Viewnodes

@viewnodes

Fat-finger or token laundering? Explaining that $300,000 fee Ethereum transaction

Last week, crypto-centric forums went abuzz with the discovery of a bizarre Ethereum transaction. The amount sent was normal enough: 0.1 ETH, around 14 dollars at the time. Nothing strange there. What stuck out was the fee: 2100 ETH, or 300,000 US dollars. The network was operating as normal at the time, so the usual gas price (about 2 cents) would have likely gotten the same transaction through. This was a mystery then — one with two possible causes.

The simplest answer, though painful to imagine, is a mistake by the sender. This happens with some frequency, as anybody with a portfolio tracking app will likely know. If you’ve used Blockfolio, Delta or a similar price tracking app, you might have seen smaller-cap currencies occasionally show increases in the millions of percent ranges. If you happen to own the currency in question, you might momentarily think you became a multi-billionaire in an hour but alas, not so. This happens when someone pays far too much above market price on a decentralized exchange — either by putting the decimal point in the wrong place, or mistakingly purchasing the wrong currency with a different exchange rate. This is often referred to by crypto enthusiasts as a fat-finger.

Example of a fat-finger purchase appearing on a portfolio tracker

It is theoretically possible that the ludicrous fee on that Ethereum transfer was the result of a user error, but it is unlikely. Most Ethereum wallets are quite intuitive, and you would need to go out of your way to enter the fee directly. In this case, it’s also improbable the sender confused the transaction with the fee, since 0.1 ETH would still be orders of magnitude too high.

That leaves the other potential explanation: money laundering. Or, more accurately, token laundering. The sender wanted to mask a large transfer, likely to himself or herself, by assigning the transfer as a fee and ensuring he or she could collect it. If it were not such a conspicuous amount, this would be quite ingenious. Anyone tracking a user’s trail through the blockchain will see a relatively insignificant amount of ETH worth 14 dollars or so go to a random address, while in the back end a large amount of ETH has vanished from the original wallet.

This is exactly what happened. In fact, it’s not the first time — the exact same wallet has done this in the past, with fees of 840 ETH and 420 ETH, and some smaller amounts. This should immediately rule out a mistake as the cause. No human being capable of earning $300,000 dollars would make that mistake twice — it would be a life changing event for 99.9% of the population. Not a positive life changing event, but certainly a learning experience.

How could this be achieved safely? Any miner would snap that transaction up immediately, likely funding his enterprise for several years in one swoop. Nobody would take that risk. Accordingly, the individual did not broadcast the transaction to the network, which indicates that they are either a miner or operating in conjunction with a miner. This would be necessary, as the miner would need to secure a nonce for the next block, and then include the Tx in question. But, if all of that could be accounted for, the transaction would be completely safe. This explanation is basically confirmed when we note that the previous suspicious transactions were all mined by the same node.

This is still a great deal of effort to perform an obscured transaction, so it gives us an indication of what sort of operation the culprit is running and why it might be necessary. The most likely scenario to require such ingenuity is the need to break a trail of stolen, hacked or otherwise ill-gotten Ethereum. Victims of a hack often observe the movement of funds after-the-fact, and alert exchanges if the bounty has moved to one of their addresses. In this instance, they likely will not see the huge fee as long as the wallet makes many similar small transactions (which this one also did). In this case someone did notice the irregularity and it was clearly of interest to others, given the absurd amount. Still, it’s pretty clear we’ve observed a new method by which blockchain tokens can be ‘cleaned’, one which hackers might well continue to adopt when moving stolen crypto-assets.

Article by Byron Murphy, Editor at Viewnodes. All opinions are the author’s alone. For information on some of the services provided by Viewnodes, including our Tezos delegate, click here.

More by Viewnodes

Topics of interest

More Related Stories