Swap for tokens with Bot Protection Enabled (BpEnabled)

!!Apology in advance for such verbosity!!


I came across this BEP20 token (0xcc7a91413769891de2e9ebbfc96d2eb1874b5760) which had sufficient Liquidity added at TGE but bot protection was enabled. The rules were the swap to be allowed only on or after a certain time (say at 7:00 AM) with only whitelisted wallet addresses to be able to buy up to 2500 (worth $200 say) tokens for the first 180s and then it gets opened to all.

When the Liquidity got added (say at 6:50 AM), I could see the conversion rate on PancakeSwap but every time I click the Swap button, it was showing me the Transfer Failed error and not even submitting the transaction on the blockchain. Once the go-ahead was given by the project team that token is live for swap, if I (Note: I was a WL address) set the amount greater than $200, PancakeSwap was still giving Transfer Failed error and not submitting the transaction. This was not the slippage issue, as I tried setting it to the highest and still didn't make the difference.


  • Apart from Liquidity Pair & sufficient liquidity amount check, what else PancakeSwap (Router Contract) checks before submitting the swap transaction?
  • How PancakeSwap determined though the Liquidity Exists the token is not yet swappable?
  • How PancakeSwap did determine the limit on buy amount?
  • Not sure if PancakeSwap also has the ability to know if the wallet address is the Whitelisted one before submitting the transaction?

If you see in the image there is a roughly 10 mins difference between the AddLiquidity transaction and the first swap. I checked the first swap address and that person had submitted multiple transactions before (which I guess either through sniper bot or maybe through Write contract option of PancakeRouter BscScan) and of course, all failed until the time & amount criteria were met. And all the failed transactions had the same Transfer Failed error too.

(Success txn: 0xb1e0e23c34e0a8090d4ef879792701eb324ef83c1d95f5eee5cf95bb89ad24bb, wallet: 0x96d5f755220a03712eb85d490659288f859ccb8e, Failed Txn: 0xe80ff57297df7f580c726e923d200da6357c3ddac4b50f279b9504012054b32e)

So how one can determine the swap-ability of such token through web3j code libraries without submitting the transaction (meant to fail)? And which contract to interact with?

NOTE: I did notice the BP contract 0xb930a172f9205f87f7d28ffa6cc3b5c3fd87ac19 doesn't have code available to understand it better. Bytecode decompilers are not of much help. :frowning:

Hi there.. How are you? I think if you had researched for a little longer, you had figured out what happened haha I noticed that with another token that was released yesterday.. It was EXACTLY the same thing. This is what happened with the token you mention:

Contract: 0xcc7a91413769891de2e9ebBfC96D2eb1874b5760
Token: GovWorld Official
Owner: 0x5b2c76c74d0ffbb0ec2964e9d0dcf21d3a863b30

Jan-04-2022 02:57:07 PM +UTC: Token was created > tx id 0x024232702255986ee2cfa209a3db1fec185da049b1e059840fd518900c42542d

Jan-05-2022 11:21:14 AM +UTC: The Owner set BP Address (I think it's like the unique contract/address that can interact with other contract). If you see details of the tx, you'll find the address was 0xb930a172f9205f87f7d28ffa6cc3b5c3fd87ac19 (likewise, you can check in the Contract > Read Contract > BPAddress: tx id 0x5f94357335f9c696f7e72916110b4d9086956b78e04c811f0ef2fda291390e0b

Jan-05-2022 11:23:05 AM +UTC: The Owner set "true" the BPEnabled feature. tx id 0xcd75b20500fb92ee2e8ff7e04deb9345e2c6f79a3f1b34b3a1ac40227d6054da

Now, if you go to this contract (BPAddress: 0xb930a172f9205f87f7d28ffa6cc3b5c3fd87ac19), you only see the "Contract creation" tx BUT, the Owner is who has full control of this contract.

Jan-04-2022 08:28:56 PM +UTC: This BPAddress (contract) was created by 0x43aa62f3d7fee61c3771f776689df4b98f00eda4. tx id 0x57ccb72e853b2b80d20e3c2f70ef22fe35991d5f692189a448e0c051864e453e

So, if you go to this new owner's Contract you will find all tx that modify this contract. You'll see the "Add WL Limits", "Add WL Addresses", and so on... these ones are the real limit to the primary contract (0xcc7a91413769891de2e9ebBfC96D2eb1874b5760). So, only these wallets were able to buy the token. https://bscscan.com/address/0x43aa62f3d7fee61c3771f776689df4b98f00eda4

Back to the listing date on Pancakeswap, after added liquidity to the token, the control of this contract was in BP feature. So, minutes after the release, they turn off this BP feature:

Jan-05-2022 11:23:05 AM +UTC: The Owner set "false" the BPEnabled feature > tx id 0xa0de912e42d343d6686af7d7f9c1b9e6f5926c8c9a17024cfea884d78b7443e3

So, after that, anyone can buy/sell the token. Maybe if you go to https://bscscan.com/address/0x43aa62f3d7fee61c3771f776689df4b98f00eda4 you'll find your answer. Maybe was something with WL addresses or limits.

For web3 question, I just know you can call this function, if it's the ABI of course. For example: "contractToken.functions.bpEnabled().call()" and the response will be bool. I don't know if there is way to "try" and transaction to see if will fail or not. If you figure out, let me know, I'd like to know too.

1 Like

Thanks a ton for looking into it and sharing the information. It definitely helps. Always more to learn in Crypto world :slight_smile: