What is a honeypot crypto token?

A honeypot is a malicious ERC-20 or SPL token with logic that lets users buy but blocks them from selling. The contract may revert sell transactions, charge a 100% sell tax, or restrict transfers to whitelisted addresses controlled by the deployer. Buyers see a token in their wallet but can never get value out.

How do I detect a honeypot before buying?

Static and dynamic checks both work. Static analysis examines the contract bytecode for sell-blocking logic, ownership traps, and tax mechanisms. Dynamic analysis (used by GoPlus) simulates a buy followed by a sell on a fork of the chain to confirm the sell succeeds. Hive's get_token_security tool runs the GoPlus check inline and returns a structured honeypot flag.

Are honeypots common?

Yes — especially on chains and DEXes with low listing friction. Any AI agent that recommends token buys should include a honeypot check or clearly explain that it has not verified sellability.

What does Hive return for a honeypot check?

Hive's get_token_security tool returns the GoPlus security report including is_honeypot (boolean), buy_tax, sell_tax, transfer_pausable, can_take_back_ownership, owner_change_balance, and other fields. The agent reads is_honeypot and the tax values to decide whether to recommend the token.

Open Dashboard

What is a honeypot token?

Written by Hive Intelligence, Product docsLast updated May 31, 2026

A honeypot token is a malicious smart contract that lets users buy the token but blocks them from selling — trapping their funds.

The mechanism varies. Common patterns:

The transfer function reverts when the sender is anyone other than the deployer
The sell tax is set to a value approaching 100%, making the swap economically pointless
The token uses a whitelist that only includes the deployer's addresses
A pause flag freezes transfers selectively

The user sees the tokens in their wallet, watches the price chart go up, and only realizes the trap when they try to exit.

Why agents must detect them

An AI agent that recommends token buys without a honeypot check creates avoidable risk. Dedicated token-security checks help the agent verify sellability, tax behavior, owner controls, and pause flags before it suggests a swap.

Hive exposes honeypot detection as a first-class MCP tool — get_token_security — that runs the GoPlus check and returns a structured response. The agent reads the is_honeypot flag before suggesting any swap, then uses the tax and ownership fields to decide whether the token still needs a warning.

What to do with the result

If is_honeypot is true, the agent should stop the trade flow and explain that the token cannot be sold safely. If the flag is false but sell tax, ownership, or pause controls look dangerous, the agent should still warn the user instead of treating the token as clean.

Why agents must detect them

What to do with the result

Related terms