Etherscan Blog
Published in

Etherscan Blog

Ethereum: the Messaging App

On 11th August, we saw the single largest cryptocurrency hack of all time. $611 million dollars were stolen from PolyNetwork. The humongous amount wasn’t the only unique characteristic of this hack. Unlike most hacks, this one had an ongoing narrative accompanying it, supplied by messages sent to and from the hacker’s address. It even had a self-published Q&A series!

In this article we take a look at the various ways Ethereum users have been using their wallets to communicate with the world and each other, looking at:

  • Input Data Messages (IDM)
  • Non-Standard IDMs
  • Verified Signatures

Input Data Messages (IDM)

IDM is the term we’re coining to describe messages sent via the Input Data field in an Ethereum transaction. The input data field is widely used to inform the blockchain on what contract calls are made as part of a transaction. Data is written in hexadecimal form which can be decoded to show the exact function being called.

Original hexadecimal input for a Uniswap V2 swap.
Same input decoded to show function parameters.

However, the same field could be used to enter hexademical data that — when converted to UTF-8 encoding — is represented as text.

Vitalik’s message on burning 90% of his SHIBA tokens.

Identifying which out of all the transactions done on Ethereum are IDMs is a challenge, as contract-interaction transactions could be converted to UTF-8 (appearing as gibberish) while those meant to be messages could have some characters incorrectly formatted (thus showing up as part-gibberish).

From the messages we could identify, their use could be categorized into:

  1. Transaction receipts/notes
  2. Description of properties (in JSON)
  3. Crypto begging
  4. Advertising
  5. Conversations

Transaction receipts/notes

The most predominant use of these messages appear to be in the form of receipts/notes. When attempting to look for common words used in IDMs involving a subset of addresses, one such example completely dwarfed every other word.

The Bitfinex 3 address has sent more than 117,000 transactions (presumably withdrawals) with this note.

Another example of receipts are from the Anyswap: BSC Bridge address. In this case, Anyswap includes the transaction hash of a user’s deposit on BSC as an IDM in the Ethereum transaction they send to the user. Users can simply copy and paste the hash into to double check their BSC deposit.

View more Anyswap transaction receipts in this dashboard.


Some addresses use IDMs to do verification. In one example, an address religiously sends itself an IDM on a daily basis.

Transactions from address 0x37d…669.

Inspecting the IDMs shows that they follow a standard JSON format. We don’t know for sure, but we can speculate that it is a daily verification of smart contracts added to a registry.

More of these JSON-embedded transactions here.

Crypto Begging

Wherever there is a popular or newly rich address, you can bet that another address will be messaging them to “help muh famili”. A sample of messages sent to Vitalik (Vb address):

Read through Vitalik’s messages here.

For those looking to ask for money, remember that your chances of success is higher if you first add value to the other party (although in this case, whether or not the funds are legitimate is a separate story).

A short story starring hanashiro.eth and PolyNetwork Exploiter 1.


In contrast to the begging messages, some entrepreneurial folks instead send IDMs to popular addresses to promote their wares. This address spammed more than 150 addresses with an IDM promoting a campaign to raise funds for “TROLL HUNTERS — the First tokenized 3D animated movie”. Unfortunately, it seems that the fundraise was not completed successfully.

Full list of promoting transactions here.

Another kind of ‘advertising’ is an address regularly posting links to their product in IDMs such that it gets picked up by crawlers like us. Folkspaper, a self-dubbed “fast-growing newspaper curated by the online community”, consistently posts links to their articles in IDMs sent to themselves.

Scroll through their list of articles.


Finally, the kind of IDMs most interesting to online busybodies like ourselves are the on-chain conversations. A ‘heart-warming’ exchange between two MEV bot operators is the best example of a productive use of two-party IDMs.

Full recap of the entire conversation.

In the space of 30 messages, the two hitherto online strangers and arbitrage competitors set up a partnership to ensure better profits for both parties and became friends!

By far the most active and interesting conversation we could find remains the one involving PolyNetwork Exploiter 1. Rewarding advice with 13.37 ETH, nurses and refugees requesting for money, encrypted messages, calling out scammer emails & the media, negotiations with the hacked project and Q&As, this conversation has it all.

81 pages of IDMs here.

Non-Standard IDMs

While most IDMs are sent simply as text, some require additional work to decode the messages.

Encrypted messages

These messages combine the public nature of blockchains and relative privacy of encrypted messages. Those who want to understand the message content would need to decrypt it.

Encrypted message sent to PolyNetwork Exploiter 1 in this transaction.

Event logs

Used by the second THORChain exploiter as a message to their target, the message requires parsing through the event logs of 6 transactions and changing the line-by-line input data view from Hex to Text. Future DeFi exploiters, please stick to the standard IDM method!

Message sent over six transactions in the same block: 1 2 3 4 5 6.


Another form of non-standard IDMs is by making the data (when converted to UTF-8) appear in byte format. For these cases, the reader would need to then convert the text from byte to string format using a tool such as this.

IDMs that appear as long series of numbers magically become human-readable.

Converted message from this transaction to the Vb address.

Verified Signatures

Another type of message uses Ethereum but is not stored on-chain. A wallet owner can sign a message using their private key to prove that the message came from the signed address. The signed message can then be verified by anyone else using tools such as Etherscan’s and Mycrypto’s.

Example of a message with Verified Signature.

Etherscan keeps a record of the messages signed using our tool. While this tool is primarily meant to allow contract creators to verify ownership of their contract, it has since been used by thousands in the community for a variety of use cases.

Why would users opt to use verified signature messages rather than IDMs? For one, these messages are not tied to a receiving address. Anyone who lands on the Verified Signatures page on Etherscan can see a list of these messages without navigating to a particular address. The UX of reading these messages is also simpler — you don’t need to convert from hexadecimal to UTF-8. Perhaps most importantly, they do not incur transaction costs the way IDMs do.

Looking through these messages, we can see that they are used for different reasons than those used in IDMs.

  • 30% of messages are used to verify their social media account.

Note: for those looking to do this to add a Public Name Tag to their address, take note that Etherscan needs to see the link to signed message on the social account to verify on both sides. An example for reference.

  • 29% of messages are used to certify ownership of addresses using a format other than Etherscan’s (example).
  • Only 9% of messages actually follow the Etherscan template (example).
  • Interestingly, as much as 1% of these messages were used to indicate shipment delivery of courier services (example)!

Other than these uses, some interesting highlights include:

… and to cap it off, what appears to be a love letter!

Due to its Turing-complete nature, Ethereum can be used for all kinds of things beyond DeFi or NFTs. Using it as a messaging app is one such example. The space for this use case is wide and under-explored. We look forward to seeing more done on this front!

How would you like to see Etherscan support Ethereum messages? Let us know.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store