The Ethereum Name Service (ENS), a protocol that sells nonfungible tokens (NFTs) of domains representing wallet addresses, generated buzz within the crypto community in November after it airdropped tokens to its users.
Those who claimed the tokens earned governance rights over the ENS and can vote on future decisions regarding the protocol.
It was so well received that it prompted other Ethereum projects to airdrop tokens too. Though airdrops aren’t new, they’ve recently become increasingly common.
In an airdrop, projects distribute tokens to specific investors’ wallets. In some situations, like with the ENS, projects airdrop tokens to those who have used their product. Other times, projects airdrop tokens to potential investors in hopes of marketing their product.
The process of receiving the airdropped tokens can differ too. Sometimes, investors must choose to accept the tokens by claiming them, while other times, investors cannot reject the airdrop and tokens are automatically dropped in their wallets.
The ENS airdrop seems legitimate, as the ENS has existed for years and it required investors to vote on a “foundational ENS governance constitution” that detailed the authority of holders before claiming their tokens.
But airdrops are often used by crypto scammers. In some cases, they may try to airdrop fictitious tokens to an investor’s wallet to prompt them to visit a phishing website.
It can be difficult to tell whether an airdrop is safe or not, and investors should be cautious. Before claiming airdropped tokens or interacting with any that may have landed in your wallet, there are a few things to do first.
1. Do your research
If you have the option to claim airdropped tokens, you should first look into the project distributing and see whether it has a viable product.
Even if the airdropped token is safe to claim, its project may be designed to benefit a select few founders or core contributors. Details about a drop and its project can be found in its code, on its website or via its social media. Look into a project’s fundamentals and what it proposes before connecting your wallet to its website.
Both the OpenDAO and Gas DAO, two Ethereum-based projects, recently airdropped tokens, which quickly surged in value before declining. While the airdrops garnered excitement from some, others expressed concern, saying the projects behind the tokens lacked product development, utility and had security risks. This isn’t uncommon.
If tokens land in your wallet through an airdrop you didn’t initiate, it’s best to wait before engaging. Some airdrops may prompt you to visit a website to sell or swap the tokens, but there’s a possibility it’s a phishing attempt to access your wallet and funds.
2. Look out for red flags
When researching, there are a few common red flags to be aware of, many of which can be seen when analyzing a project’s smart contract, which are collections of code that carry out a set of instructions on the blockchain.
For one, if a project lacks on-chain security to protect funds, its founders or developers might be able to control the movement of funds. This commonly happens in “pump and dump” or “rug pull” schemes, where developers abandon a project and leave with investors’ funds.
In addition, it might be a bad sign if a project airdropping tokens doesn’t have a product, plan, governance outline or other things of that nature. Claiming tokens now with the promise of being told details later can be dangerous.
While this can sometimes also be the case for early crypto projects, where there isn’t any malice, it’s worth keeping in mind.
Project founders should be somewhat receptive to answering questions on Discord or Twitter, especially if people are calling out potential issues or concerns. If they aren’t, that can be a red flag as well.
Another is if a project charges a fee when you try to swap or sell the tokens, or simply doesn’t allow you to swap or sell at all.
3. Check out the smart contract
Smart contracts are essential for most crypto-based projects to run. Although they can be quite technical, it’s worth checking out the smart contract behind a project, or asking someone knowledgeable about the space to do so.
If there is an issue with a developer’s code, intentionally or not, then there could potentially be weaknesses within the project.
Read full story on CNBC