Trending Coins and Tokens🔥
Crypto
Exchange
Crypto DYOR Checklist 2026: 37 Important Due Diligence Checks Most Investors Miss
TL;DR Most crypto DYOR fails because flat checklists treat every risk equally. This 37 check framework helps investors review team identity, tokenomics, audits, on chain activity, community quality, and product traction before trusting a project. It is not the OGAudit OG Score formula and it is not investment advice. Use it as a structured risk filter before doing deeper research.
Why standard DYOR fails
Most DYOR articles give you a long list of things to check. Read the whitepaper. Check the team. Look at tokenomics. Join the Telegram. Read the audit. That sounds useful until a project passes the surface checks and still collapses three months later.
The problem is not that people are lazy. The problem is that most DYOR is too flat.
A minor roadmap delay does not carry the same risk as an anonymous team with prior failed launches. A clean landing page does not offset a huge insider unlock. A smart contract audit does not fix fake engagement, hidden liquidity control, or founders who delete every critical question.
Crypto research has to separate weak signals from serious structural risk.
This checklist is built for that. It does not promise certainty. It does not produce a buy or sell answer. It gives you a cleaner way to evaluate project risk before hype, follower counts, exchange listings, or influencer threads distort your judgment.
The framework is also informed by patterns repeatedly observed through OGAudit's community audit process since 2024. Across crypto project and exchange reviews, the same categories of risk tend to appear again and again: unclear team accountability, weak tokenomics, poor transparency, suspicious engagement, aggressive moderation, and gaps between public claims and observable activity.
One of the most common mistakes investors make is treating every signal equally. In practice, risk often appears in clusters. A project with weak tokenomics, questionable community behavior, and opaque leadership deserves far more scrutiny than a project with a single isolated concern.
A smart contract audit verifies the code. A community review audits the humans behind it. OGAudit focuses on that second layer, helping investors evaluate trust signals, community quality, transparency, and operational behavior that traditional technical analysis often misses.
Important note before using this checklist
This is a reference DYOR checklist.
It is not the OGAudit OG Score formula. It is not a portfolio model. It is not a price prediction tool. It is not financial advice.
Use it to organize research, identify red flags, and decide where deeper verification is needed.
A project can look strong across many checks and still fail because of market timing, regulatory action, insider behavior, liquidity shocks, or unknown technical vulnerabilities. Crypto assets remain highly risky.
How to use this checklist without turning it into false precision
Do not treat the 37 checks as a mechanical score.
Treat them as evidence buckets.
For each check, mark the signal as one of three states:
- Red flag confirmed: public evidence shows a clear risk.
- Unclear or unverified: the project has not provided enough information, or the available evidence is mixed.
- Positive signal confirmed: public evidence supports the project’s claim.
The goal is not to create a perfect number. The goal is to see whether the same project keeps failing in the same risk areas.
A single weak signal may only require caution. A cluster of weak signals across team, tokenomics, technical control, community quality, and product usage should change how seriously you treat the project.
Use the checklist in this order:
- Check team and identity first.
- Check tokenomics before reading price predictions.
- Check technical and on chain controls before trusting audit badges.
- Check community quality before trusting follower counts.
- Check product usage before trusting the roadmap.
If the project fails several checks in the same category, slow down. If it fails across multiple categories, the burden of proof is on the project, not on you.
This checklist is not the official OGAudit OG Score formula. This checklist is a detailed due diligence playbook for reviewing a crypto project before trusting it. It gives readers practical checkpoints and clear examples (as GOOD and BAD) to help you quickly spot strong and weak projects, while making it easier to identify serious early warnings, red flags, and see rising risks.
OGAudit’s community trust rating system, the OG Score, uses a similar social audit framework that includes many of these risk areas alongside verified community reviews, project context, other trust signals, and expert evaluation.
Category 1: Team and identity
A crypto project is not only code. It is also a group of people with control, incentives, history, and reputation.
This is where many weak projects reveal themselves early.
