Thinking of Memecoin Investments? Beware of Risks Including Honeypots and Rug Pulls

Just as Solana's rapid and cheap blockchain is gaining popularity, many people are venturing into memecoins, hoping to make it big with a small investment. However, a closer check by the Magazine discovered that the majority of the memecoins on the platform have security weaknesses that could cause consumers to lose their money.

Surprisingly, approximately one out of every five memecoins is purposely destructive and employs various methods to steal from people. Magazine examined 1,000 new Base tokens that were released between March 19 and March 25, via Cointelegraph. These were primarily memecoins or scams. It's worth mentioning that there are far more tokens on Base, but this sample provides a good understanding of what's going on. They checked these tokens using automated tools on DEXTools to see if they had three basic security measures: locked liquidity, verified contracts, and no sneaky traps set up to take people's money.

Security terms demystified

To those who may not be familiar:

Locked liquidity in decentralized finance (DeFi) is similar to locking a portion of a cryptocurrency's trading pair with a particular contract. This is done to avoid unexpected withdrawals and possible scams.

A verified contract means that investors can review a project's smart contract to identify any hazards.

A honeypot is a deceptive scheme that promises investors large rewards but traps them by making it difficult to sell their investments.

The reality of security failures

The investigation revealed that 90.8% of the tokens examined, or 908 projects, failed at least one security check. Some of these security flaws may indicate unscrupulous transactions, but they could just indicate that the folks developing these memecoins don't know how to make them secure. Especially if they are just having fun or making fun of the industry.

David Schwed, the chief operating officer at Halborn, a security company, said, "This situation shows how hard it can be for projects that don't have the money to hire security experts or check their smart contracts properly." He also pointed out that since many projects just copy what others have done, mistakes get copied too.

Responding to security challenges

Many issues stem from inexperienced creators, but an alarming amount of tokens turn out to be outright scams.

Honeypot: Captures investors with huge profits while making it difficult to sell tokens.

Analysis showed that 16.9% of projects are suspected of having nefarious intent or serving as honeypots, preventing owners from selling tokens. 121 projects revealed symptoms of potential honeypots, with 48 levying sales taxes as high as 100%, thus stealing from investors. Memecoin frauds take numerous shapes, and automated detection may overlook certain ingenious scams.

Rug pulls during Solana presales are becoming more common, with many using social methods and enthusiasm, making identification tough. A survey discovered that half of the Solana presale tokens created between November and February were malicious. The primary security issue among the 1,000 projects examined was their liquidity pools. Vesper, the founder of MYSTCL on Base, highlights the importance of locked liquidity, stating that it discourages rug-pulling and fosters confidence.

Rug pulls occur when developers withdraw all assets from the liquidity pool and depart the project, leaving investors empty-handed. To avoid rug pulls, developers might lock their liquidity pools, preventing them from accessing the funds. However, not all initiatives do this, which does not necessarily imply that they are scams. Sometimes liquidity is unlocked for legitimate reasons, such as moving it between decentralized exchanges. In such instances, projects may include additional security features, such as validated contracts. Of the 905 projects without locked liquidity, 675 had validated contracts.

Importance of locked liquidity

Vesper, the project leader, throws a red flag for the 230 coins that lack locked liquidity or validated contracts. He emphasizes that there is "no legitimate reason" for a token to not verify its contract. While DApps may protect their code for competitive reasons, tokens have no valid reason not to check, according to Vesper. Coinbase's reaction is standard, arguing that the platform runs in a permissionless manner.

The recent spike in memecoins has prompted controversy in the industry. One side attacks memecoins for their lack of real-world applications and the significant danger of fraud. "Security issues in new memecoin projects reflect a wider trend seen across the memecoin ecosystem," Schwed wrote in a statement. On the other hand, some industry analysts regard the memecoin mania as a good for attract new investors to the field. Arthur Hayes, the co-founder of BitMEX, argues that, despite being rejected as useless, memecoins attract attention and skill to the business, ultimately benefiting the blockchain. Vesper, who was previously focused on producing utility, admits to having a change of heart throughout this debate.