Home/Learn/Due Diligence
Due Diligence12 min readFebruary 15, 2025

The Ultimate Crypto Due Diligence Checklist (Before You Invest)

A 25-point due diligence checklist every crypto investor should complete before putting money into any new token or project. Covers smart contracts, team, tokenomics, liquidity, and community.

'DYOR' (Do Your Own Research) is the most repeated phrase in crypto — but very few investors actually know what that means in practice. This checklist breaks down the 25 specific checks you should complete before investing in any new token. It covers all six pillars of the GoldenBit.ai risk model: smart contracts, tokenomics, team credibility, liquidity, community sentiment, and regulatory compliance.

Smart Contract Checks (8 Points)

  1. 1Is the contract verified on Etherscan/BSCScan? (Unverified = automatic red flag)
  2. 2Has the contract been audited by a reputable firm (CertiK, Hacken, Trail of Bits, OpenZeppelin)?
  3. 3Is the audit recent (within 12 months) and does it cover the current deployed version?
  4. 4Does the contract have a hidden mint function? (Use GoldenBit.ai or TokenSniffer to check)
  5. 5Is contract ownership renounced or held by a timelock?
  6. 6Are there any proxy upgrade patterns? If so, who controls the upgrade key?
  7. 7Does the contract have a blacklist or transfer restriction function?
  8. 8Has the contract been deployed before under a different name? (Check deployer wallet history)

Tokenomics Checks (5 Points)

  1. 1What percentage of supply do the top 10 wallets hold? (>30% is a red flag)
  2. 2Is the liquidity locked? For how long? On which platform?
  3. 3What is the team/founder allocation and vesting schedule?
  4. 4Is there an inflation mechanism? What is the emission rate?
  5. 5Is the total supply fixed or can it be changed by the deployer?

Team & Credibility Checks (4 Points)

  1. 1Are team members doxxed (real identities verifiable)?
  2. 2Do team LinkedIn profiles match their claimed experience?
  3. 3Does the team have a GitHub with consistent commit history?
  4. 4Have any team members been associated with previous failed or fraudulent projects?

Liquidity & Market Checks (4 Points)

  1. 1What is the total DEX liquidity depth? ($100K minimum for small caps)
  2. 2Is trading volume consistent over time, or are there suspicious spikes?
  3. 3Are there signs of wash trading (same wallets buying and selling repeatedly)?
  4. 4What is the buy/sell ratio? A token where sells are blocked is a honeypot.

Community & Sentiment Checks (2 Points)

  1. 1Is community growth organic? Check follower/member join dates for bot waves.
  2. 2Is there genuine discussion about the project's technology, or only price talk?

Regulatory Checks (2 Points)

  1. 1Is the project's legal entity registered and verifiable?
  2. 2Are any associated wallets flagged on OFAC sanctions lists or known scam databases?
GoldenBit.ai automates all 25 of these checks and returns a single risk score in under 30 seconds. Use it as your first filter, then do manual verification on the tokens that pass.

Run the full 25-point checklist automatically on any token in 30 seconds.

// SECURITY_UPDATES

Get Notified When We Publish New Guides

New crypto security guides, rug pull alerts, and DeFi risk analysis — delivered to your inbox. No spam, unsubscribe anytime.

KEYWORDS
crypto due diligence checklisthow to research crypto before investingcrypto investment checklistDYOR cryptocrypto research guide
// RECENTLY_SCANNED_TOKENS

Apply what you just learned — scan these recently analyzed tokens.

FluxProtocol
—/100
MEDIUM RISK
NovaBridge
—/100
MEDIUM RISK
AlphaVault
—/100
MEDIUM RISK
Browse all scanned tokens →
// RELATED_ARTICLES
Scam Detection
How to Detect a Rug Pull Before It Happens
8 min
Scam Detection
What Is a Honeypot Token? How to Detect and Avoid Them
6 min
Due Diligence
How to Read a Smart Contract Audit Report (Even If You're Not a Developer)
10 min