header-langage
简体中文
繁體中文
English
Tiếng Việt
Scan to Download the APP

How to prevent the airdrop from being reported: Sort out the judgment logic from Hop’s official report

22-05-24 17:16
Read this article in 9 Minutes
总结 AI summary
View the summary 收起
Original author: 0x711, Bob, Rhythm BlockBeats  


Hop Protocol's recent show operation is really eye-catching. It is the default game in the industry to get airdrops for interactive projects. No matter how you interact, you can get more or less rewards, but Hop Protocol has created a new game: report to Earn.


On May 6, after the cross-chain bridge Hop Protocol officially announced the airdrop rules, it stated that 10,253 of the 43,058 addresses initially eligible for the airdrop Has been identified as a sybil attack (referring to an individual attempting to create multiple account identities, spoofing and disguising) and has been disqualified from this airdrop program. Before the airdrop is open for collection, users who report more than 20 addresses associated with Sybil attackers will have the opportunity to receive HOP Token rewards.


Imitators follow one after another. On May 24th, Optimism officially stated that the community reported more than 17,000 fraudulent addresses, and more than 14 million OP Tokens will be redistributed.


  Optimism Official Statistics Airdrop information announced on 4/28 and 5/24

  

Hop is obviously very happy, and they also think that airdrop seems to have entered a new era.



"Report to Earn" The objective existence makes it impossible for all Web3.0 aborigines to avoid seeing them. How can ordinary users be reported without any "handle" on the chain while doing airdrops?


Rhythm BlockBeats sorted out some addresses officially announced by Hop Protocol as Sybil Attacks, and learned about the user portraits and typical attack behaviors of Sybil Attackers in the eyes of the project party. Maybe It can prevent players from spending money on detours again.


Example


Case 1


Sybil Attacker Report #3 (Sybil Attacker Report #3):


After this user finishes using the HOP, funds from all the next 516 addresses are transferred to the same address on Arbitrum.


Sybil Attacker Report · Issue #3


Case II


Sybil Attacker Report #592 (Sybil Attacker Report #592):


158 addresses with exactly similar activity on Optimism and Arbitrum, all of their transactions on FTM, GNO and Polygon chains within a day , and there will be no transaction records after that. The behavioral activity is more than 95% similar, and it is believed that they are controlled by the same Sybil attacker.


Sybil Attacker Report · Issue #592


Case Three


Sybil Attacker Report #582 (Sybil Attacker Report #582):  


All address node Hop  transaction time stamps that meet the conditions of airdrop, will be Based on the capture of the famous Union-Find graph algorithm (Union-Find Algorithm), reverse engineer Hop Explorer and use Covalent's API to fully automatically audit each address for association and Sybil criteria.


Sybil Attacker Report · Issue #582  


Feature combing


< p>The judgment of the witch address is mainly based on the following points:


1. Multiple addresses have a unified fund distribution or collection address, which proves that it was initiated by a Sybil attacker, such as:


Image source: Sybil Attacker Report #275


2. Multiple addresses have obvious correlations in transfer records, such as:


Image source: Sybil Attacker Report #367


3. Sybil attacks have traces of batch operations in many places, including but not limited to: batch transfers in a short period of time, same gas value, interactive The amount is similar etc.


4. The witch address interaction history has attack records of other projects in the past. For example, some addresses have created similar addresses on OpenSea to obtain Project Galaxy project rewards Collect collections and conduct swiping transactions.


5. Users expose their attacks through social networks.


Available Countermeasures


1. Use currency mixing platforms and other methods to cover up the transfer relationship between wallets as much as possible.


2. Sybil attacks should be as "randomized" as possible. Centralized batch operations have become the number one target of bounty hunters.


3. Use different wallet addresses for different projects. It is best to create a new batch of wallet addresses for a project.


4. Focus on a small number of accounts. At present, the community report uses ten addresses as the lower limit for Sybil attacks.


5. Keep a low profile, you know.


The so-called magic is one foot high, and the Tao is one foot high. The airdrop of Hop and Optimism officially announced that the long-term contest between sybil attacks and bounty hunters has begun. This game is destined to be long-term and full of variables. This article does not make moral comments on sybil attacks and bounty hunters, but still advocates encouraging users to interact with the project in a real and simple way, to learn more about the project and the community, and to make meaningful contributions to the community may receive greater rewards return.


欢迎加入律动 BlockBeats 官方社群:

Telegram 订阅群:https://t.me/theblockbeats

Telegram 交流群:https://t.me/BlockBeats_App

Twitter 官方账号:https://twitter.com/BlockBeatsAsia

举报 Correction/Report
This platform has fully integrated the Farcaster protocol. If you have a Farcaster account, you canLogin to comment
Choose Library
Add Library
Cancel
Finish
Add Library
Visible to myself only
Public
Save
Correction/Report
Submit