Welcome to Shits N' Gigs, a disjointed dissemination of insights and learnings from the past 3-4 months which have seen me nolifing the shitters casino. I recall penning an article on this topic many months ago, equipped with the ingenuity inspired by my vast 2 weeks of experience in the arena, in which I extolled the likes of DexTools and TokenSniffer. Ew, that's so April 2023! Now, like a fine red wine or a botox-happy Hollywood celebrity, I've matured gracefully and possess shiny new skillz n all that. Will keep these topic-focused, feel free to incorporate whichever parts you want, although I'm rather fond of my methodology and the gains it has enabled thus far, as it goes.
Topic - Honeypot and rug avoidance
Today I'll be discussing the avoidance of honeypots and rugs, which is somewhat the bread and butter of flipping low cap (<100-200k) coins - the basis to any balanced shitcoin diet. As a proudly unrugged individual, at least in recent weeks, I hope these tips find new, loving homes in the hearts and minds of you gorgeous MVHQ members.
What you will need:
A telegram account. That's it. TIPS BELOW >>>>>
1. Terrible web-based/Discord-based audits, be gone
If you're still using TokenSniffer or Honeypot.is, please desist. Apart from the UX being cumbersome at best, these tend to experience a delay in receiving information. As for Discord bots, many are great information-wise, but if you're running BetterDiscord avec ChannelTabs like myself, the application tends to run rather clunkily. Not to mention, switching between chat windows constantly means missing out on vital information, updates and discussion. Annoying. In my experience, Telegram-based bots are quite simply superior. The UI is lightweight, information tends to flow through quickly, you can bundle bots together to ensure confluence (more on this later) and it's spam-friendly during those launches which require tax monitoring. The rest of this article will thus focus on a Telegram setup, kthx.
2. Create an audit server on Telegram
One of the better kept secrets imo. It's quite simple; create a group on Telegram, add 3-4 Honeypot checker bots, maybe one price bot for general coin info, give them all messaging privileges, and bam. All you need to do is copypasta a contract address into chat and you'll receive an audit from each bot, which you can quickly cross-examine to assess risk. See the attachment for my setup (ft. me protecting my IRL friend from being doxxed) + a few indicators I've highlighted/circled for emphasis. I would suggest the following bots to start with. Don't add too many, as the bots will simultaneously spam you with their findings. Unless you have a really beefy index finger capable of excessive scrolling, stick to a few trusted sources.Honeypot Audits:https://t.me/Yardexplorerbot, https://t.me/MEVFreeHoneypotBot, https://t.me/SafeAnalyzerbot
Owner: Ideally, an owner would have renounced the contract, which means they can't call certain functions to rug you ie. blacklisting wallets, altering taxes, pulling liquidity, etc.
Although in certain cases, they still can. More on this later.
Sometimes, an unrenounced contract is also fine, particularly for quick flipping, or when it's a trusted developer ie. $RFD
Liquidity: Ensure there's sufficient liquidity to actually facilitate trading, no brainer. LP Ratio will also determine volatility of pricing, so be mindful.
LP Lock: You want the liquidity for the pool to be locked or burned, in order that it can't be pulled/transferred out of the pool.
Tax: Keep these in mind when running your p&l computations. Generally, around 5/5 (5% buy, 5% sell) is the roof of most legitimate coins. Note that many coins will launch with high tax to dissuade bots/sniping, and thereafter reduce it over the course of 5-10 minutes. This is where spamming your bot channel comes in handy.
Options: Potentially suspicious contract functions callable by any owners (hidden or explicit). Such things include setting a max transfer limit, max fee, blacklisting, etc. Be cognisant of such functions and what they actually mean, rather than aping based on a green/yellow/red emoji or text stating "it's safe to ape."
Holders: Not necessarily concerned with honeypots/rugs, but be mindful of holder distribution to assess likelihood of being used as exit liquidity. Just like in NFTs, of course.
4. Delayed honeypots/hidden rugs. Contract decompiling and execution checking
Occasionally, all of the above will be squeaky clean yet someone will manage to abscond with your funds. Much like a bacterium becoming resistant to antibiotics, or a viral mutation (both incredibly apt comparisons), scammers are becoming refined and clever, dealing financial blows with respectable underhandedness and enviable panache. These are because of hidden functions in contracts, some of which allow proxy ownership (ie. callable functions despite renunciation) and liquidity pulling. An example of this would be through a hidden mint function, which is something entirely unnecessary within a shitcoin contract and a harbinger of scamfuckery. Here's how to better avoid them. Join: https://t.me/theprodeploys and https://t.me/thepro_ethplus. All you need to do is paste the questionable contract address into your Telegram search bar and check the entries on these channels ("ETH Deploys" and "ETH Deploys +"). ETH Deploys will bless you with a "Scam Check" (see attachments) which incorporates a coin launch's bytecode, functions and funding/execution. It should look like this:
Here, 0x5158b290 is the slug which refers to these elements collectively, and is used to cross-check for forked (ie. copypasta) contracts. The scam rate refers to coins with a similar launch/execution/funding structure that a) pulled liquidity b) minted tokens and scammed c) set taxes to 99% (HP). An 80% scam rate doesn't mean that this particular developer has rugged 80% of their past coins. It simply means that this particular slug has been seen in 175 launches, and 140 of those have been scams. In the best case scenario, dev is a lazy mf who has copied someone else's launch, and in the worst case, they're sketchy. In both scenarios, probably not a great long-term hold. What’s great about ETH Deploys is that it serves you the developer’s wallet on a platter and its age. A good rule of thumb is to follow the funding and use common sense. Is the wallet brand new and freshly funded from a CEX? Was there a gap between contract creation and approvals/funding LP? Something to think about.
ETH Deploys+ will decompile the contract functions for you and list any callable methods if you're interested in delving further. By this point, however, you're in danger of missing an entry point due to neuroticism and that's where your risk tolerance kicks in.
Disclaimer: there are alternative, more comprehensive/complex tools for this, but they aren't particularly necessary for small time shitcoining. For now, these free tools should be sufficient for confluence.
Aaaaand that’s it for today. I’ll cover the following topics in due course:
TRADING TOOLS: Comparing bots for sniping, auto trading, manual trading
LOW CAPS: Locating plays before they’re “called,” volume tracking
SNIPING: Finding, shortlisting, simulating and sniping launches