For the past year we have witnessed numerous scams that vary in severity and that truly disrupt the Harmony of our chain. One thing that does not change, however, is that members of our community are falling victim to these scams over and over. Whether it be simply ‘aping’ into a new token on DexScreener, only to be rugged moments later or investing in a full-fledged project (sometimes even those that have KYC’d to the Harmony team and received funding), the fact remains that scammers are running rampant in our home. For this reason, I propose that a bounty be supplied in order for numerous hours to be spent tirelessly mapping out these scammer’s many wallets and providing reports to the appropriate community, Central Exchange (CEX), and law enforcement. This can and will make a difference, but it takes time and immense effort.
What does Harmony need?
Dedicated staff or contractor(s) that will spend the time and attention on this currently neglected and ignored field. There have been hundreds of thousands of dollars stolen from our family with absolutely no follow-up. We need active tracking, data logging, and reporting. Also, monitoring can be offered on current projects in order to further vet their teams and to watch the multi-signature treasuries (MS) more closely. This is a bounty that could be beneficial immediately and that can also be developed over time to provide the greatest amount of benefit to our ecosystem and userbase.
I have been providing this type of service on the side in an effort to do my part for the chain and for our community. It takes many hours to work through the explorer data, sift through discord information, whitepaper, MS, socials, and conduct informal interviews to gain data. Even more time is required to create useable, concise reports that can be shared with the CEXs and authorities, and then to communicate these details to them, and provide follow-ups (both with CEX/ authorities and our community). Right now this is a passion of mine and I do it for the greater good, as I will continue to do regardless of the outcome of this bounty. Truly, I am making this proposal to gauge interest and to start a discussion.
Since I already do this when I can afford the time or when there is an important scam/ rug (Looking at you most recent Xenon Fi), I don’t have high expectations. Many have told me that I should simply throw up a donation box, and I may. But I would like to propose a part-time wage of $50/ hr, capped at a weekly rate. I am very open to discussion and negotiation on this and would really like to do my part and be able to spend more time on this effort.
The Milestones are also a tricky topic, however I can share the general outline of my workflow, which unfortunately depends on scam activity:
Initial intake: This includes everything that leads to my macro level of understanding how the scam was achieved and by which wallets. (2 hrs)
Tracking: Moving through the wallet transactions and determining key interactions that lead to the eventual fiat offramp, which is the point in which a report can be filed. This step varies greatly in the amount of time it takes because some scammers are more skilled at hiding their tracks than others. (2-10+ hrs)
Mapping: Creating concise maps that illustrate key information is imperative to the eventual reporting and convicting. Additionally, the more organized, the easier it is to pick back up and start again in the event that the scammer goes inactive. (5+ hrs)
Reporting: Contacting the support teams with the various CEX (Binance, FTX, Ku Coin, OK ex, Celsius) that scammers use as fiat offramps requires discipline and follow up. It also usually means sitting on hold with an agent while they go over your report and make additional requests, which is where the degree of organization in the mapping step starts to shine. Writing reports to local law enforcement, Internet Crime Complaint Center (IC3), and the general public, whether in the forums, or via social media, also takes considerable amounts of time and dedication. (5+ hrs)
Prevention: This is where the proposal begins to take shape. Without scammers, what is there to do? Well, I haven’t seen a stretch of time that there were no scammers, but the goal here is to create a preventative model that discourages scams, rugs, and bad actors from even trying. This can be achieved via the methods above, as well as further scrutiny actively watching projects. This aspect of the bounty would be developed as time goes on, and is open for further consideration from the community.
Many of you may know of me from the MtopSwap project, for which I am the Business Developer. I was inspired to take up this mantle by my previous involvement as a moderator in the Holy Grail project, which turned out to be a prolonged and elaborate rug by it’s single developer. It was at that point early this year that I began to use my skills to monitor and report scammers on the Harmony blockchain. At this time I have tracked many scammers and reported via my Twitter @HarmonyVillains
I have also created and submitted formal reports in the past to IC3 and CEX.
In the real world, I am a 33 y/o business person, a veteran of the US Army, I have a BA in South Asian Studies, I’m from the USA, and I have three cats. I like to solve problems and I love to learn and help. I hope to continue to build with my friends and the ONE fam here on Harmony and I am most certainly willing to Dox to the Harmony team at their request in any capacity, be it for tax purposes or beyond.
$50/ hr wage as a part time contractor with a weekly hourly cap of TBD or monthly, I leave that to the community/ team. I am very flexible on this, as I am self-employed and I afford the vast majority of my time to Web3, all of which is spent on Harmony.
As stated above, I believe that there is a distinct need for tracking, reporting, and creation of a feedback loop between the moment a scam occurs on our chain and the time that the bad actor attempts to send the funds to a fiat offramp.
What would I do if this bounty were accepted? Well, first I would provide the framework and expectations in more detail if asked. Also, I would use the funding to start and maintain a validator to further aid in the decentralization of our network, as well as to support it through staking $ONE.
The possibility for stolen funds to be returned is extremely minimal and that is not the scope of this bounty, although it would be warmly welcomed for our community’s sake. Rather, the goal here is to systematize our awareness of scammers, their known wallets, and how they proceed to scam. This bounty will ‘succeed’ by discouraging bad actors on the blockchain and by leading the proper authorities to seize the funds, freeze the accounts, and put these thieves behind bars. What we call a ‘scam’ or a ‘rugpull’ is defined as wire fraud and money laundering in many jurisdictions.
An example of a map that I made leading to the discovery and freeze of a central ‘master’ wallet for the scammer that pulled the liquidity of Xenon Finance only days ago (WIP):