1. Doxxed status with verification path
|
BAD Anonymous team, no verification path, founder photo looks AI generated, or identity claims cannot be checked. |
GOOD Real names, public LinkedIn profiles, conference appearances, verifiable employment history, public interviews, or other identity signals that create reputation cost. |
Doxxed alone is not enough. A public founder can still fail, lie, or abandon a project. What matters is whether the identity is attached to real world reputation, employment history, jurisdiction, and visible accountability.
2. Prior project history
|
BAD Founder previously launched multiple tokens that died, disappeared, or were quietly abandoned without public post mortems. |
GOOD Founder or core team has shipped projects that survived at least one full market cycle, including bear markets. |
Serial launchers deserve extra scrutiny. Every cycle creates a new wave of teams that rebrand old failures into fresh narratives.
3. Team size versus scope
|
BAD The project claims it is building global financial infrastructure with two anonymous developers and no visible hiring pipeline. |
GOOD Team size matches roadmap complexity, with named contributors for engineering, security, product, community, legal, and operations. |
Scope inflation is common in crypto. If the team is tiny and the roadmap is massive, either the plan is unrealistic or the marketing is doing too much work.
4. Jurisdiction transparency
|
BAD Offshore shell incorporation, no disclosed legal entity, unclear terms of service, or vague references to “applicable law.” |
GOOD Named legal entity, public registration details, clear jurisdiction, and terms that identify who the user is dealing with. |
A project unwilling to name its legal entity may be protecting privacy. It may also be preserving optionality to disappear. You do not need to assume the worst, but you should not ignore the risk.
5. Advisor reality check
|
BAD Partnership and advisor logos appear on the website, but no advisor has ever publicly acknowledged involvement. |
GOOD Advisors post about the project, attend AMAs, appear in technical discussions, or provide public approval statements. |
Logo on deck advisors are often marketing decoration. Do not count an advisor unless there is a public artifact that proves real involvement.
6. Communication discipline
|
BAD Founder posts daily price predictions, replies mostly to influencers, deletes criticism, or avoids hard questions. |
GOOD Founder discusses product progress, technical tradeoffs, user feedback, and roadmap changes without obsessing over price. |
Price focused founders are not always exit focused. But when communication is mostly about price, listings, and hype, the project is telling you what it values.
7. Track record of broken promises
|
BAD Mainnet missed by 14 months, no post mortem, roadmap quietly rewritten, old promises deleted. |
GOOD Missed dates are explained, roadmap revisions are public, and the team names what slipped instead of hiding it. |
Slippage is normal. Hiding slippage is a red flag.
Category 2: Tokenomics
Bad tokenomics can kill a project even when the code works.
Most retail investors look at market cap, circulating supply, and unlocks too late. By the time the pressure appears on the chart, insiders may already understand the supply schedule better than the market.
8. Total supply and circulating supply ratio
|
BAD Circulating supply is under 25 percent of total supply, with large future unlocks ahead. |
GOOD Circulating supply is over 60 percent and there are no major cliffs in the next 12 to 24 months. |
A low float can make market cap look attractive while fully diluted valuation tells a very different story. If only a small part of supply is circulating, future unlocks matter more than current hype.
9. Vesting schedule and cliffs
|
BAD Team and investor cliffs are concentrated in a 60 to 120 day window. |
GOOD Vesting is linear over 24 to 48 months, and no single cliff creates sudden heavy supply pressure. |
Use Tokenomist to check unlocks and vesting schedules.
Token unlock cliffs often do not appear in price action until the market starts pricing the actual unlock.
10. Team allocation breakdown
|
BAD Team, insiders, and private round allocations exceed 50 percent. |
GOOD Community, public sale, ecosystem rewards, liquidity, and user incentives represent a healthier share of supply. |
Insider heavy allocations create long term sell pressure. Even if the project is real, the market still has to absorb the future supply.
11. Volume to market cap ratio
|
BAD Volume to market cap is under 1 percent on major venues, suggesting thin demand or weak liquidity. |
GOOD Established assets often show healthier volume relative to market cap, especially when trading is spread across credible venues. |
Low volume can mean weak organic demand. Extremely high reported volume can also be fake or wash driven.
