LUXBIN Drainer Defense — ENS Ecosystem Grant Proposal

🏛️ Public Goods
1

LUXBIN Drainer Defense — ENS Ecosystem Grant Proposal

Project Name

LUXBIN Drainer Defense

Author

Nichole Christie (@nichechristie)

Project URL

Source Code

nichechristie (Nichole Christie ) · GitHub (quantum-wallet-security)

Summary

LUXBIN Drainer Defense is a free, open-source tool that helps victims of wallet compromises rescue their ENS names and update ENS records — even when a drainer bot is actively sweeping the wallet.

When a wallet’s seed phrase is compromised, attackers deploy drainer bots that instantly sweep any ETH sent to the address. This makes it impossible for victims to execute transactions — including transferring their ENS names to safety or updating critical ENS records. Victims lose not just their funds, but their on-chain identity.

Drainer Defense solves this by pre-building rescue transactions and broadcasting them the instant ETH arrives, using aggressive gas priority and Flashbots private submission to beat the drainer bot.

This tool exists because I needed it myself. My wallet was compromised and a drainer bot prevented me from rescuing my own ENS name.

Problem

Wallet compromise is one of the most common and devastating attacks in crypto. According to Chainalysis, over $3.7 billion was stolen through crypto hacks and scams in 2024 alone. But the damage goes beyond stolen funds:

ENS names are trapped in compromised wallets. When an attacker has your seed phrase, they deploy a drainer bot that watches your wallet 24/7. The moment you send ETH to pay for gas, the bot sweeps it before your transaction can execute. This means:

  • You can’t transfer your ENS name to a safe wallet
  • You can’t update your ENS records (delegate address, description, URLs)
  • You can’t set your reverse record
  • Your on-chain identity is permanently locked in a hostile wallet

For ENS delegates, builders, and community members, losing access to their .eth name means losing their identity, reputation, and governance participation — far more valuable than the ETH itself.

Solution

LUXBIN Drainer Defense is a browser-based tool (no installation needed) that front-runs drainer bots through three capabilities:

1. ENS Name Transfer

Transfer ownership of an ENS name via NameWrapper safeTransferFrom — rescuing your .eth name from a compromised wallet to a safe one.

2. ENS Record Update

Update text records (eth.ens.delegate, description, url, avatar, etc.) via PublicResolver setText — maintaining your ENS identity even from a compromised wallet.

3. ETH Rescue

Sweep any remaining ETH to a safe wallet before the drainer bot can take it.

How It Beats the Drainer

  1. Pre-build: The rescue transaction is constructed and ready to sign before any ETH is sent
  2. Monitor: The tool polls the wallet balance every 300ms (40+ checks per Ethereum block)
  3. Instant broadcast: The moment ETH arrives, the pre-built transaction is signed and broadcast within milliseconds
  4. Priority gas: EIP-1559 transactions with aggressive priority fees outbid the drainer
  5. Flashbots Protect: Optional private transaction submission — the drainer bot literally cannot see the rescue TX in the mempool

Security Model

  • 100% client-side: Private keys never leave the browser. Zero server-side processing.
  • No accounts: No sign-up, no tracking, no data collection.
  • Open source: Every line of code is inspectable.
  • No dependencies on LUXBIN infrastructure: Uses the user’s own RPC endpoint.

Live Demo

The tool is already built, deployed, and functional:

  • Landing page explaining the tool and security model
  • Interactive 3-step tool (Connect → Configure → Execute)
  • Supports all three rescue operations
  • Dry-run mode for testing without real transactions
  • Works on Ethereum mainnet, Sepolia, and other EVM chains

Impact on the ENS Ecosystem

Direct impact

  • Rescues ENS names that would otherwise be permanently lost in compromised wallets
  • Preserves ENS delegate participation by allowing record updates from compromised wallets
  • Reduces ENS name loss — names trapped in drained wallets are names lost from the ecosystem

Broader impact

  • Increases trust in ENS: Users know there’s a recovery option if compromised
  • Educational: The tool and its documentation teach users about drainer bots and wallet security
  • Public good: Free, open-source, no vendor lock-in

Who this helps

  • ENS name holders whose wallets are compromised
  • ENS delegates who need to update records from compromised wallets
  • Anyone with assets (ENS names, records) trapped behind a drainer bot
  • Security researchers studying drainer bot behavior

Milestones & Roadmap

Already Complete (Pre-Grant)

  • Core Python CLI tool with all 3 rescue operations
  • Web application deployed on Vercel
  • ENS NameWrapper integration (safeTransferFrom)
  • ENS PublicResolver integration (setText)
  • Flashbots Protect integration
  • Dry-run testing mode
  • EIP-1559 aggressive gas strategy

Milestone 1: Security Audit & Hardening (Weeks 1-4)

  • Professional security audit of client-side code
  • Add ENS multicall support (batch multiple record updates in one TX)
  • Add ENS reverse record setting
  • Rate-limit detection and automatic backoff for RPC endpoints
  • Comprehensive test suite

Milestone 2: Enhanced ENS Support (Weeks 5-8)

  • Support for ENS name renewal from compromised wallets
  • Support for ENS subname operations
  • Support for setting the ETH address record (setAddr)
  • Transaction simulation before broadcast (estimate success probability)
  • Multi-chain support (Base, Optimism, Arbitrum)

Milestone 3: Documentation & Community (Weeks 9-12)

  • Step-by-step rescue guides with screenshots
  • Video walkthrough for non-technical users
  • Integration guide for wallets and security tools
  • Publish as reusable npm library for other ENS tools to integrate
  • Present at ENS community calls

Budget

Requesting: $25,000 USDC

Item Cost Description
Security audit $8,000 Professional audit of client-side wallet operations
Development (Milestones 1-3) $12,000 12 weeks of development, ENS feature expansion
Documentation & content $3,000 Guides, video tutorials, community outreach
Infrastructure & testing $2,000 RPC endpoints, testnet ETH, CI/CD, domain
Total $25,000

Team

Nichole Christie — Solo builder and founder of LUXBIN. Background in quantum computing, blockchain security, and full-stack development. Built the LUXBIN Quantum Wallet Security suite including quantum-secured wallet recovery, photonic blockchain infrastructure, and now Drainer Defense. Personally experienced wallet compromise, which motivated building this tool.

Why ENS Should Fund This

  1. It’s already built and working — this isn’t a proposal for something theoretical. The tool is live at https://drainer-defense-web.vercel.app
  2. It directly protects ENS names — the primary rescue operations are ENS-specific (name transfers and record updates)
  3. It’s a public good — free, open-source, no accounts, no tracking
  4. The problem is real and growing — drainer bots are increasingly sophisticated and ENS names are high-value targets
  5. The builder has skin in the game — I built this because I needed it. My own ENS records are trapped behind a drainer bot.

Links

1 Like
2

Hi there - thank you for this. Please consult the FAQ of our grant platform that we built to allocate most of our PG grants through and should there be alignment, follow the steps ENS Public Goods Builders Grants