search

safe-global / safe-user-allocation-reports

The proposed list of SAFE user allocations has been published on the Safe forum.
Creative Commons Zero v1.0 Universal
34 stars 10 forks source link

owner 0xcf793cc3eabdd5be51742ab151e6bb44bb224dd2, add and remove same #390

Closed skyonedot closed 2 years ago

skyonedot commented 2 years ago

Related Safe Addresses

0x51693fdd97dfe97fbe778bd5ded4316bf6ad1651
0xf0450763c38592fb4e71c9e1fcefff107d23d849
0x660cd67d07336f5f0c0acaa48b902a7beae9b7c5
0x748fac72691ab72013a49daab15afeec749d1c23
0x83ae0862f43538e6c1bf823074d9926cd08fa6ad
0x8ad75e50b1dc86dfcc86336d678dfd88314c5c2a
0x92b5d105d8a8ce0f0d735f932a18297e970d6342
0x9401b50589d76dea926e52577f24e6deda903183
0x95549250e35ee108e48c51fc35f94ebdef158924
0x989d081fafb63f12a887dda5e6a2d82960823aeb
0xb5a56340ed92f7a23d5552883ea7500c91a09084
0xc3442bed6eb44fb29041419c011d0f8760b0a1c3
0xd88155ca282d86d90b61cbb8619fa8f0e193e8de

Reasoning

There is an abnormal behavior that is understandable 🍄

However, if there are many abnormal behaviors, then there is enough reason to determine that these addresses are airdrop farmer.

  1. All of them the owner is same 0xcf793cc3eabdd5be51742ab151e6bb44bb224dd2, only this address

  2. All of the multi-sign address, the behaviour is always same and stange .

    • All of their addOwner and removeOwner transaction took place from 2021-02-27 to 2021-02-28.(no exception)

    • All of them execute 1 transactions, add owner and remove owner in 1 tx, always the same tx.

    • Add owner address is always 0xcf793cc3eabdd5be51742ab151e6bb44bb224dd2 , remove owner address is always 0x66A0FF664f8509370C5D718A0f69AC1DC01f5c3D

