Beyond the Hype: Leveraging Bitquery to Detect Honeypots in crypto economy

Introduction

Blockchain was introduced to enable permissionless economy to the world. And it rightfully has done so. With the rise of programmable blockchains, Fungible assets also called tokens were Introduced. These tokens can be created and transferred between anybody with its own set of economic rulesets. This proved beneficial to many protocols building on top of blockchain to add value to the protocol and engage their community.

However, due to the anonymity of blockchain, multiple scam tokens and assets are being released into the market. Multiple new traders found themselves buying tokens that cannot be sold as there is no liquidity. Such tokens which are deceptive are called honeypot tokens.

Here, I will be demonstrating how we can verify the liquidity and legitimacy of tokens in dexes using Bitquery and stay safe from potential Honeypots.

Objective

• Determining if a specific token is listed on all known dexes in a given chain.

• Determining if there are active pools for given token pairs retrieved from previous query

• Checking for any High sell or buy tax for given pairs.

All data is retrieved from Bitquery API.

Based on these parameters we will be defining whether it is a honeypot if

• There is no token pairs

• There is only buy transactions and no sell transactions

• The sell tax is 100% making it that user gets nothing for the token sold

Collecting Data

I used Bitquery Dex API to fetch the details of tokens

• First I used the Trading pairs API to fetch all the possible trades for a given token

query ($tokenAddress: String!,$network: evm_network) {
  EVM(dataset: combined, network: eth) {
    DEXTrades(
      limit: {count: 100}
      limitBy: {by: Trade_Sell_Currency_SmartContract, count: 1}
      where: {Trade: {Buy: {Currency: {SmartContract: {is: $tokenAddress}}}}}
    ) {
      Trade {
        Dex {
          ProtocolName
          OwnerAddress
          ProtocolVersion
          Pair {
            SmartContract
            Name
            Symbol
          }
        }
        Buy {
          Currency {
            Name
            SmartContract
          }
        }
        Sell {
          Currency {
            Name
            SmartContract
          }
        }
      }
    }
  }
}

With input as

{"tokenAddress": "0xdAC17F958D2ee523a2206206994597C13D831ec7","network":"eth"}

This query returns all the token pairs of a given token in all the DEXES supported by Bitquery . Here, it is USDT on Ethereum mainet.

As we can see we have retrieved all the Pairs from various DEXes like Uniswap, zerox , Sushiswap etc.

• Now we retrieve the trade metrics from the metric APIs for the given pairs in a given time frame.

query ($network: evm_network, $token: String!, $token2: String!, $since: DateTime, $till: DateTime) {
  EVM(network: $network, dataset: combined) {
    Unique_Buyers: DEXTrades(
      where: {Block: {Time: {since: $since, till: $till}}, Trade: {Buy: {Currency: {SmartContract: {is: $token}}}, Sell: {Currency: {SmartContract: {is: $token2}}}}}
    ) {
      count(distinct: Trade_Buy_Buyer)
    }
    Unique_Sellers: DEXTrades(
      where: {Block: {Time: {since: $since, till: $till}}, Trade: {Sell: {Currency: {SmartContract: {is: $token}}}, Buy:{Currency:{SmartContract:{is: $token2}}}}}
    ) {
      count(distinct: Trade_Sell_Seller)
    }
    Total_Transactions: DEXTrades(
      where: {Block: {Time: {since: $since, till: $till}}, Trade: {Buy: {Currency: {SmartContract: {is: $token}}}, Sell: {Currency: {SmartContract: {is: $token2}}}}}
    ) {
      count(distinct: Transaction_Hash)
    }
    Total_Buy_Amount: DEXTrades(
      where: {Block: {Time: {since: $since, till: $till}}, Trade: {Buy: {Currency: {SmartContract: {is: $token}}}, Sell: {Currency: {SmartContract: {is: $token2}}}}}
    ) {
      sum(of:Trade_Buy_Amount)
    }
    Total_Sell_Amount: DEXTrades(
      where: {Block: {Time: {since: $since, till: $till}}, Trade: {Buy: {Currency: {SmartContract: {is: $token}}}, Sell: {Currency: {SmartContract: {is: $token2}}}}}
    ) {
      sum(of:Trade_Sell_Amount)
    }
  }
}

With an example input of

{
  "network":"eth","token":"0xdAC17F958D2ee523a2206206994597C13D831ec7", "token2":"0x656c00e1bcd96f256f224ad9112ff426ef053733"
}

This query returns the Total volume of sells and buys on the given pair of tokens.
Here it is USDT versus infinitX token.

We can deduce that the token has sufficient Volume and liquidity and allows for sells hence concluding it is not a honeypot.

We have also retrieved the token swap tax which is at 8% which is acceptable level.
A token can be flagged as honeypot if the tax is greater than 50%.

Key Findings

I have been able to query and verify over 100 pairs programmatically in my Codebase
muskbuster/spyderscan (github.com)

Which was a Project built to detect honeypot tokens. It had won multiple bounties in Eth Online and Starknet Istanbul
I have modified to query the chains for pairs using Bitquery instead of direct RPC calls.

I was able to deduce the data to check if a token is a rug pull or a legitimate token and listed in major dexes of the given chain.

Metrics Obtained

• Token Pairs for a given token address in a given chain

• Sell and buy volume of the pair within a time frame and Lifetime

• Tax percentage and Avg transaction fee`

The tokens were flagged as a honeypot based on the following data

• No DEX pairs on any dex

• No sell orders on any pair

• Sell tax > 50%

• Very low liquidity

Conclusion

Due diligence and research tools for tokens and projects are important factors while it comes to investments. A due diligence tool like this goes a long way. Safeguarding people from scams.

As we know it is a derivative and compilation of Onchain Data. And bitquery makes it very easy to retrieve the same. They even offer realtime data which removes the need for event listeners being built everytime.

Staying safe onchain is crucial....as crucial as staying flashy ✨.