Irys, a layer-1 blockchain listed on major exchanges including Coinbase, is under scrutiny after a single entity captured roughly 20% of its airdrop allocation. On November 28, blockchain analytics firm Bubblemaps said it identified about 900 wallets involved in the process. IRYS Slides After 900 Linked Wallets Take $4 Million in Airdrop Tokens According to the firm, these addresses showed no prior on-chain activity. It described the pattern as consistent with coordinated preparation rather than organic network participation. Following the distribution, the cluster network began consolidating the assets. Data shows that roughly 500 of the identified wallets transferred their IRYS allocations to intermediary addresses before routing the funds to Bitget, a centralized exchange. IRYS Token Address Clusters. Source: BubbleMaps The flow of tokens, valued at approximately $4 million, indicates a likely preparation to liquidate the position. Such a move could introduce significant sell-side pressure on the asset’s order book. IRYS price has come under pressure following the disclosures. The token has declined 16% over the past 24 hours and is trading near $0.032 as of press time. Bubblemaps noted that it found no on-chain evidence linking the IRYS team to the wallet cluster. Irys markets itself as an “on-chain AWS” designed for data storage and smart-contract execution. The protocol has raised more than $13 million from venture capital investors and listed its token this week on major exchanges, including Binance and Coinbase. Crypto Needs Stronger Sybil Protection The episode highlights a structural challenge facing crypto projects that rely on airdrops to expand ownership. Indeed, Irys allocated 8% of its total supply to the event. The goal was to distribute tokens to early users and help decentralize the network. Instead, the concentration of tokens in a single cluster shows how airdrops remain vulnerable to actors using large batches of script-generated wallets to capture outsized allocations. When one entity controls 20% of the initial circulating float, market observers say the result is heightened centralization risk and distorted price discovery. Meanwhile, incidents like this point to broader limitations in token distribution practices across permissionless ecosystems. These environments have minimal identity checks and unrestricted network access. This IRYS episode shows how difficult it is to prevent coordinated airdrop capture without stronger filtering, better identity heuristics, or more robust pre-distribution reviews. Without those safeguards, early liquidity events can disproportionately benefit short-term actors. That dynamic can weaken outcomes for long-term holders and overall network stability.Irys, a layer-1 blockchain listed on major exchanges including Coinbase, is under scrutiny after a single entity captured roughly 20% of its airdrop allocation. On November 28, blockchain analytics firm Bubblemaps said it identified about 900 wallets involved in the process. IRYS Slides After 900 Linked Wallets Take $4 Million in Airdrop Tokens According to the firm, these addresses showed no prior on-chain activity. It described the pattern as consistent with coordinated preparation rather than organic network participation. Following the distribution, the cluster network began consolidating the assets. Data shows that roughly 500 of the identified wallets transferred their IRYS allocations to intermediary addresses before routing the funds to Bitget, a centralized exchange. IRYS Token Address Clusters. Source: BubbleMaps The flow of tokens, valued at approximately $4 million, indicates a likely preparation to liquidate the position. Such a move could introduce significant sell-side pressure on the asset’s order book. IRYS price has come under pressure following the disclosures. The token has declined 16% over the past 24 hours and is trading near $0.032 as of press time. Bubblemaps noted that it found no on-chain evidence linking the IRYS team to the wallet cluster. Irys markets itself as an “on-chain AWS” designed for data storage and smart-contract execution. The protocol has raised more than $13 million from venture capital investors and listed its token this week on major exchanges, including Binance and Coinbase. Crypto Needs Stronger Sybil Protection The episode highlights a structural challenge facing crypto projects that rely on airdrops to expand ownership. Indeed, Irys allocated 8% of its total supply to the event. The goal was to distribute tokens to early users and help decentralize the network. Instead, the concentration of tokens in a single cluster shows how airdrops remain vulnerable to actors using large batches of script-generated wallets to capture outsized allocations. When one entity controls 20% of the initial circulating float, market observers say the result is heightened centralization risk and distorted price discovery. Meanwhile, incidents like this point to broader limitations in token distribution practices across permissionless ecosystems. These environments have minimal identity checks and unrestricted network access. This IRYS episode shows how difficult it is to prevent coordinated airdrop capture without stronger filtering, better identity heuristics, or more robust pre-distribution reviews. Without those safeguards, early liquidity events can disproportionately benefit short-term actors. That dynamic can weaken outcomes for long-term holders and overall network stability.