A crypto project can look professional on the surface.
The website may look clean. The dashboard may feel polished. The logo may look expensive. Social media may appear active. Testimonials may sound convincing. In some cases, the platform may even show attractive numbers, charts, rewards, or daily returns.
However, none of that proves the project is legitimate.
In crypto, some of the weakest projects look strong at first glance. A good design can be bought. Testimonials can be faked. Social media engagement can be inflated. Team photos can be staged. Domains can also be recycled from older businesses.
Because of that, due diligence matters.
Before joining a crypto project, DeFi platform, staking pool, trading platform, investment opportunity, or passive income system, you need a structured way to check what is real and what is only marketing.
This article gives you a practical crypto project vetting checklist you can use before risking your money.
The goal is not to guarantee safety. No checklist can do that. Instead, the goal is to slow you down, help you ask better questions, and give you a scoring framework that makes weak projects easier to spot.
Disclaimer: This article is for educational purposes only and does not constitute financial advice. Crypto assets, DeFi platforms, staking products, trading platforms, and investment opportunities can carry serious risk. Always do your own research and consider professional advice where appropriate.
If you are still building your crypto safety foundation, also read the SPI guides on the 10-step DeFi safety checklist, exit liquidity in crypto, and stablecoins explained.
Why You Need a Crypto Project Vetting Checklist
Crypto moves fast.
That speed creates opportunity, but it also creates danger.
New platforms can appear quickly. Tokens can launch quickly. Referral campaigns can spread quickly. Influencers can promote projects quickly. Group chats can also create urgency before people have time to think clearly.
As a result, beginners can become emotionally invested before they have done proper research.
A checklist protects you from rushing.
Instead of asking, “Does this look exciting?” you begin asking, “Can this project prove what it claims?”
That is a much stronger question.
The Federal Trade Commission warns that crypto investment scams often use fake promises and false guarantees, especially promises that you will make money or receive big payouts. You can read their consumer guidance here: FTC: What To Know About Cryptocurrency and Scams.
Investor.gov also warns that celebrity endorsements, testimonials, and professional-looking promotions do not automatically make an investment safe or suitable. You can read their investor protection guide here: Investor.gov: Protect Your Money.
The lesson is simple.
Marketing is not evidence.
A proper vetting process should look at the team, domain history, public footprint, support channels, business model, transparency, risk disclosures, regulation, technology, liquidity, and user experience.
The SPI Crypto Project Vetting Scorecard
To make this practical, we will use a 100-point scorecard.
A project does not need to be perfect to deserve further research. Nevertheless, the lower the score, the more cautious you should be.
| Category | Maximum Score |
|---|---|
| Team and leadership verification | 15 points |
| Domain, website, and history checks | 10 points |
| Business model and return feasibility | 15 points |
| Transparency and proof of operations | 10 points |
| Product, technology, and whitepaper quality | 10 points |
| Community reputation and public reviews | 10 points |
| Contact details and support testing | 8 points |
| On-chain evidence and wallet activity | 8 points |
| Regulation, legal structure, and risk disclosures | 8 points |
| Liquidity, withdrawals, and user control | 6 points |
Total possible score: 100 points.
Here is a simple way to interpret the result:
| Score | Meaning | Suggested Action |
|---|---|---|
| 80–100 | Strong due-diligence profile | Continue researching, but still manage risk |
| 65–79 | Promising but not complete | Proceed carefully and investigate weak areas |
| 50–64 | High uncertainty | Avoid large exposure and demand more proof |
| 30–49 | Major red flags | Strong caution; likely unsuitable for beginners |
| Below 30 | Extremely weak profile | Avoid unless strong independent proof appears |
This scorecard is not a guarantee.
Instead, it is a filter.
Its purpose is to help you separate serious projects from platforms that rely only on hype, urgency, referral pressure, and unrealistic promises.
Join the Weekly SPI Newsletter
Practical insights. Real opportunities. Zero fluff.
1. Team and Leadership Verification: 15 Points
The first thing to check is the team.
A serious project should have real people behind it. You want to know who the CEO is, who the founders are, who the developers are, who manages operations, and who is responsible for communication.
This matters because many weak projects hide behind vague team pages. Some use stock photos. Others use actors. In more suspicious cases, projects invent names, fake biographies, or create team profiles that cannot be verified anywhere else online.
When researching the team, go beyond the project website.
Search the CEO’s name. Search the founder’s name. Look for LinkedIn profiles, interviews, conference appearances, GitHub activity, previous companies, professional registrations, social media history, and public records where relevant.
A real person usually leaves a footprint.
