Guide 2026-05-03

RektRadar Discord bot - free Ethereum scam detector for your community

Drop any Ethereum address in Discord, get an instant risk report: honeypot check, deployer history, 52 on-chain flags. Free, no signup, runs in your server.

The pattern is always the same. Someone drops a contract address in the trading channel. Three people ape in. Two minutes later, somebody else screenshots an Etherscan tab. Five minutes after that, the LP gets pulled. The community has just funded a deployer who shipped 14 identical rugs in the last 90 days, and the only thing missing was a 10-second sanity check before the first buy.

The RektRadar Discord bot fixes that single gap. Anyone in your server types /scan <address> and the bot replies with a risk score, the specific on-chain flags that triggered, and the deployer’s track record - in under 10 seconds, no signup, no wallet connection, no out-of-channel browsing.

This post covers what the bot does, how to add it to your server, the four commands it ships with, three live scan examples (a legit token, a confirmed scam, a honeypot), and the 52 risk flags it surfaces.

Why a Discord bot for ethereum scam detection

Crypto Discord servers are where the buy decision actually happens. By the time someone tabs out to Etherscan, then to dexscreener, then to a third-party scanner, the conversation has moved on and the trade has already been placed. Friction kills the safety check.

A bot living inside the channel inverts that. The address is right there in the chat, the bot reply is right under it, the verdict happens in the same scroll. Three people ape in becomes three people read “Risk score 92 / Honeypot detected / Deployer rugged 14 contracts in 90d” and walk away.

The bot is not a different scanner from the web app - it is the same pipeline behind rektradar.io, exposed as a Discord interaction. Every scan you trigger from Discord is the same analysis the web app runs: source verification, bytecode pattern matching, honeypot simulation, deployer graph lookup, mempool history. The difference is purely where the answer lands.

Add it to your server

One click, no configuration:

Add RektRadar bot to your Discord →

The OAuth2 invite asks for two scopes:

  • bot - the minimum permission to post messages and embeds in the channels you grant it
  • applications.commands - required for slash commands to register

It does not ask for, and does not need: message-history reads, member-list access, voice channels, role management, kick/ban, or any DM-write permission. It is a strictly request-response bot. You speak to it, it answers in the same channel, end of interaction.

If you just want to try it before installing, join the RektRadar server where the bot is already active in the #general channel.

The four commands

/scan <address>

The headline command. Pass any Ethereum contract address, get back an embed with:

  • Token name and symbol (resolved on-chain, not from CoinGecko)
  • Risk score 0-100 - anything above 70 is an active scam
  • Triggered flags - the specific on-chain patterns that fired (honeypot, deployer reuse, hidden mint, etc.)
  • Deployer summary - how many contracts this wallet has shipped, how many have already rugged
  • Direct link to the full report on app.rektradar.io for the long-form view

The bot accepts both checksummed (0x6982508145454CE325DDBE47A25D4EC3D2311933) and lowercase addresses. The reply is ephemeral if you trigger it in a public channel, so you don’t spam the chat by accident.

/recent

Lists the most recently flagged scam contracts. Useful for keeping a passive eye on what is being shipped right now. The bot pulls from the same backend that powers the scam hub pages on the web app, so it stays in sync with everything else.

/stats

Returns the scam detection counters: how many contracts were analyzed in the last 24 hours, how many were flagged as scams, how many honeypots were detected. Good copy material for your community summary tweets.

/help

Lists every command the bot exposes, with a one-line description for each.

Three live scan examples

Example 1 - Legit token, low score

/scan 0x6982508145454ce325ddbe47a25d4ec3d2311933

Returns: Pepe / score 3 / SAFE. PEPE is the largest meme token by market cap, fully verified, owner renounced, LP burnt, deployer history clean. Three points are deducted for “high holder concentration” which is intrinsic to any meme token, but no honeypot pattern, no hidden mint, no sandwich-attack contract. Three on-chain checks confirm the same thing the rest of the market already priced in.

