Lesson 8 — The complete pre-purchase research walk-through
Course closing. The 30-minute checklist combining everything from Lessons 1–7, applied to any new token before allocation.
Seven lessons of on-chain literacy compose into a practical workflow. This final lesson is the checklist — the questions to run, in order, before allocating to any token you've heard about for the first time. Applied consistently, it takes about 30 minutes per token and catches most of the structurally dangerous patterns the previous lessons covered. Lessons 5–7's red-flag patterns are the highest-yield checks, but the full walk-through is what separates rigorous research from glance-and-allocate.
**Step 1 — Find the contract address.** Get the canonical contract address from a source you trust (CoinGecko, CoinMarketCap, the project's official site reached through a bookmark or search). Don't trust addresses from Telegram, Discord DMs, or links in social media unless they cross-check against an independent source. This step alone prevents the 'fake-token' scam where the user buys a token at the same name but a different address.
**Step 2 — Verify contract verification.** Open the contract on Etherscan (or the relevant chain's explorer). Is it verified? If not, that's a near-disqualifying yellow flag for a token marketed as legitimate — request justification before proceeding. If verified, click through and read the source code in full. Look for the ten red-flag patterns from Lesson 5: mint function, blacklist, hidden admin transfers, pausable without timelock, mutable fee-on-transfer, LP not locked, theatrical ownership renunciation, function-selector mismatches, suspicious external calls, anti-bot honeypot logic. Score the composite.
**Step 3 — Check the proxy / implementation distinction.** Is the contract a proxy? If so, navigate to the implementation address and run the same source-code review on the implementation. The proxy's admin function tells you who can upgrade the implementation, and on what timelock — load-bearing facts.
**Step 4 — Check holder distribution.** Use the explorer's 'Holders' tab. What percent does the top 10 wallets control? What about top 100? A top-10 concentration above 50 percent is high risk for retail buyers; above 70 percent is structurally insider-controlled. Cross-reference with the LP token: who holds the liquidity? If it's not locked in a third-party locker or burned, the deployer can pull it.
**Step 5 — Trace funding sources of top holders.** Click through the top 5–10 holder wallets to their transaction history. When did each receive its first funding? From what source? Multiple top-holder wallets funded by the same source on the same day is the insider-cluster fingerprint. Recently-created top wallets with no organic prior history are suspicious. Established wallets with years of independent activity are reassuring.
**Step 6 — Run the wash-trading screen.** Pull the token's recent DEX volume. Are the sizes round numbers? Are the times clustered? Are the trading pairs the same few addresses? If you have access to Dune, run or find a wash-trading-screened volume number. If you don't, check the project's reported volume against the on-chain Swap event count and the unique trader count — wash-traded tokens typically show very high volume from very few traders.
**Step 7 — Check the LP.** Find the AMM pool address (usually visible from a DEX router transaction in the token's history, or by checking DexScreener / DexTools). Who holds the LP tokens? An LP held in a known locker (Unicrypt, Team Finance) for a known lock-period is much better than an LP held in a deployer wallet. Check the lock expiration date if applicable.
**Step 8 — Audit and team.** Has the contract been audited? By whom? On the current commit? Any High or Critical findings? Is the team named and reachable? An anonymous team isn't disqualifying on its own but requires the other signals to be strong to compensate.
**Step 9 — Cross-reference dashboards.** If a Dune dashboard exists for the token, click through to the queries. Are the parameters defensible? Cross-reference with at least one independent dashboard if available. Read TVL, volume, and active-user numbers across multiple sources before believing any single one.
**Step 10 — Size the position to the composite signal.** All the previous steps surface signal; the position size is what reflects it. A token passing every step with greens deserves a defensible allocation. A token with multiple yellow flags deserves a small position or none. A token with any red flag from Lesson 5's checklist (active mint, hidden admin transfers, fully-controlled liquidity, mismatched selectors) should be a hard refusal regardless of any other positive signal.
**Time budget.** The full walk-through takes 25–45 minutes for an unfamiliar token. For tokens you're considering allocating meaningful capital to, the time is well-spent. For tokens you'd put a trivial amount into for curiosity, you can skip steps 5–9 and rely on the Lesson 5 contract scan plus the LP check. Most catastrophic losses to scam tokens would have been prevented by Lessons 5 and 7 alone — those are the highest-yield checks if you're triaging the workflow.
**Course closing.** Eight lessons in, you have the toolkit: block-explorer reading, mempool literacy, signature decoding, proxy/implementation distinction, contract-red-flag pattern recognition, dashboard skepticism, wash-trading and insider-pattern detection, and this complete pre-purchase walk-through. The toolkit doesn't tell you what to allocate to. It tells you how to verify rather than trust. The crypto information environment is full of marketing, paid coverage, coordinated narratives, and outright deception; the on-chain data is the source of truth that lets you cut through it. Applying these skills consistently is the single biggest improvement most retail crypto users could make to their decision-making.
Example
Run the full walk-through on a hypothetical new launch. (1) Contract address verified via CoinGecko's listing — green. (2) Contract verified on Etherscan; reading the source: mint function exists with `onlyOwner` and no cap (red), no blacklist (green), pausable with no timelock (yellow), 5 percent fee-on-transfer with mutable rate (red), LP not locked at lookup (red), ownership not renounced (yellow). Composite from Lesson 5: 3 red flags, 2 yellow flags — fail. (3) No proxy. (4) Top 10 holders control 81 percent of supply — red. (5) Top 5 wallets funded from a single source 3 days before launch — insider cluster, red. (6) Reported $10M daily volume with only 47 unique traders — wash-traded, red. (7) LP in deployer wallet, no lock — red. (8) No audit, anonymous team — yellow. (9) No independent Dune dashboard exists. (10) Composite: catastrophic profile. Position size: zero. The walk-through took 32 minutes; it prevented a likely 100 percent loss. The same walk-through on a real established protocol (e.g., a major DEX governance token) would yield mostly greens with a few legitimate yellows and justify a defensible allocation.
Common mistakes
- Skipping the walk-through 'for small positions.' The discipline of running it builds the pattern-recognition that scales.
- Treating any single yellow flag as fatal. The composite is the signal; isolated yellow flags are common in legitimate tokens.
- Treating multiple red flags as recoverable. The patterns compound; three red flags from Lesson 5 are categorically disqualifying.
- Stopping at the contract source. Holder distribution, LP, and insider clustering are independent signals that the source code alone doesn't reveal.
- Failing to re-run the walk-through periodically on positions you hold. Tokens change — admin functions get called, LPs get unlocked, insider distributions happen. Quarterly re-check is the discipline for meaningful positions.
Check your understanding
You're considering a position in a new token. Your 30-minute walk-through surfaces: contract verified (green), mint function with no cap and active owner (red), 5 percent mutable fee (red), top 10 holders control 81 percent of supply funded from a single source 3 days pre-launch (red), LP held by deployer wallet with no lock (red), reported high volume from 47 unique traders suggesting wash trading (red), no audit, anonymous team (yellow). What is the most defensible position size?
Key terms covered
Sources & further reading
- Primary
- PrimaryDexScreener
Real-time DEX data with token-specific dashboards.
- Primary
- Secondary
- Secondary
We prioritise primary sources. Where a topic moves quickly (regulation, security incidents), we re-check sources on the cadence shown by the page's "Next review" date.