Analysis updated 2026-05-18
Explore how funds from the Kelp DAO exploit moved between wallets
Watch an animated timeline of a laundering path unfold step by step
Study cross-chain exit patterns through bridges like Thorchain
Use the pipeline as a template for tracing other DeFi exploits
| freemandaily/chaintrace-forensic | 901d3/ditherxyr.js | ash310u/awesome-ai-stack | |
|---|---|---|---|
| Stars | 2 | 2 | 2 |
| Language | JavaScript | JavaScript | JavaScript |
| Last pushed | — | 2026-06-20 | — |
| Maintenance | — | Active | — |
| Setup difficulty | moderate | moderate | easy |
| Complexity | 3/5 | 2/5 | 2/5 |
| Audience | researcher | developer | vibe coder |
Figures from each repo's GitHub metadata at analysis time.
Requires Docker plus a PySpark environment to process the Parquet transaction data.
ChainTrace-Forensic is an interactive web tool for tracing how stolen funds moved following the Kelp DAO exploit, a security incident in which assets were taken from a decentralized finance protocol on the Ethereum blockchain. The tool lets you visually explore the transaction trail: which wallet addresses received funds, how money was laundered through intermediary addresses, and where assets ultimately left the Ethereum network. The project has two main modes. Fund Flow shows a static graph of all identified laundering paths at once, letting you see the full picture of how money moved between wallet addresses. Simulate Flow plays the same data back as a chronological animation, activating nodes one by one as funds arrive so you can see the sequence of events unfold over time. You can scrub through this timeline interactively and click into individual addresses to see transaction totals in both ETH and USD. Behind the scenes, a data pipeline processes raw Ethereum records stored in Parquet files using PySpark for batch processing. The pipeline filters transactions against known attacker-controlled addresses, detects when funds were routed through Thorchain (a cross-chain bridge used to move assets out of Ethereum), and assigns each wallet a role: Attacker, Thorchain Exit, or Hop/Laundering Address. The final output is a graph topology file consumed by the frontend, which is built with React and HTML5 Canvas. The entire project runs in Docker for reproducibility. The tech stack uses Python with PySpark and Pandas for data processing, and React with Vite for the frontend interface. The project is intended for forensic research and educational purposes.
An interactive web tool that visually traces how stolen funds moved across Ethereum wallets after the Kelp DAO exploit.
Mainly JavaScript. The stack also includes Python, PySpark, Pandas.
Setup difficulty is rated moderate, with roughly 1h+ to a first successful run.
Mainly researcher.
This repo across BitVibe Labs
Verify against the repo before relying on details.