Memecoin Rug Pull Red Flags: The Anatomy of a Scam Token
Mint authority: who can print more supply
On Solana and similar chains, a token contract has a "mint authority" address that can issue new units of the token at will unless that authority has been explicitly revoked or burned. If mint authority is still live, the deployer can dilute every existing holder overnight without needing to touch the liquidity pool at all — simply mint a large new batch and sell it against the pool. Checking whether mint authority has been renounced (and confirming that on-chain, not just trusting a claim in a Telegram channel) is a five-minute check on any token explorer.
The same logic applies to upgradeable or admin-controlled contracts on Ethereum and other EVM chains: if the deployer retains a function to mint, blacklist wallets, or change the transfer tax, that function is a live rug switch regardless of how the project markets itself.
Liquidity pool unlocks: the exit door
Most memecoins launch by pairing the token with a base asset (SOL, ETH, USDC) in a decentralized exchange liquidity pool. Whoever holds the LP tokens representing that pool can withdraw the paired asset at any time — that withdrawal is the literal mechanism of a rug pull, and it's why the practice is named after pulling a rug out from under the pool. Legitimate projects typically either burn the LP tokens (permanently removing the ability to withdraw) or lock them in a time-locked contract for a defined period, and that lock is independently verifiable on-chain rather than something you take on faith from a project's website copy.
A short lock duration relative to the hype cycle — for example a lock that expires in days rather than months — should be read as a scheduled exit date, not reassurance.
Insider concentration: who actually holds the float
A token where the top 10-20 wallets (excluding the liquidity pool and any known exchange address) hold a large share of circulating supply is structurally set up for those wallets to sell into any buying pressure the rest of the market creates. This is visible directly on a block explorer's holder list and doesn't require insider information — it requires actually looking. Clusters of wallets created around the same time, funded from the same source address, and holding near-identical balances are a strong tell of a single actor splitting a position to obscure concentration.
Regulators frame this same dynamic in traditional terms: promises of guaranteed or unusually high returns with little or no risk, and pressure to buy immediately, are classic red flags the CFTC and FTC flag across digital-asset fraud generally, and concentrated insider supply is simply the on-chain mechanism that makes the payout side of that pitch possible.
Momentum traps: the social layer that gets you in late
The mint authority, LP lock, and holder concentration are the mechanics; social momentum is the delivery system. Coordinated influencer promotion, wash-traded volume that inflates apparent activity, and manufactured urgency ("filling fast," countdown timers, fake whale-buy alerts) are designed to compress your due-diligence window to zero. The CFTC's crypto fraud advisory and the FTC's consumer guidance both describe unsolicited pitches, artificial urgency, and unrealistic guaranteed-return claims as consistent fraud signatures across asset types — memecoins simply add a technical layer on top of a very old playbook.
The practical discipline is to check the four mechanical red flags before the social layer has a chance to work on you, not after you're already holding a position and rationalizing it.
AI agents and trading bots can screen a token's mint authority, LP lock status, and holder concentration programmatically through OnchainPulse's /api/memecoin endpoint before a human ever sees the marketing.
GET https://onchainpulse.theaslangroupllc.com/api/memecoin — x402 pay-per-query, no API key. See llms.txt.FAQ
Can a token with renounced mint authority and locked liquidity still be a rug pull?
Yes. Those two checks eliminate the two most common mechanical exits, but not insider concentration (a small group can still sell a large pre-mined allocation into retail demand) or slower-moving fraud like a project simply abandoning development after raising funds. Treat mint/LP checks as necessary, not sufficient.
Where can I check mint authority and LP lock status myself?
Block explorers for the relevant chain (Solscan for Solana, Etherscan for Ethereum, etc.) show mint authority status, and liquidity-lock services publish lock contracts and expiry dates that can be verified independently of the project's own claims.
Are rug pulls illegal, and can victims get money back?
Regulators including the SEC, CFTC, and FTC treat many rug pulls as securities or commodities fraud and pursue enforcement, but recovery for individual retail victims is frequently limited once funds are dispersed across wallets, especially cross-border. Reporting to the FTC or CFTC tip lines supports broader enforcement even when individual recovery is unlikely.
Does a token being listed on a well-known exchange mean it's safe?
No. Listing standards vary widely, and many decentralized exchanges list any token permissionlessly with no vetting at all. Even centralized exchange listings for smaller-cap tokens don't substitute for checking mint authority, LP locks, and holder concentration directly.
Sources
- CFTC — Advisory on digital asset / crypto fraud red flags
- FTC Consumer Advice — What To Know About Cryptocurrency Scams
- FTC Consumer Advice — Avoiding a Cryptocurrency Scam