Gladius Network Pt. 4

Gladius Network Token Distribution Debacle (Pt. 4)

Gladius Network’s Response to the SEC Announcement

Going back to the ANN thread for Gladius Network, one can see the swarm of investors that are concerned about the Gladius Network team’s lack of response, failure to communicate any solid plan to refund investors (per the SEC’s stipulations in their C&D notice), and, of course, investors are wondering where their refunds are.

Below is a post from one of the Gladius team members that was issued shortly after the SEC put out their press release in February:


With regard to the refund of tokens distributed via their token sale (as per the SEC’s mandate), Gladius states:

“All refunds will be processed in Ethereum and the GLA purchased in the ICO will be returned to Gladius. If the GLA purchased in the ICO was sold, the claimant will be entitled to the difference (if any) betwen the value of GLA at the time purchased and its value when sold, payable in ETh. There will be requirements to verify the GLA was purchased in the ICO, as well as requirements to verify sales, trades, transfers, etc.”

What is interesting is the announcement of a hefty verification as well as the demand that any $GLA (cash tag for the token sold during the ICO) be returned to the team in order for investors to receive a refund. Since the token was released via crowdsale, the team should already have all of the addresses of those that participated in the crowdfund.

To validate the statement above, Zerononcense took some time to sift out the actual contract for Gladius, which is posted very clearly on Etherscan’s website. However, before reviewing this, let us take a step back for a minute and explain a critical concept for all those following along with this report that may not be technically inclined or familiar with blockchain technology, in general.

‘Smart Contracts’ and ICOs

What is an ‘ICO’?

So at this point, it should be clear that the issue at hand, as it pertains to Gladius Network, is that they sold $12 million worth of digital tokens to investors online without registering the offering with the SEC.

This obviously constituted a significant violation of U.S. securities law (see: Securities Act of 1933).

Gladius Network sold these digital tokens to investors in an event that is known as an ‘ICO’, or “Initial Coin Offering”. As you may have guessed, the term, ‘ICO’, is analogous to the concept of an ‘IPO’ in traditional finance.

Thus, a good analogy for ‘tokens’ would be to think of them as ‘shares’ in a company. The only difference, however, is that stakeholders in this case, do not receive dividends.

Smart Contracts

This is where things get slightly more technical, but the following should break things down.

Typically, ICOs are held through what’s called a ‘smart contract’. A ‘smart contract’ is essentially computer code or a script that contains directions that govern the ICO.

In most cases, the logic is as simple as this: A) ICOGuy wants to hold an ICO for his coin, ‘GuyCoin’

B) ICOGuy has managed to generate interest from a lot of investors online. So ICOGuy decides he will hold the ICO.

C) In order to collect funds from investors in the ICO, ICOGuy creates something called a ‘smart contract’

D) ICOGuy codes the contract with the logic: “If investor A sends $5, give investor A five tokens in return.”

E) ICOGuy has the flexibility to code the contract with infinite customized settings. For example, ICOGuy might decide he wants $10 for five tokens. He may also decide he wants to set a ‘cap’ on the total number of tokens that will be produced at 10,000 tokens. Perhaps ICOGuy wants no cap on the amount of tokens produced, which would allow him to produce more tokens in the future by simply writing additional code.

What is written above sums up ICOs to a large extent (in a vastly over-simplified manner).

The only discrepancy in what was written above is that users cannot send physical cash to the ‘smart contract’. Instead, they must use cryptocurrency, like Bitcoin. However, the cryptocurrency, Ethereum, is almost always the cryptocurrency that is used in these scenarios for reasons that this report will not delve into.

Tracking Down All Crowdfund Participants Would Be Easy

Since Gladius Network held a traditional ICO, tracking down all of the participants would be easy.

The reason for this is because the Gladius Network 4ICO was held on the blockchain, thus there is a record of who sent funds to the contract on a public ledger that can be accessed, with ease, on the internet.

Once this information is accessed, all that is left to do is to parse the contract to find contributing addresses (which typically isn’t too difficult if you’re very familiar with blockchain).

The way that blockchain works is that everyone that possesses cryptocurrency has it in something that’s called a ‘wallet’. This wallet is not physical — it is digital, and it is denominated with an alphanumeric string of characters like this: 1NDyJtNTjmwk5xPNhjgAMu4HDHigtobu1s (Binance Bitcoin hot wallet).

