Decentralized Exchanges (DEXs) are one of the most important infrastructures in the world of Decentralized Finance (DeFi) and are generally considered more reliable than centralized exchanges (CEXs). However, some well-known decentralized exchanges (e.g., Uniswap) allow the deployment of any unaudited ERC20 tokens, resulting in the creation of numerous honeypot traps designed to steal traders' assets: traders can exchange valuable assets (e.g., ETH) for fraudulent tokens in liquidity pools but are unable to exchange them back for the original assets. In this paper, we introduce honeypot traps on decentralized exchanges and provide a taxonomy for these traps according to the attack effect. For different types of traps, we design a detection scheme based on historical data analysis and transaction simulation. We randomly select 10,000 pools from Uniswap V2 \& V3, and then utilize our method to check these pools.Finally, we discover 8,443 abnormal pools, which shows that honeypot traps may exist widely in exchanges like Uniswap. Furthermore, we discuss possible mitigation and defense strategies to protect traders' assets.

翻译：去中心化交易所（DEX）是去中心化金融（DeFi）领域最重要的基础设施之一，通常被认为比中心化交易所（CEX）更可靠。然而，一些知名的去中心化交易所（例如Uniswap）允许部署任何未经审计的ERC20代币，导致产生了大量旨在窃取交易者资产的蜜罐陷阱：交易者可以在流动性池中用有价值的资产（如ETH）兑换欺诈性代币，但无法将其兑换回原始资产。本文介绍了去中心化交易所中的蜜罐陷阱，并根据攻击效果对这些陷阱进行了分类。针对不同类型的陷阱，我们设计了基于历史数据分析和交易模拟的检测方案。我们从Uniswap V2和V3中随机选取了10000个流动性池，并使用我们的方法对这些池进行了检查。最终，我们发现8443个异常池，这表明蜜罐陷阱可能广泛存在于像Uniswap这样的交易所中。此外，我们讨论了可能的缓解和防御策略，以保护交易者的资产。