Changelog
A detailed log of changes, research, and additions to DNZN // RESEARCH.
Recent Changes
| DATE | PAGE | BRIEF |
|---|---|---|
| 2026-03-29 | XCL Reward Pool Contract Analysis | A comprehensive bytecode analysis of the Xcellar RewardPoolRegistry contract at 0xD8706D2D...dC2C2c, a standalone ETH reward distribution ledger deployed March 27, 2026 by the same address that deployed the XCL Rewards proxy. The contract implements paid registration (0.001 ETH) with off-chain reward crediting by a designated distributor. As of analysis date: 174 registered users, 0.174 ETH in fees collected, zero rewards deposited or claimed. Gas: 65 tok. |
| 2026-03-29 | Sentinel Treasury Operations (Update) | Major update covering Jan 23 – Mar 29, 2026. Treasury balance dropped from 550.57 ETH to 225.58 ETH with no new inflows. Intermediary payments accelerated from 5-8 ETH to 20-25 ETH per transfer (lifetime ~745 ETH across 28 txs). New Cycle 3: 84 ETH converted to ~235K USDT and distributed via intermediary to three downstream wallets — not reversed, unlike Cycles 1 and 2. At current drawdown rate (~36 ETH/week), remaining balance lasts ~6 weeks. Gas: 15 tok. |
| 2026-03-29 | XCL Rewards Contract Analysis (Update) | Updated analysis of the Xcellar XCL Rewards contract at 0x2A9848c3...764069, reflecting the implementation upgrade to v1.0.0 (0x435dc938...ca965) on March 27, 2026. The upgrade added 7 new functions including a priority snapshot fee mechanism (0.005 ETH) with fees flowing to an EOA rather than the reward pool. As of analysis date: 602 participants, ~633M XCL tracked, zero ETH distributed. Gas: 85 tok. |
| 2026-03-29 | Sentinel Mites Contract Analysis | A comprehensive bytecode analysis of the Sentinel Mites contract at 0x99c96efF...Ab2dCC, a custodial managed trading vault deployed March 28, 2026. The contract accepts user ETH deposits and a designated keeper executes trades via Uniswap V3 on users' behalf. At analysis time: 85 users, 162 trades, ~5 ETH deposited, ~0.018 ETH reported profit. The keeper (same EOA as owner) has full discretion over trade parameters with no on-chain strategy, no user consent mechanism, no multisig, no timelock, and no audit. 16 of 44 function selectors remain unidentified. Gas: 75 tok. |
| 2026-03-19 | Uniswap MerkleDistributor Contract Analysis | A comprehensive analysis of the Uniswap MerkleDistributor contract at 0x090D4613473dEE047c3f2706764f49e0821D256e, the canonical airdrop contract that distributed UNI governance tokens to approximately 250,000 historical Uniswap users beginning September 16, 2020. The contract implements the Merkle Distributor pattern — a single 32-byte Merkle root committed at deployment represents every eligible address and amount, with claims verified via on-chain Merkle proof verification. Gas: 45 tok. |
| 2026-03-18 | Merkle Trees | A technical overview of Merkle trees and Merkle proofs — the hash-based data structure underlying transaction verification, state management, and gas-efficient token distribution across blockchain systems. Covers tree construction, proof mechanics, Bitcoin SPV light clients, Ethereum's Modified Merkle Patricia Trie, the Merkle Distributor airdrop pattern, on-chain verification gas costs, and known vulnerabilities including second preimage attacks and the CVE-2012-2459 duplicate leaf bug. Gas: 75 tok. |
| 2026-03-18 | Anchoring | A technical overview of blockchain anchoring — committing cryptographic hashes of off-chain data to a blockchain as timestamped proof of existence. Covers the mechanics (OP_RETURN on Bitcoin, calldata on Ethereum, HCS on Hedera), major services (OpenTimestamps, Guardtime KSI, Chainpoint, OriginStamp), real-world legal precedents, L2 rollup state anchoring, and the historical connection to Haber and Stornetta's 1991 timestamping paper — the most-cited work in the Bitcoin whitepaper. Gas: 80 tok. |
| 2026-02-28 | zQuoter Contract Analysis | A comprehensive analysis of the zFi zQuoter contract at 0x658bF1A6608210FDE7310760f391AD4eC8006A5F, a fully stateless read-only quoter deployed August 26, 2025. The contract queries 14 AMM pools across five protocols (Uniswap V2, SushiSwap, zAMM ×4 fee tiers, Uniswap V3 ×4 fee tiers, Uniswap V4 ×4 fee tiers) in a single call and returns the best route plus ready-to-execute calldata for zRouter. Gas: 65 tok. |
| 2026-02-28 | zRouter Contract Analysis | A comprehensive analysis of the zFi zRouter contract at 0x000000000000FB114709235f1ccBFfb925F600e4, a fully on-chain DEX aggregator deployed February 12, 2026 as part of the zFi superdapp. The contract aggregates Uniswap V2/V3/V4, SushiSwap, Curve Finance, and zFi's own zAMM in a single 1,659-line standalone Solidity file with no off-chain dependencies. It also integrates Lido staking helpers, Uniswap Permit2, and zFi's .wei name registration system. Gas: 95 tok. |
| 2026-02-28 | Contract Analysis Service | Added a services page describing contract analysis reports available by request. The page covers the scope (what analysis includes, what it doesn't), report contents (six standard documents), pricing tiers, and links to published examples. Gas: 5 tok. |
