search

hop-protocol / hop-airdrop

Hop Airdrop distribution 🐰
175 stars 218 forks source link

Sybil Attacker Report #483

Open Pcoderx opened 2 years ago

Pcoderx commented 2 years ago

Related Addresses

Part1 0x6704e754055f3d6d533461aa4d16af2c02ac99b4
0x3cb4899127313a3e18aa27ece7269bea12777997 0x6c7bc4f29c27fd33661051d4816e06a4d4e2cfae 0x8029857ac4025fba3b9ba3c7b8882b1817eddc73 0x8e0f77db803fca297ed5b40496f6f768faba389e 0xb9dc492829386ddb57b7abcbc1559d5341920e3e 0xbc95a15f204fe21f51602a453043425e02f4d9f6 0xc474a42d576bf1b4524996e637a0295240d79282 0xf5616d383a16d054ef47e9328e7d4ea1cb443f1d

part2 0x88dbfc20d2f2bc004d4dde1947deda4cd478dd0d 0x27eb7ea0611347d72506c7fd3210afe2a8b213e9 0x3fc137a4d127356962c0ff60fdb1a1ae3546a06a 0x43574a11f5a783db442b74b902c7567326fdd293 0x61144f133cee6eb6a3cb1e7a22dacfe57fd625e4 0x633ccab60e6f010c5f9ca86be620cea252e00960 0x72f60aa98c4a1d4c75e5e436fb3f98ea85cc1a3d 0xa5edd760b959c1fae53ae50b92a278b5eee47c55 0xd524dafabefeff3adc021d23783a7fee771833fd

Reasoning

Part1 this address (0x6704e754055f3d6d533461aa4d16af2c02ac99b4) send 0.005 eth to 7 other address at Apr-19-2022 05:07:27 PM To Apr-19-2022 05:33:22 PM All addresses receive funds (on optimistic) and they had similar behaviors

all of them made transcation on (Synthetix: sUSD Token) at Apr-27-2022 12:53:00 to Apr-27-2022 02:10:08 and then transfer ETH to next address eth

Part2 this address(0x88dbfc20d2f2bc004d4dde1947deda4cd478dd0d) send 0.0101 eth to 7 other address at Nov-19-2021 11:45:23 to Nov-19-2021 11:47:52 All addresses receive funds (on optimistic) and they had similar behaviors

p2

Methodology

track all txs on optimistic Network i used optimistic explorer Api to figure out which address in eligibleAddresses have a connection with other Addresses

Rewards Address

0x1f0dD7D2F03Ff1f5E8A4DBa9045769B881F9D59E

MykytaUa99 commented 2 years ago

9 adresses, not enough 10 or more elligible and correlated check reqs

shanefontaine commented 2 years ago

@Pcoderx

It looks like these might be 2 independent groups of <10 addresses. If that is the case, then this submission is ineligible, as there needs to be 10 or more related addresses. Additionally, some of the addresses would need additional supporting data in order to be considered a Sybil attacker.

I will leave this open and look forward to your response!

Pcoderx commented 2 years ago

Part1 All addresses send eth to another account

0x38f8e58554373f1ebc7b5596f4d39ccb74ad060a 0x19c6469a379202e4e609efef589594aa8817ffe8 0x31d59c28618ae3c5ecdd4ee5eb3810553bf16ba3 0x534966ec6f92dbb9883fd402b107abdc5c2664a7 0x75860813cd32de6195384a18dde980c666223f44 0x949442a84efc7c07b22f02e0726b19388ff2fbea 0xf40c583b292ae74d3c352811e9a6aa4536fd36e5

Part2 All addresses send eth toanother account 0x7093773263bef4d7ed327f9d2104177bdbfcf7b8 0x0d2e687f9a58d8464c561c06dcf9e2b2c53bd7e9 0x32e01149f656f6062168ea437a3e3192fd669c8c 0x6ea24f3cdddf5b88f90b73a2d7df7ad9c0f9bec4 0x8cec62a1649276ffd19edc8bf569391115886945 0x951981253b0dc14e4404e8c1274e9727f3c2d1ef 0xe4d33689622807a578f8e2f6f7bb3eb96dd4e848

Part3

Send directly from (0x17d60e33385700247741d8a0c2db0d4ac28130d7) to 5 another account

0x17d60e33385700247741d8a0c2db0d4ac28130d7 0x30299c7b06a4e61ef4aed51a146dd498494336f2 0x49f06f95c5d105ae6cda00444bbd3dda06e61cc8 0x691cfa5f0f105fc92acf830844f290ad9b44c23e 0xbd91ed15a05372a1fa9f9dc472c7506ae946fd8b 0xf85fe17faaaaddd20fa588a6c4ca06914d507a84

https://optimistic.etherscan.io/tx/7206590 https://optimistic.etherscan.io/tx/7190067 https://optimistic.etherscan.io/tx/629840 https://optimistic.etherscan.io/tx/1046348 https://optimistic.etherscan.io/tx/1047274 https://optimistic.etherscan.io/tx/7201975

shanefontaine commented 2 years ago

@Pcoderx Each group needs to of size 10 ore more. This appears to be three submissions of less than 10. Are Part1, Part2, and Part3 connected in any way?