Read this article to understand the implementation principles and preventive measures of Delayed Pixiu

Original - Odaily

Author - Nan Zhi

Token Pixiu usually refers to a situation where a certain token can only be purchased but cannot be sold. The developer will remove the LP after a period of time to make a profit and rug pull the buyer. The delayed Pixiu can be traded within a short period of time when the token is first opened for trading, and then becomes the Pixiu state. For this type of Rug Pull technique,Many contract detection tools have not yet added corresponding detection functions., is becoming one of the main profit methods for malicious developers.

Below, Odaily will explain how delay Pixiu is implemented through a brief overview of the principles of ERC 20 and Uniswap.

Note: Some of the analogies in the article are not completely rigorous for ease of understanding.

ERC 20 Basics

Most tokens on the market comply with the ERC-20 standard. What is ERC-20? ChatGPT’s answer is as follows:

ERC-20 is a token standard on the Ethereum blockchain that defines token contractsa set of rules that must be followedand interface. This standard standardizes the basic functions of tokens, including transfers, balance inquiries, authorization to spend tokens on behalf of others, etc.

Here are some of the main ERC-20 token standard rules and features:

• Transfer: ERC-20 tokens can be transferred through smart contracts, allowing users to send tokens to other Ethereum addresses.

• Balance Query (BalanceOf): Users can query their ERC-20 token balance to see how many tokens they own.

Balance inquiry (BalanceOf):

In fact, this function not only has a query function, how many tokens the user owns is also defined by this function. Each token can be understood as a bank, and each wallet address obtains a deposit card from the bank after trading tokens, which records the balance of each address (Balance). That is, you can apply to the bank to check your balance, or you can make an asset change request to the bank for transactions.

Note: Ethereum adopts an Account-Based model.

Therefore, users do not essentially own their assets, but rather the number of tokens you can spend is defined by a function.

• That is: X tokens Balance Of [A account]=The number of X tokens that account A can spend externally

Note: Bank deposits in the real world are the banks debt to its customers, and the bank has asset ownership.

Transfer

All ERC-20 tokens must complete the transfer function. Based on the previous ledger model, when a transfer occurs, it is not account A that delivers a token to account B, but is deducted from account A. The number of tokens is X, and the number of tokens X is added to account B.

• That is: Balance Of [A Account]-X and Balance Of [B Account]+X at the same time

Developers can modify the transfer function to limit the number of transfers, transferees, etc.

The transfer function is the fundamental source of most Pixiu mechanisms.

Uniswap

The previous section analogized each token to a bank, and Uniswap can be understood as an acceptance middleman here, exchanging two tokens through the AMM principle of xy=k.

The exchange process is as follows:

• The user transfers token A to the Uniswap contract

• Uniswap willTokens received, calculate the tokens that should be returned through y=k/x, and deduct the handling fee

• Uniswap transfers token A to the LP pool and withdraws token B

• Uniswap transfers token B to user

Of course, Uniswap actually involves multiple functions and processes. The key point to understand here is,Uniswap only trades based on tokens received, and when the user performs the transfer operation, the amount may have changed.

Pixiu mechanism

In this section, the Pixiu mechanism is divided into two categories:

① High transaction tax, resulting in users not receiving rebates from sales tokens;

② Unable to transfer, resulting in users being unable to trade with Uniswap.

high transaction tax

This section shows the calculation process of a Meme coin with transaction tax as shown below (only focus on the red part).

1. Calculate transaction tax(s)

2. Deduct the full amount of money from the users wallet (BalancerOf[user] reduces token A)

3. Transfer money to an address such as developer wallet or LP (BalancerOf[Dev] increases token A × tax S)

4. Transfer some tokens to Uniswap to exchange for token B (token A×(1-S))

5. User receives insufficient amount of token B

As mentioned in the previous section, Uniswap only supports “Tokens received” is processed, and developers can modify the amount transferred to Uniswap and users at will.

Here, if the transaction tax rate is modified to 100%, the third step ③Transfer to the developer wallet or LP and other addresses will be implemented, and the user will no longer receive tokens.

Unable to transfer

In Solidity, developers can restrict transactions through require:

If the developerLimit the exchange of tokens to certain whitelist addresses, then the user cannot send the tokens in his hand to Uniswap, then the second step ② Deduct money from the users wallet is implemented, and the developer can set Uniswaps Router to send tokens, and the result is:

Users can only buy (Uniswap transfers tokens to users), but cannot sell (because tokens cannot be transferred to Uniswap for ETH, etc.).

Or developers can set the transfer limit to 0, turn off the transaction switch, and other operations through various paths, but in the end they all control the behavior of transfer.

Delayed Pixiu

Further delay is achieved by requiring the time (block height) to be limited.

For example, in a certain token, the restrictions are as follows:

    require（block.number < _allowance）

As the block height increases, users will be unable to transfer when it reaches a certain threshold, realizing Pixiu.

In addition, there are also Pixiu that are realized when the number of transactions reaches a certain threshold. This type of delayed Pixiu can be traded normally in the initial situation if there is no targeted setting when certain contract security detection tools are checked, inducing users to fall into a trap.

How to prevent

In view of the fact that this kind of harvesting method is common in swiping dogs, buyers often pursue efficiency and ignore safety, and we have not yet seen any mature security company launch a special detection tool for this method, so Odaily hereby reminds you that there are For the sake of their own assets, buyers with certain coding capabilities should also go through the contract code (or use tools such as ChatGPT to take a quick look), pay special attention to the selpair contract, and stay away from projects that contain unusual code areas.