    • Please Check Table

      • Address -- multi-sign address
      • Execute transactions -- The number of execute transactions by multi-sign address
      • AddOwnerTxAmount -- The number of add owner
      • AddOwnerAddress -- The Address of add owner
      • AddOwnerTx -- The tx of add owner
      • AddOwnerDate -- The date of add owner
      • RemoveOwnerTxAmount -- The number of remove owner
      • RemoveOwnerAddress -- The Address of remove owner
      • RemoveOwerTx -- The tx of remove owner
      • RemoveOwerDate -- The date of remove owner
Address Execute transactions AddOwnerTxAmount AddOwnerAddress AddOwnerTx AddOwnerDate RemoveOwnerTxAmount RemoveOwnerAddress RemoveOwerTx RemoveOwerDate
0x51693fdd97dfe97fbe778bd5ded4316bf6ad1651 1 1 0xCF793cc3eaBDd5be51742aB151e6bB44bb224Dd2 https://etherscan.io/tx/0x90d9b7d2261414ae050680a1dd36498b785641abd23e26c57ea86548e6a034cf 2021/02/27T01:47:47.000Z 1 0x66A0FF664f8509370C5D718A0f69AC1DC01f5c3D https://etherscan.io/tx/0x90d9b7d2261414ae050680a1dd36498b785641abd23e26c57ea86548e6a034cf 2021/02/27T01:47:47.000Z
0xf0450763c38592fb4e71c9e1fcefff107d23d849 1 1 0xCF793cc3eaBDd5be51742aB151e6bB44bb224Dd2 https://etherscan.io/tx/0x0bfc6d86cb1c369898b3101a5bb7885b25e2ba266fec1ef3af56b6edea930639 2021/02/28T01:49:53.000Z 1 0x66A0FF664f8509370C5D718A0f69AC1DC01f5c3D https://etherscan.io/tx/0x0bfc6d86cb1c369898b3101a5bb7885b25e2ba266fec1ef3af56b6edea930639 2021/02/28T01:49:53.000Z
0x660cd67d07336f5f0c0acaa48b902a7beae9b7c5 1 1 0xCF793cc3eaBDd5be51742aB151e6bB44bb224Dd2 https://etherscan.io/tx/0xa2794b4304fb2fa81cfb17e37d1dc3b1e38163c8582765870d395dbd5cbb5449 2021/02/28T23:53:07.000Z 1 0x66A0FF664f8509370C5D718A0f69AC1DC01f5c3D https://etherscan.io/tx/0xa2794b4304fb2fa81cfb17e37d1dc3b1e38163c8582765870d395dbd5cbb5449 2021/02/28T23:53:07.000Z
0x748fac72691ab72013a49daab15afeec749d1c23 1 1 0xCF793cc3eaBDd5be51742aB151e6bB44bb224Dd2 https://etherscan.io/tx/0xcea0d22b1cfe5aea085ddac38cee532e2767db480b08738bd6582c459367d252 2021/02/27T06:10:51.000Z 1 0x66A0FF664f8509370C5D718A0f69AC1DC01f5c3D https://etherscan.io/tx/0xcea0d22b1cfe5aea085ddac38cee532e2767db480b08738bd6582c459367d252 2021/02/27T06:10:51.000Z
0x83ae0862f43538e6c1bf823074d9926cd08fa6ad 1 1 0xCF793cc3eaBDd5be51742aB151e6bB44bb224Dd2 https://etherscan.io/tx/0x9966659c95e164446f1adb34357f9a20405f8148061dfa8769941be7dc8b04c1 2021/02/28T23:23:58.000Z 1 0x66A0FF664f8509370C5D718A0f69AC1DC01f5c3D https://etherscan.io/tx/0x9966659c95e164446f1adb34357f9a20405f8148061dfa8769941be7dc8b04c1 2021/02/28T23:23:58.000Z
0x8ad75e50b1dc86dfcc86336d678dfd88314c5c2a 1 1 0xCF793cc3eaBDd5be51742aB151e6bB44bb224Dd2 https://etherscan.io/tx/0x308c84e74f242696589e974f3fab354c26dd14f2a4fd51c373a2b177133ce917 2021/02/28T02:09:48.000Z 1 0x66A0FF664f8509370C5D718A0f69AC1DC01f5c3D https://etherscan.io/tx/0x308c84e74f242696589e974f3fab354c26dd14f2a4fd51c373a2b177133ce917 2021/02/28T02:09:48.000Z
0x92b5d105d8a8ce0f0d735f932a18297e970d6342 1 1 0xCF793cc3eaBDd5be51742aB151e6bB44bb224Dd2 https://etherscan.io/tx/0x310aeb87026171caed1706db1acf1a96b33890ec4ae3b4ee41636ff8285de5f3 2021/02/27T06:00:42.000Z 1 0x66A0FF664f8509370C5D718A0f69AC1DC01f5c3D https://etherscan.io/tx/0x310aeb87026171caed1706db1acf1a96b33890ec4ae3b4ee41636ff8285de5f3 2021/02/27T06:00:42.000Z
