Today there are almost 10K tokens circulating in the crypto space, according to CoinMarketCap. How to choose the tokens to invest in among this myriad of options. In this article, you will find some advice on how to minimize the risks of losing assets when investing in crypto. It is not about how to make 10X in a few days/weeks, it’s about how to make sure your assets do not appear in the hands of malicious actors.
The investment decision should be based on 2 main criteria including product value and security (risks of scams and hacks). It is impossible to invest in thousands of tokens simultaneously. You need to significantly narrow this list through the analysis of the token. It should basically include the following activities:
- Do basic research on the product behind a token;
- Check whether there are indications of a scam;
- Try to estimate the project’s cybersecurity.
How to make basic research on a product?
Basic research is your first step in analyzing a token. Follow these recommendations:
- Read the project’s whitepaper and focus your attention on its unique selling proposition, vision, strategy to reach the goals, and token’s use cases;
- Try to find mentions about a project in reputable crypto media such as CoinDesk, CoinTelegraph, Bitcoinist, to name a few;
- Do some research on the team members behind a project: focus on their background, whether they used to run other successful projects, etc.
- Analyze the behavior of the project’s community by viewing its media channels. Check whether they are just interested in making fast profits or want to see a real problem-solving product;
- Listen to the feedback shared by reputable crypto influencers;
How to identify a scam?
Often at their early stages projects do not have a finalized solution. Thus, there is a risk of scams. Namely, a project can collect money from investors and exit the market.
Follow these recommendations to check whether you interact with a reliable player or a scammer:
- Look at the lock-up using Dextools.io. Find your project and click on the Team Lock icon. It is better when there is lock-up since then the risk that the team may exit is lower. However, no lock-up does not mean that the project is rug pull;
- Look at the number of token holders using Etherscan, BscScan, etc. If there are only a few major holders, there is a risk that the exit of one of them can cause a dramatic price drop;
- Analyze the price movement. If there is only a permanent price jump without any serious correction, there is a risk no exit option is available (selling limitation). It is a form of scam whereby only the project’s core team can withdraw assets;
- Analyze the project’s marketing activities for the last few months. If there are only huge promises without any real product or even updates, then the chosen project may be a scam. Also, try to verify whether the promises given by the project are in line with the provisions of the whitepaper.
How to conduct a security analysis?
Even if you are not a cybersecurity specialist, you can check whether your chosen projects meet at least basic security requirements. Follow these steps:
- Look at the audit reports (if available). If a project has critical severity bugs, it is better to avoid interacting with it until these flaws are fixed. If there are no audit reports available, there is a risk that your chosen project underestimates security. Apart from the project’s website, you can find audit reports on the project’s pages on CoinGecko or CoinMarketCap as well as on the auditor’s website;
- Check whether there is an insurance fund. When a project has insurance, users will get their assets back even if it is hacked;
- Check whether a project has an active bug bounty program. It is the indicator of its reliability for investors. This information may be found on the project’s website or its page on CoinGecko;
- If you want to save time and effort, you can use cybersecurity ranking platforms. Such platforms do the research listed above in your stead, checking the availability of insurance and active bounty programs, searching through the audit reports, etc. The rating methodology usually covers all basic security analysis processes mentioned above as well as a few more criteria allowing to ensure that the chosen token has not made any security manipulations.
Thus, instead of spending your time on the analysis of each security component of a project, you will be able to find the project’s security score.
And I have not mentioned a simple but very important recommendation:
Don’t put all your eggs in one basket. This advice is simple as pie but it is of fundamental importance. Due to the market changes or the impact of so-called “black swans”, the product developed by a project may lose its competitiveness. In this case, there are no ways to prevent this risk for a retail investor.