We want to share a story to help you avoid falling for scams that may look like promising projects.
Until October 14th, 2024, we had a competitor in the Blast ecosystem called Kalax. Kalax was a yield aggregator on Blast and later expanded on Scroll. When we first encountered Kalax, we noticed its simple, attractive, and user-friendly interface. They offered various vaults with APYs ranging from 100% to 1000%:
We even tried depositing a small amount ourselves, and everything seemed to work smoothly. We also thought that APYs were subsidized by the project. We noticed that the APY got lower based on the amount of TVL in the Vaults. Calculations showed that with a TVL of $1 million, Kalax’s APY would align with typical yields in comparable projects.
Kalax was also listed on DeFiLlama and remains listed there.
At first glance, everything appeared legitimate. However, this was not the case. On October 14th, 2024, the project’s founders executed a rug pull. Kalax’s X/Twitter account (@Kalax_io) has since been deleted, and the website is now inaccessible. More details about the rug pull can be found on Chainabuse.
Why share this? It’s a reminder of how close scams can be to trusted ecosystems. Some users in the Blast ecosystem pointed out that Kalax provided a better user experience and higher APYs than CYBRO. Now we know why — because Kalax was simply a scam.
How to Choose a Reliable DeFi Project
- Evaluate Real-World Connections
- Has the project undergone KYC (Know Your Customer) audits? How many team members have been verified?
- Is there a legal entity responsible for conducting business?
- Are there credible individuals in the ecosystem who have met or spoken with the project team, either in person or via voice calls?
2. Verify Originality and Ongoing Development:
- Is the project more than just a simple fork with a different design?
- Look for signs of innovation, like the development of new features.
- Check for active partnerships or collaborations.
- Ensure the project has a unique, actively maintained codebase
3. Ensure Code Security:
- Confirm that the project has undergone one or more security audits
- Audits should refer to the latest version of the contract or dApp.
- Audits are conducted by reputable, independent auditors.
- The project maintains an active bug bounty program
There are many other criteria to consider, but we believe these were enough to recognize that Kalax, along with many similar projects, was a scam. And remember… don’t get pulled in by extremely high APYs
