Solana Permanent Delegate Scam: What Copy Traders Must Know

Security researchers estimate that the Solana Permanent Delegate burn scam drained over $50 million from Solana wallets in Q1 2026 alone — and the vast majority of victims never chose the token that emptied their wallet. If you are copy trading on Solana, your bot may be buying these tokens for you right now, without any warning, and losing 100% of your position in under 60 seconds. This article explains the mechanics of the Permanent Delegate scam, why copy traders face a specific and largely unacknowledged exposure, which platforms offer documented protection, and what you can do before your next trade.

---

What Is the Permanent Delegate Extension and Why Should Copy Traders Care?#

Understanding this threat starts with Solana's token standards — specifically the gap between what traditional safety checks catch and what the Permanent Delegate extension makes possible.

What is the Permanent Delegate extension on Solana?#

The Permanent Delegate extension is a feature of Solana's Token-2022 program — the successor to the original SPL Token standard — that grants a single designated wallet address unconditional, permanent authority to burn or transfer tokens from any holder's account, without requiring the holder's signature or approval. Token-2022 launched on Solana's mainnet as a more flexible token standard with optional programmable extensions. Permanent Delegate is one of those extensions, and it cannot be revoked once set at token creation.

The original intended purpose is regulatory compliance: allowing an authorised institution to freeze or return tokens from sanctioned addresses. The actual use in 2026 is something else entirely. Scammers configure Permanent Delegate to point to their own wallet at token creation, then use it to drain every buyer's balance within seconds of purchase — no on-chain interaction from the victim required.

Token-2022 is documented by the Solana Foundation as a legitimate extension with clear use cases. The problem is not the standard — it is the lack of visibility into which tokens are using it and why.

Why revoking mint and freeze authority doesn't make a token safe#

The safety checks most traders rely on focus on three authorities: mint authority (controls whether new supply can be created), freeze authority (controls whether individual accounts can be frozen), and liquidity pool lock status. When a token shows mint authority revoked and freeze authority revoked, most scanners give it a green light.

Permanent Delegate operates on an entirely different axis. The table below shows why a token that passes every traditional check can still execute a complete rug via Permanent Delegate:

Safety Check	What It Controls	Protects Against PD Burn?
Mint authority revoked ✅	No new token supply can be created	❌ No
Freeze authority revoked ✅	Individual accounts cannot be frozen	❌ No
LP tokens locked ✅	Liquidity cannot be removed from pool	❌ No
Permanent Delegate absent ✅	No one can burn/transfer your tokens	✅ Yes
Permanent Delegate present ❌	Token creator can burn your balance at will	❌ Fully exposed

A token can display a clean mint, clean freeze, and locked LP — and still rug every buyer in under a minute. Standard rug-pull detection does not catch this. That is what makes it the most dangerous exploit in Solana's current token ecosystem.

---

How the Permanent Delegate Burn Scam Works#

The scam follows a repeatable six-stage script. Understanding each stage matters because knowing where copy traders enter the chain changes the defence required.

How does the Permanent Delegate scam work step by step?#

The Permanent Delegate burn scam works in six stages: (1) the attacker deploys a Token-2022 token with Permanent Delegate set to their own wallet address; (2) they revoke mint and freeze authority to pass standard safety scans; (3) they create a liquidity pool on Raydium; (4) they generate artificial trading volume using coordinated wash-trading wallets to create the appearance of organic activity; (5) victims buy via a DEX — tokens land in their wallet — and (6) within seconds, the attacker's automated system burns every buyer's balance using the Permanent Delegate authority. The attacker's SOL from the initial liquidity is untouched. The token is worthless to everyone else.

Here is the full walkthrough:

Stage 1 — Token deployment. The attacker deploys a new token using Solana's Token-2022 program, setting Permanent Delegate to their own wallet at creation. This is a single parameter in the token initialisation — it takes seconds and costs fractions of a cent on Solana.

Stage 2 — False legitimacy signals. They immediately revoke mint authority and freeze authority. On most safety scanners, the token now shows green across standard checks. This is deliberate misdirection.