That footprint does not need to be perfect, but it should exist.
What to Check
- Does the project list real founders or leadership?
- Can you find the CEO outside the project website?
- Do team members have LinkedIn profiles with realistic work history?
- Can developers, advisors, or executives be publicly verified?
- Do photos appear genuine, or do they look like stock images?
- Have team members worked on previous legitimate projects?
- Is there any negative history, failed project, legal issue, or controversy?
- Do team members communicate openly through interviews, public posts, or AMAs?
Scoring Guide
| Score | Team Quality |
|---|---|
| 13–15 | Fully public team with strong professional footprint and relevant history |
| 9–12 | Team is mostly public, but some roles or backgrounds need more clarity |
| 5–8 | Limited team information and weak external verification |
| 0–4 | Anonymous, fake-looking, unverifiable, or suspicious team |
A hidden team does not automatically prove fraud, especially in some open-source crypto communities.
However, if a platform is asking the public for money, promising returns, or running a financial product, anonymity becomes a serious concern.
2. Domain, Website, and History Checks: 10 Points
A website can tell you more than the project wants to reveal.
Start with the domain.
Use domain lookup tools to check when the domain was registered, when it expires, which registrar was used, and whether the ownership details are hidden. ICANN provides a registration data lookup tool for domain names here: ICANN Lookup.
Domain age can be useful, but it can also mislead you.
A project may claim, “We have been around for five years.” After checking the domain, you may see that the domain is indeed five years old. At first, that sounds positive.
However, that is not enough.
The domain may have been used for something completely different before. For example, it may have been a casino site, betting site, unrelated business, parked domain, expired domain, or old project that was later sold.
That is why you should also check historical snapshots.
The Wayback Machine lets you view archived versions of websites from previous years. You can use it here: Internet Archive: Wayback Machine.
If a platform says it has operated since 2019, check what the website looked like in 2019, 2020, 2021, and 2022.
What to Check
- Domain registration date
- Domain expiry date
- Registrar information
- Nameserver changes
- Previous website versions through Wayback Machine
- Whether the domain was used for unrelated businesses
- Sudden rebrand history
- Mismatch between claimed company age and actual website history
- Broken pages, copied content, spelling errors, or generic legal pages
Scoring Guide
| Score | Website and Domain Quality |
|---|---|
| 9–10 | Consistent domain history, clear registration trail, and website history supports project claims |
| 6–8 | Mostly consistent, but some gaps or missing history need checking |
| 3–5 | Domain is new, unclear, recently repurposed, or weakly documented |
| 0–2 | Misleading age claims, recycled domain, suspicious history, or no credible web footprint |
A clean domain history does not guarantee a good project.
Nevertheless, a suspicious domain history can reveal problems very early.
3. Business Model and Return Feasibility: 15 Points
This is one of the most important parts of the checklist.
Ask a simple question:
Where does the money come from?
If the platform promises returns, rewards, yield, staking income, trading profit, mining income, or passive income, it must explain how that value is created.
Vague answers are not good enough.
A legitimate platform should be able to explain its business model in plain language. If the explanation depends on buzzwords, secrecy, complicated diagrams, or “trust the system” language, slow down.
Unrealistic returns are a major warning sign.
The FTC clearly warns that scammers often guarantee profits, promise big payouts, or claim high returns with little risk. In crypto, nobody can guarantee profits in a short period with no risk. You can read the FTC guidance here: FTC Crypto Scam Guidance.
What to Check
- Does the platform explain how money is generated?
- Are returns fixed, guaranteed, or unusually high?
- Does the model depend mainly on new members joining?
- Are rewards funded by real revenue or by deposits from later users?
- Can the platform show evidence of trading, staking, lending, mining, or business activity?
- Are risk disclosures clear and honest?
- Does the return make sense compared with normal market conditions?
- Would the model still work if referrals slowed down?
Scoring Guide
| Score | Business Model Quality |
|---|---|
| 13–15 | Clear, realistic, evidence-supported model with transparent risks |
| 9–12 | Model is understandable, but some proof or details are missing |
| 5–8 | Vague model, weak proof, or questionable return assumptions |
| 0–4 | Guaranteed returns, unrealistic ROI, referral dependence, or unclear revenue source |
Returns should always connect to real activity.
If the only visible source of money is new users depositing funds, that is a serious red flag.
4. Transparency and Proof of Operations: 10 Points
A project should not only tell you what it does.
It should also show evidence.
If a trading platform says it earns money through trading, where is the proof? Can users see trading activity? Are there verified performance reports? Is there an audit? Are wallets visible? Are trades independently verifiable?
