ZachXBT, 진정한 탐정인가, 위선자인가?

Recently, @zachxbt, the well-known on-chain crypto detective, seems to be standing in opposition to retail investors and the community.

Not long ago, when the @RaveDAO project token RAVE experienced a short-term surge, he publicly pointed out that addresses related to RAVE showed high token concentration, fund flows from multiple CEXs, and team-associated wallets participating in trading. He subsequently issued a bounty of $10,000, which the community later raised to $25,000, for relevant internal materials.

This move triggered market panic, causing RAVE to plummet over 90%, leading to heavy losses for many holders and sparking strong discontent in the market.

On May 6th, ZachXBT began publicly scrutinizing the on-chain addresses, token distribution, and exchange fund flows of the hot project LAB @LABtrade_, suspecting high levels of market manipulation, including price pumping and dumping. He privately messaged the founder but received no response.

Subsequently, ZachXBT issued another $10,000 bounty, seeking materials like the project founder’s passport/ID, market maker contracts, or chat logs, using the phrase "War time mode" in his statements. This move once again ignited controversy.

In fact, early on, ZachXBT consistently portrayed a positive image by standing with retail victims.

For instance, after the DeFi Summer, he exposed numerous NFT and DeFi scam projects attempting to evade regulation, protecting retail investors from potential losses in the millions of dollars. He also helped recover $275,000 from the Coinbase social engineering hack, repeatedly exposed pig butchering scam networks, collaborated with BNB Chain and Paradigm to combat fraud, and provided warnings that saved Bybit from losses. Earlier, many of the victims in the security incidents he addressed were ordinary retail investors, so he generally didn't charge fees, solidifying this positive persona.

Therefore, his recent frequent whistleblowing inevitably raises questions about his motives.

Of course, moral condemnation here is meaningless. The purpose of this article is to deconstruct Zachxbt from multiple perspectives—his background, the era, the chain of interests—hoping to interpret the essence of all his actions and view this matter rationally from a more unique angle.

How Did ZachXBT Become an "On-Chain Detective"?

I believe you can find the answer to anyone's actions in their past.

ZachXBT, whose real name is Zachary Wolk, is essentially an ordinary young American tech geek. He entered the crypto space as a retail noob during the ICO era in 2017. Like many young people, he heard stories of overnight riches and hoped to strike gold in crypto.

However, things didn't go as planned. Most of the tokens he bought in 2017, which promised to "change the world," turned out to be rug pulls. Then, in 2018, the Electrum wallet was compromised through a malicious update (you can look this up; I remember it, roughly 200 BTC lost). He lost $15,000 directly. For an ordinary young person back then, this was undoubtedly a significant sum.

Source: https://www.secrss.com/articles/7475

After being scammed and losing all his money, Zachary Wolk developed a deep hatred for crypto scammers and hackers. He taught himself on-chain data tools like Etherscan and Arkham, painstakingly tracking wallet addresses, tracing fund flows, compiling evidence, and publicly exposing scam projects on Twitter (now X platform). Of course, Zachary Wolk seemed to have discovered a new frontier.

So you see, he wasn't a born "on-chain detective." I think, essentially, it was a victim's self-rescue, but serendipitously opened a new door.

From his small-scale efforts in 2018 to the explosive bull market of 2021, he found his niche: becoming the on-chain version of a "citizen Sherlock Holmes."

Actually, 2020 was a crucial turning point. The DeFi Summer triggered a massive migration of users from exchanges to the blockchain, but the vast majority lacked the ability to analyze on-chain data. On-chain data analysts were considered highly skilled at the time.

So you have to admit, the era gave Zachary Wolk the perfect stage:

The on-chain crypto space was almost entirely unregulated at the time. Retail investors who got rekt had little choice but to accept their losses. The market desperately needed someone to "enforce justice on behalf of heaven."

Meanwhile, X platform was one of the biggest hubs for the crypto market. Acting as a traffic amplifier, it allowed the anonymous geek ZachXBT's exposés to spread rapidly across the entire industry.

