This repository contains two on-chain data projects:
- Solana (NEW): Pump.fun Launch Radar + Rug-Risk Scanner
- Ethereum (Legacy): The Graph subgraph for CryptoPunksMarket
The goal of the Solana project is to detect new Pump.fun token creations in near real-time and generate an explainable, heuristic "rug-risk" report (mint/freeze authorities, holder concentration, metadata presence). It is designed as a practical, production-ready indexing pipeline: webhook ingestion, idempotency, async processing, persistence, and an API for consumers.
Before you begin, ensure you have the following installed on your machine:
-
Node.js (version 20 or higher)
- Download from: https://nodejs.org/
- Verify installation:
node --version
-
npm (comes with Node.js)
- Verify installation:
npm --version
- Verify installation:
-
Git (for cloning the repository)
- Download from: https://git-scm.com/
- Verify installation:
git --version
# 1. Clone the repository
git clone https://github.com/Keya-Moradi/Cryptopunk.git
cd Cryptopunk/solana-pump-radar
# 2. Install dependencies
npm install
# 3. Set up your environment variables
cp .env.example .env
# 4. Edit the .env file with your configuration
# You'll need:
# - A Solana RPC URL (get free tier from Helius, QuickNode, or Alchemy)
# - A webhook secret (generate with: openssl rand -hex 32)
# 5. Set up the database
npm run db:generate
npm run db:migrate
# 6. Start the development server
npm run dev
# 7. In a new terminal, test the webhook (optional)
npm run replayYour server should now be running at http://localhost:3000!
# 1. Clone the repository (if not already done)
git clone https://github.com/Keya-Moradi/Cryptopunk.git
cd Cryptopunk/liveatethglobalwaterloo
# 2. Install dependencies
npm install
# 3. Follow The Graph documentation for deployment
# See: https://thegraph.com/docs/- Node.js 20+ installed
- Repository cloned
- Dependencies installed (
npm install) - Environment variables configured (
.envfile) - Database migrations run (
npm run db:migrate) - Server running (
npm run dev) - Tested webhook endpoint (optional:
npm run replay)
Issue: "npm: command not found"
- Solution: Install Node.js from https://nodejs.org/
Issue: "Port 3000 already in use"
- Solution: Change the
PORTin your.envfile to a different port (e.g., 3001)
Issue: Database migration fails
- Solution: Delete
solana-pump-radar/prisma/dev.dband runnpm run db:migrateagain
For more detailed troubleshooting, see the Solana Pump Radar README.
Location: solana-pump-radar/
- Ingests real-time Solana transaction events via webhooks (raw or enhanced)
- Detects Pump.fun token create events using instruction parsing
- Stores launches (signature, slot/time, mint, raw payload)
- Computes a risk score + label (LOW / MED / HIGH) with explicit reasons
- Serves a REST API:
POST /webhooks/helius- Webhook ingestion endpointGET /launches- List all detected token launchesGET /tokens/:mint- Get risk analysis for specific tokenGET /healthz- Health check endpoint
Backend Server: Fastify-based REST API with webhook ingestion Detection Engine: Pump.fun instruction parser (program ID + discriminator matching) Risk Scorer: Heuristic-based analysis (authorities, holder concentration, metadata) Processing Queue: Async job processing with p-queue Database: SQLite + Prisma with migrations Tests: Vitest test suite with detector unit tests CI/CD: GitHub Actions workflow with quality gates
cd solana-pump-radar
cp .env.example .env
# Edit .env with your SOLANA_RPC_URL and WEBHOOK_SECRET
npm install
npm run db:generate
npm run db:migrate
npm run dev
# Test in another terminal:
npm run replay- Webhook → Detection → Storage → Queue → Risk Scoring
- SQLite for MVP (easy PostgreSQL migration later)
- Raw webhooks for reliable instruction parsing
- Heuristic scoring (0-100 with LOW/MED/HIGH labels)
- 3 concurrent risk computations (configurable)
All comprehensive documentation is located in solana-pump-radar/docs/:
- PRD.md - Product requirements, scope, acceptance criteria
- DECISION_LOG.md - Technical decisions with rationale
- RISK_REGISTER.md - FMEA-lite risk analysis
- RUNBOOK.md - Operations guide (deploy, monitor, troubleshoot)
- CODEX_SAFE.md - AI-assisted development safety rules
- HELLFIRE_MODE.md - Non-negotiable quality gates
- IMPLEMENTATION_SUMMARY.md - Complete implementation overview
See the full Solana Pump Radar README for detailed setup and usage instructions.
