Skip to main content

Overview

A honeypot is a malicious token designed to allow purchases but prevent or severely restrict sales. Once investors buy in, they find themselves unable to sell, leaving their funds trapped.
Honeypots are one of the most common token scams. Always verify you can sell a token before investing significant amounts.

How Honeypots Work

  1. Token Launch: Scammer deploys a token with hidden restrictions
  2. Marketing: Token is promoted on social media and trading channels
  3. Buy Phase: Victims purchase the token without issues
  4. Trap Activated: When victims try to sell, transactions fail or incur extreme fees
  5. Exit: Scammer drains liquidity, leaving holders with worthless tokens

Types of Honeypots

Blacklist Honeypots

  • Specific addresses are blocked from selling
  • Often whitelist only the deployer or insiders

Fee-Based Honeypots

  • Normal buy fees but extreme sell fees (90-100%)
  • May start with low fees that increase over time

Balance Manipulation

  • Contract manipulates displayed balance
  • Actual transferable balance is zero or minimal

Cooldown Honeypots

  • Extreme cooldown periods between transactions
  • Users can buy but must wait impossibly long to sell

Detection Indicators

TagSeverityDescription
honeypotCriticalToken identified as a honeypot
cant_sell_allHighUnable to sell full token balance
high_sell_taxHighExcessive sell tax detected
modifiable_taxMediumTax can be changed by owner
blacklistMediumContract includes blacklist functionality

API Example

curl -X GET "https://api.webacy.com/tokens/0x123...?chain=eth" \
  -H "x-api-key: YOUR_API_KEY"
Response indicating honeypot: 
{
  "overallRisk": 98.0,
  "issues": [
    {
      "tag": "honeypot",
      "severity": "critical",
      "description": "Token prevents selling - honeypot detected"
    },
    {
      "tag": "cant_sell_all",
      "severity": "high",
      "description": "Unable to sell full token balance"
    }
  ]
}

Red Flags

  • No sells in transaction history - Only buy transactions visible
  • Failed sell transactions - Multiple reverted sell attempts on-chain
  • Unusual contract code - Hidden functions or obfuscated logic
  • Locked liquidity claims - But liquidity can still be removed
  • Anonymous team - No verifiable team information

Protection Strategies

  1. Test with small amounts - Try selling a tiny amount before investing more
  2. Check transaction history - Look for successful sells by other wallets
  3. Use token scanners - Run the contract through security analyzers
  4. Verify contract code - Check if contract is verified and readable
  5. Research the project - Look for red flags in community and marketing