Home » Services » Rug-Pull-Due-Diligence

Rug Pull Due Diligence

With experience & expertise of serving the due diligence in the DeFi ecosystem globally, we have come up with a Rug Pull diligence service to help mitigate risks associated with projects.

Why Rug Pull Due Diligence

Ever since their introduction, cryptocurrencies have attracted the eyes of investors and hucksters alike. Though the crypto space is characterized by some institutional investors and thin liquidity, it is also rife with scammers.

Rug pulls are quite common in DeFi because it is not regulated like the stock market. High APYs and APRs and 100x returns are alluring for new investors.

Rug pull is derived from the phrase “to pull the rug out from under someone”, In the crypto space, rug pull is described as a situation wherein the developers of a crypto project pull out support, thereby leaving the investors and users with worthless tokens.

How does Rug Pull Work?

Rug pulls occur because decentralized exchanges (DEXs) – unlike centralized exchanges (CEXs) – do not audit or verify tokens being listed on them. Anyone can list a cryptocurrency on DEXs, irrespective of whether it’s legit or not. Though there are various ways a scammer can pull out rug using DEXs, they are categorized into mainly three:

Pulling Out Liquidity

When someone wants to pull out a rug on investors, it will create a token and list it on a DEX, like Uniswap. Then, developers can do a rug pull by pulling out their initial liquidity.

Selling Off The Shares

The second way a developer can pull the rug is by selling their token shares. A developer creates a worthless token, and then convinces investors and other people that their token is valuable.

Removing A Seller’s Ability to Sell

Another way to pull the rug is by disabling buyers’ ability to sell. Malicious actors can add code to their token’s smart contract, which doesn’t allow users to sell back their tokens on DEXs.

Common Signs of a Rug Pull

The Project is Newly Launched

Unknown Developers

Low Liquidity

Low ‘total value locked’ (TVL)

Never Audited

Remarkable Examples of Exit Scams and Rug Pulls

Squid Game Token

Total Loss: $3.4M

Marketed itself as a play-to-earn cryptocurrency


Total Loss: $2B

Turkish Cryptocurrency Exchange

Meerkat Finance

Total Loss: $31M

Built on the Binance Smart Chain

Compunder Finance

Total Loss: $10.8M

Ethereum based DeFi project

Who Needs To Perform Rug Pull Due Diligence?

Investors & Institutions

Investors as well as institutions looking for high gains should carefully infuse the funds considering the possible risk scenarios.

Crypto Exchanges & Token Platforms

Exchanges in the Blockchain ecosystem are in a hurry to whitelist new tokens that could be risky considering its volatile nature.

Crypto Based Startups

They can take advantage by self-evaluating their strengths & weaknesses, and can discover valuable associates by examining the market.

What One Should Look For While Carrying out Rug Pull Diligence?

Functions & Contracts

Migrator functions, proxy functions, unverified contracts, unusual EOA powers, Hardcoded wallet address, also check for concrete proof whether a dev has pulled off malicious scams previously or not.

Admin Properties

Check for the owner/admin capabilities along with the owner/admin type, Whether it is a time lock or it is owned by multiple or single entities(Multi-sig wallet).

Check for Dependencies

Check the usual Masterchef Migrator Code, what dependencies could be changed. Some scams switched the Masterchef or the router to an unverified Masterchef or router to steal the locked money.

Unstake Fees

Some projects don’t add constant (defined) fees as max fee allowed. In this case, the project wonders could unstake fees to 100% and steal the user-funds.

Benefits of Rug-Pull Diligence



All potential issues are highlighted in the audit report submitted to the project.


Issues are clearly highlighted with explanations in the report including what functions could be hazardous in the future.


All audit reports are produced in-house by highly qualified industry professionals at QuillAudits.



Thorough Rug-pull diligence is carried out by experienced & qualified experts at QuillAudits in a very cost-effective manner.

Frequently Asked Questions

What is Rug Pull in Crypto?
In the Cryptocurrency market, the term ‘rug-pull’ means a malicious act in which owners of a crypto project abandon it after stealing investors money.
What are Common signs of a Crypto Rug Pull?
Red Flags that indicate a project is a Rug Pull are - The project appeared overnight, Low liquidity, Anonymous developers, No audits.
What is the Difference Between a Crypto Rug Pull and DeFi Hack?
Crypto hacks are performed by external players who exploit the token’s code to steal some of its liquidity, while a DeFi Rug Pull is carried out by the owners of the project themselves.
Is it possible to recover funds lost in a Crypto Rug Pull?
It is almost impossible to recover funds lost in a rug pull as real identities of the offenders involved are not known.
What kind of Due Diligence Quillaudits offer?
We roll out technical & operational due diligence, and also analyze the project’s code against functions flagged as dangerous by the auditors.

Trusted by 700+ web3 Products

Get Rug Pull Due Diligence | QuillAudits Report & Securely Interact with eminent DeFi & NFT projects

Get Due Diligence Report