Coinbase introduces an innovative ERC-20 Scam Token Detection System. By combining smart contract auditing with machine learning prediction, the system can detect both known and unknown scam types. While Coinbase already has robust processes to review assets for listing on the Coinbase exchange, the detection models described here for the broader ecosystem have also enabled significant recovery of user funds and improved scam token filtering by a factor of approximately 2x within Coinbase Wallet, ensuring a safer and more reliable crypto experience.
Scam Tokens, The Rising Challenge
In the ever-expanding world of cryptocurrency, the thrill of investment and the promise of innovation can sometimes be overshadowed by the emergence of scams, especially with new and unverified tokens. Scammers are becoming increasingly sophisticated, employing a wide array of tactics to defraud unsuspecting investors. At Coinbase, we work hard to strengthen trust and safety in the crypto ecosystem. Our ERC-20 Scam Token Detection System aims to identify and filter out these fraudulent tokens, ensuring enhanced security and confidence for our users.
Within the identified scam examples, there are two well-known types worth mentioning: Honeypots and Internal Fees. A Honeypot scam is a deceptive trap set by bad actors to lure and trap cryptocurrency investors. For instance, an investor named Sarah who bought into the "XYZ Token" (a fictional name used for illustrative purposes) might discover that hidden functionalities in the token prevent her from selling or transferring it, leaving her with worthless assets. Such scams are not only financially damaging but can also erode trust in the entire ecosystem. Similarly, Internal Fee scams involve hidden or unusually high fees during transactions. A user like Tom might experience this when transferring "ABC Token" (a fictional name used for illustrative purposes) to another wallet, only to find that a significant amount has been deducted without transparent disclosure. This loss can be both shocking and financially crippling.
Evolving scams present a continuous challenge, with countless new types emerging every day that might not fall into exact categories or might be a mix of different fraudulent practices. Some tokens might even perform a "rug pull" after appearing legitimate, suddenly withdrawing all liquidity and rendering the token worthless. The rising challenge of scam tokens underscores the need for vigilance and robust detection mechanisms. Classic scams like Honeypots and Internal Fees are just the tip of the iceberg, and Coinbase's commitment to security through the ongoing development of the ERC-20 Scam Token Detection System demonstrates our dedication to protecting users from these ever-changing threats.
Scam Token Detection System
Coinbase has developed an innovative solution to tackle the ever-evolving threats posed by fraudulent ERC-20 tokens: the Scam Token Detection System. This system incorporates two robust strategies to ensure user safety by pinpointing both recognized and emerging scams.
Smart Contract Auditing: By meticulously examining the integrity of tokens through smart contract audits, Coinbase is able to identify and filter out known scam types that continuously add to our database. Simulations replicate various scenarios to facilitate the detection of identified scams, such as Honeypots and Internal Fees, based on predefined criteria. This step allows us to interact with smart contracts, mitigating the risk of fraud by excluding tokens associated with known malicious activities. Smart contract auditing thus plays a critical role in proactively defending against classic scams, capturing and cataloging them for future reference.
Machine Learning Prediction: Alongside smart contract auditing, our system employs a machine learning framework, focusing on unknown scam types where abnormal activity patterns are detected. For example, if a concentrated group of accounts exhibits unusual patterns in time-series transactions, diverging from typical token behaviors, it might hint at abnormal activity indicative of unknown scam types. Since all transactions are recorded on-chain, unusual user behavior or transactional irregularities may indicate deceptive practices. By streamlining the process of choosing the most effective machine learning model for daily retraining, our system spots these irregularities, acting like an abnormality detection mechanism. This approach enhances the scam detection capability, safeguarding against potential, unidentified scams that may manifest in abnormal userbases or transactions.
This combination of smart contract auditing and machine learning prediction allows for a comprehensive and accurate scam detection. By identifying both known fraudulent practices and actively monitoring for new and unusual patterns, Coinbase's Scam Token Detection System leads to a more secure and trustworthy list of ERC-20 tokens, reinforcing our commitment to protecting users in the dynamic landscape of cryptocurrency.
What does it all mean for you?
Our Scam Token Detection System isn't just a high-tech safeguard; it translates into tangible benefits for our users. The whitelist of trusted tokens plays a crucial role in launching Coinbase's asset recovery service for unsupported ERC-20 tokens. This innovation has already enabled users to recover almost 4,000 unsupported yet whitelisted ERC-20 tokens. See more details in this blog.
Moreover, in our ongoing effort to protect users, we've implemented a feature to hide scam/spam tokens within the Coinbase Wallet. This strategic approach, integrated with our broader detection system, has significantly enhanced our capacity to filter out spam tokens. We observe a 2x increase in spam token filtering, providing a cleaner, safer, and more user-friendly experience for all our customers.
Together, these advancements underscore Coinbase's commitment to user security and our continuous innovation in the field of cryptocurrency. With the Scam Token Detection System, you can invest and transact with increased confidence, knowing that Coinbase is vigilantly working to keep your assets secure.