| 2026-02-13 | Doubler Contract Analysis | A comprehensive analysis of the Doubler contract at 0xfD2487cc0e5dCe97F08BE1Bc8eF1DCE8D5988B4D, a historically significant Ponzi scheme from March 2016 that implemented queue-based wealth redistribution mechanics. This contract represents one of the earliest Ponzi schemes deployed on Ethereum during the platform's first year. Analysis completed from verified source code (Solidity v0.2.0) with on-chain storage verification showing 203 participants permanently stuck with ~32.44 ETH locked. Gas: 75 tok. |
| 2026-02-04 | ZeroMoon zETH Token Contract Analysis | A comprehensive analysis of the ZeroMoon (zETH) token contract at 0x41b242c36F7dc5f18be21c1a6B7b5e05b2FD6532, an ETH-backed ERC-20 token with dividend distribution deployed November 12, 2025. The token implements a refund mechanism allowing users to sell tokens back to the contract at 99.9% backing value, with deflationary burn mechanics capped at 20% of supply. Ownership has been renounced, making the contract completely immutable. Gas: 75 tok. |
| 2026-02-03 | Batch Sender & Sweeper Contract Analysis | A comprehensive bytecode analysis of an unverified utility contract at 0x4320b7...5C236, deployed January 9, 2026. This owner-controlled contract enables batch ETH and ERC20 token distribution to multiple recipients plus sweep functions for recovering accidentally sent assets. Analysis completed through bytecode decompilation, function signature mapping, and pattern recognition. Gas: 65 tok. |
| 2026-01-24 | SENT Day Percent Manager Contract Analysis | A comprehensive bytecode analysis of the Sentinel Day Percent Manager contract (0x1aa0c77d207cd2e20dc00523ee0511ac6514aeb3), an unverified configuration registry deployed November 25, 2025. This contract stores day-by-day percentages and amounts for a 100-day schedule but does not hold or transfer tokens — it serves purely as a read-only data source for other Sentinel contracts. Gas: 65 tok. |
| 2026-01-24 | Sentinel Treasury Operations | Repositioned the presale fund flow analysis as ongoing treasury operations research. The document now tracks the treasury wallet (formerly "beneficiary wallet") with emphasis on continuous monitoring rather than static analysis. |
| 2026-01-24 | Sentinel Treasury Operations (Update) | Major update to the presale beneficiary wallet analysis revealing that the USDT position was swapped back to ETH. On-chain verification discovered that the previously reported 1.84M USDT was converted back to ETH within hours of acquisition through two complete ETH→USDT→ETH cycles executed by the beneficiary wallet. Gas: 15 tok. |
| 2026-01-23 | SENT Claim Rewards Contract Analysis | A comprehensive bytecode analysis of the Sentinel Claim Rewards contract (0x33184cD3E5F9D27C6E102Da6BE33e779528A606D), an unverified claim tracking system deployed January 1, 2026. This contract manages reward claim eligibility and tracking for the Sentinel ecosystem without holding or transferring tokens directly. Analysis completed through bytecode decompilation, transaction pattern analysis, and storage slot inference. Gas: 65 tok. |
| 2026-01-21 | Sentinel Project Space | Created comprehensive Sentinel project space with high-level overview and research index. |
| 2026-01-15 | Eth Wallet Analyzer (Bug Fix) | Fixed error handling in the wallet analyzer tool that caused analysis to fail when addresses had no internal transactions. The tool now gracefully handles cases where Etherscan returns "No transactions found" or "No records found" responses by treating them as empty result sets rather than hard errors. |
| 2026-01-13 | SENT Token Allocation Contract Analysis | A comprehensive bytecode analysis of the Sentinel Token Allocation contract, an unverified centralized allocation ledger for tracking intended SENT token distributions. This pure accounting contract manages recipient-amount mappings without holding or transferring tokens directly. Analysis completed through transaction pattern analysis, function signature extraction, and bytecode decompilation. Gas: 65 tok. |
| 2026-01-13 | SENT Hive Registry Contract Analysis | A comprehensive bytecode analysis of the Sentinel Hive Registry contract, an unverified UUPS upgradeable membership tracking system for SENT token holders. This analysis reconstructs the contract's functionality from bytecode, identifying 33+ functions, complete storage layout, and upgrade mechanisms. |
| 2026-01-11 | Eth Wallet Analyzer Tool | A client-side browser tool for analyzing Ethereum wallet transaction history. Generates detailed reports showing ETH and ERC20 token inflows, outflows, top counterparties, and recent activity. All processing happens in the browser using Etherscan API data — no data is sent to DNZN servers. |
