Guide: Recovering from a sybil ban: appeal process across major protocols

Getting flagged as a sybil is one of the more frustrating outcomes in airdrop farming. you spend months building on-chain history, hit the snapshot, and then the token claim page tells you your wallet has been excluded. no partial allocation, no grace period, just a flat rejection and usually a vague explanation about “clustering” or “suspicious patterns.” i’ve been through this myself across a few campaigns and watched the process play out in dozens of discord threads. the good news is that most major protocols now have formal appeal windows, and legitimate operators with clean infrastructure can sometimes recover their allocation.

this guide is for operators who run a small number of wallets (under 50) with genuine on-chain activity, proper ip separation, and no recycled addresses. if you were running a mass farming operation with shared proxies and same-day funding patterns, appeals probably won’t help you and this article is not for you. if you had a handful of wallets that got swept up in a broad sybil filter because they shared some behavioral patterns with bad actors, that’s the situation we’re addressing here.

by the end of this you’ll know how to gather the right documentation, where to submit appeals for LayerZero, Arbitrum, zkSync, and Optimism-ecosystem protocols, what to say (and what not to say), and how to track outcomes realistically.

what you need

wallet addresses that were flagged, with private key access confirmed
a transaction history export for each wallet (etherscan csv export works)
ip logs or browser profiles proving address separation, if you have them
any CEX deposit/withdrawal records linking your identity to the funding source
a clean email address not associated with prior ban disputes
approximately 2-4 hours per wallet for documentation prep
optionally: a text editor and a spreadsheet for organizing evidence

step by step

step 1: confirm you’re actually banned, not just ineligible

before you do anything, confirm the wallet is sybil-excluded rather than simply below the eligibility threshold. these are different outcomes with different remedies.

go to the protocol’s official claim page and check the error message exactly. zkSync’s airdrop checker gives specific rejection codes. LayerZero’s checker showed “sybil” or “not eligible” as distinct states during their June 2024 distribution. if the message says something like “does not meet minimum criteria,” no appeal will help because the wallet wasn’t banned, it just didn’t qualify. only proceed if the exclusion is explicitly sybil-related.

if it breaks: if the claim UI is down or unclear, check the protocol’s github repo for the raw eligibility CSV. LayerZero and Arbitrum both published these during their distributions. grep your address directly.

grep -i "0xYOUR_ADDRESS" eligibility_list.csv

step 2: find the official appeal channel

each protocol handles this differently. do not post in general discord channels or tag random team members on twitter. this signals you don’t know what you’re doing and wastes everyone’s time.

LayerZero: their June 2024 sybil process used a community-run github report system and a separate self-report form. the LayerZero sybil report on github was the canonical intake. appeals for false positives went through a google form linked in their announcement posts.
Arbitrum: appeals for the 2023 ARB airdrop exclusions went through the Arbitrum governance forum. you posted a thread with your address, explained your activity, and waited for community review.
zkSync: ZKsync Nation published their exclusion criteria and ran a dispute window via their official discord’s dedicated appeal channel for roughly 2 weeks post-snapshot.
Optimism ecosystem protocols (including OP Stack chains): these vary by the specific project, not Optimism itself. check the project’s discord and announcement channels. Velodrome, for instance, ran exclusions separately from any OP foundation process.

bookmark all of these before proceeding. the forms go offline once the appeal window closes.

if it breaks: if you can’t find an official appeal channel, the protocol may not have one. some smaller projects don’t offer appeals at all. check their documentation first before assuming one exists.

step 3: export and organize your on-chain evidence

you need to show that each wallet operated independently and had genuine economic activity, not just airdrop-hunting behavior.

export full transaction history from etherscan for each wallet as a CSV. look for: - on-chain interactions that predate any airdrop announcement by at least 3 months - gas paid from the wallet’s own balance, not funded-and-swept patterns - protocol interactions beyond the ones required for eligibility (e.g., you used the bridge for actual transfers, not just a single qualifying transaction) - if applicable, NFT purchases, governance votes, LP positions held over time

organize this into a simple spreadsheet: one row per wallet, columns for first transaction date, number of unique protocols interacted with, total gas spent, and whether the wallet received funds from a CEX or another wallet.

if it breaks: if all your wallets were funded from the same source wallet on the same day, this is the pattern that triggered the ban and the evidence will work against you. at that point your appeal chances are low without additional context.

step 4: prepare your written statement

keep this short and factual. appeals that read like emotional pleas or that deny the obvious get dismissed faster. a good statement has:

your wallet address(es)
a one-sentence summary of your activity on the protocol
the specific reason you believe the exclusion is incorrect (i.e., what pattern triggered it and why that pattern doesn’t indicate sybil behavior for your case)
links to your key transactions as evidence

do not claim to be a “long-time supporter” unless you actually have a history predating the protocol’s launch. do not reference other wallets unless you’re prepared to explain why they’re separate entities with independent ownership. do not threaten legal action. some teams read every appeal, others use filters, but aggressive or vague statements go nowhere.

