Shockingly, the NFT bull run is making a comeback.

⚜️ By the end of this, you'll know how to use Etherscan to read contracts, without any technical background.

Let's go.

Step Zero: Get the NFT's Contract on Etherscan. (Skip if you know this.)

Go to OpenSea, find the project, click the three little dots next to the project name, go to View on Etherscan.

1. Is the Contract Verified?

If you scroll down, you'll see a menu toggle that looks like this:

Next to "Contract" there should be a green check mark, indicating the code is verified. If there is no check mark, that means the code is unreadable.

Unreadable code has a very high probability of being malicious.

Abandon ship.

2. Keywords

Now you're going to read code without any coding experience.

It all comes down to searching the code for these 3 keywords:

migrate
timestamp & time-lock
upgradeable proxy

To do this: select contract, make sure you're on code, and search the silly little words.

Migrate:
- No results: You're gucci, mint away. ✅
- Results: F*cking run. This means the contract owner has the ability to drain all funds from the contract at any time.

Timestamp & Time-Lock:
- No Results: BAD. Get out now. Contract owners can drain funds.
- Results: Green flag. ✅

Upgradeable Proxy:
- No Results: Good sign. Proceed. ✅
- Results: If this term is in the contract, it means the owners can upgrade, or change, the contract to WHATEVER they want. A.K.A., another way to get rug pulled.

P.S. "proxy" on its own is fine and pretty standard. It's the upgradeable proxy that will screw you.

4. Mint

Ok stick with me here. This is the most important one.

We've heard SO many stories of people connecting their wallet to a fake mint and getting their wallet drained. It even happened to BAYC holders who aped into a fake giveaway when the BAYC discord got hacked.

If they just checked the contract before minting, they wouldn't have collectively lost $360K.

👉 Search the code for:

Mint Function: You want to make sure the contract indeed has a mint function. It can be coded differently on different contract, so just search "mint" and find one with function in front of it (usually function_Mint)

SendETH Function: Scam. Scam. Scam. This allows owners to transfer contract funds to another ETH wallet.

SafeTransferFrom: This could be a red flag, but not necessarily. It can allow owners to transfer NFT's from certain wallets. This one we would give an orange flag.

credit: Seedphrase Daily