Stage 3 — Liquidity pool creation. A Raydium liquidity pool is seeded with a small initial investment — typically 1–5 SOL — giving the token a trading pair and price. This is the attacker's only real capital outlay.

Stage 4 — Artificial volume. According to a March 2026 security analysis on DEV.to, scammers use between 10 and 50 coordinated wallets executing wash trades to inflate volume metrics. Platforms like GMGN and Axiom display volume as a signal of active trading — inflated volume makes the token appear to have real demand.

Stage 5 — Victim purchases. Real traders see the volume spike, the clean safety profile, and buy. Tokens arrive in their wallets. The swap confirms on-chain.

Stage 6 — The burn. The attacker's automated system executes a burnChecked instruction via the Permanent Delegate authority. According to Cointelegraph's report citing Slorg — a member of the Jupiter Core Working Group — one documented case saw a buyer's tokens burned within 7 seconds of their swap confirming. The attacker's per-token profit in 2024 was estimated by Slorg at $50–$100, "thousands a week" across repeated deployments. In 2026, industrialised automation has scaled both the frequency and the losses.

The numbers: how big is this problem in 2026?#

The Permanent Delegate scam sits inside a broader ecosystem of Solana token fraud that is larger than most traders appreciate. According to Solidus Labs' institutional research report, 98.6% of tokens launched on Pump.fun show characteristics of rug pulls or pump-and-dump manipulation — and Pump.fun sees 20,000–30,000 new token launches every day, according to Blockworks. Of those, fewer than 200 per day graduate to sustained trading. The rest drain capital from buyers and cycle out.

According to CoinDesk's coverage of Merkle Science research, memecoin rug pulls and scams across all chains caused over $500 million in losses during 2024 alone. The March 2026 security analysis referenced above estimates that Permanent Delegate scams specifically have caused over $50 million in losses in Q1 2026 — though this figure is a single-source estimate and has not yet been independently corroborated by a blockchain analytics firm. The scale is directionally accurate even if the exact number is uncertain.

The attacker's business model is efficient: each token cycle takes less than 5 minutes from deployment to burn, according to the same March 2026 analysis. At scale across hundreds of tokens per day, the aggregate drain on the ecosystem is substantial.

---

Why Copy Traders Face Unique and Amplified Exposure#

Every article written about the Permanent Delegate scam to date has addressed it as a problem for individual buyers. None of them have addressed the mechanic that makes copy traders specifically — and structurally — more exposed.

Can Solana copy trading bots get burned by Permanent Delegate tokens?#

Yes. A copy trader whose bot mirrors a wallet that buys a Permanent Delegate token will execute the same buy automatically, receive the tokens in their wallet, and lose 100% of that position to the burn — often within seconds, before any stop-loss or alert can trigger. The copy trader never chose the token, never saw the safety profile, and has no reactive defence once the buy executes. The burn leaves a zero balance with nothing to sell, so automated stop-loss mechanisms do not engage.

This is the cascade mechanism no existing article has described. Here is the sequence from a copy trader's perspective:

1. The wallet you are following detects or is targeted by a Permanent Delegate token and buys it — possibly through their own copy trade, a sniper bot, or deliberate targeting of high-follower wallets.
2. Your copy trading bot (Trojan, Axiom, GMGN, BullX) detects the buy within 1–3 seconds and auto-executes the same swap.
3. Your swap confirms. Tokens land in your wallet. Your bot registers a successful trade.
4. Within 1–60 seconds, the attacker burns your balance via Permanent Delegate authority.
5. Your wallet shows zero tokens. Your bot does not detect the burn as a loss event — the position is simply gone. No stop-loss fires. No alert triggers. Your bot moves on to the next trade.
6. You lost 100% of the trade amount in SOL. The transaction is irreversible.

The copy trader is a second-order victim. They did not make the trading decision. They are exposed entirely because they chose to follow a wallet that made it — or because a wallet they followed was itself compromised.

This matters at scale. Trojan Bot, one of Solana's most-used copy trading platforms, had over 2 million lifetime users and 60,000+ daily active users as of mid-2025. According to Gate.com analysis, Axiom held approximately 42% of the Solana trading bot market as of April 2026. If even a fraction of those users' copy bots execute buys into a single Permanent Delegate token targeting a popular wallet, the loss propagates across thousands of accounts simultaneously.

