-
-
Concpet
-
Actual Product
Inspiration
Arbitrum lost 253M ARB, which is 21.8% of their entire airdrop, to confirmed Sybil clusters. HOP Protocol found farms of 25 to 516 fake wallets controlled by single operators. Existing tools are either rule engines that attackers learn to route around, or enterprise black boxes with no explainability. Nobody had built an AI-native detector that reasons about behavioral intent rather than matching known patterns. That is what we did.
What it does
Paste a list of airdrop recipient addresses. SybilScope fetches their on-chain history, builds a live wallet graph, and runs JAC's Walker agent through the funding network collecting multiple structural and behavioral signals per wallet: shared funders, linear chains, identical transfer amounts, community clusters, behavioral similarity, k-hop Sybil proximity, and four entropy fingerprints capturing bot cadence.
A GPT-4o reasoning layer then asks "is there any innocent explanation for this behavior?" rather than "does this match a known pattern?" When confidence is low, the agent autonomously fetches deeper data and reinvestigates without human input.
Results render as a force-directed graph. Sybil clusters light up red in hub-spoke structures with the master wallet at center. Click any node to see the AI verdict, confidence score, and cited evidence in plain English. On our labeled dataset of confirmed HOP Protocol Sybil addresses, we caught every cluster with zero false negatives.
How we built it
JAC is not a wrapper here. It is the reason the architecture works.
Every wallet is a node. Every on-chain transfer is a directed edge. The Transfer sub-graph builds itself from transaction data using JAC's native primitives — no NetworkX, no adjacency lists. Louvain community clustering runs separately in Python for community detection. AI agents walk the graph natively without any separate agent framework. The key breakthrough is that the AI does not receive a flat list of numbers. It receives the actual graph structure: wallet nodes and the transfer edges between them. That means it can reason about things like cycles, fan-out patterns, and shared funding chains the way a human analyst would, not just compare statistics.
When the AI is uncertain about a cluster, it picks from four investigation actions: expand the funding tree, look for sibling clusters, check whether timing patterns look scripted, or compare against legitimate users. It runs those actions, reflects on what it found, and updates its verdict. All of this is expressed in JAC with no manual prompt writing and no output parsing.
Detection logic covers timing analysis, chain detection, transaction count fingerprinting, funding tree traversal up to 3 hops, amount anomaly detection, k-hop label propagation, Louvain community clustering, and four entropy fingerprints. Python handles the data layer: Etherscan and Arbiscan API calls, all cached locally so the demo runs instantly. FastAPI serves the backend. D3.js renders the force-directed graph with cluster-aware positioning and directional arrows.
Challenges
JAC's type system is strict in ways Python never is, which forced cleaner architecture but cost debugging time. Finding labeled ground truth was harder than building the detector. Most Sybil datasets are private and politically sensitive. HOP Protocol's open bounty issues gave us the only public source of human-verified clusters at useful scale. Louvain clustering produces weak results on sparse wallet data, so we added post-LLM override rules to catch cases where the model under-called obvious structural signals.
Accomplishments
The AI sees the graph, not just numbers. SybilScope passes wallet nodes and transfer edges directly into GPT-4o, so it can reason about cycles, fresh fan-outs, and ring structures the way a human analyst would. No prompt engineering. No JSON formatting. One line of JAC.
We built the Transfer sub-graph with walkers, not libraries. The Sybil sub-graph emerges from transaction data itself using JAC's native primitives, with no NetworkX for the Transfer graph construction. On our demo set, clusters showed visible ring structures and fan-out patterns with zero internal edges.
We turned label propagation into a walker. The SybilProximity walker spawns from every known Sybil seed, spreads through the funding network with hop decay, and gives every wallet it reaches a proximity score — a graph-topology signal no flat feature model can produce because it only exists in the edges.
We gave the AI timing signals that actually work. Four entropy features separate scripted bots from real users based on transaction cadence, hour-of-day patterns, day-of-week patterns, and protocol sequences. Bots have low entropy. Real humans are irregular. These signals catch coordination that timing averages alone never could.
Zero false negatives on real data. Every flagged wallet gets a specific evidence list and plain English reasoning a project team can audit and publish — not a black box score, a cited argument. The agentic loop self-corrects without human intervention.
One JAC file, end to end. Data fetching, graph construction, feature enrichment, AI classification with sub-graph input, agentic reinvestigation, and final verdicts. No LangChain, no LangGraph, no output parsers. The agentic loop reads like pseudocode because JAC gives you the building blocks that would otherwise require five separate frameworks.
What we learned
JAC's Walker paradigm genuinely changes how you think about graph problems. In Python you reach for NetworkX, manage visited sets manually, and bolt on a separate AI framework. In JAC the walker is the agent and the graph is the execution model at the same time. For on-chain activity, which is naturally graph-shaped, this is a real productivity unlock.
The real breakthrough is that JAC lets the AI see your graph the way your code sees it. Every other framework makes you flatten structured data into text before the AI can read it. A flat model can never tell you these three wallets form a cycle, because the cycle only exists in the edges. JAC made the AI see the edges.
What's next
The agentic investigation loop will become fully walker-native. Today it calls four Python helper functions. Each should become its own walker class that literally moves through the live graph rather than through Python code. The LLM would spawn walkers on demand as it investigates.
We will add counterparty intersection detection to catch sophisticated Sybils that avoid direct wallet-to-wallet transfers but still share infrastructure like exchange hot wallets, bridges, and relayers.
Cross-chain analysis to catch farms that bridge across Ethereum, Arbitrum, and Optimism to obscure funding trails. Confidence calibration against a larger labeled dataset. Allowlist integration to auto-clear known legitimate actors before results reach a project team.
For practical deployment, project teams can add a review clause to their token contract that allows flagged tokens to be locked or returned to supply. SybilScope provides the evidence layer that makes that clause enforceable — not a black box accusation, but a cited, auditable argument.
Log in or sign up for Devpost to join the conversation.