Sybil Attacker Report

[Nia854]

0xba07e5cb42cA05D2fc3D96514461D7245050eb7B greennft.eth 0x6Ea6bc1823f6ff7b55Edf80895d053BCd1029b13 dexbridge.eth 0x62D1556564Aca67d7F92c61e1946a02d83255Cb2 metawoman.eth 0x896d6845fe202B70805212E372FE29be84682fE3 moonedge.eth 0x46Dd1320B44329DcAb2ce3913F0F43CCfec871B0 swappi.eth 0xA3B9Fe8647aa9D7009B9A7Ad1D8D4A2381994eFa tradersvillage.eth 0x84F665281B5Aa35b9CF5ebF47227Daf263f267aC 0xe6E2E69030c82aFe3dE8E0E5F3d422ACA43879A2 formationfi.eth 0x20959D71A7ec0212Af1b649bDB4220a9FeC3FBfd 0x5a49C6d7712C0C2d7aF6F6bfeCA8D861CB980B58 0x713f90407fc49f0BC59A6661C23FB67692a80E6d childhood.eth 0x21Fa2cf8E56B9938402A7e08703BFBe4Be0943fb ssvip.eth 0x62eFcd67ee9AE5cB4d6E595Db9Ee3861E50a45Bc 1money.eth 0xBd5f7F276D94aFCAc1505F93a98C0eC39a6e6A23 0x2347b1B2B8Cd9eE89Ce4fA8c12F05bF65EB123E7 0x13BcD144A13fEDD803d70f248Fe99Ca2AaC5E9Ac 0x87f1d3359334A6c2FF5e189a91605eADe8E05459 0x4D184E5198ee0b9d646cd450243DaEbEB6b8cc86 metajapan.eth 0x21Fa2cf8E56B9938402A7e08703BFBe4Be0943fb 0x4aD9f09E879B483AbBf27872868D72dB4D1B0e72

Reasoning

This group of 21 addresses shows high correlation among them and their transactions on main net and arbitrum and optimism show identical trading pattern.

This group of 21 addresses show close relation among them; their transactions on ethereum main net and on Arbitrum and Optimtism shows identical trading patterns and transfer among each other shows they are sybil attackers. For example, wallet greennfe.eth 0xba07e5cb42cA05D2fc3D96514461D7245050eb7B has directly funded following addresses on mainnet: 0x6Ea6bc1823f6ff7b55Edf80895d053BCd1029b13,0x62D1556564Aca67d7F92c61e1946a02d83255Cb2, 0x46Dd1320B44329DcAb2ce3913F0F43CCfec871B0, 0xe6E2E69030c82aFe3dE8E0E5F3d422ACA43879A2, 0xA3B9Fe8647aa9D7009B9A7Ad1D8D4A2381994eFa, 0x4D184E5198ee0b9d646cd450243DaEbEB6b8cc86 0x21Fa2cf8E56B9938402A7e08703BFBe4Be0943fb. And those addresses would transfer balance back to greennft.eth muntiple times.

Also, many of the addresses show many very identical trade patterns on abritrum and optimism network. For example, on April 1st, 2022 at a time span within one hour, many wallets listed here would mint a ERC21 token Government Token. I have included some of these transaction hashes here: 0xbe20931f663b805358c9ebf0e875247b1ad1736be2b8d511dac5a819f1b2d494 0x3c4d2f5492ee4ee69221b1775164f489508abf2051aa936843f1c5fbd9abe1b3 0xceb5d8f6b854e5c95d2a8dc31fb0e776465274b3b980a154538ac3c58f8dcbde 0x93357a3ac49abbad46352779322454071c6995f1a7cee09c857e34d22c40aaac 0xfdf4c99957a18ea7f31c1159ab9a2e81938c08b169d4c203bb71756718f9f348 0x5be31c7f3139c2bf8f2f28953553c2b7044bf6387b9e4d5bc446e812a6a2ded7

Methodology

I manually checked all addresses activities on Etherum main net and on Arbitrum and optimism.

Rewards Address

0x6147B20E2542137055C87E6d86C8af5bF8Fb515a

[Nia854]

Wallet address21 0x0D0206f970bd67965B410956184c1F87B8cE182a

[shanefontaine]

@Nia854

Thank you for the submission. Unfortunately, this submission does not meet one of the criteria for submissions:

Methodology that has a non-negligible chance of eliminating legitimate users will not be considered

There will need to be additional proof submitted in order to consider this a valid group that does not include any legitimate users. Please consider providing more information about the behavior of these addresses, such as identical types of transactions or similar timing of transactions. Please note that another user that submits an issue with a detailed, non-negligible chance of eliminating legitimate users, their submission will be considered before yours. @Iseeyou23

Thank you for the submission. Unfortunately, this submission does not meet one of the criteria for submissions:

Methodology that has a non-negligible chance of eliminating legitimate users will not be considered

There will need to be additional proof submitted in order to consider this a valid group that does not include any legitimate users. Please consider providing more information about the behavior of these addresses, such as identical types of transactions or similar timing of transactions. Please note that another user that submits an issue with a detailed, non-negligible chance of eliminating legitimate users, their submission will be considered before yours.

We have seen a number of OTC deals, NFT direct trades, and friends sending friends funds that connect addresses like this but do not imply a Sybil attack.

Some potential compelling evidence may be:

• Identical transactions on the exact same day/time by most or all of the addresses
• A trace of the ERC20 token between addresses (as opposed to native tokens)
• A similar time/date that all the addresses started transacting on a chain

Please let us know if you can provide this data. Thank you for your work.