Combined with the transparency of on-chain data, he had the "weapon" for a counterattack. He didn't need to rely on regulators or institutions; his own skills and persistence were enough to intimidate those who preyed on others.

So for ZachXBT, I believe this is his origin story:

Righteous heroes don't just appear out of thin air. He was an "on-chain hunter" born out of the wave of retail investors getting rekt in 2017-2018.

It's like in a lawless era, the oppressed underdog picks up a weapon to defend themselves. The weapon he picked up was on-chain data and public exposure.

Without that painful loss of $15,000, there would certainly be no ZachXBT today. And without that era of wild growth, his "detective persona" would have had no soil to thrive in.

What Do We See If We Place Him in Crypto's Chain of Interests?

In this world, human nature is like water. If the rules change, human nature changes. A person's actions are fundamentally driven by interests.

So to understand the essence of ZachXBT's actions, we must place him within the complete interest chain of the crypto world to dissect the logic.

The interest chain in crypto typically consists of three layers: upstream, midstream, and downstream:

Upstream usually includes project teams, CEXs (Binance, Bitget, BNB Chain, etc.), VCs, whales, and project insiders. They control token supply, liquidity, and trading channels, holding the discourse power in the entire chain or industry.

Midstream consists of on-chain data tools, crypto media, KOLs, and even X platform. They are the "amplifiers" of the chain, responsible for transmitting information and amplifying sentiment. They serve as "propaganda tools" for upstream players but can also become platforms for exposing dark secrets.

Downstream includes global retail investors and victims who got rekt.

They are at the end of the chain, lacking information advantages and technical capabilities, forced to follow trends passively. They become stepping stones for upstream profits and play the role of the "prey."

ZachXBT, early on, was mostly positioned as an independent on-chain investigator in a high-value node, belonging to the mid-to-downstream.

But now, he has an additional identity: a semi-official cleaner. Starting in 2025, he officially became an advisor to Paradigm. In November of the same year, he collaborated with BNB Chain to combat hacker scams.

So this new identity shifted his coordinates upwards in the chain, moving him to the mid-to-upstream.

It is this upward shift in coordinates that directly determines all his behavioral patterns. Now, are you starting to see it more clearly? Let's continue the analysis.

Continuous "Call-Out" Behavior: An Inevitability for Survival and Upward Mobility

You see, his continuous exposure of shady practices is essentially a "win-win" situation. He not only does good deeds but also earns prestige and benefits, continuously improving his position in the chain.

From a positive value perspective, he has indeed done many practical things:

Helping exchanges track hackers, exposing the Axiom insider, and collectively recovering hundreds of millions of dollars for victims and governments. In 2025, he helped the US government recover $20 million without taking a penny for himself.

However, while these actions have earned him immense industry prestige, they have also brought him tangible rewards, such as community donations (the crowdfunding from the Machi Big Brother case reached million-dollar levels), institutional collaboration offers (Paradigm advisor role), and official cooperation opportunities (BNB Chain).

Of course, the collaboration between ZachXBT and BNB Chain is quite controversial. He previously heavily criticized CEX insiders and manipulation related to Binance, but later cooperated with BNB Chain for combating scams and tracking funds.

The community calls him a "hypocrite" and "CZ shill," questioning how he can criticize centralization while accepting resources from upstream players. His response is "for a cleaner ecosystem," but the criticism hasn't stopped. This is a classic case of double standards arising from economic chain binding.

Regardless, this has allowed him to gradually move from an anonymous grassroots geek to a "semi-official" position, achieving upward mobility. This is the positive cash flow he earns in the chain through his "exposure" skill set.

Of course, we cannot ignore a core aspect:

The crypto market is fundamentally an attention economy, also a highly volatile "casino."

The more intense, faster, and more impactful the exposure, the more traffic and discourse power you gain.

Once you stop, traffic dries up, prestige declines, and you might even be eliminated from the chain.

Therefore, he needs to constantly speak out and blow the whistle to ensure he doesn't fall from the mid-to-upstream, thereby maintaining his own interests.

