Pump.fun Rug Checker Lite is a Pump.fun token safety checker for Solana. It scans newly launched or user-selected token mints before entry and blocks trades when common rug-pull conditions are detected.
The current public version checks four critical on-chain risk signals:
- active mint authority
- active freeze authority
- unlocked liquidity
- high developer wallet concentration
Instead of relying on manual lookups after a token is already moving, this tool puts a fast pre-trade security gate between your strategy and the execution step. If a token fails the configured checks, it is marked as blocked and logged for review.
This repository is useful for:
- Pump.fun traders trying to avoid obvious rugs
- Solana bot builders adding a security filter before execution
- developers building token scanners, snipers, or monitoring systems
- traders who want a local, scriptable alternative to manual rug checks
Most traders lose money on Pump.fun not because they picked wrong — but because they never checked.
Mint authority still active. Liquidity never locked. Dev wallet holding 40% supply. Classic exits.
This script places a security gate between you and the trade button. Before any position opens, it pulls the token's on-chain state and runs it through a red flag matrix. If anything fails — the trade does not execute.
╔══════════════════════════════════════════════════════════════════╗
║ PUMP.FUN RUG CHECKER — SIGNAL FLOW ║
╠══════════════════════════════════════════════════════════════════╣
║ ║
║ New Token Detected ║
║ │ ║
║ ▼ ║
║ ╔═══════════════╗ RPC Call ╔═══════════════════╗ ║
║ ║ Token Mint ║ ───────────────► ║ On-Chain State ║ ║
║ ║ Address ║ ║ (Solana RPC) ║ ║
║ ╚═══════════════╝ ╚═══════════════════╝ ║
║ │ ║
║ ▼ ║
║ ╔══════════════════╗ ║
║ ║ Red Flag Matrix ║ ║
║ ╠══════════════════╣ ║
║ ║ ✗ Mint Authority ║ ║
║ ║ ✗ Freeze Authority║ ║
║ ║ ✗ Liquidity Lock ║ ║
║ ║ ✗ Dev Allocation ║ ║
║ ╚══════════════════╝ ║
║ │ ║
║ ┌───────────────────┴──────────────┐ ║
║ ▼ ▼ ║
║ ╔══════════════╗ ╔══════════╗ ║
║ ║ 🚫 BLOCKED ║ ║ ✅ PASS ║ ║
║ ║ Log + Skip ║ ║ Trade ║ ║
║ ╚══════════════╝ ╚══════════╝ ║
╚══════════════════════════════════════════════════════════════════╝
═══════════════════════════════════════════════════════════════
PUMP.FUN RUG CHECKER — TOKEN SCAN REPORT
UTC: 2026-03-12 14:22:07.441
═══════════════════════════════════════════════════════════════
Token : $ZORP
Mint Address : 7xKj...mPqR
Age : 00:03:12 since launch
───────────────────────────────────────────────────────────────
CHECKS RUNNING...
[✗] Mint Authority — NOT RENOUNCED ← HARD BLOCK
Authority: 9mLz...devWallet
Status : Active. Dev can mint unlimited supply.
[✗] Freeze Authority — ACTIVE ← HARD BLOCK
Dev retains ability to freeze any holder wallet.
[✓] Liquidity Status — Seeded ($4,210 USDC)
Warning: Pool not time-locked. Pullable at any time.
[✗] Dev Allocation — 38.4% supply held by 1 wallet
Wallet: 9mLz...devWallet (same as mint authority)
───────────────────────────────────────────────────────────────
RESULT : ███ BLOCKED — 3 CRITICAL FLAGS ███
ACTION : Trade cancelled. Token logged to rug_log.csv
ELAPSED : 112ms
═══════════════════════════════════════════════════════════════
PUMP.FUN RUG CHECKER — TOKEN SCAN REPORT
UTC: 2026-03-12 14:22:51.009
═══════════════════════════════════════════════════════════════
Token : $KAIRO
Mint Address : 3pRt...nX92
Age : 00:01:44 since launch
───────────────────────────────────────────────────────────────
CHECKS RUNNING...
