Ethereum: the Messaging App
On 11th August, we saw the single largest cryptocurrency hack of all time. $611 million dollars were stolen from PolyNetwork. The humongous amount wasn’t the only unique characteristic of this hack. Unlike most hacks, this one had an ongoing narrative accompanying it, supplied by messages sent to and from the hacker’s address. It even had a self-published Q&A series!
In this article we take a look at the various ways Ethereum users have been using their wallets to communicate with the world and each other, looking at:
- Input Data Messages (IDM)
- Non-Standard IDMs
- Verified Signatures
Input Data Messages (IDM)
IDM is the term we’re coining to describe messages sent via the Input Data field in an Ethereum transaction. The input data field is widely used to inform the blockchain on what contract calls are made as part of a transaction. Data is written in hexadecimal form which can be decoded to show the exact function being called.
However, the same field could be used to enter hexademical data that — when converted to UTF-8 encoding — is represented as text.
Identifying which out of all the transactions done on Ethereum are IDMs is a challenge, as contract-interaction transactions could be converted to UTF-8 (appearing as gibberish) while those meant to be messages could have some characters incorrectly formatted (thus showing up as part-gibberish).
From the messages we could identify, their use could be categorized into:
- Transaction receipts/notes
- Description of properties (in JSON)
- Crypto begging
- Advertising
- Conversations
Transaction receipts/notes
The most predominant use of these messages appear to be in the form of receipts/notes. When attempting to look for common words used in IDMs involving a subset of addresses, one such example completely dwarfed every other word.
Another example of receipts are from the Anyswap: BSC Bridge address. In this case, Anyswap includes the transaction hash of a user’s deposit on BSC as an IDM in the Ethereum transaction they send to the user. Users can simply copy and paste the hash into BscScan.com to double check their BSC deposit.
Verification
Some addresses use IDMs to do verification. In one example, an address religiously sends itself an IDM on a daily basis.
Inspecting the IDMs shows that they follow a standard JSON format. We don’t know for sure, but we can speculate that it is a daily verification of smart contracts added to a registry.
Crypto Begging
Wherever there is a popular or newly rich address, you can bet that another address will be messaging them to “help muh famili”. A sample of messages sent to Vitalik (Vb address):
For those looking to ask for money, remember that your chances of success is higher if you first add value to the other party (although in this case, whether or not the funds are legitimate is a separate story).
Advertising
In contrast to the begging messages, some entrepreneurial folks instead send IDMs to popular addresses to promote their wares. This address spammed more than 150 addresses with an IDM promoting a campaign to raise funds for “TROLL HUNTERS — the First tokenized 3D animated movie”. Unfortunately, it seems that the fundraise was not completed successfully.
Another kind of ‘advertising’ is an address regularly posting links to their product in IDMs such that it gets picked up by crawlers like us. Folkspaper, a self-dubbed “fast-growing newspaper curated by the online community”, consistently posts links to their articles in IDMs sent to themselves.
Conversations
Finally, the kind of IDMs most interesting to online busybodies like ourselves are the on-chain conversations. A ‘heart-warming’ exchange between two MEV bot operators is the best example of a productive use of two-party IDMs.
In the space of 30 messages, the two hitherto online strangers and arbitrage competitors set up a partnership to ensure better profits for both parties and became friends!
By far the most active and interesting conversation we could find remains the one involving PolyNetwork Exploiter 1. Rewarding advice with 13.37 ETH, nurses and refugees requesting for money, encrypted messages, calling out scammer emails & the media, negotiations with the hacked project and Q&As, this conversation has it all.
Non-Standard IDMs
While most IDMs are sent simply as text, some require additional work to decode the messages.
Encrypted messages
These messages combine the public nature of blockchains and relative privacy of encrypted messages. Those who want to understand the message content would need to decrypt it.
Event logs
Used by the second THORChain exploiter as a message to their target, the message requires parsing through the event logs of 6 transactions and changing the line-by-line input data view from Hex to Text. Future DeFi exploiters, please stick to the standard IDM method!
Bytes
Another form of non-standard IDMs is by making the data (when converted to UTF-8) appear in byte format. For these cases, the reader would need to then convert the text from byte to string format using a tool such as this.
IDMs that appear as long series of numbers magically become human-readable.
Verified Signatures
Another type of message uses Ethereum but is not stored on-chain. A wallet owner can sign a message using their private key to prove that the message came from the signed address. The signed message can then be verified by anyone else using tools such as Etherscan’s and Mycrypto’s.
Etherscan keeps a record of the messages signed using our tool. While this tool is primarily meant to allow contract creators to verify ownership of their contract, it has since been used by thousands in the community for a variety of use cases.
Why would users opt to use verified signature messages rather than IDMs? For one, these messages are not tied to a receiving address. Anyone who lands on the Verified Signatures page on Etherscan can see a list of these messages without navigating to a particular address. The UX of reading these messages is also simpler — you don’t need to convert from hexadecimal to UTF-8. Perhaps most importantly, they do not incur transaction costs the way IDMs do.
Looking through these messages, we can see that they are used for different reasons than those used in IDMs.
- 30% of messages are used to verify their social media account.
Note: for those looking to do this to add a Public Name Tag to their address, take note that Etherscan needs to see the link to signed message on the social account to verify on both sides. An example for reference.
- 29% of messages are used to certify ownership of addresses using a format other than Etherscan’s (example).
- Only 9% of messages actually follow the Etherscan template (example).
- Interestingly, as much as 1% of these messages were used to indicate shipment delivery of courier services (example)!
Other than these uses, some interesting highlights include:
- Identifying an account for exchange support
- Releasing license for a smart contract
- Request for P2P loan on Bitcointalk
- Announcing correct Twitter account for DeFi project
- Voting on Uniswap governance
- Verification of financial audit
- Correction of wrongly sent USDT
… and to cap it off, what appears to be a love letter!
Due to its Turing-complete nature, Ethereum can be used for all kinds of things beyond DeFi or NFTs. Using it as a messaging app is one such example. The space for this use case is wide and under-explored. We look forward to seeing more done on this front!
How would you like to see Etherscan support Ethereum messages? Let us know.
