Parkcora commented 2 years ago

Related Safe Addresses:

0x22744aaa725852C2C72a59c240A3677dB39cF8D3
0xfFe9084994EBBDf3706C067981aa5EdCe7988775
0x62D364CBa80A8Ba057e82c2e648a1A87CdAD7dD7
0x982D95666cA5bC311EFc71F852dE29E34Bc83790
0xa013c700F0f2b10310706e52858e33b86aC86c8D
0x187e0E9FC9e92D0E99E6dF3DCCC695d4229D4BFF
0x4Dd148228efA2A20bcED935CCBB8131F231Bae27
0x6e8e17BBa20e32d9391EC07DC5bc346316205eeC
0x0Bf6a95f798ee219F68471b4A5bA4c220b16db7F
0x2194C6B357f93570cF40476f1908E591144834F7
0x66Da557ED198FF341c0c5f18a3A3aa2603383CD0

Reasoning

Those addresses have the same historical behavior pattern:

All safe addresses created by 0x020982FFc013F338F9e0B46DA61eBfdA7F1e1d3e from 2022-08-12 to 2022-09-23
All safe addresses in this group received some IdleUSDC v4 [Best yield] from 0x020982FFc013F338F9e0B46DA61eBfdA7F1e1d3e
All safe addresses in this group sent all IdleUSDC they had to 0x020982FFc013F338F9e0B46DA61eBfdA7F1e1d3e or 0xe4dFDEE5cA95712C6aC1a53a5f8B4465d9CBFE60 on 2020-10-05

safe address	all tranactions
0x22744aaa725852C2C72a59c240A3677dB39cF8D3	https://debank.com/profile/0x22744aaa725852C2C72a59c240A3677dB39cF8D3/history
0xfFe9084994EBBDf3706C067981aa5EdCe7988775	https://debank.com/profile/0xfFe9084994EBBDf3706C067981aa5EdCe7988775/history
0x62D364CBa80A8Ba057e82c2e648a1A87CdAD7dD7	https://debank.com/profile/0x62D364CBa80A8Ba057e82c2e648a1A87CdAD7dD7/history
0x982D95666cA5bC311EFc71F852dE29E34Bc83790	https://debank.com/profile/0x982D95666cA5bC311EFc71F852dE29E34Bc83790/history
0xa013c700F0f2b10310706e52858e33b86aC86c8D	https://debank.com/profile/0xa013c700F0f2b10310706e52858e33b86aC86c8D/history
0x187e0E9FC9e92D0E99E6dF3DCCC695d4229D4BFF	https://debank.com/profile/0x187e0E9FC9e92D0E99E6dF3DCCC695d4229D4BFF/history
0x4Dd148228efA2A20bcED935CCBB8131F231Bae27	https://debank.com/profile/0x4Dd148228efA2A20bcED935CCBB8131F231Bae27/history
0x6e8e17BBa20e32d9391EC07DC5bc346316205eeC	https://debank.com/profile/0x6e8e17BBa20e32d9391EC07DC5bc346316205eeC/history
0x0Bf6a95f798ee219F68471b4A5bA4c220b16db7F	https://debank.com/profile/0x0Bf6a95f798ee219F68471b4A5bA4c220b16db7F/history
0x2194C6B357f93570cF40476f1908E591144834F7	https://debank.com/profile/0x2194C6B357f93570cF40476f1908E591144834F7/history
0x66Da557ED198FF341c0c5f18a3A3aa2603383CD0	https://debank.com/profile/0x66Da557ED198FF341c0c5f18a3A3aa2603383CD0/history

Methodology

It can be identified by visualization and further analysis of the details of the above transaction listed.

Safe Address

0xD50fF80Ce8EFc38D024272f4019978Dc017eA200

Parkcora commented 2 years ago

@johannesmoormann Could you at least explain a little bit why they are not considered to be Sybils? Thank you very much.

