VOOZH about

URL: https://dev.to/mik3fly__/add-rug-pull-protection-to-your-ethereum-bot-in-5-lines-2kbf

⇱ Add rug-pull protection to your Ethereum bot in 5 lines - DEV Community

If your bot, wallet or launchpad touches freshly deployed ERC-20s, every one of them is a coin flip: honeypot, hidden mint, unlocked LP, or a deployer who has already rugged ten tokens this week. You can reimplement honeypot simulation and bytecode analysis yourself, or you can ask an API.

Here is the whole thing.

5 lines 

npm install @mik3fly-lab/rektradar-sdk

import { RektRadar } from "@mik3fly-lab/rektradar-sdk";

const rr = new RektRadar({ apiKey: process.env.REKTRADAR_KEY });

const verdict = await rr.token("0xTOKEN");
if (verdict.score >= 70) return; // high risk: skip the trade

verdict.score is 0-100 and verdict.flags is a list of machine-readable red flags (hidden_mint, lp_not_locked, ownership_not_renounced, ...). Targeted lookups like this are real-time for everyone. No key? It still runs, anonymously, on the free tier.

No signup to try it

The base URL is https://api.rektradar.io. Anonymous calls work:

curl https://api.rektradar.io/v1/token/0xTOKEN

A key (free or paid) lifts the rate limit and removes the delay on the live feed.

The interesting part: the real-time flow

A verdict that arrives 10 minutes late is worthless, so the live activity flow is the real product: new high-risk deploys (so you avoid them before you buy) and rug events the moment liquidity is pulled. On a free key the flow is delayed about 10 minutes; on a paid key it is real-time. Every response carries dataDelaySeconds (0 = real-time, 600 = delayed).

Poll the REST feed:

const { rugs, dataDelaySeconds } = await rr.rugs({ since: "24h" });

Or subscribe to the push stream and act the moment liquidity is pulled:

import { connectStream } from "@mik3fly-lab/rektradar-sdk";
import WebSocket from "ws";

connectStream({
 apiKey: process.env.REKTRADAR_KEY,
 events: ["new_token", "imminent_rug", "rug"],
 WebSocket,
 onMessage: (e) => {
 if (e.type === "imminent_rug") getOut(e.data.token); // pending rug, before it mines
 if (e.type === "rug") notifyHolders(e.data);
 },
});

Prefer server-side push? Register an HTTPS endpoint and RektRadar POSTs signed events to it:

import { verifyWebhook } from "@mik3fly-lab/rektradar-sdk";

const ok = verifyWebhook(rawBody, req.header("X-RektRadar-Signature") ?? "", SECRET);
if (!ok) return res.sendStatus(401);

What it is (and is not)

Basic honeypot checks are commodity - several providers give them away free. The edge here is the proprietary intel on top: the deployer graph (who deployed, funded by whom), reused drainer-kit bytecode clusters, rug forensics, and the real-time new-deploy and rug feed.

Free to start. Wire the five lines into your buy path and stop trading into honeypots.