Rug Pull
A malicious crypto project scheme where developers abandon a project and take investors' funds, often by removing liquidity or selling off tokens.
A rug pull is a type of exit scam prevalent in the cryptocurrency space, particularly within Decentralized Finance (DeFi) and Initial Coin Offerings (ICOs). It is a malicious scheme where the developers of a cryptocurrency project create hype and attract investors, only to abruptly abandon the project and abscond with the investors' funds. The mechanics often involve several steps: 1. Project Creation & Hype: Developers create a new token, often listed on a decentralized exchange (DEX) with a [liquidity pool](/en/terms/liquidity-pool) funded by early investors. They promote the project heavily through social media and community channels to inflate demand. 2. Liquidity Removal: Once a significant amount of investment has been made, the developers exploit their control over the project's smart contracts or token supply. The most common method is to suddenly withdraw the liquidity they provided to the trading pool on the DEX. This action causes the price of the token to plummet to near zero, as there is no longer any backing in the liquidity pool. 3. Developer Funds Siphoned: Simultaneously, the developers typically sell off their own large holdings of the token at the inflated price before removing liquidity, converting their tokens to a stablecoin or other cryptocurrency, and disappearing. The result is that investors are left holding worthless tokens, while the developers have made off with substantial profits. Identifying potential rug pulls involves scrutinizing the project's team (are they anonymous?), the tokenomics (is there a large concentration of tokens held by developers?), the smart contract code (are there malicious functions?), and the liquidity lock status on exchanges.
graph LR
Center["Rug Pull"]:::main
Pre_logic["logic"]:::pre --> Center
click Pre_logic "/terms/logic"
Rel_vault_defi["vault-defi"]:::related -.-> Center
click Rel_vault_defi "/terms/vault-defi"
Rel_trading["trading"]:::related -.-> Center
click Rel_trading "/terms/trading"
Rel_airdrop["airdrop"]:::related -.-> Center
click Rel_airdrop "/terms/airdrop"
classDef main fill:#7c3aed,stroke:#8b5cf6,stroke-width:2px,color:white,font-weight:bold,rx:5,ry:5;
classDef pre fill:#0f172a,stroke:#3b82f6,color:#94a3b8,rx:5,ry:5;
classDef child fill:#0f172a,stroke:#10b981,color:#94a3b8,rx:5,ry:5;
classDef related fill:#0f172a,stroke:#8b5cf6,stroke-dasharray: 5 5,color:#94a3b8,rx:5,ry:5;
linkStyle default stroke:#4b5563,stroke-width:2px;
🧒 Explain Like I'm 5
It's like someone selling you a 'magic' bean, promising it will grow into a giant beanstalk. You give them your money, they give you the bean, and then they run away, leaving you with a regular bean that won't grow anything.
🤓 Expert Deep Dive
Rug pulls exploit the trustless nature and rapid development cycles of DeFi. Technically, they often leverage vulnerabilities or intended functionalities within Automated [Market Maker](/en/terms/automated-market-maker) (AMM) [liquidity pools](/en/terms/liquidity-pools). A common pattern involves developers creating a token, pairing it with a valuable asset (like ETH or a stablecoin) in a Uniswap V2-style liquidity pool, and then draining the valuable asset side by selling their large holdings of the newly created token. [Smart contract audits](/en/terms/smart-contract-audits) can mitigate, but not eliminate, the risk, as malicious code might be obfuscated or rely on external [oracle manipulation](/en/terms/oracle-manipulation). Token vesting schedules and liquidity locking mechanisms (e.g., using services like Unicrypt or DxLock) are crucial preventative measures, though developers can sometimes circumvent these or withdraw liquidity from pools not subject to such locks. The anonymity of many DeFi project teams exacerbates the problem, making accountability difficult. Regulatory scrutiny is increasing, but the decentralized and pseudonymous nature of the space presents ongoing challenges for enforcement.