Why hackers love DeFi so much – Introduction
364.
As shown by this tracker from Comparitech, that’s the number of tracked rug pulls and scams (honeypots, Ponzi schemes, clone projects, etc) perpetrated in 2022 within the web3 space. If we also take into account the number of those that weren’t tracked, this number could easily increase tenfold.
You know what they say: “A scam a day, keeps the doctor away”
This number experienced a staggering 550% increase from 2021 to 2022, and that’s without counting the additional 30 already committed during the first three months of 2023.
Malicious airdropped tokens programmed to drain your wallet if interacted with, fake projects leveraging the latest trends (an interesting article on the absurd amount of fake AI-related tokens created lately), smart contracts with fraudulent hidden features: when it comes to scam people, inventiveness is endless.
As different as they may be in their mode of execution, all of these stratagems work because of the same reason: the majority of web3 users are not tech-savy.
In most cases, these people have no coding knowledge or experience, and therefore they aren’t able to understand or evaluate what a programmer has developed, making it very easy for a skilled scammer to fraud them.
Lots of non-tech users, a very low probability of having legal repercussions and the possibility of acting pseudonymously: for scammers, operating in DeFi is almost like being a shark in a sea full of little, harmless and juicy goldfishes.
That’s why, as crypto investors, it’s crucial to be able to properly research a DeFi protocol (or an NFT project) before deciding to invest any kind of money into it. However, conducting a comprehensive due diligence is not an easy task for non-tech web3 users, but luckily, there are certain tools that we can take advantage of to defend ourselves against malicious actors.
While most of these tools require previous know-how about smart contract programming and a strong foundation in coding, in this article we will talk about one specific tool that allows everyone, even someone with zero technical knowledge, to deeply analyze a smart contract’s state in order to detect any possible implemented malicious lines of code.
Today we’ll explore how DEXTools, the leading DeFi analytics platform, can help us not get rekt by leveraging its GoPlus Security check, a powerful feature that will assist you in your analysis.
DEXTools GoPlus Security – DeFi investors’ best friend
When entering into a pair page on dextools.io, it is possible to find the GoPlus security check in the left-center part of the screen, right beneath the DEXTscore, which measures the overall reliability of the project by giving scores to certain key protocols metrics such as transactions, holders and pool liquidity
The GoPlus Security check consists of a detailed overview of all the smart contract’s features that investors want to know about before considering investing in a project.
From sell/buy taxes to the verifiability of the contract, the GoPlus Security will tell you everything you need to know about the contract state and its reliability, allowing you to safely ape into projects that you want to support.
If the contract is a honeypot, you’ll know it.
If the contract’s owner has the possibility to blacklist users and take back ownership of the contract, you’ll know it.
Can the taxes be raised up to 100%? You’ll know it.
DEXTools GoPlus Security check will detect any possible risk factors and it will make you aware of them, drastically reducing the possibility of getting scammed and losing your funds.
Additionally, if you don’t know what something means , the GoPlus Security has an integrated feature that explains its meaning to you, helping you to safely learn about the complex world of smart contracts without having to go through expensive and painful lessons.
A Practical Example
Enough with the theory, now let’s try to analyze the state of a smart contract through the GoPlus Security to really understand how useful this tool can be.
We went to dextools.io and picked a random contract that we knew nothing about from the main page, on to analyzing it through the use of the GoPlus Security feature.
At first glance, everything seems okay. Yes, there are taxes, but overall the project seems legit. The contract is verified, it’s not a honeypot, and the balance is not modifiable. Seems safe.
Or maybe not?
Going deeper into the information provided by the GoPlus Security check, it’s possible to see that the owner can modify the taxes, pause the transfers, and blacklist users at his own convenience. Maybe it’s better not to risk it, isn’t it?
Without the help of the GoPlus Security check, it would have been a tedious and time-consuming job to find all this data on your own, and that’s assuming you have the know-how required to do so.
Conclusion
Through this guide, we hope that you have understood the potential of DEXTools’ security features and how they can make every crypto investor’s life easier, preventing, or at least cutting down, the chances for them to get scammed and overall simplifying the long and complex research process that every investment requires to be profitable.
In a world where “code is law”, DEXTools GoPlus Security check is a powerful tool that can help make the due diligence process easier and accessible for all web3 users, especially for the non-tech ones.
Stay Safu!
Article by: Gioele La Morgia, Cosimo Miccolis and Pierandea Cecconi.