Why can’t I sell my token when others can? GoPlus Security Explains the “Sniper” Token — Modify Personal Tax for Individual Addresses

Recently GoPlus Security received interesting feedback from users, and here is the story. The users have bought a certain asset, and they realized that they could not sell it when it rose to their expected price when everyone else in the group was able to trade it normally.

GoPlus security researchers have gone through this situation and found that it is a “sniper tactic” that specifically targets individual addresses — it modifies taxes on individual addresses. Let’s learn more about this new scam.

1. Definition

Tax change for personal addresses means that the Token contract has a function that can set a specific transaction tax for certain addresses so that the trades on these addresses can not be implemented.

2. Implementation method

Let’s take this reported Token as an example, it has the logic of “change tax for personal address” in its contract code.

SocMoon (BNB chain)0xCF34247c147ee17fd3885ad193a2c9370a13Df6e

We can see that the function of setSfeiyi can set different tax rate values for specific addresses from the screenshot above.

There are already many users whose addresses have been set to a high tax rate by the SocMoon project, and they are basically unsellable.

Take the following transaction as an example https://bscscan.com/tx/0xfca85abbc66744b4bf7065cac9436533a6f41b140fe23374bc58c5bcab5a5014

we can see that for 0x2D40e7922F677204D2C21dcd31aB35C517D1814f, this personal address has been set to a 99% tax rate, and the tokens are basically unsellable.

On a daily basis, it is more likely that large coin holders will be set to a separate high tax rate, resulting in the large holders being unable to sell tokens normally and the project owner is able to withdraw liquidity and rug the profits at any time.

3. How to avoid “Sniper” Tokens?

We recommend that users check the source contract code and see if there is a sniper feature associated with it before buying if they have a dev background or know how to code.

If you do not read code or you want to save time on it, GoPlus’ Token Security Detection API is a good choice, which has already supported this field — personal_slippage_modifiable — in GoPlus V1.1.12.

If the value of this field is 1, that means the contract contains “tax change for personal address”, and this token requires special attention and careful buying. We recommend avoiding buying in large quantities.