How to Spot and Avoid Rug Pulls on Solana: Tools and Red Flags (2026)

Over 98% of tokens launched on Pump.fun fail. Most of them aren't accidents — they're designed to extract money from buyers and disappear. In Q1 2025 alone, crypto rug pulls wiped out nearly $6 billion globally, with Solana accounting for the highest rug pull density of any blockchain.

If you trade memecoins, low-cap tokens, or anything on Solana's launchpads, learning to spot rug pulls isn't optional — it's survival. This guide covers the exact red flags to check, the free tools that do the checking for you, and the common tricks scammers use on Solana specifically.

What Is a Rug Pull?

A rug pull is when a token creator or insider group drains value from a project, leaving everyone else holding worthless tokens. The name comes from the idea of pulling the rug out from under someone — by the time you realize what happened, you're already on the floor.

On Solana, rug pulls happen in minutes, not days. The chain's sub-second transactions and near-zero fees make it cheap to launch thousands of scam tokens. A single developer can create a token on Pump.fun for less than $2 and potentially extract thousands of dollars from buyers within the first hour.

There are two broad types:

Hard rug pulls — The creator uses technical exploits (minting new tokens, draining liquidity, freezing your wallet) to steal funds. These are the most damaging and often use smart contract manipulation.

Soft rug pulls — The creator gradually dumps their holdings on buyers, killing the price over time. Technically legal in many jurisdictions, but the result is the same: you lose money.

The Most Common Rug Pull Techniques on Solana

1. Liquidity Pool Drainage

The classic rug. A developer creates a token, pairs it with SOL in a liquidity pool on Raydium or another DEX, waits for buyers to push the price up, then withdraws all the liquidity. Buyers are left with tokens they can't sell because there's no liquidity left.

On Solana, fraudulent pools often live for less than an hour. Research from Solidus Labs found that 93% of liquidity pools on Raydium showed soft rug pull characteristics, and 71% of fraudulent pools yielded net gains for their creators.

How Pump.fun partially fixes this: Tokens that graduate to PumpSwap have their LP tokens automatically burned, which prevents the creator from pulling liquidity. But this only applies to the ~1% of tokens that actually graduate. The 99% that never leave the bonding curve are fair game for creator dumps.

2. Deployer-Funded Sniping

This is a Solana-specific technique. The token creator transfers SOL to multiple "sniper wallets" before launch, and these wallets buy the token in the same block as deployment. This gives the creator a massive position at the lowest possible price while making the token look like it has organic early demand.

A Pine Analytics report identified over 15,000 SOL in realized profits extracted from 15,000+ token launches using this technique, involving 4,600 sniper wallets with an 87% profitability rate.

What it looks like: Multiple wallets buying in block 1, often with similar SOL amounts and no prior history. If you see 5-10 wallets sniping a token in the same block, be cautious — they may all be controlled by the deployer.

3. Wallet Splitting

Instead of holding 50% of the supply in one wallet (which is an obvious red flag), the creator distributes tokens across dozens or hundreds of wallets they control. Each individual wallet might hold 1-2% of supply, but combined they control a majority stake.

Bubblemaps exposed one case where a token creator distributed SOL to 162 wallets, which then purchased half the total supply at launch. Without tools that can visualize wallet clusters, this is almost impossible to detect manually.

4. Mint Authority Exploitation

Every SPL token on Solana has a "mint authority" — the address that can create new tokens. If the mint authority isn't revoked after launch, the creator can mint unlimited new tokens at any time and dump them on the market, diluting everyone else's holdings to zero.

Pump.fun sets mint authority to null by default, but tokens launched on other platforms (Raydium directly, or custom launches) may not. Always verify that the mint authority is revoked.

5. Freeze Authority Honeypots

Solana tokens also have a "freeze authority" that can freeze any holder's tokens, preventing them from selling. This creates a classic honeypot: you can buy the token, you can see the price going up, but when you try to sell — nothing happens. Your tokens are frozen.

The trap: The token chart looks perfect. Price keeps climbing. People keep buying. But only the creator and their insiders can actually sell. By the time buyers realize their tokens are frozen, the creator has already dumped.

6. Address Poisoning

Not strictly a rug pull, but a growing threat on Solana. Scammers create wallet addresses that visually resemble legitimate ones (matching the first and last few characters) and send tiny "dust" transactions to your wallet. When you later copy-paste an address from your transaction history, you accidentally send funds to the scammer.

In January 2026 alone, $12.25 million was lost to wallet poisoning and phishing on Solana.

Red Flags: What to Check Before Buying Any Token

Token Authority Checks

Authority	Safe	Dangerous
Mint authority	Revoked (null)	Active — creator can mint unlimited tokens
Freeze authority	Revoked (null)	Active — creator can freeze your tokens
Update authority	Revoked (null)	Active — creator can change token metadata

If any of these authorities are still active, proceed with extreme caution. Legitimate projects revoke mint and freeze authority before or immediately after launch.

Holder Distribution

Top 10 wallets holding >30% of supply — Major red flag. Even if it's split across wallets, concentrated ownership means a few wallets can crash the price.
Many wallets with suspiciously identical holdings — If 20 wallets each hold exactly 1.8%, they're likely controlled by the same person.
Developer wallet holding >5% — Higher risk of a gradual dump.

Liquidity

No liquidity lock or LP burn — The developer can pull all liquidity at any time. PumpSwap burns LP tokens automatically for graduated tokens, but other DEXs don't.
Market cap far exceeding liquidity — A token with $500K market cap but only $5K in liquidity can be drained in a single transaction.

