Scam Scanner

Scam Scanner serves to guide new investors of cryptocurrency towards making better financial decisions by using algorithms and heuristics to predict whether or not a coin will be a rug pull.

Comment

Inspiration

September 19, 2021. That was the day I got scammed. As an avid investor in cryptocurrency since my Sophomore year of high school, I always believed that cryptocurrency would be the future of finance. However, on this day, my beliefs were shaken to the core as $2000 vanished into thin air. I had done my research, looking into the code of the coin, consulting friends of mine, and even getting in touch with the supposed developers of the coin. Yet I still felt as if the rug was pulled.

With the onset of a paradigm shift towards digital currencies, specifically cryptocurrencies, the crypto market is, to say the least, volatile and unpredictable. Due to the ease of access to trading, investors are no longer exclusive to Wall Street dealers and high-powered officials — they are now the average student or office worker. In our current beginnings of an even-more-digitized world, cryptocurrency is becoming more and more intertwined with the finances of individuals and the world as a whole. Because of this, however, projects designed and aimed to profit off of such investors are becoming increasingly commonplace. As easy as it is to get into the market, it is easy to lose in it. So, we wanted to build something to counteract this and, hopefully, lessen the severity of future losses.

What it does

Users of Scam Scanner first input the contract address of the token they would like to be scanned. Our program then retrieves token data through the BscScan API through a user input of the coin’s contract address. By doing so, it examines coin data for one of the most common coin scam tactics: rugpulls. Scam Scanner directly accesses information regarding the coin’s developer (or the coin’s first wallet-to-wallet transaction), and inspects transactions for suspicious activity such as a disproportionate ownership or disproportionate selling. Using this information, our program assigns each token a scam score index. The program finally displays to the user the scam score, with 0 being no sign of scams and 100 being almost certainly a scam.

How we built it

Building this scam scanner required the integration of various technologies and APIs we had retrieved online. Ensuring that we were able to keep our software free and open source, we built our product upon APIs that were both publicly available, specifically the bscscan api and the bscscan-python api. We decided that we would use python for the backend, and html for the frontend development, as those were the languages we were most comfortable with. First, we developed our own metrics for computing our scam-score index, having reviewed and manually classified several scamcoins. Then we used the bscscan’s api to retrieve data from the token. Specifically, information about the developer’s address and their transactions. Using this, we would either increase or decrease the scam-score depoending on whether the transactions matched that of previous scam coins or previous legitimate coins.

Finally, we used html to design the front end of our scam scanner. Using the flask microweb framework for python we were able to integrate the user input from the HTML form with the algorithm to detect whether or not the crypto was a scam. To support this integration, we utilized a JavaScript function to validate the user input and ensure that they were entering a correct token address. With some additional stylization from some CSS, we put together a standard home page form and a consequential result page, which displayed the collected information from our python script.

Challenges we ran into

From the get go, one of the central decisions we had to make was how we wanted to implement our scanner and on which token type (we decided on BSC over Ether). After coming to a consensus within our group, we moved onto the main implementation. We had to ensure that the API we imported worked as planned and that our scam-determining tests were functioning appropriately. One of our main challenges was considering how to detect rugpulls, which involved analyzing the developers ownership and holding of each token. We also determined their recent transactions to narrow down how risky a coin was, which resulted in quite a bit of trial and error and debugging. Part of the issue was being able to aggregate the given data; finding the relevant information from the data provided was a necessity in order to facilitate our project. Once coded however, the project seemed fairly lackluster. A user would input into the standard Python terminal, and with a few more hours on the clock, we decided to construct a simple HTML user interface.

Accomplishments that we're proud of

As a team of freshmen who all have very little experience with programming, we are proud of the progress we have made. When we first applied to Cal Hacks, we planned on simply observing and learning through the various activities. However, as we attended the various crypto themed events, our passion for our cause only grew. We were convinced that by having a system to detect scams, it would only serve to grow the crypto community, as well as the community. Although none of our team members had any experience with the bscscan api when going into the project, we were able to learn and improve. We were elated when our code was able to detect its first scam, and our pride will only grow as we are able to prevent more and more people from falling victim to crypto scams.

What we learned

Because of the diversity of interfaces and information sources that we used, we learned how to aggregate our data into a single, unified interface that could later be scaled up to accommodate other, emergent chains. The value of testing and refactoring our code became readily apparent (thanks, CS61AB!) as we discovered more efficient means of data retrieval and computation. Within our brief research, we also learned about past implementations from similar projects as well as interesting cryptocurrency APIs or for instance, Binance’s Testnet, a test environment for developing cryptocurrencies. Many of the projects and ideas we stumbled upon may not have ended up being used, accessed, or referred to, but we now know that they’re there. Some of the topics we’ve learned over this past weekend will certainly help to broaden our scope in the future. If anything, it’s a hands-on teaching experience on (ironically) how much comprehensive information one can scrape from a fairly brief and momentary research into a certain topic.

What's next for Scam Scanner

Although rugs are one of the primary scams in new cryptocurrencies, there are plenty of other scams that we would like to be able to scan for. First and foremost, we would like to improve our system to scan for Honeypots, where the contract is created so that the coin can be purchased and not sold. We would also like to improve the system by cross referencing the code of the token being checked with the code of previous, known scams through Machine Learning. By using Machine Learning, we are able to make a scanner that keeps improving and learning new scams as they are being created. Finally, we would like to expand beyond the scope of just BEP 20 coins. By implementing the Ethscan api, we would be able to check tokens that are under the Ethereum chain. Finally, we plan on making a simple, yet elegant, user interface for Scam Scanner and deploy it on the internet. We want to make this software open source and free for everyone, forever. We hope that with each scan, we are able to save another person from being scammed.

Built With

Share this project:

Updates