Consistency beats intensity, that's the first lesson to internalize. A wallet that interacts every week for 6 months weighs more, in a protocol's eyes, than a wallet that runs 50 transactions over 3 days and then disappears. The reason is simple: eligibility algorithms look for a signal of authentic use, and authentic use is spread over time. Nobody uses a service three days in a row and then never comes back, except a rushed farmer trying to scrape a last-minute eligibility. And that's exactly what anti-Sybil filters reject.

The goal: set up reproducible daily and weekly cycles that don't depend on your mood of the day or the market weather. The metaphor that works: think of farming like a gym. Nobody gets strong by going for 8 hours one Sunday every 6 months; you get strong by going 45 minutes three times a week for a year. Same logic here.

Daily vs weekly cycle

Managing multiple wallets can multiply your chances: if a protocol filters certain addresses, you don't lose everything. If another caps the per-wallet allocation (often the case), having 3 eligible wallets is better than 1. But beware: protocols detect identical patterns with increasingly sophisticated tools. The challenge is not just having multiple wallets, it's making them independent in the eyes of a Sybil algorithm. A detected cluster equals a lost airdrop on every wallet involved. Two well-built wallets are better than twenty linked ones.

What a Sybil algorithm looks for

Near-identical transactions across multiple wallets (same amounts, same intervals), funding from a single source (one CEX depositing into 30 wallets in 5 minutes), identical gas patterns, interactions with the same contracts in the same order. Algorithms also compare activity hours (a cluster moving every day at exactly 2pm is suspicious), transaction frequency, and even "drain" wallets (the addresses to which your wallets send funds back after use).

Clean funding trail

Avoid splitting a single CEX deposit across multiple wallets in series. Use distinct sources (multiple CEX, P2P, organic gains) and introduce real delays between deposits. Bad example: you withdraw $1,000 from Binance to wallet A, then from A you send $200 to wallets B, C, D, E. Good example: wallet A is funded from Binance, wallet B from Coinbase, wallet C receives a freelance payment in USDC, all spaced several days apart. Each wallet has a plausible and independent "story".

Human behavior

Vary your amounts (not all round 100 USDC: prefer 87.42 USDC, 213 USDC, 41 USDC), your hours (not exactly 2:00pm every day), the frequency of sessions (sometimes twice in the same day, sometimes nothing for 5 days), the protocols you touch. A wallet that does exactly 3 swaps a day for 6 months is an obvious bot, even a motivated human skips days, makes mistakes, takes vacations.

Clustering tools

Protocols use Nansen, Arkham, Bubblemaps, or custom analyses based on transaction graphs that visualize the relationships between wallets. They don't try to catch 100% of Sybils (that would be infeasible), they eliminate the most obvious clusters to recover the bulk of the value. Being discreet is often enough: you don't need to be undetectable, you just need to be sufficiently less obvious than the farmers at the bottom of the ranking to pass the filter.

Funding pattern, what the algorithm sees

Don't bet everything on a single protocol, that's the golden rule of risk management applied to farming. Spread your activity across L1 and L2, between DeFi and NFTs, between mainnets and testnets. The richer your on-chain profile, the more your chances grow, and the more the risk of "missing the right airdrop" gets diluted. Out of 5 plays, two or three often fail (the project doesn't TGE, or it does but with a disappointing valuation), one is average, and one makes the year. Diversification is what turns a random strategy into a statistically winning one.

The venture capital analogy is exact: a VC fund doesn't bet everything on one startup, it backs 30 knowing that 25 will die, 4 will barely return their stake, and 1 will produce the entire return of the fund. Same in farming: plant seeds everywhere, let them grow, harvest what comes out.

The 4 axes to cover

Most drained wallets aren't drained because of a stolen private key, but because of a smart contract approval signed months earlier and forgotten. Understanding what you sign and auditing regularly is non-negotiable. This is the most important topic in this whole module: you can farm perfectly for a year and lose everything in 30 seconds with one bad signature.

