Show HN: HoneypotScan – Detect crypto scam tokens

1 point

4 months ago

I built a tool to detect honeypot tokens (ERC20 contracts that let you buy but block selling). It uses 13 regex patterns to scan for tx.origin abuse and other sell-blocking techniques.

*How it works:* - Fetches verified source code from Etherscan - Runs pattern matching for common honeypot techniques - Returns results in ~2 seconds - Threshold: 2+ patterns = 95% confidence honeypot

*Architecture:* - Cloudflare Workers for edge computing - KV for caching (95% hit rate, 24hr TTL) - 6 Etherscan API keys with rotation - Supports Ethereum, Polygon, Arbitrum

*Key insight:* Smart contracts are immutable, so aggressive caching works perfectly. This lets the free tier handle high traffic ($0/month).

*Limitations:* - Only detects sell-blocking honeypots - Doesn't catch obfuscated code, proxy patterns, or time bombs - Not a full security audit

Live: https://honeypotscan.pages.dev Source: https://github.com/Teycir/honeypotscan

Open to feedback on detection patterns or evasion techniques I might be missing.

1 comment