0x9401b50589d76dea926e52577f24e6deda903183 1 1 0xCF793cc3eaBDd5be51742aB151e6bB44bb224Dd2 https://etherscan.io/tx/0x15afa8d9b673ad706a767fdd376275066b3eb3ed8ea3ac6e7d6b2ae5644275dd 2021/02/28T02:46:17.000Z 1 0x66A0FF664f8509370C5D718A0f69AC1DC01f5c3D https://etherscan.io/tx/0x15afa8d9b673ad706a767fdd376275066b3eb3ed8ea3ac6e7d6b2ae5644275dd 2021/02/28T02:46:17.000Z
0x95549250e35ee108e48c51fc35f94ebdef158924 1 1 0xCF793cc3eaBDd5be51742aB151e6bB44bb224Dd2 https://etherscan.io/tx/0x06eed13a2bbdc6e00abf7ca9b29a5ca2eeef02ba6d5aa9ea1c52f4b3c27d0416 2021/02/28T22:15:15.000Z 1 0x66A0FF664f8509370C5D718A0f69AC1DC01f5c3D https://etherscan.io/tx/0x06eed13a2bbdc6e00abf7ca9b29a5ca2eeef02ba6d5aa9ea1c52f4b3c27d0416 2021/02/28T22:15:15.000Z
0x989d081fafb63f12a887dda5e6a2d82960823aeb 1 1 0xCF793cc3eaBDd5be51742aB151e6bB44bb224Dd2 https://etherscan.io/tx/0x1e7bc7ab250f4c9d8372378f331254299cc594062e9799bbf516a65909fef740 2021/02/28T23:47:53.000Z 1 0x66A0FF664f8509370C5D718A0f69AC1DC01f5c3D https://etherscan.io/tx/0x1e7bc7ab250f4c9d8372378f331254299cc594062e9799bbf516a65909fef740 2021/02/28T23:47:53.000Z
0xb5a56340ed92f7a23d5552883ea7500c91a09084 1 1 0xCF793cc3eaBDd5be51742aB151e6bB44bb224Dd2 https://etherscan.io/tx/0x3e60682b4b01f3c5468d9a7cbf03d751fa430aed7952805f995f89dea51b9221 2021/02/27T02:12:57.000Z 1 0x66A0FF664f8509370C5D718A0f69AC1DC01f5c3D https://etherscan.io/tx/0x3e60682b4b01f3c5468d9a7cbf03d751fa430aed7952805f995f89dea51b9221 2021/02/27T02:12:57.000Z
0xc3442bed6eb44fb29041419c011d0f8760b0a1c3 1 1 0xCF793cc3eaBDd5be51742aB151e6bB44bb224Dd2 https://etherscan.io/tx/0x926ee46d670f7c021b48e6bd81a7e6f1f822818d472e55685e1f760b0abe5bdc 2021/02/28T23:37:21.000Z 1 0x66A0FF664f8509370C5D718A0f69AC1DC01f5c3D https://etherscan.io/tx/0x926ee46d670f7c021b48e6bd81a7e6f1f822818d472e55685e1f760b0abe5bdc 2021/02/28T23:37:21.000Z
0xd88155ca282d86d90b61cbb8619fa8f0e193e8de 1 1 0xCF793cc3eaBDd5be51742aB151e6bB44bb224Dd2 https://etherscan.io/tx/0xa4e957c2435bc4c7f2597474d1fe23701816ba84afbfd2972e55e9390474e2e4 2021/02/28T01:58:10.000Z 1 0x66A0FF664f8509370C5D718A0f69AC1DC01f5c3D https://etherscan.io/tx/0xa4e957c2435bc4c7f2597474d1fe23701816ba84afbfd2972e55e9390474e2e4 2021/02/28T01:58:10.000Z

Methodology

Addresses are reported by retrieving information from the chain, using bitquery's graphql, and detecting abnormal behavior, such as empty wallets, mutual transfers, etc.

When only some of the anomalous behaviors are present, we can consider the address reasonable, but when an address has all the anomalous behaviors, we have good reason to suspect that the address is false. Especially if the multi-signature address and the owner address have obvious exceptions both, then it is obvious that this is airdrop farmer.

Abnormal behaviors include

If the verification is passed and my strategy is great, I can provide my source code, but for now it is not conveninet

Safe Address

0xce495858e36c95f491b5a32ca2664405cf10ab76

Thanks

tschubotz commented 2 years ago

Thanks for the report. All of these Safes have been found by a previous report, unfortunately.