The timing problem: why no bot can react fast enough#

Solana's block time is approximately 400 milliseconds. A copy trading bot typically detects and mirrors a trade within 1–3 seconds of the original execution. The Permanent Delegate burn can occur anywhere from 1 to 60 seconds after buyer tokens are confirmed. In the documented "RED" token case reported by Cointelegraph, the burn occurred 7 seconds post-swap.

The arithmetic is unambiguous: by the time a copy trade executes and any monitoring system might flag an anomaly, the tokens are already gone. Position sizing and risk management for memecoin trading can limit the absolute loss per trade, but they cannot prevent the loss from occurring. The only defence that works is one that operates before the trade, not after it.

---

Which Platforms Protect You and Which Don't#

The table below documents what each major Solana copy trading platform offers — and does not offer — in terms of Permanent Delegate protection, based on their publicly available documentation as of April 2026.

Which Solana trading platforms protect against Permanent Delegate scams?#

No major Solana copy trading platform — Trojan, Axiom, GMGN, or BullX — documents Permanent Delegate extension scanning as part of their copy trading safety checks. Standard protections (honeypot detection, mint/freeze authority scanning, LP status) do not detect Permanent Delegate. Only token-level tools like RugCheck.xyz, Jupiter's warning indicator, and Phantom Wallet display Permanent Delegate flags — and none of these are integrated into real-time copy trade execution.

Platform	Copy Trading Model	PD Protection	Standard Safety Checks
Trojan	Open wallet following	❌ None documented	Jito MEV bundles, slippage controls, daily loss limits, Pump.fun exclusion option
Axiom	Wallet tracking + automated copy	❌ None documented	MEV-resistant routing, honeypot flags, LP status, non-custodial
GMGN	Smart money tracking + auto-copy	❌ None documented	Anti-MEV, phishing alerts, market cap filters, token blacklist
BullX	Wallet tracking + custom rules	❌ None documented	Security audit, honeypot detection, sniper detection
Stratium	Curated algorithmic strategies	✅ Structural	Non-custodial, Jito MEV bundles, position caps, on-chain verification
Jupiter (DEX)	N/A — aggregator	✅ Warning indicator	N/A
RugCheck.xyz (scanner)	N/A — analysis tool	✅ Flags PD extension	Full Token-2022 extension scanning
Phantom (wallet)	N/A — wallet	✅ Extension warnings	N/A

Sources: official platform documentation, solanatradingbots.com, docs.gmgn.ai, Cointelegraph (Jupiter confirmation via Slorg), Phantom developer docs. PD protection absence confirmed by absence of documentation — not necessarily feature absence; platforms should be contacted directly for current status.

The distinction between standard safety checks and Permanent Delegate protection matters because they operate on entirely different layers. Honeypot detection checks whether sell transactions succeed. LP status checks whether liquidity is locked. Mint/freeze authority checks whether new supply can be minted or accounts frozen. None of these checks query the Token-2022 extension data that would reveal a Permanent Delegate. They are checking for the wrong threats.

For a broader comparison of fees and features across Solana trading platforms, the Solana trading bot fee comparison covers the cost structure in detail.

Open wallet following vs. curated strategies: a structural difference#

The difference between inheriting every token a random wallet touches and copying a curated strategy with a verifiable track record is not a minor feature gap — it is the difference between structural exposure and structural protection.

On platforms like Trojan, Axiom, or GMGN, copy trading means picking a wallet address and automating every buy that wallet executes. If that wallet buys a Permanent Delegate token — whether because it was targeted, because it made a mistake, or because the wallet itself is compromised — your bot buys it too. There is no filtering layer between the wallet's trade history and your funds. You inherit every position, including the ones that are traps.

Stratium's architecture operates differently. Rather than allowing users to follow any arbitrary wallet, it offers 11 curated algorithmic strategy wallets, each managed by a strategy operator who selects which tokens to trade. The operator's token selection is itself the filter. If the operator reviews token extensions before entering a position — which any competent operator would do — copy traders are never exposed to PD tokens. They only execute what the strategy wallet executes.

