Launched 26AUG23 ~0930 UTC

This was one of those projects that sounded too good to be true. When you have to pinch yourself because you think you are so early to a giga gem, you should probably pinch very hard and exercise extreme caution. Protocol DAI had an amazing website and a reported to be working utility in the form of a decentralized application (dApp) that gave users the opportunity to deposit ETH and earn a 5% interest rate while borrowers would pay slightly more to offset fees. Like I said, too good to be true…red flag.

A second red flag came in the form of their Telegram group and how it was managed. There was just the owner (anonymous mode) and no other admins or mods. There is usually a reason for this and it could be super early in the life of the project but highly unlikely…most definitely a scam to see just an owner in tg because he/she/shizzle can set up the tg in a way to filter out key words that would otherwise alert members to a scam and/or simply deleting or muting the tg.

A third red flag popped up immediately in that the scanners showed the token to be safe (i.e., “renounced” contract, 10 ETH liquidity added, and locked for one year!). See Figure 1

Figure 1: Initial TTF Scan

Jamma Pelson (decent sized crypto twitter (CT) influencer) used as caller and paid 1E. Also included is the .5E transfer to the project “Liquidity” wallet for future shenanigans. See Figure 2

Figure 2: Influencooor payment

I will list more strange occurrences with this token below:

  • This wallet (sus wallet) may have been involved with 0xDiamond which was a delayed honeypot with potential crypto casino. That wallet bought and sold 0xDiamond early and was able to get out before the delayed honeypot. The wallet in question also sent the pDAI rug wallet pDAI tokens to sell off so was definitely in on it.
  • With the 9c57 wallet, the pDAI dev was able to approve “unlimited pDAI” tokens to trade on Uniswap. I guess this would work to “mint” as many tokens as possible to remove all of the liquidity. Example would be; look at liquidity left in pool (in ETH) and then on top it would show how many tokens you need to swap for it.
Figure 3: Token approval to allow sell via Uniswap
  • The function called (from Figure 3) commenced the honeypot and rug. See Figure 4
Figure 4: Commence HP and Rug
Figure 5: Finish Him!
  • Not a bad payout for an elaborate and sneaky skemmer. See Figure 6
Figure 6: Skemmer
  • Reading the event log below to see how 4T tokens could be minted from a renounced contract. There has to be something else in there to allow that particular wallet to gain control after the marketing wallet (0xEDDc0e8cDf72d4b39a7dAb6c44C07C6Edf459a6b) first buying .3E worth of pDAI.
  • Event Log

Thank you, TTF bot for describing what happens when a skemmer skems. Figure 7

Figure 7: Too late to run away, lmao.

Here’s final chart photo to show what happens after skemtime. Figure 8

Figure 8: Skem Time!

Going through the contract code, with the help of ChatGPT showed us how the SkemTeam of pDAI was able to pull of their daunting and profitable stunt. Figure 9 shows the two wallets hard-coded (i.e., written in) into the $pDAI code.

Figure 9: Hard-coded team wallets

The wallet marked as “marketingReceiver” called out the “manualSwap” function that instructed the contract to produce a honeypot where no one was allowed to sell except the “marketingReceiver” wallet or the “9C57” wallet. See Figure 10

Figure 10: manualSwap function

From ChatGPT: Here’s how this function can be misused to drain liquidity:

  • The contract owner or designated marketing receiver can call manualSwap at a strategically chosen time, such as when there’s significant liquidity in the pool or when there’s high trading volume.
  • By swapping a large amount of tokens for ETH and subsequently transferring that ETH out of the contract, they effectively reduce the available liquidity in the pool.
  • Reduced liquidity can lead to increased price volatility and may make it difficult for other users to buy or sell tokens at fair prices.

This is another interaction with ChatGPT: The contract was renounced, but somehow, the “marketingReceiver” was able to call the “manualSwap” function.

ChatGPT’s answer:

  • The contract’s code has several notable points that would make it susceptible to abuse and might be considered “malicious”:
  • Renounced Ownership: Even after renouncing ownership, there’s a manual swap function (manualSwap) that can only be called by marketingReceiver. This is an issue because it can allow the “marketingReceiver” to drain the contract of its funds after the contract owner has renounced ownership, giving users a false sense of security.
Warrior Time

In closing: we got rekt pretty well, however, my mate and I understood this token was set up perfectly and was probably too good to be true and therefore pulled initials immediately. We did however lose all chances at profits due to the impending honeypot and theft of liquidity via the “manualSwap” function.

This evolution was another stiff warning to always be vigilant while looking for fresh projects because 9.5 times out of 10 something is going to happen where you lose it ALL.

As I wade through the filth that is customary for shitcoiners I have one more thing to look for (i.e., manual swap functions or any functions that are hard-coded to a particular team wallet) because the scanners, albeit fantastic, will not catch most of them.

The token and safety scanners remind me a lot of the cybersecurity playground I work in. We are always playing catch-up to the zero-day skemmers. It’s true in cyber and it’s true in the crypto world.

— Stay vigilant and stay safe —

josh

By josh

Leave a Reply

Your email address will not be published. Required fields are marked *