project screenshot 1
project screenshot 2
project screenshot 3

SpyderScan

Open, permissionless, user-driven honepot token security detection platform

SpyderScan

Created At

ETHGlobal Istanbul

Winner of

trophy

Arbitrum - Pool Prize

Prize Pool

trophy

Scroll - Deploy on Scroll

Prize Pool

Project Description

If you’ve been an active user in the DeFi ecosystem, the concept of a “Honeypot scam” won’t be foreign to you. Even if you haven’t heard this term before, you’ve likely encountered such fraudulent activities.

Honeypot refers malicious token contract that traps users' funds by preventing them from selling or withdrawing their tokens.

Our data reveals honeypot scam deployed in 2023 has an increase of 76661 , reaching 121,267 in total, a 87.39% increase over the full 2021. Out of all the honeypot scams, 82.8% of them were deployed on BNB Chain, while 16.6% of them occurred on Ethereum.

As a solution We have built a honeypot token detector which does the due- diligence on behalf of the user to check for potential honeypot properties.

The honeypot detector called SpyderScan forks the mainnet, and queries smart contracts of Amms for the token queried by the user. When the simulation is run parameters like:

  • Sell tax
  • buy tax
  • Amount_out
  • Reserves are recorded

How it's Made

We take legacy data from the blockchain to see if the transaction properties match. We get the pairs available for the token through Subgraphs that we have deployed and get filter and simulate for pairs in question.

The token qualifies as a honeypot if the following properties are detected:

Very high sell tax If the amount_out for a quoted token does not match the simulation transfers If the reserves for a token pair is too low If there is no token Pool

Essentially the approach is: 1-Simulate a Buy transaction on the DEX Router Contract

2-Simulate a Sell transaction on the DEX Router Contract

3-If the 2 above transactions are successful, it's inferred that the sale tax and Buy tax + know if the token is "sellable".

  1. If the Sell Tax is abive 40%, the token is a honeypot token. Else, you can ape in, it's a healthy token!

Onchain security implementation: We also provide an Oracle which is constantly updated with the honeypot status of a token which can be used by other contracts like Lending and borrowing platforms, flashloans , Aggregators. And can avoid these tokens onchain itself. This oracle can also be used on tokens that are not honeypot but have chances of going to a very low reserve state and quickly be notifie to balance funds.

Oracle Addresses at the end Applications New users can safegaurd themselves from Rugpull projects by doing their due diligence Users no longer have to get scammed by accpeting Honeypot crypto for their Assets Onchain mitigation directly reverts such Scam tokens when Oracle is used Users have the descretion to trust or not trust any token through our oracle.

Our tech stack:

  • Katana local environment
  • Ganache local environment
  • Express
  • Cairo -Solidity
  • Subgraph
  • ethers

Chains and protocols:

  • NeonEVM - Moraswap
  • Base - PancakeSwap
  • Scroll - skydrome
  • Arbitrum - pancakeSwap
  • Starknet - jediSwap
  • Polygon zkevm - Pancakeswap
  • Linea Mainet - PancakeSwap
  • zksync - PancakeSwap
  • Mantle - FusionX
  • Celo - Ubeswap We utilised the data from these chains to simulate transactions for possible honeypots. Subgraph deployments for chains that supports the AMM architectures
background image mobile

Join the mailing list

Get the latest news and updates