Every trade in a Stratium strategy wallet is recorded on-chain and verifiable on Solscan — not just the winning trades, but every transaction including losses. Users can audit the strategy wallet's full history, including every token address traded, before subscribing. The strategy charges 0.1% per trade compared to the industry standard of approximately 1% across platforms like Trojan, GMGN, and BullX, according to data from both Stratium's website and multiple third-party platform reviews. Go to Solscan, paste any Stratium strategy wallet address, and review every token it has ever traded — including the extensions on each one. That is the audit trail that open wallet following cannot provide.

One note on framing this accurately: Stratium does not advertise "Permanent Delegate filtering" as a documented feature. The protection is structural, arising from the curated model. If you are evaluating any copy trading strategy — including Stratium's — the correct verification step is to audit the wallet's trade history on Solscan yourself and check the Token-2022 extension status of every token it has traded. The on-chain record does not lie.

---

How to Check If a Solana Token Has Permanent Delegate Enabled#

If you are trading manually, evaluating tokens before subscribing to a strategy wallet, or auditing a wallet's history, these are the tools that detect Permanent Delegate before a swap executes.

How do I check if a Solana token has Permanent Delegate enabled?#

To check if a Solana token has Permanent Delegate enabled, paste the token's mint address into RugCheck.xyz and look for the Permanent Delegate warning in the extensions section. Alternatively, open the token on Solscan, navigate to the Extensions tab, and look for the PermanentDelegate field. If it exists and points to a non-null wallet address, the token creator can burn your balance at any time.

Here is the full toolkit:

RugCheck.xyz — The most accessible scanner for non-technical users. Paste the token's mint address and RugCheck will flag Permanent Delegate alongside other Token-2022 extension risks. According to Solana Compass, RugCheck performs comprehensive Token-2022 extension analysis. It is free and requires no wallet connection.

Solscan — Solana's primary block explorer. Navigate to a token's page, open the Extensions tab, and look for the PermanentDelegate entry. If present, note the delegate wallet address — if it matches the deployer wallet, that is the standard attack configuration.

Jupiter DEX — According to Slorg of the Jupiter Core Working Group via Cointelegraph, Jupiter displays a warning indicator when a token has the Permanent Delegate extension active. This warning appears at the swap confirmation screen, though by the time you see it, you are already one click from buying.

Phantom Wallet — According to Phantom's developer documentation, Phantom displays extension warnings for Token-2022 tokens including Permanent Delegate. If you see a warning when interacting with a token, take it seriously.

SolanaFM — An alternative block explorer with a Token Extensions view. Useful as a secondary confirmation check alongside Solscan.

A 60-second pre-trade safety check for copy traders#

Before subscribing to any new wallet or strategy on any copy trading platform, this check takes 60 seconds and can prevent exposure to Permanent Delegate tokens that the wallet has already touched:

1. Open Solscan in your browser.
2. Navigate to the wallet address you are considering following.
3. Open the transaction history and review the 10–15 most recent swaps.
4. For each token purchased, click through to the token page and check the Extensions tab.
5. If any traded token shows a Permanent Delegate field pointing to a wallet address, that wallet has interacted with PD tokens. It may be a one-off or a pattern — investigate further before subscribing.
6. Walk away from any wallet that repeatedly trades freshly launched tokens without apparent extension screening.

This process does not guarantee future protection — a wallet can start trading PD tokens after you subscribe. But it establishes a baseline: any wallet with a history of PD token exposure is either careless or compromised.

---

Is It Safe to Copy Trade on Solana in 2026?#

The question is not whether Solana copy trading is safe in absolute terms — it carries genuine market risk regardless of scam exposure. The right question is whether your specific platform and process give you structural protection against the threats that actually exist in the current environment.

Is it safe to copy trade on Solana in 2026?#

Copy trading on Solana is safe relative to manual memecoin speculation if you use a platform with pre-screened strategies, audit the strategy wallet's on-chain history before subscribing, and maintain per-trade position limits. It is not safe if you follow arbitrary wallets without checking their token extension exposure. According to Solidus Labs' research, 98.6% of Pump.fun tokens show rug or fraud characteristics — meaning the baseline token risk on Solana is extremely high for any strategy that chases new launches without extension screening.