Check OGAudit reviews to understand whether real users are seeing liquidity concerns, fake volume patterns, or poor trading conditions around the project. Such patterns were identified in some of exchange audits by the Crypto OG.
12. Liquidity location and lock
|
BAD Primary liquidity sits in one DEX pool, is unlocked, and is controlled by a deployer wallet with admin keys. |
GOOD Liquidity is spread across multiple credible venues, locked for a meaningful period, burned, or controlled through a transparent multisig. |
Unlocked liquidity controlled by one wallet is a simple rug surface. It is one of the easiest risks to miss when investors only look at the chart.
13. Emission schedule
|
BAD Token inflation exceeds 20 percent annually without enough demand, burns, lockups, or utility to absorb new supply. |
GOOD New emissions are balanced by real usage, fee burns, staking lockups, governance demand, or other credible sinks. |
High emissions without demand are dilution under another name.
14. Token utility, real not promised
|
BAD The token is described as a governance token, but governance is not live. Utility is promised but not implemented. |
GOOD Governance, fee discounts, staking, access rights, or other token functions are live and measurable. |
Promised utility is not utility. Live utility is the only kind that counts.
15. Treasury transparency
|
BAD The project does not disclose its treasury wallet, multisig setup, asset mix, or spending records. Large treasury transfers happen without clear explanation. |
GOOD The project makes its treasury wallet or multisig visible, explains what assets it holds, and publishes clear treasury updates. Investors can verify where funds are held and how they are managed. |
Hidden treasury activity makes it harder to judge accountability, incentives, and fund misuse risk.
16. Treasury runway and asset quality
|
BAD The treasury looks large on paper, but most of it is held in the project’s own token, illiquid assets, or volatile assets. The project does not clearly explain how long it can operate. |
GOOD The treasury is diversified, includes meaningful stablecoin reserves, and supports a clear operating runway. The project explains its funding assumptions and how it can survive weak market conditions. |
Investors should evaluate treasury composition, liquidity, and runway, not just headline treasury size.
Category 3: Technical and on chain checks
Code matters. But code is not the whole project.
A smart contract audit can catch bugs, inconsistencies, and unsafe patterns. It does not prove the team is honest, the tokenomics are sustainable, or the product has real demand.
This category focuses on technical control, audit quality, contract transparency, and on chain claims.
(Smart Contract Audit vs Community Audits Link)
17. Audit count and auditor reputation
|
BAD One audit from an unknown firm, no public report, or report only hosted by the project itself. |
GOOD Public reports from credible security firms such as Trail of Bits, OpenZeppelin, Hacken, or similar teams, with reports available from trustworthy sources. |
A known logo does not mean much if the report is not public. Read the report. Do not just count audit badges.
Official sites for reference: Trail of Bits, OpenZeppelin, ConsenSys Diligence, CertiK, Hacken
18. Bridge dependency and bridge security
|
BAD Majority of TVL depends on a single bridge. |
GOOD Multiple bridge options. |
Many major crypto exploits have occurred at the bridge layer rather than within the protocol itself. If users depend on a bridge to enter or exit the ecosystem, bridge security becomes part of the project's risk profile.
19. Acknowledged findings status
|
BAD Critical or high findings remain unresolved at launch. |
GOOD Critical and high findings are resolved. Medium findings are acknowledged with clear mitigations. |
“Audited” without “findings resolved” is marketing, not security.
20. Bug bounty program
|
BAD No public bug bounty. |
GOOD Active bug bounty program with visible scope, reward levels, and rules. |
Immunefi is one common place to check Web3 bug bounty programs.
A live bug bounty shows the team is willing to expose its code to continuous adversarial testing. It does not remove risk, but it improves the security posture.
21. Contract verification
|
BAD Unverified contract on the block explorer, proxy without published implementation, or source code that does not match deployed bytecode. |
GOOD Verified contract, verified proxy implementation, and source code that matches what is deployed. |
An unverified contract on a tradeable token is an avoidable red flag.
