XORD Dispatch ⟶ Node Ø Transmission: Y25.M07.D01.R2 — publicClaim Feast ⟶ What's the Point?

XORD LLC ⟶ DISPATCHES

XORD LLC communicates official updates via these Dispatches. We do not engage in speculative discussion on social media. All relevant data will be provided here. The truth is on-chain and in the code.

Node Ø Transmission: Y25.M07.D01.R2

publicClaim Feast ⟶ What's the Point?

We already wrote: bots are a scourge of the Internet. Automated traffic made up 51% of all internet traffic in 2024 — the first time in a decade that it surpassed human activity. That includes 37% from malicious bots, the so-called “bad bots.” Look at this video, the future of fraud and manipulation, a "bot farm" in action, programmed to run bots for tasks like social media interaction, generating clicks, spreading propaganda, and, most likely, manipulate crypto.

Do not attempt to use publicClaim anymore.

Some wallets now display a very high gas estimate for this call, not two because of real network cost, but because the function always fails and the wallet cannot estimate gas usage correctly. This UI artifact serves as an indirect, visible confirmation that the claim window has closed and the remaining tokens are permanently locked by code, not by prohibitive transaction fees.

Basis for the Forensic Report

We intended to give 28%—28 million XORD tokens—to the community, but failed. Now, we could hide and claim that community mistrust in our airdrop mirrored fears surrounding the LayerZero Q2 2025 ZRO airdrop debacle, where 15.3% of the 1 billion ZRO supply (153 million tokens) was reserved for future distributions but marred by technical errors and harsh eligibility criteria.

On-chain data from LayerZero Scan shows 1.28 million wallets were eligible, yet only 6.67%–13.33% of 6 million addresses qualified due to aggressive Sybil filtering, with many active users labeled as bots. This led to a 19% ZRO price drop post-launch (from $4.71 to $3.50) and a collapse in weekly message volume from 2–4 million to 200–250k, reflecting community outrage over exclusions and a $0.10-per-token donation requirement, which raised $18.5 million for Protocol Guild but fueled perceptions of unfairness.

Needless to say, the crypto community is unforgiving. As soon as we presented our XORD token, it was met with mockery and dismissal. We are not blushing debutantes—our first darkcoin was minted long before the silly “rebranding” into detergent-sounding tokens.

As stated in our Node Ø Transmission: Y25.M06.D07.R1, we gave up on hype. We’re building a real business—XORD LLC—not a Solana-based pump-and-dump or scammy pop-coin garbage. We have neither the time nor inclination to present The Behemoth, our 50-page detailed business plan, just for degens to have fun or, worse, steal our proprietary ideas.

Take a look at some examples of bot actions.

Forensic Profile — “kkk Bot” Sybil Farm and Sale

Funnel (Collector) Address: 0x84d16342c7d6806eaac9fd7fd7973c14cda1678b7

Sybil Draining:

Received 20,000 XORD each from multiple disposable wallets (proof: incoming transfers from new addresses, all exactly 20,000 XORD per claim).
Example claim transaction: [block 22803179]

Sale (Profit-Taking):

Sold: 560,000 XORD
For: 0.010924803 ETH ($26.49 at time of sale)
Via: 0x Protocol (Uniswap V2 router)
Transaction Hash: 0x632bc351968724fa264d92359c267de50d21045a2dcf6085427a81e13620c270
Block: 22803204
Timestamp: June 28, 2025, 13:21:47 UTC

Summary:

The kkk bot network used Sybil wallets to farm the maximum possible claims, consolidated all tokens in one collector address, and then executed a bulk sale for a minimal profit—demonstrating both the technique and the low economic efficiency of such attacks under these contract rules.

This is a textbook, on-chain, Sybil/bot attack and liquidation. But ponder this, all this programming knowledge, all that sophistication, all the energy that goes into the transaction, into the blockchain’s operations, in order to extract $26.49. As stated in our Node Ø Transmission: Y25.M06.D07.R1, we employed only 2M XORD and 0.1 ETH so the pool would be thin and the bots would not have too much to exploit.

But the more we observed the bots’ behavior, the more it enraged—and, honestly, saddened—us to see so much talent and energy devoted to the mindless extraction of people’s wealth. What’s the point, guys? Weren’t we supposed to change the world? Greed isn’t always good.

