Back to all stories
Technology
Following the Money, with SkyTrace
11/23/2021
Following the Money, with SkyTrace

Here at CertiK we're constantly working to keep you up to date on everything blockchain security. We recognize the importance of security, especially when it relates to protecting projects against substantial losses in cryptocurrency. In 2021, $1.3 billion in cryptocurrency was lost to hacks, exploits, and scams. This is a large increase from the over $500 million dollars lost in 2020. 

From community alerts to the Security Leaderboard we have been delivering new products to help you Do Your Own Research (DYOR) for over 3 years now. Today we are thrilled to introduce SkyTrace as part of CertiK’s family of products. SkyTrace is a graphical trace tool for tracking suspicious activity on Ethereum and BSC wallet addresses. It allows you to track money between wallets, contracts, exchanges, and chains. Head over to SkyTrace to check it out. 

With this visualized data and wallet insights you’ll be able to improve your risk management. From Fraud prevention and AML to seeing what interactions a wallet has had previously, SkyTrace will help you navigate through the DeFi space more securely.

Let's take a look at what SkyTrace has to offer:

SkyTrace has monitored:

  • Over 4 billion asset transfers
  • Over 3 billion transactions
  • Over 4 million accounts
  • Over 14 thousand tokens

With SkyTrace you can visualize the flow of transactions as well as check past interactions that a wallet has had. So what’s the benefit of using SkyTrace? If you’re going to invest in a new project and want to make sure that the developers don’t have suspicious past history, then SkyTrace can help you look at project wallet addresses and visualize  previous transactions and interactions that they’ve had. For example, seeing interactions with tornado cash would be a red flag. From there, you can investigate this further and ask the developer about it, or decide that it’s too risky for you and move on. 

Lets get a few big questions out of the way:

What is SkyTrace?

SkyTrace is a graphical trace tool for tracking suspicious activity between Ethereum and BSC wallets.

Do I need to purchase SkyTrace to use the tool?

SkyTrace is currently FREE. You can check out the tool here. By using the tool you hopefully see the value CertiK brings to this space. CertiK has a broad set of other products and tools you may benefit from, and we encourage you to check those out too.

What can I do with SkyTrace?

With SkyTrace you can identify links between counterparties, visualize the flow of funds, and reduce the risk of fraud or Anti-money laundering (AML) activity.

Can I filter for certain activities?

Yes, you can filter for transfers based on $ dollar amount or dates using the filter options above the graph itself. You can also highlight and freeze specific activity by selecting ‘route’ on the nodes.

Can I save a specific visualization trace with the tool?

Yes. Click ‘share’ to generate a custom link that will revert directly to the wallet visualization you created.

How can I connect multiple wallets?

Highlight any wallet node and click ‘expand’ to continually link together different addresses.

What types of addresses are supported in SkyTrace?

SkyTrace identifies addresses that are externally owned accounts, smart contracts or special wallets, such as exchange hot wallets.

What chains are supported with SkyTrace?

SkyTrace currently supports Ethereum and BSC addresses.

Now lets put this into practice. We’ll take a look at the recent squid games rug pull and use Skytrace to track the money! If you’d like to see a video walkthrough instead, go ahead and check out our recent video Skytrace walkthrough

When you arrive at the skytrace website you’ll see the following:

In the top left you can choose your chain (ETH and BSC for now with more to come soon). Then you input a wallet or contract address. In the following example we’ll use the squid games rug pull. When you enter the contract address you see the following populated.

Now this is a lot of data that has been graphed for us. Let's use the filters up on top to clean this up a bit. We’ll start by eliminating transactions of less than $20k USD.

With this filter the data is much cleaner, but still a bit confusing. Let's go ahead and move the nodes around to organize them by type. We’ll put the Squid contracts on the right, DEX transactions on the left, and end points on the bottom.

With this organization we now start to get a picture of what happened. Money left the squid games contracts and went to the externally owned account in the middle. When you click on any contract, externally owned account (EOA), or wallet address, you’ll notice a box pop up on the right side. This will show the transaction history of that end point. 

Scrolling down the top token assets list, you can see the transaction history.

Now we’ve looked at the money leaving the contracts, going to an externally owned account, out to pancake swap where it was swapped into many different high liquidity pairs, and eventually sent to tornado cash which is used as a tumbler to hide where the money goes after that. Tracking money through tornado cash is virtually impossible


This is just one example of how to use SkyTrace. To get familiar with SkyTrace, head over to the tool page and take it for a test drive yourself - After all it's FREE!