X-explore

Posted on Dec 09, 2022Read on Mirror.xyz

Sybil tools revealing - Good work requires sharp tools

This article is jointly published by X-explore and WuBlockchain.

Background

In the world of Web2, the underground industry lasts for years. After years of research and analysis, attacking methods of the underground industry can be divided into multi-IP address, multi-device, and multi-account attacks. There are some commonly used tools such as modem pool, multi-device opening tools, and auto captcha solver.

With the rise of Web3, due to its anonymity and transparency, the underground industry quickly set its sights on Web3. According to research by HACK 3D, in the first half of 2022, nearly $2 billion was hacked on Web3. The X-explore team would like to reveal to you some tools frequently used by Sybil and describe the outline of Web3 underground industry for you.

Purpose of Sybil prevalent smart contract

  1. Increasing efficiency: Some campaigns need users to interact with a smart contract or hold a variety of ERC 20 tokens. Sybil could write such smart contracts to automate those processes and increase efficiency in attending (attacking) those campaigns

  2. Reducing the cost: After Ethereum introduced the base fee in EIP-1599 protocol, each transaction fee included the base fee and the priority fee. The smart contract with batch transfer functionality could reduce the transaction fee significantly.

  3. Preventing Sybil detection: With Sybil's rampant, more and more project owners are aware of the fairness of airdrops. Sybil will create or use smart contracts to attend to those projects and avoid direct interaction with projects. In this case, the traditional Sybil identification rules might not detect those Sybil properly.

Sybil prevalent smart contracts case study

X-explore reviewed those Sybil prevalent smart contracts and picked three representative projects:

  1. Role obtaining trick: purchase token bundle

  2. NFT scalper trick: NFT batch transfer

  3. Low cost trick: ZkSync

1. Role obtaining trick: purchase token bundle

X-explore summary

  1. The campaign designed for obtaining the Discord roles of Arbitrum guild by holding tokens is Sybil-prone

  2. Sybil could obtain the Discord roles of Arbitrum guild easily (purchase token bundle by calling a smart contract)

  3. The smart contract creators could not only be Sybil but also make a profit by providing their smart contracts to others. There are a varity of Tokens required to obtain Discord role of Arbitrum guild. If users buy those tokens one by one on Dex (decentralized exchange), they will actually have to pay a considerable transaction fee. Therefore, if the price of the smart contract call is reasonable, the contract is like a wholesaler, making it convenient and cheap for users to obtain Discord role of Arbitrum guild, but most contracts are priced well above their true cost.

Smart contract summary:

X-explore found a few smart contracts with the same purpose. By calling those contracts, they will transfer the necessary token for gaining the Discord roles of Arbitrum guild.

Sybil purpose:

Arbitrum is the leader of Ethereum Layer 2, and there are many Sybil who makes huge profits from OP (another Ethereum Layer 2) airdrop. Besides attending Arbitrum Odyssey, obtaining Discord roles of Arbitrum guild is also known as another way to increase the probability of Arbitrum potential airdrop.

Sybil case study:

  1. Sybil attended the arbitrum odyssey and minted the odyssey NFT

  2. Sybil called the smart contract to purchase token bundle and obtain Discord roles of Arbitrum guild.

Sybil Address Examples:

Smart contract token bundle corresponds to the requirement of Discord roles of Arbitrum guild

Besides two roles that you could not obtain by holding the token, the smart contract will transfer all the necessary tokens of other roles to the smart contract caller. (Left figure is transaction details, right figure is the requirement of Discord roles of Arbitrum guild)

Smart contract detailed analysis:

Profit winner smart contract: We found a smart contract (0x1879822678f5d295bc76dda858c781a113cdc058) in which the contract caller needs to pay 25 USD to buy the token for the Discord role of Arbitrum guild. The smart contract was called 5,991 times, total profit = (25 - 12.64) * 5991 ~= 74,049 USD

Charity smart contract: We also found a smart contract (0x34c26d67d8b295e11897280f56b08726b112b1b1) which you don't need to pay any money and it will return you the necessary token. After we dug into the smart contract, we found out this smart contract was probably created by Sybil and after Sybil addresses got the role of Arbitrum guild, the token balance of the smart contract was only worth 5 USD.

