Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sybil Attacker Report #605

Open
Annu2047 opened this issue May 23, 2022 · 1 comment
Open

Sybil Attacker Report #605

Annu2047 opened this issue May 23, 2022 · 1 comment
Labels
Needs More Information

Comments

@Annu2047
Copy link

Annu2047 commented May 23, 2022
edited
Loading

Related Addresses

13 addresses

0xbdd95abe8a7694ccd77143376b0fbea183e6a740
0x6219f88409bf0b756c75cfba80f92776d8f8710b
0x8485ba1e0f63a9ff1976fb46ac91e180d263eb0a
0x0eefa7e7877aeb0ce0ffced291f492458aae19eb
0x2d3162890e0a81bb0f4a1f65e8878d20853f6216
0x777bef8d44c5efe02f3c0a705ec3bff613c82a9c
0x6fdcae0c01ce383f2172c42ca4cc882d9de89caf
0x271f8168ad09bab7476ccb34530af19e6b0d22e1
0x9f14f09264723e81d7231551af40f745976d740b
0x82f939af1987139051cebdd51d7c8069ae14c0c4
0xc4ea203e2eb096c4d949b9a64a5d49c0a8a1d8b3
0x0a24f6e6979ff44cd345ab97f3d46791a8cfffcc
0x337ec021ace842e3d2c76931921942d10945d5ba

Reasoning

All addresses accepted fund from 0xca812530a5a97f2cfb321fbd6f40da292e9f2045 used Disperse.App on Dec-02-2021 04:43:36 AM:
https://polygonscan.com/tx/0xc0a0790a8a068e8e228c354590a89ae3bfc3887fc51ee748ace1980fb533d161
https://polygonscan.com/tx/0xfac0a280dbee4776d1c65a2ea21790af2d7ff2074c60fcb3009fdbbbcc0ccff4

All addresses claimed TeslonMars Exclusive Invitation (TSLMEI) on 2022-05-13
All address also have low nonce on polygon.

Tx details:

0xbdd95abe8a7694ccd77143376b0fbea183e6a740(https://polygonscan.com/token/0x675928792a0b1564ad615261eb4a82a38ced2915?a=0xbdd95abe8a7694ccd77143376b0fbea183e6a740)
0x6219f88409bf0b756c75cfba80f92776d8f8710b(https://polygonscan.com/token/0x675928792a0b1564ad615261eb4a82a38ced2915?a=0x6219f88409bf0b756c75cfba80f92776d8f8710b)
0x8485ba1e0f63a9ff1976fb46ac91e180d263eb0a(https://polygonscan.com/token/0x675928792a0b1564ad615261eb4a82a38ced2915?a=0x8485ba1e0f63a9ff1976fb46ac91e180d263eb0a)
0x0eefa7e7877aeb0ce0ffced291f492458aae19eb(https://polygonscan.com/token/0x675928792a0b1564ad615261eb4a82a38ced2915?a=0x0eefa7e7877aeb0ce0ffced291f492458aae19eb)
0x2d3162890e0a81bb0f4a1f65e8878d20853f6216(https://polygonscan.com/token/0x675928792a0b1564ad615261eb4a82a38ced2915?a=0x2d3162890e0a81bb0f4a1f65e8878d20853f6216)
0x777bef8d44c5efe02f3c0a705ec3bff613c82a9c(https://polygonscan.com/token/0x675928792a0b1564ad615261eb4a82a38ced2915?a=0x777bef8d44c5efe02f3c0a705ec3bff613c82a9c)
0x6fdcae0c01ce383f2172c42ca4cc882d9de89caf(https://polygonscan.com/token/0x675928792a0b1564ad615261eb4a82a38ced2915?a=0x6fdcae0c01ce383f2172c42ca4cc882d9de89caf)
0x271f8168ad09bab7476ccb34530af19e6b0d22e1(https://polygonscan.com/token/0x675928792a0b1564ad615261eb4a82a38ced2915?a=0x271f8168ad09bab7476ccb34530af19e6b0d22e1)
0x9f14f09264723e81d7231551af40f745976d740b(https://polygonscan.com/token/0x675928792a0b1564ad615261eb4a82a38ced2915?a=0x9f14f09264723e81d7231551af40f745976d740b)
0x82f939af1987139051cebdd51d7c8069ae14c0c4(https://polygonscan.com/token/0x675928792a0b1564ad615261eb4a82a38ced2915?a=0x82f939af1987139051cebdd51d7c8069ae14c0c4)
0xc4ea203e2eb096c4d949b9a64a5d49c0a8a1d8b3(https://polygonscan.com/token/0x675928792a0b1564ad615261eb4a82a38ced2915?a=0xc4ea203e2eb096c4d949b9a64a5d49c0a8a1d8b3)
0x0a24f6e6979ff44cd345ab97f3d46791a8cfffcc(https://polygonscan.com/token/0x675928792a0b1564ad615261eb4a82a38ced2915?a=0x0a24f6e6979ff44cd345ab97f3d46791a8cfffcc)
0x337ec021ace842e3d2c76931921942d10945d5ba(https://polygonscan.com/token/0x675928792a0b1564ad615261eb4a82a38ced2915?a=0x337ec021ace842e3d2c76931921942d10945d5ba)

Methodology

I search all eligible addresses which received funding from a same EOA, then track all these addresses txs on different chain including ERC-20, ERC-721,ERC-1155.

Rewards Address

0x6a1AF72bBcfD0BA492E502F83334d3910Fa025dB
@shanefontaine
Copy link
Member

@Annu2047 We have observed cases of apps sending funds through Disperse to help their users pay for gas on L2s. We have also seen altruistic people and faucets do the same. Because of this, we will need additional evidence. Some potential compelling evidence may be:

  • Identical transactions on the exact same day/time by most or all of the addresses
  • A trace of the ERC20 token between addresses (as opposed to native tokens)
  • A similar time/date that all the addresses started transacting on a chain

Minting an NFT within the same day is interesting, but does not provide conclusive evidence of a Sybil attack.

All address also have low nonce on polygon.

I am unable to verify this. 0x82f939af1987139051cebdd51d7c8069ae14c0c4, for example, has a nonce of 300+.

Please let us know if you can provide this data. Thank you for your work.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Needs More Information
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@shanefontaine @Annu2047