Beosin KYT takes you to track suspicious hoarding addresses on the AltLayer chain

Recently, AltLayer, the head project of Rollup as a service (RaaS) track, has launched the largest airdrop in 2024. The total value of the airdrop exceeds 100 million US dollars, becoming A hotly discussed event in the Web3 community.

This time AltLayer’s airdrop activity was questioned by the community. 35% of the airdrop share (about 35 million US dollars) was allocated to AltLayer NFT holders (circulation The total number of addresses is only 2157), each address receives an average of about 14,000 US dollars worth of ALT tokens, while the addresses participating in the test network only receive an average of about 30 US dollars in ALT tokens per address. Additionally, traders BlurCrypto got into an argument on social media with AltLayer’s head of growth over whether there was an insider trading profit of $200,000.

AltLayer is a highly scalable, low-cost, and quick-start Rollup solution. After the airdrop on January 25, did the address that received the AltLayer airdrop have any abnormal on-chain activities? What security challenges does AltLayer's RaaS track face? Today the Beosin team will analyze it one by one for everyone.

AltLayer technology architecture

AltLayer supports all major The combination of Rollup technology stack, data availability layer, settlement layer, and decentralized sorter set helps developers quickly launch modular Rollup. Its key RaaS partners include Optimism, Arbitrum, Polygon, zkSync, EigenLayer, Celestia and Hyperlane.

As shown in the figure above, the blockchain network built based on AltLayer will process transactions in three steps: first aggregate transactions to improve performance, then generate blocks, and finally verify the blocks. When packaging and generating blocks, AltLayer supports the use of a decentralized sequencer called SQUAD to package transactions. When verifying a block, the verifier needs to submit transaction data to Layer1. Developers can choose different data security levels based on performance and security requirements.

In order to achieve decentralized sorting, AltLayer adds a layer called Beacon Layer between the execution layer and the consensus layer. Componentsof. It is one of the core components of AltLayer and provides coordination and verification functions between the execution layer and the consensus layer. The shared ordering node in the beacon layer provides hierarchical transaction ordering services for Rollup in AltLayer, as shown in the figure below. When developers create and start their own Rollup through the AltLayer dashboard, the beacon layer will allocate sequencer nodes to execute transactions in the Rollup, as shown in the following figure:

These shared ordering nodes use a staking/cutting mechanism to Incentivize and punish the behavior of orderers to ensure the security and activity of the network. AltLayer plans to open the shared ordering nodes as a decentralized network that anyone can join, but currently these nodes are mainly controlled by AltLayer and its partner projects.

Airdrop controversy

After AltLayer announced the airdrop details, The community expressed dissatisfaction with the airdrop quota of 35.47% (106,410,000 ALT tokens) available to NFT Holders. Because AltLayer has previously issued two NFT series: AltLayer OG Badge and Oh Ottie!, the total circulation of the two series is only 2157. This means that addresses holding NFTs will receive huge airdrops, while users participating in testnet activities only receive an average of about 1,000 tokens in airdrops per address. Some users were mistakenly labeled as witches, exacerbating the dissatisfaction of the community.

AltLayer airdrop allocation

We use Beosin KYT to check NFT holdings After obtaining the address of the owner, I found thatmany NFT Holders had temporarily stopped activities after purchasing OG Badge and receiving Oh Ottie! series NFTs until the AltLayer airdrop started.

Take the 0xf39a60D5577220059829f0838c79bB7081Bdb6Ac that has the most airdrops as an example:

0xf39a address in July 2022 After withdrawing Ethereum from FTX on the 30th, I only spent a total of 2.569 ETH to purchase 8 OG Badges through Seaport. Apart from receiving the NFT airdrop of the Oh Ottie! series, there was no transaction record before receiving the token airdrop.

Beosin KYT

8 OG Badge purchased by 0xf39a

0xf39a received a total of 1.29 million ALT tokens in this airdrop, and then sent the received tokens to multiple new addresses. Specific operations can be viewed at Beosin KYT :

The address that received the second most airdrops, 0x4f0e22F2888d7F95787c4948576Ab3a54E3ab83c, is similar. On July 28, 2022, ETH was withdrawn from FTX, and then a total of 5.3844 ETH was spent to purchase related NFTs through Seaport.

Beosin KYT

Analyzing its transactions can be found that 0x4f0e first spent 2.0414 ETH to purchase 6 OG Badges from July to August 2022.

