Tracking the poaching of poignant coins: Reserves proving suspicious clouds, financial outflows and rights protection

The author, Wu, says the block chain

The current U.U. said unencrypted podcasts invited Darcy of FlashRescue (FlashFlash) to discuss the recent events of high-profile polycoin. Darcy described the team ' s experience in the investigation of digital asset cases and asset recovery and stated that the starting point for its involvement in the case was the victim ' s recourse。

The programme focused on analysing the suspicions of the Platform's declared certificate of reserve (PoR), including the large number of so-called “reserve assets” that were actually in the project's chain of control, the lack of effective cross-chain certification with official stable currency assets, and, at the same time, the investigation found that part of the funds continued to flow while users were unable to withdraw their currency. The parties further discussed the basis on which cases could be more likely to be characterized as fraud, the role of acquaintance networks and “team leader” models in bringing new people to life, the legal risks that KOL might assume, and what the victims needed most to do at the moment was to establish evidence, aggregate leads, facilitate cases and freeze funds as soon as possible. Overall, the programme focused not only on single platform disputes, but also on systemic risks behind small and medium trading platforms, fund roll-out and fraudulent asset endorsements。

How FlashRescue intervenes in the multi-currency investigation

Cat: Welcome to this issue, Wu says no encryption podcasts. This time, we're going to the Darcy in FlashRescue to talk about the recent multi-currency event. Let me introduce you to your team。

Darcy: Thanks for the invitation. FlashRescue is a Salus-based team focused on digital asset investigation and asset recovery. Members have a long history of financial tracking, case investigation, exchange coordination and mutual legal assistance, dealing with cases of virtual currency fraud, wallet theft, Rug Pull and unusual money flows on the exchange。

Cat: How did you notice about the multi-currency case? Looks like you guys were one of the first teams to discover that there was a problem with the PoR。

Darcy: We didn't find out at first, but the victims found us to commission the investigation. The intervention revealed that this case is similar to the cases we have dealt with before: foreign claims of asset support, but so-called assets are actually controlled by the project party itself, users cannot exit, and the platform continues to transfer funds。

IN SIMILAR CASES, THE ISSUANCE OF SELF-DIRECTED CREDITS AFTER THE VALUE OF A FALSE ASSET HAS ABSORBED FUNDS AND HAS RESULTED IN CONVICTIONS FOR FRAUD; IN OTHER CASES, A FALSE PROFIT MODEL HAS EVOLVED INTO A PONZI SCHEME IN WHICH THE PRINCIPALS AND THE SKELETONS HAVE BEEN RETRIED AND THE SEIZED BTC, ETH, USDT HAVE EVENTUALLY BEEN RETURNED TO THE VICTIMS。

This side of the coin began with users expressing their inability to take the money, and then came up with accounts frozen, unconnected and no progress made, many of which were stuck on the platform。

When the number of victims is significantly increased, we judge that this is no longer an individual case, but rather an event that may affect a large number of investors, moving from an individual to an open investigation and issuing the relevant instructions。

Cat: You just mentioned that there are users who can't come to you for help, and you get involved and there's a problem with their PoR. I see your tweets at the time that most of its assets are in the chain of its own issuance, unlike the normal 1:1 anchored USDT, USDC. Is this the general connection? Or is there a more detailed investigation? Because many exchanges, although issuing PNRs, do not usually disclose the exact address and the funds。

Darcy: This is not an example from our investigation. The financial reserve of the Institute is clear as a whole and is largely unchanged。

HOWEVER, MANY SMALL PLATFORMS ARE MORE LIKE "CX" OR "FUND ROLL." WE HAVE VERIFIED AND FOUND THAT FEW ARE TRULY QUALIFIED. IT IS ONLY IN THE LIGHT OF SOME REALISTIC CONSIDERATIONS THAT WE HAVE NOT YET DONE SO IN FULL。

Cat: I've been wondering why people use these little platforms. Many may have gone to high returns, but behind them is a typical logic of fraud. In particular, as in the case of polyesters, there had been many problems before, and why did anyone continue to use them? Who are the main users you're seeing