Similarly, if a staking platform says it generates yield through staking, users should be able to identify the staking pool, validator, contract, or wallet activity where possible.
Transparency does not mean revealing every private business detail.
Even so, a platform that takes user funds should provide enough evidence for users to understand what is happening.
What to Check
- Can the project prove its claimed operations?
- Are wallet addresses, contracts, validators, or treasury accounts visible?
- Are financial claims backed by independent data?
- Does the project publish regular updates?
- Are performance numbers explained clearly?
- Can users independently verify at least part of the activity?
- Does the project avoid vague claims like “AI trading,” “secret strategy,” or “guaranteed algorithm”?
Scoring Guide
| Score | Transparency Quality |
|---|---|
| 9–10 | Strong evidence, clear operations, and verifiable activity |
| 6–8 | Some transparency, but important details still need proof |
| 3–5 | Limited evidence and mostly trust-based claims |
| 0–2 | No proof of operations or only vague marketing claims |
Transparency should reduce uncertainty.
If every serious question is answered with “trust us,” the project is asking for faith instead of providing evidence.
5. Product, Technology, and Whitepaper Quality: 10 Points
A serious crypto project should have a real product or a clear development plan.
That does not mean every project must already be fully complete. Early-stage projects do exist. However, even early projects should explain what they are building, why it matters, how it works, and what progress has already been made.
Read the whitepaper or documentation carefully.
A weak whitepaper often uses big language but says very little. It may talk about “revolutionary blockchain innovation,” “AI-powered financial freedom,” or “next-generation decentralized wealth” without explaining the actual mechanism.
By contrast, a stronger whitepaper explains the problem, solution, users, token utility, technical design, risks, roadmap, economics, governance, and limitations.
What to Check
- Does the project solve a real problem?
- Is the product live, testable, or clearly under development?
- Does the whitepaper explain the model in plain language?
- Are tokenomics clear and realistic?
- Is there a roadmap with meaningful milestones?
- Does the project have public code, GitHub activity, audits, or technical documentation?
- Are risks and limitations explained honestly?
- Does the product need a token, or is the token only used for fundraising?
Scoring Guide
| Score | Product and Documentation Quality |
|---|---|
| 9–10 | Clear product, strong documentation, realistic roadmap, and useful token design |
| 6–8 | Product is promising, but documentation or progress needs improvement |
| 3–5 | Weak documentation, unclear utility, or limited product evidence |
| 0–2 | No real product, copied whitepaper, vague promises, or meaningless token utility |
A whitepaper should make the project easier to understand.
If reading it leaves you more confused, that is not a good sign.
6. Community Reputation and Public Reviews: 10 Points
Public reputation matters.
Do not only search, “Is this company a scam?”
That type of search can help, but it is too narrow. You need to look deeper.
Search the project name on Reddit, X, Telegram, Discord, Trustpilot, HelloPeter, YouTube, Google, developer forums, and crypto communities. Look for user experiences, withdrawal complaints, support issues, deleted criticism, unrealistic promotion, or repeated warnings.
Reviews can be manipulated, so read them carefully.
Fake positive reviews often sound generic. They may use similar wording, appear in clusters, or focus only on payouts and referral links. On the other hand, fake negative reviews can also exist, especially between competing communities.
Therefore, look for patterns rather than one isolated comment.
What to Check
- Are real users discussing the project outside official channels?
- Do users report successful withdrawals without unusual delays?
- Are complaints answered professionally?
- Does the project delete difficult questions?
- Do reviews look natural or copied?
- Are promoters using referral links heavily?
- Do independent reviewers explain risks, or only hype returns?
- Are there repeated reports of blocked withdrawals, account freezes, or surprise fees?
Scoring Guide
| Score | Reputation Quality |
|---|---|
| 9–10 | Strong independent reputation with balanced reviews and few unresolved complaints |
| 6–8 | Generally positive, but some concerns need investigation |
| 3–5 | Mixed reputation, repeated complaints, or too much referral-driven promotion |
| 0–2 | Major withdrawal complaints, deleted criticism, fake reviews, or widespread warnings |
Community feedback should never replace your own research.
Still, repeated public complaints should not be ignored.
7. Contact Details and Support Testing: 8 Points
A legitimate platform should be reachable.
Many weak platforms display phone numbers, emails, office addresses, or support links that look professional. Yet when users actually test them, nobody answers.
Do not only look at the contact page.
Test it.
If there is a phone number, call it. If there is a support email, send a simple question. For ticket systems, submit a basic request. With live chat, ask a practical support question.
