Skip to content

Bounty Program: Build an automatic erc-20 token safety detection system on Polygon or Ethereum #1

New issue
New issue
Open
Open
Bounty Program: Build an automatic erc-20 token safety detection system on Polygon or Ethereum#1
@dysquard

Description

@dysquard
dysquard
opened on Sep 24, 2021

Problem:
DeFi users are exposed to malicious erc-20 tokens with unusual functions like buy-only, limited trading amount, etc.. As a pionneer in crypto next-gen security wallet, Go Pocket needs a system to automatically detect malicious or suspicious codes in erc-20 tokens and its abnormal realtime trading data.

Bounty Details:
For a given erc-20 token, the auto detection system should be able to:

  1. Check whether the token is open sourced. Query this info from Polygonscan/Etherescan or any service that you think is able to achieve this task.
  2. If it's open sourced, then analyze its code for these specific malicious or suspicious features/functions:
    • Amount limit for trading. For example, you can only sell a portion of your token, or buy only specific amount from swap. The most extreme case is unable to sell. Some projects on Polygon take advantage of relatively cheap gas to airdrop shitcoins with buy-only functions to indefinite active addresses and lure users to buy them.
    • Trading white/blacklist, which means that token is only able to be traded by certain addresses.
    • Slippage. Some tokens like SafeMoon enforces slippage in trading, which we consider a feature that must be clarified to users.
    • Proxy contract. By hiding logic in other contract, malicious tokens are able to take unexpected actions. You don't have to analyze what's inside that proxy contract but only need to tell if the token has a proxy contract.
    • Infinite minting. The token owner has the ability to mint as wish.
    • Backdoor or any other malicious code. You can define these cases by your own knowledge. We'll give extra bonus for you if more aspects can be covered nicely.
  3. Realtime on-chian trading data monitoring for a given token is also required. The system should be able to analyze key trading data from popular DEXs in realtime to raise alarm for:
    • Large liquidity exits (large can be flexibly defined by parameter)
    • Large trading amount (large can be flexibly defined by parameter)

By token contract scanning and realtime trading data tracking, we protect traders from useless, malicious, phishing tokens and potential rugpull.
Fighting with various scammers and new malicious techniques will be a long and tough battle.
Godspeed! Crypto guardians!

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions