"If You Ain't First, You're Last" Reverse-Engineering a Leading Pump.fun Sniper Bot – Part 2
This blog post includes the codebase that @licketyspliket and I used to develop our bot. It is a continuation of the first post in this series, implementing the strategy we previously reverse-engineered and backtested. In this article, I will provide a high-level overview of the various steps and challenges we faced, demonstrate how the bot performed, and discuss potential future improvements.
How do you programmatically interact with Pump.fun?
The first big hurdle we faced was determining how to buy and sell coins on the platform using a language like JavaScript or Python. Looking at a buy transaction on Solscanner, we could see that the transaction uses the Pump.fun contract to perform a buy operation.
After doing more research into how Solana programs work, we realized that an "Anchor Program IDL" would make it much easier to hook into the program and use its functions. However, no IDL was available on Solscan, so we had to find another way to fetch it.
To accomplish this, I connected Charles Proxy to my Chrome browser and opened Pump.fun. This provided a log of all assets and scripts fetched when the page loaded. Since the browser needs an easy way to interface with the Pump.fun program to mint, buy, and sell coins, it seemed likely that we would find the IDL there.
After searching the logs for the program address, 6EF8..., I found a JavaScript file that looked promising. After beautifying the script and extracting its contents, we discovered it contained the exact IDL we needed.
With the IDL in hand, we were able to start placing buy and sell orders.
Developing the bot
Since Lick and I both like working in Go, we chose to build the bot using it. Fortunately, Gagliardetto on GitHub has created some excellent open-source packages for working with the Solana blockchain in Go. Specifically, solana-go provides the main functionality for interacting with the blockchain, and anchor-go allows the bot to use the extracted IDL to interact with the Pump.fun program.
With the strategy from Part 1 of this series in mind, I developed a diagram to outline how I envisioned the bot's operation:
Although we never implemented all the features, such as analytics and Raydium monitoring, the diagram served as a helpful guide for handling new mints, from initial pickup to selling the coin.
High-level overview of the bot
Detailing every step of the bot's development would be time-consuming and likely not very interesting, so I encourage interested readers to explore the code provided here for a deeper understanding. However, here's a brief overview beyond the diagram:
The bot has two crucial components: buying and selling handling. Using our dedicated RPC and WebSocket clients, we monitor newly minted coins, gather information about the creator, track the number of coins they purchased, and identify the funder, all within a few hundred milliseconds.
When a buy attempt is triggered, the bot stores the coin and its relevant information in the instantiated Bot struct. Simultaneously, it begins monitoring transactions under the creator's Associated Token Account for this coin. If the creator transfers or sells coins, the bot's selling component immediately exits the position. However, as our buy transaction might still be pending or could fail, the bot waits for the buy routine to complete before attempting to sell.
Pitfalls and setbacks
Throughout the bot's development, we encountered a few issues and difficult problems. I've shared a brief overview of some of them below.
- Reverse-engineering the bonding curve: This process took a few hours of development to determine the values fetched on-chain from the coin's bonding curve address, allowing us to request the correct amount of coins in our Buy instruction. ChatGPT assisted in rewriting the JavaScript code into Python, which was then converted into Go.
- Improving transaction confirmation rate and speed of confirmation: Many developers face issues with Solana transaction landing rates and speeds. To mitigate this, we set up our own dedicated RPC, used free/public RPCs for broadcasting transactions, and used Lick's seamless Jito bundle integration, based on weeaa's jito-go package, significantly improving speed and reliability. The transaction settings we used are available in the repository associated with this blog post.
- Stale / out-of-sync data from paid RPC services: Initially, we purchased an RPC subscription from a leading vendor (non-dedicated) and encountered issues with the WebSocket connection being out of sync with the RPC. Additionally, data occasionally arrived seconds after hitting the chain, causing us to miss out on many coins. Operating without a dedicated RPC severely limited the bot's performance.
Did it work?
Overall, the bot could have performed better in production. While its core functionality was solid, even with the addition of Jito bundles and other features, we consistently struggled to be the first entrant into coins. Compared to orcACR's trading activity, we managed to enter roughly 5% of the coins they did, despite our algorithm triggering for many of them.
However, we did achieve first entry into a few coins that reached Raydium, yielding a profit of around 50-60x on those. Despite these successes, we lost on the overwhelming majority of coins we entered and could not consistently turn a profit.
Closing thoughts
Although we didn't achieve the profit margins that traders like orcACR managed with this strategy, working on this project was incredibly fulfilling. Lick and I learned a great deal about building on Solana.
I invested significant time trying to improve the code and enhance our entry rate and transaction confirmation speed, but I couldn't make any meaningful breakthroughs. I think the project would have been much more successful if we could have improved our transaction speed and success rate.
This series, along with the provided code, shares our journey and approach to this project. I also hope to provide a starting point for anyone interested in working on Pump.fun or similar projects. Many GitHub repositories related to Pump.fun contain wallet-drainers or other malicious code, so I wanted to offer something legitimate.
Thank you for reading!
Repository: https://www.github.com/1fge/pump-fun-sniper-bot/
