Addresses are reported by retrieving information from the chain, using bitquery's graphql, and detecting abnormal behavior, such as empty wallets, mutual transfers, etc.
When only some of the anomalous behaviors are present, we can consider the address reasonable, but when an address has all the anomalous behaviors, we have good reason to suspect that the address is false. Especially if the multi-signature address and the owner address have obvious exceptions both, then it is obvious that this is airdrop farmer.
Abnormal behaviors include
For Multi-Sign Address
Few transactions were executed
There is a lot of overlap in the interactions, such as the destination address, and the time
The owner of multiple multi-signature addresses is exactly the same, and never changes from start to finish
For Owner Address
Empty address
The first source of funds is the owner.
Mutual transfer
Behavior similarity
If the verification is passed and my strategy is great, I can provide my source code, but for now it is not conveninet
Related Safe Addresses
Reasoning
All of them the owner is same
0x907a04ad5ac49acde9e197ae1f1c66b94250fcc6
, only this addressAll of the multi-sign address, the behaviour is always same and stange .
All their addOnwer and removeOwner transaction took place from
2021-05-27
to2021-06-23
. (50% happend in2021/06/23
one day)All of them execute 1 transactions, add owner and remove owner in 1 tx, always the same tx.
Add owner address is always
0x907a04ad5ac49acde9e197ae1f1c66b94250fcc6
, remove owner address is always0x66A0FF664f8509370C5D718A0f69AC1DC01f5c3D
Please Check Table
Methodology
Addresses are reported by retrieving information from the chain, using bitquery's graphql, and detecting abnormal behavior, such as empty wallets, mutual transfers, etc.
When only some of the anomalous behaviors are present, we can consider the address reasonable, but when an address has all the anomalous behaviors, we have good reason to suspect that the address is false. Especially if the multi-signature address and the owner address have obvious exceptions both, then it is obvious that this is airdrop farmer.
Abnormal behaviors include
For Multi-Sign Address
For Owner Address
If the verification is passed and my strategy is great, I can provide my source code, but for now it is not conveninet
Safe Address
0xce495858e36c95f491b5a32ca2664405cf10ab76
Thanks