ManagerNestManagerNest
All posts
Trading2026-05-0910 min read

How to Spot a Rug Pull on Solana: 11 Red Flags Before You Buy

A field manual for Solana traders. Eleven specific, on-chain red flags that predict scams and rug pulls — and how to check them in under sixty seconds.

Why Rugs Still Happen

Solana hosts thousands of new token launches every day in 2026. Some are genuine projects. Most are not. Some are outright rug pulls — coordinated scams where the deployer drains liquidity, mints unlimited supply, or freezes holder wallets, leaving everyone except the dev with a worthless bag.

[stats]

Daily launches | 5,000+ | most fail or rug

Estimated rugged | 30-40% | of all launches

Avg loss size | $200-2,000 | per retail victim

Check time | 60s | with the right tools

[/stats]

The good news: rug pulls leave fingerprints. Every red flag this guide covers is verifiable in under sixty seconds before you click buy. If a token fails these checks, it does not mean it will rug. It means the risk is high enough that you should size accordingly or move on.

This is not financial advice
A token passing all 11 checks can still go to zero from natural market forces. The checks eliminate deliberate-scam risk, not market risk. Size positions accordingly.

The 11 Red Flags

1. Mint Authority Not Revoked

The mint authority is the wallet that can create new tokens out of thin air. If it is still active, the dev can dilute every holder to zero whenever they choose.

How to check: Open the token on Solscan, scroll to "Authorities". You want to see "None" for Mint Authority. ManagerNest's token validator flags this automatically.

This is the single biggest red flag. Tokens with live mint authority are not investable for serious money.

2. Freeze Authority Not Revoked

The freeze authority can freeze any token account at any time, preventing holders from selling. Devs use this to wait until a price pump, then freeze every wallet except their own and sell into the resulting illiquidity.

How to check: Same Solscan "Authorities" page. Look for "Freeze Authority: None".

3. Top 10 Holders Own More Than 30 Percent

If ten wallets control 30 percent or more of supply, those ten wallets can crash the price the moment any of them sells. For meme coins under $1 million market cap, this is common. Above that, it is a warning.

How to check: Solscan's "Holders" tab. ManagerNest's Token Health panel (in the terminal trade view) shows this with a tone-colored badge.

4. Dev Wallet Holds More Than 5 Percent

The deployer wallet — also called the CA deployer — often retains an allocation. Five percent is reasonable for a project token. Twenty percent is a red flag. Fifty percent plus is a guaranteed dump waiting to happen.

How to check: Find the token's deployment transaction on Solscan, identify the deployer, check that wallet's current balance of the token.

5. Liquidity Is Unlocked

If the LP tokens for the Raydium pool are sitting in the dev's wallet (not burned, not vested), the dev can pull liquidity at any time. This is the most common form of true rug pull.

How to check: Use Rugcheck.xyz — it specifically flags unlocked LP. Burned LP is safest. Vested LP via Streamflow is acceptable. Live LP in the dev's wallet is a hard no.

6. Suspicious Sniper Count

When more than 30 wallets buy within the first block or two of launch, it almost always means coordinated bot sniping — often by accounts linked to the dev. Those snipers will dump on retail buyers within hours.

How to check: Rugcheck and Solscan both expose first-block buyer counts. Anything over 30 is suspicious. Anything over 100 is coordinated.

7. No Social Presence or Stolen Content

Real projects have real socials. Even meme coins have a Twitter account with engagement. Tokens with zero socials, or socials that copy-paste from a more famous coin, are throwaway plays at best.

How to check: Reverse image search the logo. Search the project name in quotes on Twitter. If results are empty, exercise caution.

8. Twitter Account Created Within the Last 30 Days

Brand-new social accounts following the token launch by a few days mean the team made the project as a one-off cash grab. Long-running accounts indicate continuity.

How to check: Twitter profile shows "Joined" date. Anything under 30 days is a yellow flag.

9. Honeypot Pattern: You Can Buy But Cannot Sell

A honeypot is a token that lets you buy but blocks selling — either through code (rare on Solana) or by freezing your account post-buy. The result is identical: you cannot exit.

How to check: Look for tokens where the SOL flow is heavily one-sided (lots of buys, almost no sells). Tools like ManagerNest's terminal stats panel show buy/sell ratios per timeframe.

10. Recent Large Dev Sells

Even if everything else looks clean, a dev wallet that recently sold ten percent of its position is signaling. Their actions tell you what they think of the project.

How to check: ManagerNest's terminal now shows dev wallet trades as gold "DEV" arrows directly on the chart. Look for sell arrows in the last 24 hours.

11. Identical Code or Image to a Known Scam

Many rug pulls reuse the same token contract and logo as previous successful exits. If a logo looks suspiciously familiar, search Solana-rugged token databases for matches.

How to check: Communities like Solana Floor and rugged-token leaderboards maintain databases. Sometimes a quick image search catches it.

How to Run the 11 Checks in Under 60 Seconds

In practice, you cannot run all eleven checks on every token. Here is the compressed flow that catches 90 percent of rugs:

  1. Open Solscan. Check Mint Authority and Freeze Authority. Must both be "None".
  2. Check top 10. Should be under 30 percent for any token over $500K market cap.
  3. Open Rugcheck. LP burned or vested. Sniper count under 30.
  4. Glance at dev wallet on the chart (via ManagerNest terminal) for recent sells.

If all four pass, the token is at least not a textbook rug. It might still go to zero from natural market forces, but you have eliminated the deliberate-scam risk.

Why ManagerNest Surfaces This Info Directly

In the terminal trade view, every selected token automatically shows:

  • Rug score badge in the header (SAFE / WARN / RISK)
  • Top 10 holders percentage in the Token Health panel
  • Dev holding percentage below that
  • CA deployer address with copy button and revocation status
  • Dev wallet trades as gold arrows directly on the chart

The point is to put the red-flag scan one click away from the trade button. If you have to leave the app and open three websites, you will skip the check half the time. We brought the check to the trade.

Frequently Asked Questions

If a token passes all 11 checks, is it safe?

No. It means the deliberate-scam vectors are closed. The token can still fail organically — bad memetics, no buyers, dump from natural sellers. Safety is not the same as profitability.

Can devs un-revoke authorities?

No. Once mint or freeze authority is revoked, it cannot be restored. It is a permanent on-chain action.

What if the dev locks LP for 1 year — is that safe?

Vested LP is safer than unvested but not as safe as burned. A one-year lock means the dev can still pull after the unlock. Burned LP is permanent.

How do bots know to snipe within the first block?

Bots watch the mempool for deployment transactions and front-run the launch with a same-block buy. This is impossible to prevent entirely without anti-bot launchpads like Heaven.

Ready to try it yourself?

Launch your first Solana token or NFT in under 60 seconds on ManagerNest.

Create a token Mint an NFT

Previous

Top Solana Launchpads in 2026: Pump.fun, Moonshot, Boop, Heaven Compared

Next

Smart Money on Solana: How to Track Whale Wallets and Copy Their Trades