Darcy: From what we've come across, the core is the network of acquaintances. Such cases usually have a “team leader” role, who uses their original trust relationship to pull people. They may be influential in circles, or they may have some prestige in real life, so it is easier for people around them to trust them。

Many team leaders did not necessarily know that it was a scam, and at first they believed it was a profitable project. There are now many team leaders who come to us and want to join in defending their rights because their own funds cannot be mentioned。

Cat: But the team leader himself can profit from it. It's just that this time they were damaged because they didn't have time to raise the money they earned

Darcy: Yeah, that's right。

Cat: Plus, I saw you post a tweet saying that although users can't come up with money, the platform continues to transfer its own funds to other exchanges and management companies。

Darcy: Yeah. We've investigated that during the time when users were banned from taking notes, they transferred 36 funds out of the PoR address, totalling about $3 million。

THESE FUNDS WENT TO A NUMBER OF IDENTIFIABLE ADDRESSES, INCLUDING THE FULL VALUE ADDRESS OF THE CURRENCY, A HIGH FREQUENCY DISTRIBUTION ADDRESS AND A COMMON OKX ADDRESS. AT PRESENT, THESE ADDRESSES ARE WITHIN THE SCOPE OF BEING TRACEABLE, SUBJECT TO FREEZING AND CO-CHECKABLE。

Cat: Is it frozen now

Darcy: Not yet。

Cat: Have you contacted these exchanges or management agencies

Darcy: Since the case has not yet been officially opened, there is little point in promoting the freeze。

A POIGNANT OR FRAUDULENT PROMOTION, KOL MAY ALSO BE INVOLVED IN THE DUTY OF COMMUNICATION AND DISTRIBUTION

Cat: What would be the legal characterization of the polycurrency incident? In addition to not being able to mention the currency, it was said that the account had been emptied. And what do you think of all the marketing activities that went on for months

Darcy: The key is the chain of evidence. The first question we have to answer when we take over is: Why would a user deposit money in a coin

Here's the difference. This is a completely different situation if the user is aware of the risks of the platform and is willing to contribute, and if the user is convinced that it has real solvency based on the platform。

SO WE STARTED BY SYSTEMATICALLY COMBING THE PLATFORM'S EXTERNAL INFORMATION, INCLUDING THE OFFICIAL NETWORK, THE WHITE PAPER, AMA, THE FOUNDERS' PUBLIC STATEMENTS, KOL ADVOCACY AND THE RESERVE CERTIFICATE PAGE. THE CORE EXPRESSIONS THAT HAVE BEEN REPEATED INCLUDE “$510 MILLION RESERVE” “123.8 PER CENT RESERVE RATIO” “THIRD PARTY RESERVE CERTIFICATE” “FUND SECURITY, READY PAYMENT” ETC. THESE CAMPAIGNS CONTINUE TO SEND A SIGNAL TO USERS THAT THE PLATFORM HAS SUFFICIENT ASSETS AND THAT THE FUNDS OF THE USERS ARE SECURE。

Then we found, in the context of the victims, that the users believed that it was for different reasons, but at the core there were two points: the platform's propaganda and the network of acquaintances. There were those who believed in the data on the reserve, that the funds were “safe and ready to be paid”, and those who mistakenly believed that the platform was still capable of being repaid because it had been operating for many years。

Having continued to do so, we first identified a key issue: the $510 million declared by the Platform, the vast majority of which is not the real third-party assets normally understood by users, but are located within the Juchain system and controlled and deployed by the project. The so-called USDT, USDC, also found no verifiable cross-chain proof of the existence of official Tether, Circle assets。

This means that the “reserves” in the Platform's communications are not the same concept as the real reserves understood by ordinary users. Later on, users began to be unable to cash, accounts were cleared and historical assets were scrapped, but the platform continued to operate, market activities and draw new money, and the nature of the case was clearly different from the general business failure。