- ✅ Lint + Prettier formatting
- ✅ TypeScript strict mode
- ✅ All tests pass
- ✅ Build succeeds
- ✅ No secrets in code
- Set up RPC provider (Helius/QuickNode/Alchemy recommended)
- Generate webhook secret:
openssl rand -hex 32 - Configure webhook provider (Helius example in README)
- Deploy with PM2 or systemd
- Set up monitoring (health checks, logs)
Location: liveatethglobalwaterloo/
A subgraph configuration targeting 0xb47e3cd837dDF8e4c57F05d70Ab865de6e193BBB (CryptoPunksMarket) on Ethereum mainnet. AssemblyScript mappings that process events such as Assign, Transfer, PunkBought, and others. A GraphQL schema describing indexed entities and tests for mapping behavior.
- liveatethglobalwaterloo/ - The Graph subgraph project (schema, mappings, tests, and deployment config)
- abis/ - Contract ABI artifacts used by the subgraph
- The Graph (
@graphprotocol/graph-cli,@graphprotocol/graph-ts) - AssemblyScript for mappings
- GraphQL schema
- Node.js tooling and
matchstick-asfor tests - Docker (local Graph node stack via
docker-compose.yml)
Webhooks can be retried and duplicated. The pipeline must be idempotent (dedupe by signature).
Risk scores are heuristics, not guarantees. This is not financial advice.
No modifications to existing code. All Solana work is isolated in solana-pump-radar/ - the existing liveatethglobalwaterloo/ codebase remains untouched.
Liquidity Pool Analysis:
- Monitor initial liquidity pool (LP) creation and burns
- Track LP token lock status and unlock schedules
- Analyze liquidity depth and potential for rug pulls via LP withdrawal
- Detect honey pot characteristics (can buy but not sell)
Social Signals Integration:
- Aggregate sentiment from X (Twitter) mentions and engagement
- Monitor Discord/Telegram activity and community size
- Track developer activity and GitHub commits (if applicable)
- Analyze influencer promotion patterns and paid shilling detection
User-Facing Applications:
- Live Demo Dashboard: Web-based UI with real-time token launch feed, interactive risk charts, and filtering
- Telegram Bot: Push notifications for high-risk launches with configurable alert thresholds
- Discord Bot: Server integration for community-driven token monitoring
- Mobile App: iOS/Android notifications for on-the-go monitoring
Liquidity Pool Analysis:
- Raydium API Documentation - Solana's leading AMM for LP data
- Jupiter Aggregator API - Liquidity aggregation and routing
- Orca Whirlpools SDK - Concentrated liquidity pools on Solana
- Solana Program Library - Token Swap - Understanding AMM mechanics
- DexScreener API - Multi-chain DEX analytics
Social Signals & Sentiment Analysis:
- Twitter/X API v2 - Real-time tweets and engagement data
- Discord.js - Discord bot framework
- Telegram Bot API - Telegram bot integration
- VADER Sentiment Analysis - Social media sentiment scoring
- Natural Language Toolkit (NLTK) - Text processing and sentiment analysis
Dashboard & Visualization:
- Next.js - React framework for production
- Recharts or Chart.js - Data visualization
- TanStack Query - Data fetching and caching
- Tailwind CSS - Utility-first CSS framework
- shadcn/ui - Re-usable component library
Bot Development:
- node-telegram-bot-api - Telegram bot SDK
- Discord.js Guide - Discord bot development
- Bull Queue - Redis-based job queue for notifications
Security & Anti-Rug Detection Research:
- Solana Token Security Best Practices - Official guidelines
- CertiK Skynet - Security monitoring approach
- Token Sniffer - Automated scam detection methodology
- Honeypot Detection Techniques - Community approaches
Real-Time Data Streaming:
- Server-Sent Events (SSE) - Push updates to web clients
- Socket.io - WebSocket library for real-time bidirectional communication
- Redis Pub/Sub - Message broker for event distribution
These stretch goals would significantly enhance the platform's value proposition and user adoption while maintaining the core architecture's reliability and performance.