Social Signals

No Twitter, Telegram, or website — Anonymous tokens with zero social presence are almost always scams.
Copy-pasted website from another project — Scammers clone successful project sites.
Brand-new developer wallet — No transaction history means you can't evaluate the creator's track record.
Extreme hype with no product — If the only thing the project offers is "to the moon" promises, it's likely a pump-and-dump.

On-Chain Behavior

Multiple buys in block 1 — Likely deployer-funded sniping.
Large buys immediately followed by the dev selling — The dev is using early buyers as exit liquidity.
Sudden burst of social media activity — Coordinated shilling campaigns often precede dumps.

Free Tools to Detect Rug Pulls

RugCheck

RugCheck is the most widely used Solana token scanner. Paste any token address and it instantly flags:

Whether mint/freeze/update authority is revoked
Top holder concentration
Liquidity status (locked, burned, or vulnerable)
Overall risk rating

It's integrated directly into Pump.fun's interface, so you can check tokens without leaving the platform. Free to use, no account required.

Best for: Quick safety checks before any trade. Should be your first stop for every new token.

Bubblemaps

Bubblemaps takes a visual approach to on-chain analysis. Each wallet is displayed as a bubble (sized by holdings), with lines connecting wallets that have transacted with each other.

The standout feature is Magic Nodes — behavioral clustering that identifies wallet groups even without direct transactions between them. This is how Bubblemaps exposed the "Rugproof" launchpad scam (162 connected wallets) and the Hawk Tuah token (96% supply in a tight cluster).

Best for: Investigating suspicious holder distributions. If the bubble map looks like a spider web of connected wallets, run.

Solsniffer

Solsniffer evaluates tokens using over 20 security indicators and assigns a Snifscore from 0-100. It checks minting risk, holder concentration, liquidity quality, metadata immutability, and more.

Built specifically for Solana (not a port from EVM tools), so it understands Solana-specific risks like freeze authority and SPL token mechanics.

Best for: Getting a single safety score to quickly filter tokens. Anything below 50 is high risk.

GoPlus Security

GoPlus Security provides a token security API that's integrated into many trading bots and platforms. It checks for honeypot patterns, hidden minting functions, and trading restrictions.

Best for: Automated security checks if you're building tools or using platforms that integrate GoPlus.

Birdeye & DEXScreener

While not dedicated security tools, Birdeye and DEXScreener both show holder distribution, liquidity depth, and trading patterns. A token with 3 wallets holding 80% of supply will be visible on both platforms.

Best for: Checking liquidity depth and holder distribution alongside price charts.

How to Protect Yourself: A Practical Checklist

Before buying any token on Solana, run through this checklist:

1. Scan the token on RugCheck Paste the contract address. Check that mint, freeze, and update authorities are all revoked. Look at the overall risk rating.

2. Check holder distribution on Bubblemaps Look for clusters of connected wallets. If a small group controls a large percentage of supply, the risk of a coordinated dump is high.

3. Verify the developer's history Has this wallet launched tokens before? What happened to them? Tools like MadeOnSol's Deployer Hunter track deployer wallets and their historical success rates.

4. Check liquidity depth Is the LP burned or locked? Is there enough liquidity relative to the market cap? A 10:1 market cap to liquidity ratio is already risky.

5. Look for social proof Does the project have a Twitter with real engagement (not botted)? Is there a Telegram with actual conversation? Does the website look original?

6. Use a wallet with transaction simulation Both Phantom and Solflare have built-in transaction scanning that warns you before you sign a malicious transaction. Phantom uses AI-driven detection to flag "drainer" scripts. Solflare Guard provides human-readable transaction summaries. Never disable these warnings.

7. Never invest more than you can afford to lose Even with perfect analysis, some rug pulls are too sophisticated to detect. Keep your position sizes small and spread risk across multiple trades.

What to Do If You've Been Rugged

If you suspect you've been the victim of a rug pull:

Don't buy more trying to "average down" — the token is likely worthless.
Document everything — screenshot the token page, your transaction history, the developer wallet, and any social media posts from the project.
Report it — File a report on RugCheck to warn other traders. If the amount is significant, consider reporting to your local financial regulator.
Check for remaining value — Some rugged tokens retain a tiny amount of liquidity. If you can sell for even a fraction of your investment, it may be worth doing so before the last liquidity evaporates.
Revoke token approvals — Use your wallet settings to revoke any approvals you granted to the project's contracts.

The Bigger Picture

Rug pulls aren't going away. As long as launching a token costs less than a cup of coffee, scammers will keep trying. The good news is that the tools for detecting them are getting better and more accessible.

The best defense is a combination of:

Using free scanning tools (RugCheck, Bubblemaps, Solsniffer) before every trade
Understanding what to look for (authority settings, holder distribution, liquidity status)
Staying skeptical — if a token seems too good to be true, it almost certainly is
Keeping position sizes small — assume every new token could go to zero

The 1-2% of tokens that are legitimate can still deliver strong returns. The goal isn't to avoid all risk — it's to filter out the obvious scams so your capital goes toward the opportunities that actually have a chance.

Tools Mentioned in This Guide

All of these tools are reviewed with honest pros, cons, and health monitoring on MadeOnSol:

RugCheck — Token safety scanner with authority and holder checks
Bubblemaps — Visual wallet cluster analysis
Solsniffer — 20+ security indicator Snifscore
GoPlus Security — Token security API and honeypot detection
Birdeye — Charts, holder data, and DEX aggregation
DEXScreener — Real-time charts and pair discovery
Phantom — Wallet with AI transaction scanning
Solflare — Wallet with Solflare Guard protection

Disclaimer: This guide is for educational purposes only. Not all token failures are rug pulls — many tokens simply lose interest and die naturally. MadeOnSol does not provide financial advice. Always do your own research before trading any token.