The chart is pumping. You buy in. The price keeps rising. You go to sell — and the transaction reverts. Every single time. Your funds are permanently trapped. This is a honeypot.
What is a Honeypot Token?
A honeypot is a malicious token contract that allows anyone to buy, but silently blocks all sell transactions. The token looks completely normal — it has a price chart, liquidity, and active trading. But once you hold it, you can never get out.
The name comes from the classic trap concept: the honey looks appealing, but once you touch it, you are stuck.
- ✗Buys work fine: Anyone can purchase the token through a DEX like Uniswap or PancakeSwap.
- ✗Sells always fail: The contract silently reverts any sell transaction, or imposes a 100% sell tax.
- ✗Liquidity stays locked — for the scammer: The ETH or BNB you paid is trapped in the pool, accessible only to the deployer.
How Do Honeypots Work? Common Techniques
Scammers have developed many ways to implement honeypot behavior in Solidity. Most fall into one of these categories:
The contract maintains a hidden blacklist. When you try to sell, your address is already on it and the transfer is rejected. The deployer can add any address at any time — often right after you buy.
The contract applies a 0% buy tax but a 100% sell tax. Your sell technically succeeds — but after the “fee” is deducted, you receive nothing. The entire sell amount is sent to the team wallet.
The transfer() function checks msg.sender == owner. Only the contract owner can move tokens — everyone else is blocked silently.
The contract has a tradingEnabled flag. Buys are whitelisted during launch. Sells are never enabled. The deployer never calls the function to open selling — so it stays locked forever.
The contract launches with clean code, builds a community, then the deployer upgrades the contract logic via a proxy pattern to inject honeypot behavior. By the time anyone notices, the liquidity is already drained.
The Typical Honeypot Playbook
- Deploy a token with hidden sell restrictions.
- Seed the liquidity pool with a small amount of ETH/BNB.
- Promote the token on Telegram and Twitter — pump the chart artificially.
- Attract buyers who see a rising price and FOMO in.
- All buy transactions succeed. All sell transactions fail silently.
- Once enough funds are in the pool, the deployer removes liquidity and exits.
How to Detect a Honeypot Before You Buy
- →Simulate a sell first: Tools like Honeypot.is and AssetsLink Token Check simulate both a buy and a sell before you spend anything. If the simulated sell fails or returns 0, it is a honeypot.
- →Check the sell tax: A legitimate token rarely has a sell tax above 10%. A 50%+ sell tax is a major red flag. 100% is a confirmed trap.
- →Read the contract source code: If the contract is not verified on Etherscan, that is already a warning sign. If it is verified, look for blacklist functions, owner-only transfer guards, or any conditional that checks msg.sender.
- →Check who can modify the tax: If the owner can change tax to any value at any time with no cap, that is dangerous even if current tax is 0%.
- →Look at liquidity lock status: Unlocked liquidity means the deployer can remove everything in one transaction. Check if LP tokens are locked and for how long.
Why Honeypots Are Hard to Spot in Real Time
The most dangerous honeypots look completely legitimate at launch. The chart goes up. Real transactions appear on-chain. Early wallets (controlled by the deployer) are seen buying and selling normally — which builds false confidence.
Those early “sellers” are whitelisted addresses. You are not.