Then observe what happens.
How long does support take to respond?
Is the answer useful?
Does the support team understand the product?
Do they avoid difficult questions?
Are they only focused on getting you to deposit?
What to Check
- Does the phone number work?
- Does email support reply?
- Does the ticket system function properly?
- Are responses professional and specific?
- Can support answer risk, withdrawal, fees, and business model questions?
- Is there a real office address?
- Does the address match the business?
- Are support channels only active before deposit but weak after deposit?
Scoring Guide
| Score | Support Quality |
|---|---|
| 7–8 | Responsive, professional, specific, and useful support |
| 5–6 | Support exists, but responses are slow or incomplete |
| 2–4 | Weak support, vague answers, or limited contact options |
| 0–1 | No working support, fake contact details, or only sales-focused communication |
Support quality becomes especially important when withdrawals, account issues, or security problems arise.
If support is poor before you deposit, it may be worse after your money is inside.
8. On-Chain Evidence and Wallet Activity: 8 Points
Crypto projects often claim transparency because blockchain data is public.
That only helps if users can actually verify something meaningful.
If the project uses smart contracts, check the contract address. For staking claims, look for the validator or staking pool. When treasury claims appear, ask whether treasury wallets are public. For trading claims, look for verifiable proof rather than dashboard numbers only.
Block explorers such as Etherscan, BscScan, PolygonScan, Solscan, Tronscan, and other network explorers can help users inspect transactions, wallets, tokens, and contract activity.
Beginners do not need to become blockchain analysts overnight.
However, basic checks can reveal useful information.
What to Check
- Are contract addresses public?
- Are treasury wallets visible?
- Can users verify deposits, withdrawals, or staking activity?
- Does wallet activity match the project’s claims?
- Are funds concentrated in a small number of wallets?
- Are there suspicious transfers to mixers, unknown wallets, or exchanges?
- Has the contract been verified on a block explorer?
- Are admin privileges, upgrade controls, or ownership risks explained?
Scoring Guide
| Score | On-Chain Evidence Quality |
|---|---|
| 7–8 | Strong on-chain transparency with verifiable contracts, wallets, and activity |
| 5–6 | Some useful on-chain data, but important details remain unclear |
| 2–4 | Limited on-chain proof or confusing wallet activity |
| 0–1 | No meaningful on-chain evidence despite crypto-related claims |
On-chain transparency does not remove risk.
Even visible smart contracts can fail or be exploited. Still, verifiable data is better than blind trust.
9. Regulation, Legal Structure, and Risk Disclosures: 8 Points
Legal structure matters, especially when a platform handles money, promises returns, manages assets, or offers investment-like products.
Check whether the company is registered. Also look for business registration details, terms and conditions, privacy policy, risk disclosures, jurisdiction, directors, and applicable licences or registrations where relevant.
Pay attention to wording.
Some platforms claim to be “registered” when they only registered a company name. That is not the same as being licensed, regulated, audited, or authorised to offer financial services.
FINRA notes that crypto assets carry risks and that investors should be mindful of the realities of investing in crypto assets. You can read their crypto risk page here: FINRA: Crypto Assets Risks.
What to Check
- Is the company legally registered?
- Can you verify the registration independently?
- Does the company claim regulation without proof?
- Are terms and conditions clear?
- Are risk disclosures honest and visible?
- Does the platform explain where it operates from?
- Are directors or owners listed?
- Does the product require licensing in its operating jurisdiction?
- Are users told what happens if the platform fails?
Scoring Guide
| Score | Legal and Disclosure Quality |
|---|---|
| 7–8 | Clear legal structure, verifiable registration, and strong risk disclosures |
| 5–6 | Some legal information, but important details need clarification |
| 2–4 | Weak legal information, vague disclosures, or unclear jurisdiction |
| 0–1 | No legal clarity, false regulation claims, or hidden ownership |
A legal registration alone does not make a project safe.
However, a lack of legal clarity is a serious warning sign.
10. Liquidity, Withdrawals, and User Control: 6 Points
Many users only test withdrawals after depositing significant funds.
That is a mistake.
Before trusting any platform, understand how withdrawals work.
Check whether users can withdraw at any time. Review lock-up periods, fees, minimum withdrawals, processing times, and custody rules. Also confirm whether users can withdraw both principal and rewards.
One common scam pattern is showing users fake profits on a dashboard but blocking withdrawals later through “tax fees,” “verification fees,” “unlock fees,” “liquidity fees,” or other excuses.
What to Check
- Are withdrawal rules clear before deposit?
- Can small withdrawals be tested?
