search

hop-protocol / hop-airdrop

Hop Airdrop distribution 🐰
176 stars 218 forks source link

Sybil Attacker Report #537

Open defienjoyer opened 2 years ago

defienjoyer commented 2 years ago
Addresses | hash -- | -- 0x000000000a38444e0a6e37d3b630d7e855a7cb13 | 0xd3219bd69c6377e623a8a1e9690942227d693e54c7e3e37e4b9218d25f8b9443 0x000000000a38444e0a6e37d3b630d7e855a7cb13 | 0xd3219bd69c6377e623a8a1e9690942227d693e54c7e3e37e4b9218d25f8b9443 0x000000000a38444e0a6e37d3b630d7e855a7cb13 | 0xd3219bd69c6377e623a8a1e9690942227d693e54c7e3e37e4b9218d25f8b9443 0x542eab835eb33a984b19fe25a6b1f87740685a32 | 0xd3219bd69c6377e623a8a1e9690942227d693e54c7e3e37e4b9218d25f8b9443 0x5bb96c35a68cba037d0f261c67477416db137f03 | 0xd3219bd69c6377e623a8a1e9690942227d693e54c7e3e37e4b9218d25f8b9443 0x9325564ade7683706107685cf1993678b1163261 | 0xd3219bd69c6377e623a8a1e9690942227d693e54c7e3e37e4b9218d25f8b9443 0xa946174c101c8631aa1967d2db1477558f174649 | 0xd3219bd69c6377e623a8a1e9690942227d693e54c7e3e37e4b9218d25f8b9443 0xa9d89a5caf6480496acc8f4096fe254f24329ef0 | 0xd3219bd69c6377e623a8a1e9690942227d693e54c7e3e37e4b9218d25f8b9443

Reasoning

All addresses are related via one disperse transaction

Methodology

I created a script to link disperse address with eligible addresses document.

Rewards Address

0xCBd39631F4fb359cA966424B622aee0A5c1DaAa1

defienjoyer commented 2 years ago
  1. 0x9325564ade7683706107685cf1993678b1163261
  2. 0x65b8ee88cd729b00c574884f3404678bac479dab
  3. 0x3cd5c6d4248bed58495ac94945a12face2b6f198
  4. 0x6fb47c08c716dcb8cdf964f0c95bfc2c82206fcb
  5. 0x2e97bab47dfb1fd1395be6d86fcd48c19374b79b All interact with each other, some similar patterns in terms of usage time + what they are doing, all funded via FTX.
  6. 0x5bb96c35a68cba037d0f261c67477416db137f03 interacts with 4.
  7. 0xbbaaf7095e5f4e74b11534532c5d43a3c364bad4 interacts with 6.
  8. 0xa9d89a5caf6480496acc8f4096fe254f24329ef0 similar style to first 5 plus interacts with 6.
  9. 0x000000000a38444e0a6e37d3b630d7e855a7cb13 connected to 8. and also shown as part of disperse call
shanefontaine commented 2 years ago

@defienjoyer We have observed cases of apps sending funds through Disperse to help their users pay for gas on L2s. We have also seen altruistic people and faucets do the same. Because of this, we will need additional evidence. Some potential compelling evidence may be:

Please note that there will need to be much more data provided for this submission. Per the rules, the data will also have to be easily verifiable. The additional data you provided does not show how the all the addresses are related to each other, which is another rule. The data in that comment is not extremely conclusive.

Please let us know if you can provide this data. Thank you for your work.