To grasp the risk: when you connect your wallet to a protocol, you sign two very different types of operation. A message signature (sign-in, off-chain vote) doesn't move anything on the blockchain, it just proves you control the address. A transaction or an approval, on the other hand, modifies on-chain state and can authorize a contract to transfer your funds. These are the ones to be ultra-vigilant about. The absolute rule: if you don't understand what's displayed, you refuse, period.

The unlimited approvals trap

When you swap on a DEX, you often sign an approve that authorizes the contract to spend all your balance of a token. If that contract is later compromised, it can drain your wallet in a single call. Modern wallets (Rabby, recent MetaMask) display the approval amount, refuse unlimited approvals when possible.

Periodic audit with revoke.cash

Connect your wallet to revoke.cash or etherscan.io/tokenapprovalchecker. You'll see all active approvals and can revoke them in one click. Do this every 1-2 months, and systematically after interacting with a new protocol.

Dust attacks & booby-trapped tokens

You receive an unknown token you didn't buy. Two risks: (1) selling it via a DEX can trigger a malicious smart contract that drains your other tokens, (2) just interacting with it (even moving it) can sign an approval. Ignore it and let it rot. Some explorers let you hide the token.

Phishing & fake claim pages

The number one airdrop-related scam: a page that looks like the real site, often pushed via Google ads or Twitter. You connect, you sign "claim", and you're actually signing a setApprovalForAll or a permit. Always access claims through the protocol's official site, never through a link received by DM or ad.

Hot wallet vs cold wallet

Keep a hardware wallet (Ledger, Trezor) for your long-term reserves. Use a hot "farm" wallet with only what you're prepared to lose connected to dApps. The cold wallet's seed phrase is never typed anywhere online.

Read what you sign

A good wallet translates the transaction into human language ("You will send 100 USDC to 0x…"). If the translation is missing or unintelligible, do not sign. Rabby and MetaMask (advanced mode) do this well.

Absolute danger signals vs good habits

After an airdrop, don't panic. This is the moment when most farmers make the worst decisions of the entire cycle, because it's also the moment when emotions run highest (unexpected gain visible on screen, price moving by percentages every minute, FOMO or panic depending on the hour). Analyze the tokenomics, the vesting schedule, and market sentiment. Some tokens explode after the claim, others crash by 80% in a week. Define your plan before receiving the tokens, not in panic.

Concretely, write that plan in a file or note several days before TGE: how much you sell at claim, how much you keep, the price at which you cut the rest, the price at which you might be tempted to re-buy (very rarely a good idea). The plan written in cold blood holds up better against the emotion of the moment.

The classic post-airdrop cycle

In a volume strategy, the goal is not to predict the market but to execute cleanly while limiting losses. Each unmastered trade costs you a fraction of a percent in slippage and fees; multiplied by hundreds of trades, it drains your envelope and can leave you with a net-negative airdrop. Before each action, check the closest prices, verify liquidity depth, and make sure your order won't cross several levels of the book.

Quick reminder for beginners: the order book was explained in detail in module 1. If you don't have the mechanics in mind, jump back there before continuing. What follows assumes you know what a bid, an ask, a spread are, and the difference between maker (limit) and taker (market).

→ To buy without moving the price, your size must fit within the first row of asks. Otherwise, your order crosses several levels and you pay more at each level passed.

Anticipate the exit

Before even entering, check that you'll be able to sell back without degrading your execution price. If not, the operation mechanically results in a loss.

Spotting walls

Heavy concentrations of orders (buy/sell walls) act as reaction zones. But beware: these orders can be pulled at any time.

A trading bot is a program that executes actions automatically: opening positions, closing them, and repeating according to defined rules. In a volume strategy, it's not there to "trade better" (a bot doesn't guess better than a human) but to maintain regular, consistent activity, even when you're not in front of your screen. Its value proposition is time: it frees you from the routine, lets you farm while you sleep, travel, or work.

Honest warning: a poorly configured bot can cost you more in fees than it brings back in airdrop. Before turning it on, roughly compute the expected cost (execution fees × target volume) and compare it to the expected revenue (airdrop allocation × probability of TGE). If the ratio is unfavorable, change play or lower the volume target.