- Are there unreasonable fees?
- Do users control their own wallet, or does the platform custody funds?
- Are lock-up periods clearly explained?
- Can the platform freeze withdrawals?
- Are there reports of delayed or blocked withdrawals?
- Does the platform ask users to deposit more money before withdrawing?
Scoring Guide
| Score | Withdrawal and Control Quality |
|---|---|
| 6 | Clear withdrawal rules, user control, and successful small withdrawal tests |
| 4–5 | Withdrawals work, but terms or custody risks need more clarity |
| 2–3 | Withdrawal rules are unclear or users report delays |
| 0–1 | Blocked withdrawals, surprise fees, forced deposits, or no user control |
A platform that makes deposits easy but withdrawals difficult deserves serious caution.
Major Red Flags That Should Stop You Immediately
Some warning signs are serious enough to stop the process early.
If a project shows several of these red flags, you may not need to complete the full scorecard.
- Guaranteed high returns
- Pressure to deposit quickly
- Referral income that matters more than the product
- No verifiable team
- Fake-looking CEO or actors used as leadership
- Domain history does not match company claims
- No working support channels
- Blocked or delayed withdrawals
- Requests for extra payments before withdrawals
- No clear business model
- Copied whitepaper or vague documentation
- No proof of trading, staking, mining, or DeFi activity
- Deleted criticism in public groups
- Only positive reviews from referral promoters
- No risk disclosures
- Claims of “no risk” or “guaranteed profit”
One red flag may not prove a scam.
Several red flags together should make you step back immediately.
A Practical Vetting Example
Imagine a platform claims it has operated for five years and offers high monthly returns through crypto trading.
Here is how you might apply the checklist.
| Check | Question | Possible Finding |
|---|---|---|
| Team | Can the CEO be verified? | No LinkedIn, no interviews, no public history |
| Domain | Does domain history support the claim? | Domain existed for five years but was previously a casino website |
| Business model | Are returns realistic? | Returns are fixed and unusually high |
| Transparency | Can trading activity be verified? | No trade records, audited reports, or wallet proof |
| Support | Does support reply? | Email unanswered and phone number inactive |
| Withdrawals | Can users withdraw freely? | Public complaints mention delays and extra fees |
That project would score poorly.
Even if the website looks professional, the evidence is weak.
A serious investor should not ignore that.
The Final SPI Vetting Checklist
Use this checklist before joining any crypto project or investment platform.
| Category | Question | Score |
|---|---|---|
| Team | Can the founders and leadership be verified? | /15 |
| Domain | Does the website history support the project’s claims? | /10 |
| Business model | Is the revenue source realistic and clearly explained? | /15 |
| Transparency | Can operations be independently verified? | /10 |
| Product | Is there a real product, whitepaper, roadmap, or working system? | /10 |
| Reputation | What do public forums, reviews, and users say? | /10 |
| Support | Do contact channels work and provide useful answers? | /8 |
| On-chain proof | Can wallets, contracts, or blockchain activity be checked? | /8 |
| Legal clarity | Is the company structure and risk disclosure clear? | /8 |
| Withdrawals | Are withdrawal rules clear and user control respected? | /6 |
| Total | Overall due-diligence score | /100 |
After scoring, do not only look at the total.
Also look at where the project lost points.
A project with weak documentation may improve over time. However, a project with unverifiable leadership, unrealistic returns, blocked withdrawals, and no proof of operations has deeper problems.
How to Use the Score Without Fooling Yourself
A scorecard can help, but only if you use it honestly.
Do not give points because you want the project to pass.
Instead, give points because the project provides evidence.
If you cannot verify something, do not award full marks.
When a project makes a claim but provides no proof, score it low in that area.
If supporters tell you not to ask questions, treat that as a warning sign.
Due diligence is not negativity.
It is self-protection.
A legitimate project should survive reasonable questions.
Final Thoughts
Crypto project vetting is not about being paranoid.
It is about being prepared.
Good projects should welcome serious questions. Weak projects often rely on urgency, confusion, hype, and emotional pressure.
Before risking your money, slow down.
Check the team. Review the domain history. Search public forums. Read the whitepaper. Test support. Look for on-chain evidence. Question the business model. Understand withdrawals. Pay attention to regulation and risk disclosures.
Most importantly, do not let excitement replace evidence.
The more boxes a project can tick, the stronger its due-diligence profile becomes.
Even then, risk still exists.
Your goal is not to find a project that looks perfect.
Your goal is to avoid projects that collapse under basic questions.
That is how you protect your capital, your confidence, and your future decisions in crypto.
Leave a Reply