NFT rug pull is one of the most prominent type of scam that the developers of a project abandon it and then run away with investors' funds. Although they have drawn attention from our community, to the best of our knowledge, the NFT rug pulls have not been systematically explored. To fill the void, this paper presents the first in-depth study of NFT rug pulls. Specifically, we first compile a list of 253 known NFT rug pulls as our initial ground truth, based on which we perform a pilot study, highlighting the key symptoms of NFT rug pulls. Then, we enforce a strict rule-based method to flag more rug pulled NFT projects in the wild, and have labelled 7,487 NFT rug pulls as our extended ground truth. Atop it, we have investigated the art of NFT rug pulls, with kinds of tricks including explicit ones that are embedded with backdoors, and implicit ones that manipulate the market. To release the expansion of the scam, we further design a prediction model to proactively identify the potential rug pull projects in an early stage ahead of the scam happens. We have implemented a prototype system deployed in the real-world setting for over 5 months. Our system has raised alarms for 7,821 NFT projects, by the time of this writing, which can work as a whistle blower that pinpoints rug pull scams timely, thus mitigating the impacts.

翻译：NFT Rug Pull是项目开发者放弃项目并卷走投资者资金的最突出诈骗类型之一。尽管此类行为已引起社区关注，但据我们所知，目前尚无对NFT Rug Pull的系统性研究。为填补这一空白，本文首次对NFT Rug Pull进行了深入分析。具体而言，我们首先汇编了253个已知的NFT Rug Pull案例作为初始基准数据，基于此开展先导研究，揭示了NFT Rug Pull的关键特征。随后采用严格的规则化方法，对实际场景中更多的Rug Pull项目进行标记，最终将7,487个NFT Rug Pull案例扩展为基准数据集。在此基础上，我们深入剖析了NFT Rug Pull的欺诈手段，包括嵌入后门的显式手法与操纵市场的隐式技巧。为遏制此类诈骗蔓延，我们进一步设计了预测模型，能够在诈骗发生前主动识别潜在Rug Pull项目。我们在真实环境中部署原型系统并运行超过5个月，截至撰写本文时，该系统已对7,821个NFT项目发出警报，可充当及时揭露Rug Pull骗局的吹哨人，从而减轻其危害。