[✓] Mint Authority — RENOUNCED (null authority)
[✓] Freeze Authority — DISABLED
[✓] Liquidity Status — Locked (Streamflow, 180d)
[✓] Dev Allocation — 4.1% across 3 wallets
───────────────────────────────────────────────────────────────
RESULT : ✅ PASS — 0 CRITICAL FLAGS
ACTION : Forwarding to trade executor
ELAPSED : 89ms
═══════════════════════════════════════════════════════════════
Most traders learn these the hard way. This script checks them before entry.
| Red Flag | What It Means | Why It's Lethal |
|---|---|---|
| Non-Renounced Mint Authority | Dev wallet can mint new tokens at will | Supply dilution wipes your position instantly |
| Active Freeze Authority | Dev can freeze your wallet from transferring | You literally cannot sell when the dump starts |
| Unlocked Liquidity | LP tokens not time-locked | Dev pulls pool in one transaction, price → $0 |
| Dev Concentration > 20% | Single wallet holds massive supply | One sell order crashes the chart |
The tools people use today are either too slow, too expensive, or not built for pre-trade automation.
| Tool / Approach | Pre-Trade Blocking | Mint Auth Check | Freeze Auth Check | LP Lock Check | Code-Native (No UI Required) | Cost |
|---|---|---|---|---|---|---|
| Pump Fun Rug Checker Lite | ✅ | ✅ | ✅ | ✅ | ✅ | Free (public) |
| RugCheck.xyz | ❌ Manual lookup | ✅ | ✅ | ✅ | ❌ Web only | Free |
| BullX Neo | ❌ Alert only | ✅ | ❌ | Partial | ❌ Platform UI | $99–$299/mo |
| Dexscreener Alerts | ❌ | ❌ | ❌ | ❌ | ❌ | Free / Pro |
| Generic Solana scanners | ❌ | Partial | ❌ | ❌ | ✅ | Varies |
| Manual RPC inspection | ❌ Too slow | ✅ | ✅ | ✅ | ✅ | Time = money |
| Full Private Build | ✅ 14-vector | ✅ | ✅ | ✅ + velocity | ✅ + auto-exec | Contact |
The gap between a web dashboard and an automated pre-trade gate is the difference between seeing the rug and being in it.
Prerequisites: Python 3.11+, a Solana RPC endpoint (Helius or QuickNode recommended), basic familiarity with virtual environments.
Step 1 — Clone the repository
git clone https://github.com/Rezzecup/pump-fun-rug-checker-lite.git
cd pump-fun-rug-checker-liteStep 2 — Create and activate a virtual environment
python -m venv venv
source venv/bin/activate # Windows: venv\Scripts\activateStep 3 — Install dependencies
pip install -r requirements.txtStep 4 — Configure your RPC endpoint
# Option A: Use .env (recommended — keeps key out of config)
cp .env.example .env
# Edit .env and add: SOLANA_RPC_URL=https://mainnet.helius-rpc.com/?api-key=YOUR_KEY
# Option B: Or edit config.yaml directly
cp config.example.yaml config.yaml
# Edit config.yaml with your RPC URL and check thresholdsStep 5 — Run in paper mode first (no real trades executed)
python checker.py --mode paperThis runs a demo scan (BONK token) by default. To test the BLOCKED flow:
python checker.py --demo-blockedTo scan a specific token:
python checker.py --mode paper --mint <TOKEN_MINT_ADDRESS>
⚠️ Always validate logic against paper mode before connecting a live wallet. The scanner blocks suspicious tokens — verify the block logic matches your own risk tolerance before going live.
