Anti-Scam Bounty Deep Dive (Revived)

Governance
1

Background

On Nov 27, a thread was opened on the situation of anti-scam bounty. The debate got heated. Moderators subsequently locked and closed the thread. This generated controversy.

On Dec 4, Parity posted its position on forum moderation. With in it, it states:

The texts clearly show that the community should restart a new thread, about the same topic. You can therefore continue the discussion on Anti-Scam Bounty here.

Summary

It’s better to go to the original thread to see details of everything, before you reply. In addition, discourse has a “summary” button, which will give you an AI-generated summary for tldr.

Disclaimer

The author (@sorpaas) did not participate in the anti-scam bounty deep dive. This new thread is opened as a community service for anti-censorship.

1 Like
Parity's position on forum moderation
2

I take the opportunity of the post being reopen to share my discussion on Discord with @frankywild .
We keep on discussing after the initial post was closed in the Polkadot forum, Franky contacting me directly in a proactive manner.

Because yes, you can have a civil discussion with people.
And yes, you can agree to disagree without reaching any super level of toxicity, as it is currently on most open threads about governance topics.

So, as a summary, I’m fine with the answers and explanations i was given:

1/ X Badge
X badge is NOT the blue/yellow tick you can find on X accounts.

It is paid because they have people from different continents using the account, and when they didn’t have that badge, X was everytime asking for verifications and making lot of trouble for them, with that badge, X don’t ask anymore.
It’s a $166/month cost.

We can disagree about the content scope being included in the anti-scam bounty, but it’s clear on my side now. :handshake:
X management account = 800$/month, not 3250$ as i thought initially.

2/ Scope of the scams being taking down
As per the list of websites available on polkadot.js, it can be confusing to find sites with names without any relation with the ecosystem, but that doesn’t mean the ecosystem is not targeted.

Franky provided me sone example as shown below:

image
image1346×832 91.2 KB

image
image1167×900 75.6 KB

  • some of those sites are fake crypto exchanges where you can send your DOT and receive nothing in change

  • In Github repo there are many sites that even if you enter them, you can’t see any target from our ecosystem, those are not rewarded

    As a constructive feedback, i told that the bounty should showcase how they operate and what they are taking down. Just a few examples from time to time can help to have a better understanding.
    It’s a global feedback for all bounties: just showcase what you are doing. Reports are necessary, but they are “cold reports”.

    3/ Report improvements
    Most of misunderstandings, not only on my side but also on the community side, come from the report itself.
    I provided my feedbacks to Francky to improve the report, distinguinshing “Payments” and “rewards” on one hand, and indicating the frequency on the other hand (One time payment, monthly, quarterly, annually).

    It should help the readability and avoid misunderstandings. Because we all do the same mistake:

    • Take a given month
    • Sum the “rewards” per person
    • Ask questions about anomalies (or what we think to be anomalies).

    The mix between “payments” (cash out) and “rewards” (cash in) for a given person is by design wrong.

Conclusion
I let Franky add any additional details if needed but i’m happy we had a normal discussion between 2 people.

I hope the forum will stay a place of exchange, before being a place of finger pointing. We all have a responsability to maintain a good place to build.

Cheers. :innocent:

5 Likes
3

I just checked their spreadsheet. It looks much better done than the marketing bounty (where the accounting itself was even done incorrectly).

There’s a statistics page about expenses.

Screenshot 2025-12-09 at 19-53-13 Anti-Scam Bounty - Transparency Database - Google Sheets
Screenshot 2025-12-09 at 19-53-13 Anti-Scam Bounty - Transparency Database - Google Sheets1912×1593 271 KB

To me, from a brief look, things are at least reasonable. Not like marketing bounty where you’ll immediately start to have question marks the moment you open their accounting sheet.

2 Likes
4

Hi Thomas,

Thank you very much for explaining everything I explained to you by dm. That speaks very well of you.

I just want to say that, thanks to your comments, we are already making some improvements to our transparency process to make it more understandable and leave nothing up in the air for people to misinterpret the data.

Now this goes for the entire community. This is how we should all behave as the Polkadot community that we are. We should help each other instead of attacking each other for no apparent reason. At the very least, if we want Polkadot to have a bright future, those of us who have been here since the beginning must set an example for new people entering our community instead of scaring them away. Now more than ever is the time to do so.

Thanks again, and I’ll be here to answer any other questions that may arise.

4 Likes
5

Sorry but where are the proofs of those sites being taken down?.

I also would like to know how is it possible to claim thousands of takedowns per month? Is this simply a bot flagging supposedly suspicious sites? Where is the evidence — both of the sites identified and of the actual takedowns?

6

You have already been answered many times. All the proofs are in the spreadsheet (screenshots, URLscans). And the proof that a site has been taken down is as simple as going to that site and seeing that it no longer works. Anyone can do it.

Btw, who is claiming “thousands of takedowns per month”? Why are you making up the data? The average per month is around 900 sites.

7

I’m still not seeing any evidence that you were the first person to identify an allegedly malicious website or that the website was taken down specifically thanks to your actions. Do you have emails with hosting providers? Screenshots showing that you submitted a takedown report? Anything at all?

And this applies to all the ~900 supposedly malicious sites you claim to have taken down each month. I’m not trying to be distrustful — I simply want to see proof of all the work you say you’ve done.

8

Yes, you can go to our GH repo and see who was the first one who blocked that site. And yes, I have emails sent to the hosting provider/registrars for each takedown. Obviously I’m not doing hundreds of screenshots of each email because that doesn’t make any sense.

Btw, I’m not taking down 900 sites per month that’s the average counting all implementers. Did you even look at the spreadsheet?

9

Yes, I’ve seen the Excel file, but I still need to see three accredited pieces of evidence, which at the moment are missing:

  1. An image or video of the supposedly malicious website, including a brief explanation of the potential risk. This is necessary to verify that the threat is real and not just a false positive.

  2. Emails with the hosting provider proving your involvement in taking the site down — or at least a copy of a form you submitted. Something concrete that shows actual action was taken.

  3. A confirmation that the site was actually removed thanks to your intervention, not simply a list of URLs for us to check ourselves.

We cannot pay for a script that flags thousands of supposedly malicious websites without proper, verifiable evidence.