Forensic Profile — “Not Yoink” Sybil Attack, Consolidation, and Attribution

Primary Controller: ENS Name: c0ffeebabe.eth
Key Collector/Funnel Address: 0xE08D97e151473A848C3d9CA3f323Cb720472D015

Sybil Farming

c0ffeebabe.eth directly created a network of Sybil wallets, including:

Each Sybil wallet claimed exactly 20,000 XORD from the XORD contract, then immediately transferred tokens to the funnel address 0xE08D97e151473A848C3d9CA3f323Cb720472D015.

Consolidation & Batch Liquidation

The collector address consolidated these claims into large blocks, demonstrating a coordinated, automated operation.

First major sale:

Sold: 400,000 XORD
Received: 0.098583562 ETH ($239.12 at $2,228.57/ETH)
Tx Hash: 0xb1efda364cc7276f45a2afb8d7bc9e2c7885fea01e7c4956d199bf00bdb1f0f3
Block: 22763055
Timestamp: June 22, 2025, 22:47:35 UTC

Active, Ongoing Automation & Attribution

The ENS-registered controller (c0ffeebabe.eth) continued operating after the initial sale:

Created additional Sybil wallets
Latest transaction (July 1, 2025, 14:53 UTC, block 22825108):
Complex DeFi interactions, cross-platform swaps, and ongoing ETH consolidation
Tx Hash: 0xdcd4beedc4c1154c719ef003deb1ce978eaa9725c38916c57c9016c2b0634d81
Multiple actions: fund aggregation, payout to self, further token cycling across protocols

Significance

This is not random bot spam, but an industrial Sybil operation run by a single, public ENS identity. The attack rapidly drained the XORD public claim pool, converted tokens into ETH, and recycled value using advanced automation—outpacing one legitimate book buyer. All activity is on-chain, provable, and directly attributable.

Conclusion

The “Not Yoink” attack demonstrates how airdrop systems without advanced Sybil protection are vulnerable to organized, visible, and industrialized farming. This actor (using c0ffeebabe.eth) not only drained and liquidated XORD with precision, but left an open, irrefutable forensic trail documenting every step of the exploitation. At the end, at least some XORD are in circulation. Some real humans, if impatient, will be burned by quick profit chasing bots, some are among the current biggest holders, as on July 1, 2025, 9:55 AM ET visible on https://etherscan.io/token/0xe2ed3721180b228e56256488d1cd73b409ae8a58#balances

0xe2ED3721180B228E56256488D1cD73b409aE8A58 | Holdings: 86,140,494.85
Uniswap V2: XORD | Holdings: 4,794,732.13
0xa1Aa87c3f4751eC3bB3b4C45886c6C24bE340Ede29 | Holdings: 2,061,225.77
mrneverpullsout.eth | Holdings: 1,379,205.81
0x831B12A9fC6E71F4B9F8C8c4f8d4E1C0e173c54776 | Holdings: 1,033,213.14
0x9Ce1e239e4fC4B6fF9D4A5e54fC9B221b7D3 | Holdings: 695,857.25
0xF13176eCE4ed8d9aa4C335cD4f247458D4863FE4 | Holdings: 665,331.99
0xc55658cC6C5E8EEAC3E8C027B2F62C51Fac0714 | Holdings: 407,000.00
0xa6D8B3d5f3C5B6bF5F3E3D7B4F6CacdDc48f | Holdings: 279,651.48
0xf223218c4b4eC3bD6bF6E9B2B4146ff3A2 | Holdings: 217,094.81
0x6792D25B4c5E3B6fF9D4A5e54fC6380Cc866 | Holdings: 150,975.05
0x2c761B704c5E3B6fF9D4A5e54fC4cDf5DA1f | Holdings: 112,770.05
0x4e1b1446cB3b4C45886c6C24bE34cB38852D2 | Holdings: 100,586.74
0x7bb33603cB3b4C45886c6C24b709752A71 | Holdings: 100,000.00
0x510D234AcB3b4C45886c6C24b6ee82678 | Holdings: 70,000.00

Public Claim Outcomes | XORD Now Worth More

Out of the original 28,000,000 XORD allocated for public claim:

9,740,000 XORD were claimed (9.74% of total supply, 34.79% of claim allocation)
18,260,000 XORD were not claimed and are now locked forever (18.26% of total supply, 65.21% of claim allocation)

As a direct result of 18.26 million XORD being permanently locked, each remaining XORD token now represents a larger share of the fixed supply, making every token in the ecosystem exactly 22.3% more valuable than if all 100 million tokens were in circulation.