22. Admin keys and timelocks
|
BAD EOA admin key, no timelock, instant upgrade authority. |
GOOD Multisig with named signers, documented upgrade path, and timelock on critical functions. |
A single private key with instant upgrade control can undermine the value of an audit.
23. Holder distribution
|
BAD Top 10 wallets hold over 60 percent of supply, excluding CEX wallets, contracts, and burn addresses. |
GOOD Top 10 wallets hold under 30 percent, and distribution improves over time. |
Holder concentration is not always a rug signal, but it is always worth checking. Large wallet clusters can create sudden sell pressure.
Use wallet visualization tools such as Bubblemaps for deeper inspection.
24. On chain activity versus marketed claims
|
BAD Project claims 1 million users, but explorers or dashboards show only 1,000 unique active wallets per month. |
GOOD On chain DAU or MAU is broadly consistent with public user claims. |
Use Dune dashboards where available.
Marketing pages can lie. Block explorers and public dashboards are harder to fake, although they still require interpretation.
Category 4: Community and social trust signals
This is where many checklists fail.
Bot networks, paid engagement, coordinated replies, fake Telegram members, and influencer campaigns are now standard infrastructure for weak launches.
Follower counts should be treated as raw data, not as trust.
25. Follower count versus on chain activity growth
|
BAD Twitter or X followers grow by 50,000 in two weeks while holders grow by 100. |
GOOD Holder growth, user growth, and follower growth move in a believable relationship. |
Inorganic follower growth without holder growth usually means the community is rented. Rented communities rarely survive drawdowns.
26. Engagement quality on the official account
|
BAD Replies are mostly “GM,” emoji strings, price talk, identical phrases, and low substance hype. |
GOOD Replies include criticism, technical discussion, honest questions, and transparent answers. |
If every reply reads like the same shill template, slow down.
27. Account age distribution of engagers
|
BAD Most active engagers are newly created accounts under 6 months old, with no original content. |
GOOD Engagement includes a healthy mix of older accounts, newer users, real contributors, and accounts with visible history. |
Manually sample accounts from the latest viral post. Check account creation dates, profile quality, posting history, and whether the account engages with anything beyond the project.
28. Influencer disclosure pattern
|
BAD Multiple paid influencer threads use similar wording and lack ad disclosure. |
GOOD Mentions come from reputable accounts, and sponsored posts are clearly disclosed where applicable. |
Coordinated phrasing is the tell. A real bull case sounds different in different voices.
For context, the SEC charged Kim Kardashian in 2022 over unlawful touting of a crypto asset security without disclosing payment. Read the official SEC release.
29. Telegram and Discord moderation behavior
|
BAD Critical questions are deleted, users are banned for asking about tokenomics, and mods control the narrative instead of answering. |
GOOD Critical questions remain visible, mods answer clearly, and moderation is focused on spam rather than silencing risk questions. |
If a community cannot tolerate questions about token inflation, unlocks, liquidity, or admin controls, that is a serious warning sign.
30. Cross platform consistency
|
BAD Twitter says one launch date, Telegram says another, Discord says a third. |
GOOD Messaging is consistent across platforms, and the team has a clear source of truth. |
Inconsistency can be disorganization. It can also be deliberate deniability. Either way, it creates risk.
31. Community audits (social audits)
|
BAD Zero independent reviews from Crypto OGs or verified holders. All “reviews” are paid placements or reposts of project material. |
GOOD Independent reviews from experienced users, wallet verified contributors, or credible holders, with conflicts and positions disclosed. |
This is the OGAudit lane. Wallet age + verification fee make sybil attacks structurally near-impossible. Community enforcement handles anything that slips through.
Category 5: Product and market fit
Product market fit is the slowest signal to prove.
A project can have a public team, clean tokenomics, audits, and a loud community. It can still fail if the product has no real demand.
This category asks whether anything useful is actually happening.
32. Roadmap delivery status
|
BAD Roadmap shows mainnet “Q3” for the third year running, while the current product is still only a website. |
GOOD Product is live on mainnet with measurable usage for at least 90 days. |
Early stage valuations are narrative heavy. Narratives can die before products arrive.
