
Scroll faces 'new witch hunt,' fur-waving groups move from on-chain to GitHub
TechFlow Selected TechFlow Selected

Scroll faces 'new witch hunt,' fur-waving groups move from on-chain to GitHub
Spamming GitHub repositories and fixing spelling errors is just a waste of time.
Author: Luccy
On February 18, Scroll's senior researcher Toghrul Maharramov posted on social media, saying, "If you spam GitHub repositories and fix spelling errors, you're just wasting your own time and ours." In this post, Toghrul Maharramov specifically called out Celestia and Starknet, accusing them of undermining crypto OSS.

Scroll’s GitHub Flooded with Spam
Toghrul Maharramov's frustration toward Celestia and Starknet stems from their decision to extend airdrops to developers and contributors.
According to Starknet’s latest airdrop criteria, developer Tom Kysar received 1,800 Starknet tokens for a single commit on Starknet’s GitHub repository—simply correcting the spelling of one word in documentation. Before Starknet token trading began, this airdrop was worth $3,200.
Kysar’s success inspired copycats who have now flooded GitHub repositories of yet-to-be-tokenized projects hoping for future airdrops, with Scroll becoming the primary target of this trend.
Recently, bounty hunters have been spamming Scroll’s GitHub repository with low-quality contributions, forcing the team to spend significant time filtering through spam. A Scroll developer noted that the “core team is stretched thin,” and this issue could “make their lives much harder.”
Although Toghrul Maharramov stated it isn’t currently a major problem, spam submissions continue to grow. According to DLNews, there are now over 1,100 issues, with 300 added within the past 24 hours. Despite the ongoing spam, Maharramov said the team has the situation under control: “Filtering out all the spam should take only a few hours.”
In reality, Tom Kysar’s minor edit to Starknet’s documentation cannot be equated with spam, and rewarding OSS contributors—as done by Celestia and Starknet—is not inherently negative. As Toghrul Maharramov intended to convey, “Even the most noble cause in crypto—rewarding open-source software contributors—can create perverse incentives that some may exploit.”
Attacking GitHub: A New Twist in Airdrop Farming
Airdrops aim to reward early users of DeFi protocols, transforming a project’s first supporters into a community that helps guide its next steps. These tokens are often used to propose changes to the project. As Toghrul Maharramov noted, “The goal of an airdrop should be to distribute your tokens to as many users meaningfully involved with your project as possible.”

Given that a small number of airdrop recipients have received rewards worth tens of thousands of dollars, the appeal of crypto airdrops has grown substantially—now a major challenge for crypto projects.
To maximize potential airdrop rewards, farmers create multiple wallet addresses, invest hundreds of hours, and deploy complex strategies to conceal their farming activities. If undetected, they can earn millions in free tokens. In June last year, a group held an offline Zksync event in Shenzhen, where over a hundred attendees collectively controlled hundreds of thousands of addresses—and the count continues to grow.
Inspired by the farming legends of OP and ARB, vast numbers of people and capital have poured into the farming ecosystem, aggressively hunting for new chains and L2s yet to launch their tokens. L2s have become the dominant playground, with hundreds of thousands or even millions of addresses generated and massive amounts of ETH deployed in meaningless interactions.
From the project side, knowing most addresses belong to bots who will farm and abandon the platform, teams attempt countermeasures. During the L2 competition boom, a significant portion of L2 transaction fees came from gas costs—which flow directly into project treasuries. Additionally, multi-chain farming made cross-chain bridges essential, with Orbiter Finance—specializing in low-cost L2 cross-chain transfers—emerging as the biggest winner. By collecting bridge fees, it earned over a million dollars monthly, with more than 90% coming from farmers.
In this game of cat and mouse, L2s profited handsomely from fees, while farming shifted from “low cost, high return” to “high cost, low return,” or even “high cost, negative return.” Many farmers ended up losing money instead of earning it, prompting numerous complaints on Twitter about an “impending collapse of farming studios.”
As the industry grows increasingly competitive, farming studios are forced to seek new opportunities. The new airdrop policies from Celestia and Starknet, along with Kysar’s thousand-dollar payout, have clearly pointed the way—shifting focus from untapped public chains and Layer2s to the GitHub repositories of untokenized projects.
Following Kysar’s example, large numbers of farmers are now spamming Scroll’s GitHub repository with low-quality contributions, then fixing trivial errors themselves—all in hopes of qualifying for a potential Scroll airdrop.
The spam attacks on Scroll’s codebase resemble Sybil attacks. Last March, Arbitrum’s billion-dollar airdrop still suffered losses of millions of dollars as thousands of Sybil attackers bypassed safeguards.
While projects have started deploying so-called “Sybil hunters” to detect and filter attackers, effectively excluding fraudsters remains difficult—especially when preserving user anonymity while ensuring one airdrop per person. Most projects are unwilling to risk excluding legitimate users like ParaSwap did, which triggered a PR backlash.
Though in the wild west of cryptocurrency, deceptive airdrop tactics are seen by some as fair play, and certain DeFi figures admire the cunning of Sybil attackers, Toghrul Maharramov hinted clearly: attacking Scroll’s repository won’t earn you an airdrop.
Join TechFlow official community to stay tuned
Telegram:https://t.me/TechFlowDaily
X (Twitter):https://x.com/TechFlowPost
X (Twitter) EN:https://x.com/BlockFlow_News