Then in February 2023, 0x4f0e continued to spend 3.343 ETH to purchase 7 Oh Ottie! series NFTs. Later, 0x4f0e did not become active again until AltLayer started airdropping.

0x4f0e received 1.19 million ALT. Similar to 0xf39a, it also dispersed the received tokens to multiple new addresses. Specific operations can be viewed at Beosin KYT :

Is the hoarding and silence at these addresses a coincidence? How should the project’s airdrop rules be set to achieve anti-witchcraft and fairly reward users? This is an issue that both project parties and the community need to continue to explore.

RaaS Track Security Challenge

AltLayer is a RaaS competition The head project of the road, and the RaaS track can be divided into op-Rollup as a Service and zk-Rollup as a Service according to the supported Rollup. Currently, service providers in the RaaS track mainly use the op-Rollup technology stack, which supports the quick start of op-Rollup. Op-Rollup as a service service providers face many security challenges.

Usually, the core component of op-Rollup is shown in the figure and consists of 4 parts:

1.  Layer1’s validator contract. Each Rollup needs to deploy a validator contract on Layer1. The function of this contract is to receive and store the block hash value and status root submitted by Rollup, and update the status of users' deposits and withdrawals to Rollup. Rollup needs to synchronize modifications to Layer1 and Layer2 in a timely manner. The user's status. If the Rollup service operator runs away, the user's assets also need to ensure that they can be withdrawn from the contract on Layer1.

2.  Transaction Sequencer(Rollup Sequencer). Responsible for processing and executing Rollup transactions, maintaining user status between Layer1 and Rollup, and synchronizing the status of L1 and L2.

3.  Proof of fraud. Fraud proof is the core of op-Rollup. It is optimistic that all transactions and status are correct. Wait for the third party to challenge and submit relevant proof to Layer1 for confirmation. If fraud is proven, the node that originally issued the relevant transaction will be punished and the state will be rolled back.

4.  Data availability. Rollup will store the transaction data in Layer1 to ensure the final confirmation and status update of the data. In this way, even if the Rollup project team runs away, users may get their funds back on Layer1.

If you want to do op-Rollup as a Service, then the above four parts are provided by RaaS service providers, and the Rollup code and node maintenance will be provided by RaaS services. The provider is responsible (the service provider may outsource/assign it to its partners). Project parties using RaaS services only need to do operations and marketing to attract users to use their Rollup.

This greatly reduces the startup cost and time of the project side, but leaves a lot of room for op-Rollup service providers to do evil. The security challenges that exist include:

The first is the fraud certificate mentioned above. Fraud proof is the core of op-Rollup to ensure the safe and stable operation of the network. With the promotion of Rollup as a Service, more and more op-Rollups are launched. It is difficult for security companies/communities to monitor whether the status of Rollup is normal and whether there is any problem. Bad faith transactions. The frequency of subsequent rollup-related security incidents is likely to increase.

The second is the asset security issue of Layer1 and Layer2. At present, many op-Rollup assets do not enter Rollup from the recharge of smart contracts deployed on Layer 1. Many assets enter Rollup through third-party cross-chain bridges. The existence of these cross-chain bridges introduces more potential security. Risk, last month Orbit Chain lost $80 million due to private key leaks.

The above are the two security issues that currently need to be improved most in op-Rollup and op-Rollup as a Service.

The core components of zk-Rollup are similar to op-Rollup, but zk-Rollup uses validity proof. When the proof is verified to be correct, the status will be updated. On Layer1. This ensures that zk-Rollup can always run in the correct state and is more secure than op-Rollup. However, the performance and development difficulty of zk-Rollup have led to the slow progress of zk-Rollup as a Serivce. Currently, the service providers of zk-Rollup as a Serivce are basically still in the development and testing stage.

Summary

AltLayer is currently the leader of the RaaS track This project has reached cooperative relationships with multiple public chain projects to help developers quickly start Rollup. In order to solve the centralization problem of the sorter, AltLayer introduces a beacon layer for decentralization and hierarchical verification. However, due to the optimistic assumptions of op-Rollup, it is difficult to monitor the transaction security of each op-Rollup. Subsequent op-Rollups built through RaaS services may have malicious transactions but have not been challenged for a long time, resulting in financial losses strong>.