The security environment has deteriorated since 2024. When Slorg first documented the Permanent Delegate scam in September 2024, it was a novel attack carried out by individual bad actors. The March 2026 security analysis describes an industrialised factory model — automated deployment, fake volume generation, and coordinated burns running across hundreds of tokens per day. The scam has matured from an edge case into a systemic threat.

That said, Solana's DEX infrastructure processed over $117 billion in volume in January 2026, according to BeInCrypto citing Dune Analytics. The vast majority of that volume comes from legitimate trading activity. The Permanent Delegate scam is concentrated in the long tail of new, micro-cap token launches — a segment that some copy trading strategies deliberately avoid. If your strategy wallet's history shows no exposure to this segment, you are not exposed.

Five rules for safer copy trading on Solana#

Following these rules does not eliminate risk — no rule set eliminates trading risk. But it specifically addresses the Permanent Delegate threat:

Rule 1 — Only copy curated or verified strategies, not random wallets. When you follow a random wallet address, you inherit that wallet's entire risk profile, including any future purchase of a Permanent Delegate token. Curated strategies where an operator has pre-screened the token universe provide a filtering layer that arbitrary wallet following cannot.

Rule 2 — Audit every strategy wallet's on-chain history on Solscan before subscribing. The 60-second check described above takes 60 seconds. Apply it without exception. Every strategy wallet's complete history is publicly visible on-chain.

Rule 3 — Use RugCheck.xyz before any manual token purchase. If you ever buy tokens manually outside of your copy trading platform, paste the mint address into RugCheck.xyz first. It is free and flags Permanent Delegate alongside other Token-2022 extension risks.

Rule 4 — Set strict per-trade position limits. Solid risk management for memecoin trading caps the absolute loss any single trade can cause. Even if a PD burn executes, a position limit of 0.5–1% of your total capital means the impact is contained.

Rule 5 — Apply extra caution to tokens launched within the last hour. The Permanent Delegate scam cycle from deployment to burn takes less than 5 minutes, according to the March 2026 security analysis. Strategies that exclusively trade tokens more than 24 hours old face meaningfully lower PD exposure — most attack tokens are burned and abandoned within minutes of launch.

---

Other Token-2022 Extensions You Should Know About#

Permanent Delegate is the most dangerous extension in active exploitation, but Token-2022 includes several others that carry real risk for traders. Understanding the full landscape provides context for why extension scanning matters more broadly.

Extension	What It Does	Risk Level	Attack Vector
TransferFee	Charges a % fee on every transfer	Medium	Fee set at 0–100%; can drain value on every sale
TransferHook	Runs a custom program on every transfer	High	Hook can block sells entirely (honeypot)
NonTransferable	Token cannot be transferred or sold	High	Buyers cannot exit — complete honeypot
ConfidentialTransfer	Hides transfer amounts	Medium	Conceals insider selling / wash trading activity
Default Account State Frozen	New accounts start frozen by default	High	Attacker controls who can trade — selective honeypot
Permanent Delegate	Grants burn/transfer authority to one address	Critical	Token creator burns any holder's balance at will

For a copy trader, every extension in this table can be present in a token that an open wallet following strategy will buy without warning. Extension scanning catches all of them. Traditional rug-pull detection catches none of them.

The Solana Foundation's Token Extensions documentation covers all extensions and their intended legitimate use cases. The gap between intended use and actual deployment in the current ecosystem is what the scam industry exploits.

---

Conclusion#

The Permanent Delegate burn scam is not a new development — Slorg documented the first confirmed case in September 2024. What changed between 2024 and Q1 2026 is industrialisation: automated deployment pipelines, coordinated fake volume, and systematic targeting of high-follower wallets to maximise the cascade effect through copy trading bots. Security researchers estimate over $50 million in losses in Q1 2026 alone from this single attack vector. The attack is ongoing and expanding.