Run all workflows to verify the project:
# From project root: run full verification (creates venv if needed)
chmod +x verify_workflows.sh && ./verify_workflows.shManual verification commands:
| # | Workflow | Command |
|---|---|---|
| 1 | Help | python checker.py -h |
| 2 | Default demo (BONK, paper) | python checker.py --mode paper |
| 3 | Explicit demo pass | python checker.py --demo |
| 4 | Demo blocked (USDC) | python checker.py --demo-blocked |
| 5 | Scan specific token | python checker.py --mode paper --mint <MINT> --symbol <SYMBOL> |
| 6 | Empty mint (must error) | python checker.py --mint ' ' |
| 7 | Custom config | python checker.py --config config.yaml |
| 8 | Log level | python checker.py --demo --log-level DEBUG |
# config.yaml — Pump Fun Rug Checker Lite
rpc:
endpoint: "https://your-rpc-endpoint.helius.xyz/v1" # Helius / QuickNode recommended
timeout_ms: 5000 # RPC call timeout
scanner:
mode: "paper" # "paper" (log only) | "live" (execute trades)
scan_interval_ms: 500 # How often to poll for new Pump.fun tokens
checks:
block_on_active_mint_authority: true # CRITICAL — always keep true
block_on_active_freeze_authority: true # CRITICAL — always keep true
block_on_unlocked_liquidity: true # Blocks if LP has no time-lock
max_dev_allocation_pct: 20 # Block if single wallet holds > 20%
logging:
output_file: "rug_log.csv" # All blocked tokens are logged here
log_level: "INFO" # DEBUG for verbose RPC response loggingThe codebase is optimized for minimal latency and memory efficiency:
- Batch RPC — Single HTTP round-trip fetches mint account, largest holders, and token supply (3 calls → 1).
- Parallel execution — RPC batch and DexScreener liquidity check run concurrently.
@dataclass(slots=True)— Check and scan result models use slots to reduce memory.- Session reuse —
requests.Sessionfor connection pooling across RPC and DexScreener. - Supply shape fallback — Handles both
{value}and direct value object for RPC variance.
v0.1.x — Shipped ✅
- Mint authority renouncement check
- Freeze authority detection
- Basic liquidity status read
- Dev allocation percentage scan
- Paper mode with CSV logging
v0.2.x — Active Development 🔨
- Wallet clustering (detect dev wallet distribution across aliases)
- Token velocity filter (flag tokens with abnormal buy-bot activity)
- Multi-token concurrent scanning (thread pool)
- Streamflow + Raydium LP lock verification
v0.3.x — Planned 🔜
- Telegram alert integration for flagged tokens
- Historical rug pattern matching (ML classifier)
- Auto-export to Google Sheets dashboard
- Webhook support for external trade executor integration
Features marked 🔨 and 🔜 are in private development on the full build. Public releases are scoped to the detection core only.
The public repo contains the 4-check detection skeleton.
The private build is a different class of tool:
PUBLIC REPO PRIVATE BUILD
──────────────── ──────────────────────────────────
4 red flag checks 14-vector security scan
~110ms avg latency < 80ms avg (async RPC batching)
Manual trigger Auto-monitors all new Pump.fun mints
CSV log only Telegram alerts + dashboard export
No trade exec Integrated trade executor w/ kill switch
No clustering Dev wallet cluster detection
No velocity Token velocity + buy-bot fingerprinting
This is for serious traders who are tired of being the exit liquidity.
| Profile | Situation |
|---|---|
| 🎯 The Systematic Degen | You trade Pump.fun daily, you've been rugged more than once, and you're done relying on gut feel for security checks |
| ⚙️ The Python-Native Trader | You already run scripts for sniping or monitoring — you need security logic that plugs directly into your existing stack |
| 🏦 The Risk-First Operator | You manage capital for others, or your own meaningful capital, and a single rug could end your run — you need automated gates, not manual checks |
| 🔬 The Builder | You're building a Pump.fun bot and need a battle-tested security module you don't have to write from scratch |
GitHub: @Rezzecup
When you reach out, mention three things so I can respond meaningfully:
- Your current setup — what you're already running (snipers, monitors, manual)
- Your specific gap — which red flag or latency issue is costing you most right now
- Your volume — approximate daily trade count or capital deployed on Pump.fun
I respond to people who are already in the game, not people who are curious about it.
Built with: Python 3.11 · Solana solders · requests · PyYAML
Pump.fun moves fast. Your security layer should move faster.