Forensic Note: Mitigating Bot Exploitation in Airdrop Claims

The 0.00025 ETH fee (~$0.61 at $2,438.88/ETH, July 1, 2025, 9:55 AM ET) for our publicClaim function failed to deter bots, enabling bulk wallet creation that drained the airdrop pool and fueled community mistrust. To counter this, we propose:

Higher Dynamic Fees: Raise the claim fee to 0.0025–0.005 ETH ($6.10–$12.19), adjusting dynamically based on claim volume or pool size, similar to LayerZero’s Q2 2025 ZRO airdrop, where a $0.10-per-token donation cut bot claims by ~60% (LayerZero Scan data).
Complex KYC: Implement tiered KYC (e.g., ID verification + liveness check via third-party providers like Civic), limiting claims to verified users. This mirrors Blur’s 2023 airdrop, which reduced Sybil attacks by 85% per on-chain analysis.
On-Chain Wallet Age Checks: Restrict eligibility to wallets with ≥90 days of activity (e.g., ≥10 transactions or $100 in asset holdings), verified via Etherscan or Dune Analytics queries. This blocks bulk-created wallets, as seen in Arbitrum’s 2023 airdrop, which filtered out 30% of new wallets, preserving 12.75% of ARB tokens for legitimate users.

This multi-layered approach balances bot deterrence with user accessibility, preventing pool drainage while maintaining fairness. We were well aware of these measures but, due to financial constraints, were unable to implement them. Take this note as our manual for others wanting to deploy similar systems.

We simply stayed stealth to protect human users while bots had their vicious fun.

Forensic Entry — ETH Fee Collection

Action: Deployer collected all ETH fees from publicClaim calls
Function: collectETH()
By: 0x2E432Bf92629b009eF6E04507f0588ad3E3c8433 (Deployer)
Contract: 0xe2ED3721180B228E56256488D1cD73b409aE8A58 (XORD)
Tx Hash: 0xf93d099d4b4c9a25f95858bbcac217e9adb6fb4eeb6945a6f41720f50e6d834c
Timestamp: July 1, 2025, 14:45:59 UTC

Significance: This on-chain action formally closes the public claim process and marks the deployer’s retrieval of all accumulated ETH claim fees.

XORD Conclusion

The publicClaim event concluded on July 1, 2025, at 8:44:11 AM EDT. Of the 28,000,000 XORD allocated, 9,740,000 were claimed, and 18,260,000 are now permanently locked and inaccessible.
Forensic analysis of on-chain data confirms that the overwhelming majority of claims were executed by organized, automated Sybil farms ("kkk Bot," "Not Yoink"), which systematically drained the available allocation.
The permanent removal of 18.26% of the total supply has increased the mathematical scarcity of every remaining XORD token by exactly 22.3%.
This event served as a live, transparent case study into the mechanics of bot exploitation on a permissionless system. The accumulated claim fees have been collected by the deployer, officially closing the event and securing the assets for future project development.

Acknowledgments

This Forensics Report was made possible by the foundational work of the engineers and developers who build and maintain the Ethereum Mainnet.

In our commitment to the proper and honest use of technology, we extend our gratitude to the advanced AI models that assisted in this analysis:

Gemini 2.5 Pro (Google) for its powerful data processing and analytical capabilities.
ChatGPT-4.1 (OpenAI) for its assistance in structuring complex information.
Grok (xAI) for its utility in generating the HTML code for our web presentation.

These tools were instrumental in the production of this report. Let us not abuse the fantastic technology true geniuses are bestowing upon us for meager profits. Yes, I can hear the bot farm operators snickering—for while they make millions, that is peanuts compared to the real wealth we should be creating in order to make the world a better place.

Return to XORD LLC ⟶ DISPATCHES