33. Real users versus incentivized users
|
BAD Activity comes almost entirely from points programs, quests, airdrop farming, or temporary incentives. |
GOOD Non incentivized usage exists and continues after rewards slow down. |
Incentives can bootstrap usage. They can also rent demand. Check whether users stay when the reward machine pauses.
34. Revenue or fees generated
|
BAD No revenue, no fees, and no available path to a sustainable revenue model. |
GOOD Measurable fees or sales flowing, even if small, with a clear retention curve. |
A protocol with no revenue can survive for a while on treasury and token emissions. That does not make the model sustainable.
Use DeFiLlama to inspect fees, revenue, TVL, and treasury related data where available.
35. Competitive position
|
BAD “The better Uniswap” with 0.01 percent of Uniswap’s TVL and a worse user experience. |
GOOD Clear differentiation in a defined niche, or a credible first mover position in an emerging category. |
Being a weaker copy of an entrenched leader is not a strategy.
36. Market timing
|
BAD Launching a 2021 style yield farm or generic AMM into a market where the narrative is dead and demand is weak. |
GOOD Product matches a live narrative or solves a fresh problem that users already care about. |
Timing does not replace product quality, but in the first year of trading it can shape attention, liquidity, and user adoption.
37. Distribution and partnerships, verified
|
BAD Logo soup of partnerships with no confirmation from the partner side. |
GOOD Partnerships are verified through the partner’s official channel, and integrations are live where possible. |
If only one side announces the partnership, treat it as a claim, not proof.
One reason this checklist focuses on clusters rather than isolated signals is that many high-risk projects do not fail in only one category. In OGAudit reviews, risk signals often appear simultaneously across tokenomics, community quality, moderation behavior, transparency, and operational practices.
How to read clustered risk signals and decide how safe is a coin project
Do not force this checklist into a single score. Read the pattern.
A project with one weak area may simply need more verification. A project with repeated weakness across team, tokenomics, technical controls, social quality, and product usage is different. That is not one red flag. That is a risk cluster.
Reference case A: Mature project with lower visible structural risk
A stronger project will usually show several signals at once:
- Public team.
- Clear legal structure.
- Longer operating history.
- No major near term unlock cliff.
- Public audit reports.
- Resolved critical findings.
- Verified contracts.
- Multisig controls.
- Active bug bounty.
- Holder growth that roughly matches community growth.
- Real product usage beyond incentives.
- Clear revenue, fees, or user retention.
This does not make the asset safe. It only means the visible structure is easier to verify.
Reference case B: High risk launch pattern
A weaker project often shows the opposite cluster:
- Anonymous team.
- Prior failed launches.
- Advisor logos with no public confirmation.
- Low circulating supply at launch.
- Heavy insider allocation.
- Near term unlock cliff.
- One shallow audit or unresolved findings.
- EOA admin control.
- Sudden follower spike without holder growth.
- Identical phrase replies.
- Deleted criticism.
- No non incentivized users.
- Demo only product.
- All activity tied to a points program.
The exact label matters less than the pattern. When weak signals appear together, the project should not receive the benefit of the doubt.
Deadly DYOR mistakes
These show up in nearly every retail loss post mortem.
1. Confusing code audits with safety
A code audit checks whether the contract behaves as described. It does not prove the product is safe, the team is honest, the multisig will not be abused, or the tokenomics will survive.
(Red Flags Code Audits Miss Link)
2. Overweighting hype metrics
Telegram size, Twitter followers, Discord members, and even some on chain activity can be rented or manipulated.
Treat hype metrics as inputs, not outcomes.
3. Misreading TVL
TVL can rise because the deposited token rises in price. That does not always mean new capital entered the protocol.
Check TVL in stablecoin terms, BTC terms, ETH terms, or other major asset terms where possible.
4. Ignoring unlock schedules
“It is only a 5 percent unlock” can sound harmless until you compare it with daily volume and liquidity depth.
