like Unicrypt or Team Finance lock LP tokens for a fixed term. If the pool is locked for 6 months, deployer can't pull until then. Burned LP (sent to a dead address) means no one can pull.
• Contract ownership renounced? A renounced contract can't be modified. Some legitimate projects keep ownership for upgrades, so renouncement isn't always the right answer — but for memecoins it usually is.
• Holder distribution. If top 10 wallets hold >40% of supply, they can dump on you. Block explorer (Etherscan, Solscan) shows distribution.
• Audit by a real firm. OpenZeppelin, Trail of Bits, ConsenSys Diligence are reputable. Random no-name "audit firms" with broken English websites are often paid-for stamps.
• Team identity. Anonymous teams aren't automatically scams (many legitimate DeFi projects have anon founders) but they shift trust to the code. Doxxed teams have real reputational risk if they pull.

Tools like rugcheck.xyz (Solana) and tokensniffer.com (EVM) automate some of these checks. They miss things — the only fully reliable defense is not buying low-cap unaudited tokens at all.

If you do play in this space, the position-sizing rule is non-negotiable: any single token bet should be money you can afford to write off entirely. Most degens who survive long-term get there by treating every memecoin position as already-lost the moment they buy.