explaingit

freemandaily/chaintrace-forensic

Analysis updated 2026-05-18

2JavaScriptAudience · researcherComplexity · 3/5Setup · moderate

TLDR

An interactive web tool that visually traces how stolen funds moved across Ethereum wallets after the Kelp DAO exploit.

Mindmap

mindmap
  root((ChainTrace-Forensic))
    What it does
      Traces stolen funds
      Fund flow graph
      Animated simulation
    Tech stack
      Python
      PySpark
      React
    Use cases
      Blockchain forensics
      Security research
      Education
    Audience
      Security researchers
      Blockchain analysts

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Explore how funds from the Kelp DAO exploit moved between wallets

USE CASE 2

Watch an animated timeline of a laundering path unfold step by step

USE CASE 3

Study cross-chain exit patterns through bridges like Thorchain

USE CASE 4

Use the pipeline as a template for tracing other DeFi exploits

What is it built with?

PythonPySparkPandasReactViteDocker

How does it compare?

freemandaily/chaintrace-forensic901d3/ditherxyr.jsash310u/awesome-ai-stack
Stars222
LanguageJavaScriptJavaScriptJavaScript
Last pushed2026-06-20
MaintenanceActive
Setup difficultymoderatemoderateeasy
Complexity3/52/52/5
Audienceresearcherdevelopervibe coder

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · moderate Time to first run · 1h+

Requires Docker plus a PySpark environment to process the Parquet transaction data.

In plain English

ChainTrace-Forensic is an interactive web tool for tracing how stolen funds moved following the Kelp DAO exploit, a security incident in which assets were taken from a decentralized finance protocol on the Ethereum blockchain. The tool lets you visually explore the transaction trail: which wallet addresses received funds, how money was laundered through intermediary addresses, and where assets ultimately left the Ethereum network. The project has two main modes. Fund Flow shows a static graph of all identified laundering paths at once, letting you see the full picture of how money moved between wallet addresses. Simulate Flow plays the same data back as a chronological animation, activating nodes one by one as funds arrive so you can see the sequence of events unfold over time. You can scrub through this timeline interactively and click into individual addresses to see transaction totals in both ETH and USD. Behind the scenes, a data pipeline processes raw Ethereum records stored in Parquet files using PySpark for batch processing. The pipeline filters transactions against known attacker-controlled addresses, detects when funds were routed through Thorchain (a cross-chain bridge used to move assets out of Ethereum), and assigns each wallet a role: Attacker, Thorchain Exit, or Hop/Laundering Address. The final output is a graph topology file consumed by the frontend, which is built with React and HTML5 Canvas. The entire project runs in Docker for reproducibility. The tech stack uses Python with PySpark and Pandas for data processing, and React with Vite for the frontend interface. The project is intended for forensic research and educational purposes.

Copy-paste prompts

Prompt 1
Explain how ChainTrace-Forensic's fund flow graph is built from Parquet transaction data
Prompt 2
Help me adapt ChainTrace-Forensic's PySpark pipeline to trace a different exploit
Prompt 3
How does ChainTrace-Forensic classify wallets as attacker, exit, or hop addresses?
Prompt 4
Set up ChainTrace-Forensic in Docker and run it against sample data

Frequently asked questions

What is chaintrace-forensic?

An interactive web tool that visually traces how stolen funds moved across Ethereum wallets after the Kelp DAO exploit.

What language is chaintrace-forensic written in?

Mainly JavaScript. The stack also includes Python, PySpark, Pandas.

How hard is chaintrace-forensic to set up?

Setup difficulty is rated moderate, with roughly 1h+ to a first successful run.

Who is chaintrace-forensic for?

Mainly researcher.

Open on GitHub → Explain another repo

This repo across BitVibe Labs

Verify against the repo before relying on details.