In combination with the financial flows we track – and the continued outward transfer of funds by the platform during the time when the coin was banned – we are more inclined to push it in the direction of fraud, based on existing materials and similar jurisprudence。

CAT: YOU'VE ALSO CONSULTED A LOT OF KOL MATERIAL. DOES KOL, WHICH IS A MULTI-CURRENCY PROMOTION, GET LEGALIZED

Darcy: From our point of view, when victims find us, they often have suffered a great deal, so we give priority to recovering funds. KOL is not the most critical recourse in the case, and therefore will not normally be our priority。

BUT IF MORE VICTIMS FOLLOW UP WISH TO DEFEND THEIR RIGHTS AGAINST KOL, THERE IS A REAL RISK THAT THEY WILL BE HELD ACCOUNTABLE。

Cat: In your experience, where does this kind of accountability usually fall? Like a fine, or a con

Darcy: It is generally more likely to involve issues related to couriers or marketing。

The focus of the defense is to start a case and freeze traceable funds as soon as possible

Cat: You just mentioned that you're pushing for a case. When the victim found you, where was this case now? What exactly did you do

Darcy: We have a clear focus on helping to entrust our victims to move cases forward as soon as possible to the stage of case-setting, identification and freezing of funds。

A LOT OF PEOPLE ARE NOW CONCERNED ABOUT WHO THE BOSS IS, HOW KOL GOES ABOUT IT, WHETHER OR NOT TO GO TO THE TEAM LEADER. BUT IN OUR VIEW, THESE ARE NOT THE MOST CRITICAL ISSUES AT THE MOMENT. IN THIS CASE, IT IS OF PARAMOUNT IMPORTANCE TO SEE WHETHER EXISTING MATERIAL CAN BE CONTROLLED AND RECOVERED AS SOON AS POSSIBLE。

Because in such cases, the persons concerned and the company ' s principals are often overseas and may not be the same individuals, either in front of or behind the scenes. If people are followed first, the cycle is usually long, and when people find it, the funds may have been transferred long ago。

So our central thinking is that as long as money remains in the chain, or in the exchange, trusteeship system, there is the possibility of freezing and recovering. With this goal in mind, we have, on the one hand, fixed evidence, including platform information materials, certificates of storage, statements of victims, non-availability and zero-recording of assets, and, on the other hand, conducted a chain survey to identify the institutions to which the assets related to the commissary flow。

So far, we've found that some of the money went into the coin and cobo system. This is crucial, indicating that funds are not completely lost and remain within the reach of identification, freezing and tracing。

THE MOST CRITICAL NEXT STEP WOULD BE TO FACILITATE THE FORMALIZATION OF CASES AS SOON AS SUFFICIENT EVIDENCE AND ADDITIONAL INFORMATION ON VICTIMS WERE AVAILABLE. ONLY BY ENTERING THE FORMAL INVESTIGATION PROCESS CAN LAW ENFORCEMENT AGENCIES SEND LETTERS TO EXCHANGES AND TRUSTEES, FREEZE THE RELEVANT FUNDS AND RETRIEVE THE INFORMATION BEHIND THEM AND CONTINUE TO TRACE THE MOVEMENTS OF FUNDS。

So what we care most about now is not catching people first, but keeping the money in hand. As long as the funds remain, there will be opportunities for recovery. Once funds have been transferred through multiple rounds, under a chain of chains, and then pursued, difficulties, time and costs will increase dramatically。

So the whole thrust logic is simple: first fix the evidence, then organize the victims, and move forward as quickly as possible, then freeze the funds that can be found and then further refine them。

Cat: I have two questions. First, in the absence of a formal case, even if you find that funds have been diverted to exchanges or other agencies, the other party is not in a position to cooperate with the freeze. Secondly, I'm curious, too, why don't they wash their assets with a blended currency like Korean hackers

Darcy: It's hard to say. They have not done so, at least in the light of what we see now. Many fraud syndicates would, to some extent, be further accused of using tornado as a currency mixer. So sometimes they simply transfer money and do not necessarily continue to use it。