Copy traders are specifically and structurally more exposed than individual buyers because they execute buys programmatically, without any manual review of the token being purchased. A single wallet that buys one Permanent Delegate token can trigger simultaneous losses across hundreds or thousands of accounts that follow it. The reactive defences that copy trading platforms provide — MEV protection, honeypot detection, stop-loss orders — all operate after the buy executes. They do not prevent Permanent Delegate exposure.

The only defence that works at the copy trading layer is pre-trade token filtering by the strategy operator. Stratium's 11 curated strategy wallets operate under that model: the operator selects every token traded, and every trade is publicly verifiable on Solscan — wins and losses alike. Every Stratium strategy charges 0.1% per trade, compared to the approximately 1% standard across the major open-wallet-following platforms. Before subscribing to any copy trading strategy on any platform, audit the wallet's on-chain history on Solscan yourself: paste the wallet address, check the 10–15 most recent token purchases, verify their extension status. The blockchain doesn't lie — check for yourself at stratiumsol.com.

---

Related Reading#

• Drift Protocol Hack: $285M Solana Exploit Explained (2026) — How the largest DeFi hack of 2026 exposed the vault architecture risk that non-custodial copy trading eliminates
• What Is Non-Custodial Trading? — How non-custodial architecture eliminates platform-level theft risk
• Risk Management for Memecoin Trading on Solana — Position sizing and safety rules for meme token trading

---

Frequently Asked Questions#

What is the Permanent Delegate extension on Solana? The Permanent Delegate extension is a Token-2022 feature that grants a designated wallet address permanent, unconditional authority to burn or transfer tokens from any holder's account without their permission. It is set at token creation and cannot be revoked. Scammers use it to drain buyers' balances automatically, typically within seconds of a swap confirming.

How does the Permanent Delegate scam work step by step? The scam has six stages: deploy a Token-2022 token with Permanent Delegate set to the attacker's wallet, revoke mint and freeze authority to pass standard safety checks, create a Raydium liquidity pool, generate fake volume via coordinated wash-trading wallets, attract buyers whose swap transactions confirm, then burn every buyer's token balance via the Permanent Delegate authority within seconds. The attacker's SOL from the original liquidity remains intact.

Can Solana copy trading bots get burned by Permanent Delegate tokens? Yes. If the wallet you are copying buys a Permanent Delegate token, your bot auto-executes the same buy, you receive tokens in your wallet, and the attacker can burn your entire balance within seconds of your swap confirming. Your stop-loss does not fire because the token balance is zero, not negative — there is nothing to sell. The loss is total and irreversible.

How do I check if a Solana token has Permanent Delegate enabled? Paste the token's mint address into RugCheck.xyz and check for the Permanent Delegate flag. Alternatively, open the token on Solscan, navigate to the Extensions tab, and look for the PermanentDelegate field. If it points to any wallet address, the extension is active. Jupiter DEX and Phantom Wallet also display warning indicators for tokens with this extension enabled.

Which Solana trading platforms protect against Permanent Delegate scams? As of April 2026, none of the major open-wallet-following copy trading platforms — Trojan, Axiom, GMGN, or BullX — document Permanent Delegate extension scanning as part of their copy trading safety checks. Token-level tools including RugCheck.xyz, Jupiter DEX, and Phantom Wallet flag the extension. Stratium's curated strategy model provides structural protection because the strategy operator pre-screens token selections before any trade executes.

Is it safe to copy trade on Solana in 2026? Copy trading on Solana carries real risk, including from the Permanent Delegate scam. Safety depends on which platform and model you use. Curated strategies where an operator pre-screens the token universe carry lower PD exposure than open wallet following. In both cases, auditing the strategy wallet's on-chain transaction history on Solscan before subscribing is the minimum due diligence. No copy trading strategy is risk-free.

---

This article is for informational purposes only and does not constitute financial advice. Crypto trading involves substantial risk of loss.

---

About the author: Florian has been trading Solana-based strategies since 2023 with a focus on algorithmic and quantitative approaches. The Stratium strategy wallet has a publicly verifiable track record updated in real-time and viewable at stratiumsol.com/performance.