This leads to many of his whistleblowing actions being controversial and even hated. For example:

Publishing a long post accusing Machi Big Brother of misappropriating 22,000 ETH (worth about $38 million at the time), promoting 10+ failed projects, and manipulating Squid DAO. Machi Big Brother countersued him for defamation.

Publicly exposing 11 ETH/SOL wallet addresses (holdings exceeding $24 million) belonging to memecoin analyst Murad Mahmudov (@MustStopMurad). Many questioned why he strictly maintains his own anonymity while frequently revealing others' complete on-chain tracks, criticizing it as "information asymmetry weapon only beneficial to himself."

Publicly criticizing the Keeta testnet as "completely fake," driven by "sketchy KOLs," with suspicious supply control, causing the KTA token to drop 20-26%. After the price crashed, he deleted all related tweets (including the accusation thread), sparking accusations of "FUD and dump, then delete and run" – a classic controversial "call-out and retreat" tactic. The Keeta team responded calling it FUD and conducted a public stress test.

And also the recent RAVE incident, the LAB incident, etc.

So, as I said earlier, many curse him as a "hypocrite," but from the perspective of the economic chain, these actions are all rational. He is not a "saint" independent of the chain, but a link within it, forced to make compromises to maintain his position.

Collaborating with BNB Chain isn't "betrayal" but upstream-downstream binding – BNB Chain, as an upstream platform, provides him with more resources, more exposure, and makes his investigations more impactful.

Remaining anonymous while exposing others' information is because his core asset is "information asymmetry." Protecting himself allows him to continue surviving in this industry and avoid retaliation.

Exposing others allows him to trade for traffic and prestige, maintaining his "detective" persona.

As for deleting posts and settling, it's essentially a trade-off of interests. When accusations risk legal consequences or when more favorable collaboration terms are available, compromise becomes the most rational choice. After all, securing one's position is more important than "clinging to justice."

Source: https://www.wired.com/story/meet-zachxbt-243-million-crypto-theft/

Rules Are Like Water; He Is Just a "Natural Product" of the Chain

So, we won't engage in moral judgment, only state facts:

ZachXBT embodies the most authentic human nature – he has a sense of justice, but justice must serve survival; he has skills, but skills must be used to maintain his position; he has principles, but principles must yield to interests.

His sense of justice is real – rooted in his own scam experience in 2017, he deeply understands the pain of retail investors getting rekt. Therefore, one of his goals has always been "helping victims recover funds and punishing scammers."

But his sense of justice is not pure – within the economic chain, he must prioritize his own survival and upward mobility, leading to compromises and controversies.

He is very smart and diligent – his on-chain tracking skills are arguably world-class, allowing him to uncover hidden dark secrets from vast amounts of wallet addresses and transaction flows.

But smart people are often most easily blinded by their own position. He firmly believes, "My uncovering of wrongs is justice; questioning me is defending the guilty." This stubbornness is also part of maintaining his persona.

In truth, anyone else in his position would probably do the same.

The rules of the crypto world are like this:

Anonymity protects the strong, information asymmetry exploits the weak, and attention determines discourse power. He simply adapted to the rules, exploited them, and found his way to survive within the chain – both cleansing the industry's "toxins" and earning his own "profit," acting as both a "citizen hunter" and a "semi-official cleaner."

ZachXBT's existence is an inevitable product of the crypto market's wild growth era: With a regulatory vacuum, no industry rules, and no support for retail investors, such a "citizen hunter" was bound to emerge.

He is neither a hero nor a scammer, but the sharpest thorn in the interest chain – piercing the predators while attaching itself to the chain, both cleansing toxins and chasing profits.

His cry of "War time mode" is his normal state of survival. As long as the rules of the crypto circle remain unchanged, as long as the predatory logic of the chain remains unchanged, he won't stop – stopping would mean admitting he has been eliminated by the chain, admitting that the "crypto circle is forever a jungle."

LAB is just his latest target. There will be more.

And the war time mode never ends – perhaps it is his only way to survive within the crypto interest chain.