The series of Arbitrum guild smart contracts which were called more than 100 times:

2. NFT scalper trick: NFT batch transfer

X-explore summary:

  1. Batch transfer ERC-721 could save more than 50% of the transaction fee compared to single ERC-721 transfer

  2. In a situation of low return on investment(ROI), the saving of transaction fee could rise Sybil's profit significantly

Contract Address: 0x2e2234b3a848f895a60b2071f90303cd02f7491d

Contract Summary: This is an ERC-721 batch transfer smart contract. The smart contract caller could transfer the ERC-721 in a batch way to save the transaction fee.

Smart Contract case study:

Buy and Batch Transfer transactions:

Buy NFT at 0.001 Ether/each (Disregard transaction fee for now)

Batch Transfer 3 NFTs

Single NFT Transfer (0.00075 on average)

Sell NFT at 0.005 ETH (0.01098/2)

If we only focused on the Buy and Sell price of the NFT, we could see the ROI is around 500% (0.001 Buy, 0.005 Sell). However, for those low ROI situations, the transaction fee is also a huge cost for the scalper. For example, we could calculate the reality ROI of the above NFT scalper.

ROI (Using single ERC-721 transfer smart contract):

  • The cost of single NFT, including token price and transaction fee: (0.003 + 0.0027 + 0.00075*3)/3= 0.00265

  • The selling price of single NFT: 0.01098/2 = 0.00549

  • ROI: 207 %

ROI (Using batch ERC-721 transfer smart contract):

  • The cost of single NFT, including token price and transaction fee: (0.003 + 0.0027 + 0.0012)/3= 0.0023

  • The selling price of single NFT: 0.01098/2 = 0.00549

  • ROI: 239 %

In summary: The NET batch transfer could increase the ROI by 30%

3. Low cost trick: ZkSync

X-explore summary:

  • Compared with Ethereum, ZkSync has a lower transaction fee (around 43% in the Sybil case study)

  • Sybil could utilize ZkSync to prevent tracing from the basic Sybil identification rules (the transaction on ZkSync will only be recorded on ZkSync not Ethereum)

Smart contract addresses:

  • zkSync: 0xabea9132b05a70803a4e85094fd0e1800777fbef

  • Gitcoin: Bulk Checkout: 0x7d655c57f71464b6f83811c55d84009cd9f5221c

Smart contract summary:

  • zkSync: Implementing the low-cost transaction fee by crossing the transaction to Layer 2. Gitcoin users could use ZkSync as a way to checkout

  • Gitcoin: Bulk Checkout: Gitcoin users could donate multiple projects in one transaction

Sybil purpose:

Gitcoin aims to decentralize funding access, empowering any community to run their own grants program. Some Sybil will donate to the project list on Gitcoin because the project is potentially airdropping to the donator. Due to the high transaction fee on Ethereum, the donator could grant a Gitcoin project on ZkSync. Furthermore, if you use ZkSync to donate to a project, the record will only exist in ZkSync Layer 2 chain, and it could create barriers for the Sybil analytics tool.

Hand-on experiment from X-Explore team:

  • Donate through ZkSync: Donate 1 DAI for two projects costs 3.65 USD (Including: cross chain transaction fee + ZkSync swap ETH to DAI fee + Gitcoin checkout transaction fee)

  • Donate through Ethereum: Donate 1 DAI for two projects costs: 6.33 USD (Including: Ehereum Swap ETH to DAI on Uniswap transaction fee + Gitcoin checkout transaction fee)

ZkSync could save around 43% of the cost

X-explore summary

  1. The project owner should design reasonable campaigns to avoid low cost attacks by Sybil

  2. Sybil attacks escalate with confrontation, so traditional Sybil identification mechanisms are likely to be bypassed

  3. Due to the transparency nature of Web 3, we can also grasp every move of the underground industry through on-chain monitoring and analysis. X-Explore will continue to monitor the underground industry in the future and unveil the veil of Sybil with you.

Reference

Discord roles of Arbitrum guild: https://twitter.com/Layer2_Master/status/1585506822764433408

For more, please follow x-explore. Mirror: https://mirror.xyz/x-explore.eth Twitter: https://twitter.com/x_explore_eth

ARWEAVE TX

LKprZZWGwkQPdr3-2niEdcv8x1WvzD0jLIaQpdvahvI

ETHEREUM ADDRESS

0x302a3b1Eea855A56A28Fa59120c767C0CA21115b

CONTENT DIGEST

Z5T8j9Gdy_33NDkB4cmgJDSECpJLTBeP38naD1VTgyo

Recommended Reading
🚀TrendX Financing Daily News 04/22/2024