Note: Screenshots will be added as the application is deployed and used. For now, you can test the API endpoints locally using the examples in the API Documentation.
GET /launches - List recent token launches:
{
"launches": [
{
"signature": "5Q9p...",
"slot": "250000000",
"blockTime": "2024-01-01T00:00:00.000Z",
"mint": "MintAbc123...",
"creator": "7NpF...",
"source": "pumpfun"
}
],
"count": 1
}GET /tokens/:mint - Token risk analysis:
{
"risk": {
"score": 65,
"label": "HIGH",
"reasons": [
"Mint authority is active - creator can mint unlimited tokens",
"Freeze authority is active - creator can freeze accounts"
]
}
}See the complete architecture diagram in the Solana Pump Radar README.
Runtime & Language:
- Node.js - JavaScript runtime environment
- TypeScript - Typed JavaScript superset
Web Framework:
- Fastify - Fast and low overhead web framework for Node.js
Blockchain Integration:
- Solana Web3.js - JavaScript SDK for Solana blockchain
- Solana RPC API - Solana Remote Procedure Call API
- Pump.fun - Solana token launch platform (Program ID:
6EF8rrecthR5Dkzon8Nwu78hRvfCKubJ14M5uBEwF6P)
Database:
Validation & Processing:
Logging:
- Pino - Fast JSON logger for Node.js
Testing:
- Vitest - Fast unit test framework powered by Vite
Code Quality:
CI/CD:
- GitHub Actions - Continuous integration and deployment
Webhook Providers (Recommended):
- Helius - Enhanced Solana RPC and webhook provider
- QuickNode - Blockchain infrastructure provider
- Alchemy - Web3 development platform
Blockchain Indexing:
- The Graph - Decentralized protocol for indexing and querying blockchain data
- Graph CLI - Command-line tools for The Graph
- Graph TypeScript Library - TypeScript library for writing subgraph mappings
Language:
- AssemblyScript - TypeScript-like language for WebAssembly
Testing:
- Matchstick - Unit testing framework for The Graph subgraphs
Smart Contract:
- CryptoPunks Market Contract - Original CryptoPunks marketplace on Ethereum
Documentation Standards:
- Product Requirements Document (PRD) - Formal requirements specification
- Decision Log - Architecture Decision Records (ADR)
- Risk Register - FMEA-lite risk analysis
- Runbook - Operational procedures
Quality Gates:
- Codex Safe - AI-assisted development safety guidelines
- Hellfire Mode - Non-negotiable quality enforcement rules
Solana Development:
- Solana Documentation - Official Solana developer documentation
- Solana Cookbook - Developer resource for Solana
- Metaplex Documentation - NFT and token metadata standard
Blockchain Security:
- OWASP Top 10 - Web application security risks
- Smart Contract Security Best Practices - Ethereum security guidelines
Software Engineering:
- 12-Factor App Methodology - Best practices for building SaaS applications
- Semantic Versioning - Version numbering specification
This project was developed with assistance from:
- Claude Sonnet 4.5 by Anthropic - AI-assisted development and documentation
- GitHub Copilot - Code completion and suggestions (if applicable)
- Community resources from Solana, The Graph, and Web3 developer communities
All code and documentation in this repository were created specifically for this project. The Solana Pump.fun Launch Radar implementation is original work based on:
- Solana blockchain transaction structure analysis
- Pump.fun program instruction parsing methodology
- Industry-standard heuristic risk scoring approaches
- Production-grade API design patterns
The Ethereum subgraph implementation follows The Graph protocol standards and indexes the public CryptoPunksMarket smart contract.
See repository license (if present). If missing, add one before public distribution.