Parkcora commented 2 years ago

@johannesmoormann Could you provide the reason you added ‘Heavily edited and potential copycat’ label? All of addresses are only reported by myself in this repo, how could i copy them from others?

Parkcora commented 2 years ago

@tschubotz Could you help to check my report which just added ‘Heavily edited and potential copycat’ label then closed it by @johannesmoormann, many of these report's addreses are submitted originally, it maybe a mistake. No reason to closed them without reviewing.

johannesmoormann commented 2 years ago

@Parkcora most or all of your reports do not contain any address originally submitted and many of the addresses edited in at a later stage, are already contained in issues from other authors. while this report might be one of the few exceptions, your practice is highly problematic and we will not take any more of your reports into consideration here.

Parkcora commented 2 years ago

@johannesmoormann Maybe i could get a chance to share my investigation, it might helpful to you. I have submitted some reports in safe airdrop hunt competition. 7 of 10 reports you labelled which are submitted originally from me, here is the details:

336: Only I have submitted the relevant addresses until now.

337: All addresses were first submitted originally 10 days ago, including similar addresses is issue 427 which created 7 days ago.

338: All addresses were first submitted originally 10 days ago, including similar addresses is issue 443 which created 7 days ago.

341: All addresses were first submitted originally 8 days ago.

342: All addresses were first submitted originally 8 days ago, including similar addresses is issue 438 which created 6 days ago

344: All addresses were submitted originally 10 days ago

345: Only I have submitted the relevant addresses until now.

Maybe you find some of my report’s addresses are submitted by editing, because when I start the next report , I will first copy the entire report I just submitted, and then edit and replace the addresses, and some edits just to adjust format or add my safe address.

340: All addresses were first submitted 4 days ago, and they are part of issue 440 were submitted 6 days ago, so if this issue is valid 340 should be invaild. Ps: I first close this report because it is not convinced then I reopened it with new addresses and new method by finding addresses have same airdrop rewards.

343: All addresses were submitted later than 260, the difference I have commented in 343.

346: All addresses were submitted later than 371, issue 371 is a big group and I just find ten addresses which created by one creator. I updated addresses 6 days ago then reopened because I think the former report is invaild. If 371 is valid this issue should be invaild.

With 340, 343, 346. you could find each of my reports find attackers method is different with others. so there is always differences between my addresses group and others.

I don't know close the invaild issue the reopen it with new addresses and method will make a misunderstand, because when in hop competition, we used the edit history to check which is the first vaild report.

Parkcora commented 2 years ago

@Parkcora most or all of your reports do not contain any address originally submitted and many of the addresses edited in at a later stage, are already contained in issues from other authors. while this report might be one of the few exceptions, your practice is highly problematic and we will not take any more of your reports into consideration here.

@johannesmoormann I am very curious as to how you can get such a fragile conclusion, I am an academic researcher and plagiarism is the worst slander I received. I submitted the reports not only for the reward, so If my investigation is correct, these reports should be reviewed and i will donate all of these report's rewards to the DAO if they are vaild.

safe-global / safe-user-allocation-reports

Sybil Attacker Report #336

Reasoning

Methodology

Safe Address

336: Only I have submitted the relevant addresses until now.

337: All addresses were first submitted originally 10 days ago, including similar addresses is issue 427 which created 7 days ago.

338: All addresses were first submitted originally 10 days ago, including similar addresses is issue 443 which created 7 days ago.

341: All addresses were first submitted originally 8 days ago.

342: All addresses were first submitted originally 8 days ago, including similar addresses is issue 438 which created 6 days ago

344: All addresses were submitted originally 10 days ago

345: Only I have submitted the relevant addresses until now.

343: All addresses were submitted later than 260, the difference I have commented in 343.

346: All addresses were submitted later than 371, issue 371 is a big group and I just find ten addresses which created by one creator. I updated addresses 6 days ago then reopened because I think the former report is invaild. If 371 is valid this issue should be invaild.