Cat: Got it。

Darcy: Yeah, because liars and hackers are two different modus operandi systems。

Cat: But wouldn't the charge be heavier if it had been defrauded

Darcy: It's hard to generalize, depending on how it works. Some funds are already embedded in the amalgamation, money-laundering logic when mechanisms are designed. For example, the funds drawn from user fillings, cash withdrawals and platforms are themselves mixed. Some teams even specialize in this type of technology and combine this logic directly with the platform。

There are, however, a number of more straightforward approaches to fund-raising, namely, deceiving money before moving out. It's very difficult for us to know exactly what they think。

In any case, at least this time they did not do so, leaving us room for tracking and disposal。

Lack of information is the greatest obstacle to the development of cases, and victims should retain evidence and organizational leads

Cat: What are the greatest obstacles you are facing in helping victims to defend their rights? The chain tracks at least the other side has not been mixed, otherwise the difficulty would be greater。

Darcy: The greatest difficulty now is the insufficient collection of information and evidence on victims. We need to compile as much information as possible on victims in order to move forward more effectively in the development of cases。

Cat: Do you now have a general idea of the number of victims and the size of the money? Is there any truth to the fact that the community has also been circulating a screenshot of a joint police operation involving more than 1.8 billion assets in Beijing, Shanghai and Guangdong

Darcy: Our principles have always been “seeing the truth”. None of this information would have been trusted if there had been no official communication or a verifiable case number。

Because when many people hear that a case has been opened, they feel that there is no need to follow up, just wait for the results. In reality, however, there is a deliberate attempt on the part of the fraud syndicate to release “cases that have been opened” in order to paralyze the victims and then transfer the funds after they have eased their guard。

Cat: So, does it really exist that the guilty party has taken the initiative to create a false picture of what is already being done

Darcy: Yeah, it does。

Cat: Can you estimate the number of victims and the size of the funds now? The PoR it promotes is $500 million in reserves. Does this have anything to do with the true scale of the damage

Darcy: It is not yet possible to estimate accurately because the relevant addresses that can be identified and traced are currently limited。

Cat: What do you think they should do best to defend and recover the assets if they are to be given advice to the victims of the coin

Darcy: The first thing is to keep all the evidence in hand. Many of the victims would want to delete the record of the conversation after the incident, or would not like to face it again, but this would affect subsequent advocacy。

In particular, the prior deletion of user debit records and associated data from the polyester may itself be a cover-up. Victims must therefore refrain from deleting chat records, filling records, account intercepts and platform announcements, all of which are crucial。

Secondly, other victims should be contacted as soon as possible, the addresses and clues in their possession should be brought together to facilitate follow-up and financial tracking. Because the more complete the evidence and clues, the more conducive the case is, the more directly affects the possibility of eventual recovery。

Cat: Do you think there's any way to recover this case

Darcy: I believe that there is still a possibility of recovery as long as the funds remain in the chain or within the control systems of the institutions concerned。

Of course, no one will be able to do this。

Cat: A lot of people are guessing that real control and front-line figures may not be a lot, even overseas. In that case, would recovery be difficult even if a domestic case was opened

Darcy: From the cases we've been exposed to, it's really harder. In particular, it is often difficult to go down the line of “people”。

Cat: If the case is particularly large, will there be a chance of catching up with the eventual perpetrators and even crossing the border

Darcy: In general, this is still difficult to achieve。

Cat: So it's not easy to get through to the ultimate handler and beneficiary

Darcy: Yeah, so we don't usually focus on finding people, but rather on how to get the money back. After all, it is not always clear who actually controls it。

Cat: Did you find any other exchange in the POR page other than the coin

Darcy: We did do some research, but it is still under internal compliance review. There will be further internal discussions on whether and when to publish。

Cats: So, the whole of the mainstream is less problematic and more risky, or are they concentrated on three-way and four-line platforms, especially those commonly used to fund funds

Darcy: Yeah。