Use case · $20 scan
Ethereum wallet drain — trace stolen ETH, ERC-20 & NFTs for $20
Mainnet wallet hacked? Index outbound ETH, tokens, and NFT transfers from your 0x address — fund-flow graph, CEX deposit labels, verification checklist, and abuse pack copy.
When to use Ethereum mainnet incident mode
- Unauthorized outflows from your MetaMask, Rabby, or hardware wallet on chain ID 1
- Bulk ERC-721 or ERC-20 sweeps after a malicious approval
- You need Etherscan-verified evidence for Coinbase, Binance, or Kraken abuse desks
- Not sure if loss was on Base or Arbitrum — confirm mainnet on Etherscan first
What Tracefunds indexes on Ethereum
- Native ETH, ERC-20, and NFT outbound transfers in the indexed window
- Incident-day scoping or full wallet survey
- Labeled CEX hot wallets, bridge contracts, DEX routers when public data matches
- Pattern alerts: bulk NFT sweep, split recipients, approval-style setup txs
- Fund-flow graph with click-through transaction log
What you receive
- Verification checklist — confirm before sharing
- Victim-safe brief in plain English
- Exchange abuse pack copy for labeled deposit patterns
- Share link and printable PDF export
Related modes on Ethereum
- $5 single_tx — decode one Etherscan hash only
- $10 approval audit — Revoke.cash-linked permission table
- $10 address screen — pre-send risk check on a counterparty
Honest limits
Tornado Cash and other mixer touches may end the visible path. We state limits explicitly instead of inventing onward hops.
Key terms