A 5 percent unlock against thin liquidity can create serious sell pressure.
5. Trusting influencer endorsements
Influencer and celebrity endorsements are a major risk. Many are paid. Some are not clearly disclosed. Others are financially motivated even when not formally sponsored.
Use influencer content as a lead for research, never as proof.
Exit Level Red Flags: When to Walk Away
These are binary filters. If any of these conditions are met, stop your analysis immediately. A project does not need a full checklist review when a fundamental failure is already visible.
● Hidden token allocations discovered post launch, or an ecosystem fund or treasury being dumped without prior announcement.
● A team with a confirmed history of rug pulling a previous project under a different name, verified through on chain traces or founder profile links.
● Documentation deleted or rewritten without a public changelog or clear explanation.
● Unlocked liquidity held by the deployer, especially when combined with active admin upgrade authority on the contract.
● Code audit reports containing unresolved or ignored critical findings at the time of launch.
● Contract discrepancy: The project was audited on one contract, but a different one was deployed for launch.
● Hostile leadership: Founders who threaten or doxx critics, or consistently avoid addressing legitimate community questions.
These are not deduct-point signals. They are absolute exit signals. . << <do not edit this> Article #N: Red flags audits miss >> covers the on-chain forensic patterns behind several of these in detail.
Limits of this checklist
This checklist filters visible structural risk. It does not protect against everything.
It does not protect against coordinated market manipulation by larger players.
It does not prevent insider exits during opaque windows.
It does not predict macro cycles that kill an entire sector.
It does not catch every smart contract exploit, especially dependency based or zero day exploits.
It does not prevent regulatory action.
It does not guarantee return.
A clean checklist only means fewer visible red flags. It does not mean the asset is safe. Position sizing, time horizon, jurisdiction, tax impact, and exit discipline still matter.
Crypto and digital asset investments are highly risky.
Tools and resources which make DYOR easier
Use tools tactically. Do not collect dashboards for decoration. Know what each tool can reveal and what it cannot.
On chain analysis
- GeckoTerminal: holder distribution, pools, contract links, DEX liquidity, pair history.
- DEX Screener: DEX pairs, liquidity, volume, trading history, contract level checks.
- Dune Analytics: custom dashboards for DAU, MAU, fee activity, holder growth, and user behavior.
- Arkham Intelligence: wallet labeling, exchange flows, insider tracking, and entity level analysis.
Tokenomics analysis
- Tokenomist, formerly TokenUnlocks: vesting cliffs, unlock schedule, emissions, allocation breakdown.
- DeFiLlama: TVL, fees, revenue, stablecoin data, protocol dashboards, treasury related visibility where available.
Social verification
- Manual account age sampling: Pull 30 to 50 engagers from the latest viral post. Check creation dates, original content, and whether the accounts behave like real users.
- LunarCrush: cross platform sentiment and engagement signals.
- OGAudit: community powered social audit signals for crypto projects and exchanges. Use it to check whether verified OG reviewers have flagged weak trust signals, suspicious engagement, poor community quality, withdrawal issues, liquidity concerns, or other risks that pure on chain tools may miss.
Smart contract and code security checks
- GoPlus: token security checks, malicious behavior signals, permission risks, and Web3 security APIs.
- SolidityScan: smart contract scanner and vulnerability detection tool.
- Immunefi: bug bounty programs and security operations.
- Audit reports themselves: read reports from the auditor’s official site when possible. Do not rely only on logos shown by the project.
Where OGAudit fits into this DYOR process
This article is a reference DYOR checklist, not the OGAudit OG Score formula.
OGAudit supports the social audit layer of crypto research.
On chain tools can show contracts, wallets, liquidity, holder movement, and activity. Audit reports can show whether specific technical findings were found and resolved. Tokenomics tools can show unlocks and supply pressure.
Those tools are necessary, but they do not always answer the human side of risk.
They do not always show whether real users trust the team.
They do not always show whether reviewers have seen repeated withdrawal issues.
They do not always show whether a community is authentic or manufactured.
