Honeypot — Rug Check Risk Guide | Sharpe Terminal

What is a honeypot in crypto?

A honeypot token is a malicious ERC-20 or SPL contract that lets users buy but silently blocks them from selling. Buyers see a rising price and confirmed swap, then hit a wall the first time they try to exit — the sell transaction reverts, fails silently, or charges a 99% tax. Honeypots are the single most common rug pattern on Ethereum, BSC, and Base, and they've generated the highest cumulative losses in meme-token trading outside of outright liquidity pulls. The trick lies in an asymmetric transfer function: the contract permits transfers from the DEX router to a user wallet (the buy), but rejects transfers from a non-dev wallet back to the router (the sell). Variants include dynamic honeypots (sells succeed up to a dollar threshold then start failing), whitelist honeypots (only specific dev-controlled wallets can sell), and proxy honeypots (the contract starts as a legitimate ERC-20 then gets upgraded post-launch to add blocking logic). Simulation-based detectors are the only reliable way to catch a honeypot before the fact: run a simulated buy, then a simulated sell, in a forked EVM state. Sharpe's Rug Check runs this simulation on Ethereum, Base, BSC, and Arbitrum and surfaces the result on the 0-100 score. On Solana, honeypots are rarer but appear as SPL token transfer hook programs that reject outbound transfers — Sharpe simulates a Jupiter swap in both directions to detect them.

Frequently Asked Questions

What is a honeypot in crypto?: A honeypot is a malicious token contract that allows buys but blocks sells. The transfer function is coded asymmetrically: transfers into user wallets succeed, but transfers back to the DEX router revert. Victims see a green chart, then discover they can't exit. Honeypot simulation — executing a fake sell in forked EVM state — is the only reliable pre-trade detector.
How do I check if a token is a honeypot?: Use a simulation-based honeypot checker. Sharpe's Rug Check runs a simulated swap in both directions on Ethereum, Base, BSC, Arbitrum, and Solana and returns an explicit honeypot verdict with the simulated buy and sell tax. Static contract analysis alone is not sufficient — dynamic and proxy honeypots hide behind benign-looking source code.
Can a token pass static audit and still be a honeypot?: Yes. Proxy-upgradeable contracts can ship with clean ERC-20 logic, pass an audit, then swap the implementation to inject honeypot code days or weeks later. Dynamic honeypots also pass static analysis because the blocking logic triggers only above a transaction size or wallet threshold. Always re-check before entering a larger position.
Are honeypots common on Solana?: Traditional EVM-style honeypots are rare on Solana because SPL tokens don't support arbitrary transfer logic by default. However, the Token-2022 standard introduced transfer hooks that can reject outbound transfers — effectively enabling honeypot behavior. Sharpe's Solana scanner simulates Jupiter swaps in both directions to detect hook-based honeypots.

How to detect honeypot risk

Simulated buy succeeds but simulated sell reverts
Sell tax above 50% (hidden dynamic honeypot)
Transfer function checks msg.sender against a whitelist
Proxy contract with a recent implementation swap
SPL transfer hook program rejecting outbound transfers

Historical honeypot incidents

Squid Game Token (SQUID) — BSC 2021, ~$3M drained after unsellable logic activated
Luna Yield (LUNY) — Solana 2021, early honeypot-style exit before simulation detectors were standard
Meta Pets (MPETS) — BSC 2022, contract paused sells at whale threshold

Scan honeypot risk per chain

Solana rug check Ethereum rug check Base rug check BNB Chain rug check Arbitrum rug check

Other rug-check risks

Mint Authority — Mint Authority Freeze Authority — Freeze Authority Liquidity Lock — Liquidity locks Proxy Contract — Proxy contracts Hidden Mint — Hidden mint functions Copycat Token — Copycat tokens

Run a live rug check →Read the full 30+ red-flag guide →

What is a honeypot in crypto?

Frequently Asked Questions

What is a honeypot in crypto?

A honeypot is a malicious token contract that allows buys but blocks sells. The transfer function is coded asymmetrically: transfers into user wallets succeed, but transfers back to the DEX router revert. Victims see a green chart, then discover they can't exit. Honeypot simulation — executing a fake sell in forked EVM state — is the only reliable pre-trade detector.

How do I check if a token is a honeypot?

Use a simulation-based honeypot checker. Sharpe's Rug Check runs a simulated swap in both directions on Ethereum, Base, BSC, Arbitrum, and Solana and returns an explicit honeypot verdict with the simulated buy and sell tax. Static contract analysis alone is not sufficient — dynamic and proxy honeypots hide behind benign-looking source code.

Can a token pass static audit and still be a honeypot?

Yes. Proxy-upgradeable contracts can ship with clean ERC-20 logic, pass an audit, then swap the implementation to inject honeypot code days or weeks later. Dynamic honeypots also pass static analysis because the blocking logic triggers only above a transaction size or wallet threshold. Always re-check before entering a larger position.

Are honeypots common on Solana?

Traditional EVM-style honeypots are rare on Solana because SPL tokens don't support arbitrary transfer logic by default. However, the Token-2022 standard introduced transfer hooks that can reject outbound transfers — effectively enabling honeypot behavior. Sharpe's Solana scanner simulates Jupiter swaps in both directions to detect hook-based honeypots.