Example 2 - Confirmed scam, score 90+

Most freshly rugged tokens score 90+ within seconds of their LP-pull transaction. The risk flags array typically reads:

["honeypot_simulation_failed",
 "deployer_rugged_history",
 "lp_pulled",
 "owner_not_renounced",
 "tax_owner_swappable"]

Each of those is one of the 52 detection signals (more on those below). The deployer line shows something like “Wallet 0x… shipped 12 contracts, 11 rugged within 72h.” Hard to argue with that.

Example 3 - Honeypot

The bot’s most useful single check is the sell-side simulation. It sends a synthetic sell transaction through the actual DEX router and checks whether the trade would revert. If buys succeed but sells revert, the contract is a textbook honeypot regardless of how the source code looks.

The reply for an unverified honeypot is typically: score 95 / “honeypot_simulation_failed” / “unverified_contract” / “sandwich_pattern”. The user gets the verdict, the deployer’s other contracts are listed (which usually exposes a serial honeypot operator), and the channel moves on without anyone losing money.

The 52 risk flags, briefly

The bot’s risk score is a weighted sum of 52 individual signals, grouped into seven categories:

  1. Source code - verification, owner renunciation, mint without cap, blacklist function, pausable transfer, hidden tax setter
  2. Liquidity - LP locked / burnt, lock duration, deployer’s share of LP, LP age, multi-pool dispersion
  3. Trading - honeypot sell simulation, max-tx limits, max-wallet limits, transfer cooldown, anti-bot whitelist
  4. Deployer - wallet age, prior contract count, rugged contract ratio, funding source (CEX vs Tornado), bytecode similarity to known scam clusters
  5. Holders - top-10 concentration, dev-wallet share, non-LP whale wallets, suspicious cluster overlap
  6. Mempool - pending sandwich attacks, MEV bot front-running, frequency of cancelled txs from the deployer
  7. External - CoinGecko match (helps detect brand-jacking), social mentions vs token age, similar-symbol scam history

Each flag is documented on the signals page. The bot’s embed shows you which flags fired, not the full 52 - only what is actually wrong with the contract.

If you want the full taxonomy, How to detect an Ethereum scam token walks through the seven highest-signal flags in detail with the on-chain evidence for each.

FAQ

Is the bot free?

Yes, every command is free. There is no rate limit per user beyond Discord’s own slash-command limits.

How fresh is the data?

A /scan triggers a live analysis if the contract has not been scanned in the last 15 minutes. If it has, you get the cached result, which is still typically minutes old. Mempool flags update every block.

Does the bot read messages or DMs?

No. The bot only sees its own slash-command invocations. It does not request read_messages, does not log channel content, and does not store anything beyond the address you explicitly ask it to scan.

Can I get an API for this?

Yes - the same backend is exposed at app.rektradar.io/api. The bot is just one consumer; if you want to integrate the scanner into your own tools, the REST endpoints are public.

What if the contract is not on Ethereum?

Mainnet Ethereum only for now. L2 support (Base, Arbitrum, Optimism) is on the roadmap, with the same pipeline being ported as the bytecode similarity database grows there.

How do I report a missed scam?

Open an issue on github.com/mik3fly-lab/rektradar-discord with the contract address. Detection rules are added to the analyzer behind it, not to the bot itself, so a fix benefits every consumer of the API.

Putting it together

A Discord bot does not replace doing your own research. It compresses the 30-second sanity check into a 10-second one and brings it inside the channel where the buy decision is forming. Most rugs are detectable five minutes before retail apes in. The point of the bot is to make sure five minutes before is also five seconds before someone hits buy.

Add RektRadar to your Discord →

If you want the same scanner on the web, paste any contract into rektradar.io. Same pipeline, same flags, same risk score - just rendered as a full report instead of a Discord embed.

Got a token to scan? Open the app or add the bot.