They do not always show whether support quality, liquidity experience, or moderation behavior is raising concerns.
That is where OGAudit adds context.
For exchanges, OGAudit focuses on six review dimensions: usability, insurance, fees, withdrawal speed, liquidity, and security. For crypto projects, OGAudit reviews help readers compare public claims against community experience and visible trust signals.
Use this checklist as a personal research structure. Use OGAudit as an additional social audit reference, especially when checking whether experienced reviewers have already flagged weak trust signals, suspicious engagement, poor community quality, liquidity concerns, withdrawal issues, or operational risk.
Also read these articles if you want to have deeper understanding about crypto scams, manipulations, and how OGAudit community identifies them:
- Crypto Social Audit: What is community audits and how they help make crypto a safer place.
- OG Score Coin Trust Rating: How OGAudit community reviews crypto projects, coins, tokens.
- OG Score: Exchange Rating Methodology: How OGAudit community reviews crypto exchanges
About the Author: Who is CryptoAPE?
Written by CryptoAPE aka SAMUEL JACKSON, OGAudit Ambassador, community manager, crypto researcher, and scam detective.
Active in crypto since 2016, CryptoAPE combines Web3 experience with a penetration testing background to analyze project risk, market narratives, community signals, and scam patterns. His work focuses on helping users DYOR more safely by separating useful signals from hype, bots, paid promotion, and weak project claims. His articles and social audits are for education and research only, not investment advice.
FAQ
How long should a serious DYOR pass take?
For a serious position, expect two to four hours at minimum.
A quick scan can catch obvious red flags, but it will miss unlock schedules, admin key risks, fake engagement, audit findings, treasury opacity, and product usage gaps.
A practical split:
- 30 minutes for team and identity.
- 30 minutes for tokenomics.
- 30 minutes for technical and on chain checks.
- 30 minutes for social and community quality.
- 30 minutes for product traction.
- Extra time for anything unclear.
Scanning OGAudit reviews can save time because experienced reviewers may have already flagged some of the weak signals.
Does this checklist apply to memecoins?
Partially.
Memecoins fail many product, technical, and tokenomics checks by design. For pure memecoins, focus on the checks that still matter:
- Community legitimacy.
- Holder concentration.
- Liquidity lock.
- Contract permissions.
- Team or deployer behavior.
- Moderation behavior.
- Paid influencer patterns.
- Whale clusters.
- Whether the community survives without constant hype.
Do not treat a memecoin like a protocol with revenue, product users, and roadmap delivery. The risk profile is different.
OGAudit community reviews can still help identify whether a memecoin has authentic community backing or obvious rug pattern signals.
How often should DYOR be repeated on a held position?
Quarterly checks are a good baseline.
Repeat the review immediately after any major token unlock, new audit, roadmap delay, founder change, treasury movement, bridge incident, exploit, exchange listing, delisting, or partnership announcement.
Crypto project quality is not static. A project that looked acceptable six months ago can become much weaker after insider unlocks, liquidity loss, team exits, or community deterioration.
What is the single biggest DYOR mistake retail makes?
Retail often mistakes one clean signal for total safety.
A clean audit does not mean the tokenomics are safe.
A public founder does not mean the project is honest.
A big community does not mean the users are real.
A high TVL number does not mean new money entered.
A major exchange listing does not mean the asset is low risk.
The correct question is not “does this project have one good signal?” The correct question is “what happens when all signals are checked together?”
Where does this checklist break?
This checklist is weakest for pre product launches with no contract, no holders, no usage, and no real market history.
If there is no on chain footprint, no live product, and no user base, several checks cannot be verified. In those cases, treat the research as provisional and repeat it within 30 to 60 days after mainnet or public launch.
The less public evidence exists, the more cautious the conclusion should be.
Is this financial advice?
No.
This checklist is for education and research structure only. It does not recommend buying, selling, holding, shorting, or avoiding any specific asset.
Crypto assets are risky. You can do good research and still lose money. Use risk management, diversify, understand your jurisdiction, and consult a qualified financial professional where needed.