| 2026-01-11 | Cross-Linking Across Documentation | Added strategic cross-links throughout the documentation to improve navigation and create educational pathways between related concepts. Cross-links connect abstract concepts to real-world examples and technical mechanisms to practical case studies. |
| 2026-01-11 | BFT (Byzantine Fault Tolerance) | Byzantine Fault Tolerance (BFT) is the ability of a distributed system to reach consensus even when some nodes fail or act maliciously. This low dive covers the Byzantine Generals Problem, how BFT consensus works (including the 3f+1 requirement), practical BFT (pBFT) and its three-phase protocol, modern variants like Tendermint and HotStuff, and the vulnerabilities that threaten BFT systems. |
| 2026-01-09 | Privacy Policy | Added a privacy policy page to document Google Analytics usage. The policy explains what anonymous data is collected (page views, device info, referrals), confirms no personal information is gathered, and provides options for users who prefer to block tracking. |
| 2026-01-09 | Market Makers (Revised) | Revised the Market Makers article from deep dive length (~508 lines) to proper low dive format (~257 lines). Removed redundant case study content that duplicated other deep dives, added TL;DR section, reduced diagram count from 9 to 2, and converted detailed case studies to brief mentions with cross-references. |
| 2026-01-09 | Alameda/FTX Collapse | The November 2022 collapse of FTX and Alameda Research demonstrated what happens when a market maker operates without oversight, with privileged exchange access, and with other people's money. Alameda had secret exemptions from FTX's risk controls, including immunity from auto-liquidation, and used customer deposits to cover trading losses. |
| 2026-01-09 | MOVE Token Scandal | Movement Labs executives colluded with their market maker to dump $38M worth of MOVE tokens on retail investors immediately after the December 2024 exchange listing. Internal documents showed explicit incentives to "manipulate the price to over $5 billion FDV and then dump on retail for shared profit." |
| 2026-01-09 | Mantra OM Collapse | On April 13, 2025, Mantra's OM token collapsed 92% in hours — from $6.21 to under $0.50 — wiping out $5B+ in market cap. OKX alleged circular collateralization schemes where USDT loans backed by OM were used to buy more OM, creating artificial price support that collapsed when risk teams froze accounts. |
| 2026-01-09 | Glossary (Update) | Added market maker terminology to support the new deep dive articles. Additions: Market Maker, Designated Market Maker, DMM. |
| 2026-01-08 | Beanstalk Governance Attack | On April 17, 2022, an attacker used a $1B+ flash loan to gain 79% voting power in Beanstalk's governance system, then executed a malicious proposal that drained $182M from the protocol in a single transaction. The attack exploited the emergencyCommit() function which allowed same-block proposal execution without delays. |
| 2026-01-08 | Flash Loans | Flash loans are uncollateralized loans that must be borrowed and repaid within a single blockchain transaction — if repayment fails, the entire transaction reverts. This article covers the mechanics, legitimate use cases (arbitrage, collateral swaps, liquidations), major providers and their fees, attack patterns that have exploited vulnerable protocols, and defensive measures. |
| 2026-01-05 | Jared 2.0 MEV Bot Contract Analysis | A detailed bytecode analysis of the Jared 2.0 MEV bot contract (0x1f2f10d1c40777ae1da742455c65828ff36df387), the second iteration of the notorious jaredfromsubway.eth sandwich attack infrastructure. This analysis examines the contract's multi-DEX integration, stateless architecture, and the technical mechanisms enabling multi-layer sandwich attacks. |
| 2026-01-04 | jaredfromsubway.eth | A comprehensive analysis of one of Ethereum's most notorious MEV bot operators. jaredfromsubway.eth rose to infamy during the April 2023 memecoin frenzy, executing sandwich attacks that extracted an estimated $22M+ in revenue while spending $34M in gas fees. The article covers attack mechanics, timeline of activity, contract addresses, evolution to "Jared 2.0" with multi-layer attacks, and protection mechanisms available to traders. |
| 2026-01-04 | Proxy Contracts & Upgradeability | Proxy contracts enable smart contract upgradeability by separating storage from logic — but this flexibility introduces trust assumptions and attack surfaces. This article covers how delegatecall works, the major proxy patterns (Transparent, UUPS, Beacon), EIP-1967 storage slots, and the vulnerabilities that have cost protocols hundreds of millions. |
| 2026-01-04 | Bridges | Cross-chain bridges enable asset transfers between isolated blockchains by introducing trust assumptions — and those assumptions have cost users over $2.8B since 2022. This article covers the mechanics (lock-and-mint, burn-and-mint, lock-and-unlock), the trust spectrum from centralized custodians to ZK-verified systems, and a graveyard of major exploits. |