for operators managing multiple wallets across browser profiles, the guide at antidetectreview.org/blog/ covers how to document your profile separation in a way that’s legible to reviewers unfamiliar with browser fingerprinting tools.

if it breaks: if you’re unsure what pattern triggered the ban, search the sybil report or exclusion methodology the protocol published. most major ones (LayerZero’s was published by Nansen, zkSync’s was done internally) include the heuristics used. match your wallet’s behavior against those heuristics specifically.

step 5: submit the appeal through the correct channel

use the form, github thread, or forum post as appropriate for the protocol. include all evidence as attachments or inline links. do not submit duplicate appeals for the same wallet. protocols log submissions and duplicates signal bad faith.

for forum-based appeals (Arbitrum), post in the correct category, use a descriptive title like “Appeal: sybil exclusion for address 0xABC123,” and reply to your own post with updates rather than creating new threads.

for form-based appeals (LayerZero style), fill every field. incomplete submissions are automatically deprioritized in most workflows.

keep a local copy of everything you submitted with the submission timestamp.

if it breaks: if the form throws an error or the forum post gets deleted, check if the appeal window has closed. most protocols have hard deadlines, often 2 weeks from the exclusion announcement. after that, there’s usually no recourse.

step 6: track the appeal window and follow up once

most protocols set a 2-4 week review period. after you submit, check the relevant announcement channel for batch update posts. LayerZero’s 2024 process published a final list of reinstated addresses after their review. do not DM team members asking for status, this is not effective and gets you muted.

if the protocol publishes a second eligibility list post-appeal and your address still isn’t on it, the decision is final. i have not seen a case where a third round of appeals worked across any major protocol.

if it breaks: if you submitted before the deadline and your address doesn’t appear in any batch update, post a follow-up question in the official appeal channel with your submission confirmation. keep it factual and short.

step 7: document the outcome and adjust your infrastructure

whether the appeal succeeds or fails, document what happened in your own records. if it succeeded, note which evidence was most likely decisive. if it failed, identify the pattern that flagged you and fix it before the next campaign.

for wallet separation, the actionable steps are covered in our guide on setting up isolated wallet infrastructure for airdrop campaigns. if your funding patterns were the issue, look at using CEX withdrawals per wallet rather than internal transfers. if ip clustering was the trigger, the multiaccounting community at multiaccountops.com/blog/ documents residential proxy setups that hold up to forensic analysis.

if it breaks: if you’re unsure what specifically caused the ban, post a technical question (without mentioning farming) in the protocol’s developer or power-user community. sometimes you can get indirect feedback on what patterns their filters target.

common pitfalls

submitting the same wallet multiple times. this is the fastest way to confirm you’re gaming the system in the reviewer’s eyes. one submission per wallet, full stop.

using the appeal to argue the methodology is unfair. the team knows their sybil filter catches some false positives. they don’t care about your philosophical objection to it. the only argument that works is “my specific wallet does not match your criteria for the following reasons.”

appealing wallets that actually were sybil wallets. if three of your five wallets are legitimately clean and two aren’t, only appeal the clean ones. appealing everything as a batch reads as a mass false-positive claim and weakens the legitimate cases.

missing the window. this is the most common failure mode. set a calendar alert the day the exclusion list is published. appeal windows close and they stay closed.

not having IP or profile separation documented. if you can’t show the wallets operated from different environments, the behavioral clustering the filter detected is hard to rebut. going forward, tools like AdsPower or Multilogin with per-profile residential proxies solve this, but they don’t help retroactively unless you have logs.

scaling this

at 10 wallets, you can handle appeals manually per the steps above. the documentation process takes maybe a weekend.

at 100 wallets, the bottleneck is evidence organization. build a spreadsheet template once and generate the evidence exports in bulk. etherscan’s CSV export can be scripted with their API if you have an API key (free tier, 5 calls/second limit per their API documentation).

at 1000 wallets, manual appeals don’t scale and protocols won’t review them seriously at that volume. your actual protection at that scale is infrastructure quality, not appeals. the time investment is better spent on pre-campaign setup: individual CEX funding sources, residential proxies, proper browser profile isolation, and staggered transaction timing. the Chainalysis sybil detection methodology overview gives a reasonable public window into what forensic tools look for at scale, which helps you understand what to avoid structurally.

where to go next

How to document your on-chain activity before an airdrop snapshot, which covers building the kind of transaction history that holds up to review
LayerZero airdrop retrospective: what actually worked, which breaks down the June 2024 distribution in detail including the sybil filter patterns
/blog/ for the full article index

Written by Xavier Fok

disclosure: this article may contain affiliate links. if you buy through them we may earn a commission at no extra cost to you. verdicts are independent of payouts. last reviewed by Xavier Fok on 2026-05-19.