Rug Pull Due Diligence

With experience & expertise of serving the due diligence in the DeFi ecosystem globally, we have come up with a Rug Pull diligence service to help mitigate risks associated with projects.

Ever since their introduction, cryptocurrencies have attracted the eyes of investors and hucksters alike. Though the crypto space is characterized by some institutional investors and thin liquidity, it is also rife with scammers.

Rug pulls are quite common in DeFi because it is not regulated like the stock market. High APYs and APRs and 100x returns are alluring for new investors.

Rug pull is derived from the phrase “to pull the rug out from under someone”, In the crypto space, rug pull is described as a situation wherein the developers of a crypto project pull out support, thereby leaving the investors and users with worthless tokens.

Rug pulls occur because decentralized exchanges (DEXs) – unlike centralized exchanges (CEXs) – do not audit or verify tokens being listed on them. Anyone can list a cryptocurrency on DEXs, irrespective of whether it’s legit or not. Though there are various ways a scammer can pull out rug using DEXs, they are categorized into mainly three:

When someone wants to pull out a rug on investors, it will create a token and list it on a DEX, like Uniswap. Then, developers can do a rug pull by pulling out their initial liquidity.

The second way a developer can pull the rug is by selling their token shares. A developer creates a worthless token, and then convinces investors and other people that their token is valuable.

Another way to pull the rug is by disabling buyers’ ability to sell. Malicious actors can add code to their token’s smart contract, which doesn’t allow users to sell back their tokens on DEXs.

The Project is Newly Launched

Unknown Developers

Low Liquidity

Low ‘total value locked’ (TVL)

Never Audited

Total Loss: $3.4M

Marketed itself as a play-to-earn cryptocurrency

Total Loss: $2B

Turkish Cryptocurrency Exchange

Total Loss: $31M

Built on the Binance Smart Chain

Total Loss: $10.8M

Ethereum based DeFi project

Investors as well as institutions looking for high gains should carefully infuse the funds considering the possible risk scenarios.

Exchanges in the Blockchain ecosystem are in a hurry to whitelist new tokens that could be risky considering its volatile nature.

They can take advantage by self-evaluating their strengths & weaknesses, and can discover valuable associates by examining the market.

Migrator functions, proxy functions, unverified contracts, unusual EOA powers, Hardcoded wallet address, also check for concrete proof whether a dev has pulled off malicious scams previously or not.

Check for the owner/admin capabilities along with the owner/admin type, Whether it is a time lock or it is owned by multiple or single entities(Multi-sig wallet).

Check the usual Masterchef Migrator Code, what dependencies could be changed. Some scams switched the Masterchef or the router to an unverified Masterchef or router to steal the locked money.

Some projects don’t add constant (defined) fees as max fee allowed. In this case, the project wonders could unstake fees to 100% and steal the user-funds.

Transparent

All potential issues are highlighted in the audit report submitted to the project.

Lucid

Issues are clearly highlighted with explanations in the report including what functions could be hazardous in the future.

Trusted

All audit reports are produced in-house by highly qualified industry professionals at QuillAudits.

Economical

Thorough Rug-pull diligence is carried out by experienced & qualified experts at QuillAudits in a very cost-effective manner.

What is Rug Pull in Crypto?

In the Cryptocurrency market, the term ‘rug-pull’ means a malicious act in which owners of a crypto project abandon it after stealing investors money.

What are Common signs of a Crypto Rug Pull?

Red Flags that indicate a project is a Rug Pull are - The project appeared overnight, Low liquidity, Anonymous developers, No audits.

What is the Difference Between a Crypto Rug Pull and DeFi Hack?

Crypto hacks are performed by external players who exploit the token’s code to steal some of its liquidity, while a DeFi Rug Pull is carried out by the owners of the project themselves.

Is it possible to recover funds lost in a Crypto Rug Pull?

It is almost impossible to recover funds lost in a rug pull as real identities of the offenders involved are not known.

What kind of Due Diligence Quillaudits offer?

We roll out technical & operational due diligence, and also analyze the project’s code against functions flagged as dangerous by the auditors.