Every wallet is associated with a ‘private key’ (pretty much the same as a password). You don’t get to choose your ‘private key’ however. Using cryptography and encryption, wallet addresses generated for users are created from the private key (i.e., your password).

The brilliance of blockchain, however, is that there is no known way to ‘reverse engineer’ someone’s private key (password) from one of these public addresses. Thus, as long as someone has the private key to a given address, that’s all that they need to spend funds. Therefore, if someone is sending or moving funds anywhere, we know that they are in possession of that wallet.

Thus, if we can find a record of all of the wallet addresses that sent cryptocurrency to Gladius Network’s contract address, then we will have found all of the individuals entitled to a refund at the same time.

What’s even better is that the blockchain also possesses a record of how much was sent and when, so there will also be no question of how much each wallet is entitled to.

To add on to the benefits of blockchain listed above, users do not need to grant ‘permission’ in order to receive funds. Therefore, Gladius Network does have the ability to source each and every single individual that contributed to them via their crowdfund and reimburse them the exact money that they contributed — even if Gladius Network lost any and all personal documentation of the crowdsale event.

In order to prove that this is true, Zerononcense will take some time to source addresses of all users that contributed to the Gladius Network crowdsale.

[Sidenote: This is also a good practice for the community, in general, because it allows investors to validate information about the project, such as the money that they have received, total tokens created, total funds on hand, etc.]

Gladius Network Ethereum Blockchain Analysis

The hyperlinked address (alphanumeric-string) with a red box around it in the picture above is the contract address for Gladius Network.

Etherscan, fortunately, has hyperlinked that address. So all one must do in order to view every single transaction related to the contract, is simply click on it, which takes us to the screen below:


At this point, however, a true analysis does get slightly more technical for those that are not familiar with how blockchain/cryptocurrency works.

Those that are technically inclined most likely noticed that there are 18,723 total transactions in the wallet. Also, those that are familiar with are aware that the Ether value (showing ‘0’) is technically correct because the transfers into the wallet are calling some function in the Gladius Network smart contract to transfer the token and when that happens, one must switch to the ‘Erc20 Token Txns’ tab.

However, putting all of that to the side, Bloxy is by far the most convenient Ethereum block explorer to use in situations like this where a contract analysis would need to be performed.

Below is a picture of the Bloxy website interface for the Gladius Network token contract that was used for their crowdsale:

While it is for the much more technically-inclined, in terms of analyzing Ethereum contracts, the site is unrivaled when it comes to conducting such investigations.

For example, in the picture above, Bloxy shows that the Gladius Network (main) token contract was created by the address 0x197f48540296b76cabe1b7c27f35767338084e03.

Keeping that address in mind will be critical to this analysis.

Closer examination of this address yields significantly greater information about the Gladius Network token and the confluence of interactions.

As seen in the picture below on Bloxy, there are a number of calls to smart contracts by the 0x197f48540296b76cabe1b7c27f35767338084e03 address that are labeled with similar names, which implies that there is more than one contract that was designed with the name ‘GLA Token’:

Notably, the 0x197f48540296b76cabe1b7c27f35767338084e03 address can also be seen receiving 1.36 million $GLA tokens and distributing 1.25 million of them:

From this point, ‘Address Statistics’ of 0x197f48540296b76cabe1b7c27f35767338084e03 were observed on Bloxy (see here).

In specific, the following metrics were obtained:

  • Currencies sent, transactions by month

  • Currencies Received by Address

  • Currencies Sent By Address

  • Function Calls by Address

  • Smart Contract Calls (Count by Month)

  • Contract Calls by Address*

  • References to the 0x197f48540296b76cabe1b7c27f35767338084e03 address by months

  • Smart Contracts Referenced in Event/Function Calls

  • All regular transactions related to 0x197f48540296b76cabe1b7c27f35767338084e03

  • All smart contract (token/ERC20) related transactions involving 0x197f48540296b76cabe1b7c27f35767338084e03

Below is an embedded airtable that compiles all of these metrics for the sake of saving space.

Data for the table above was aggregated from both Etherscan and Bloxy with reference information gleaned from a number of cited sources of documentation on Solidity and smart contract execution/creation/function that should answer relevant questions.

Connections to the 0x197f48540296b76cabe1b7c27f35767338084e03 Address

A simply way to find out this information is to trace all of the transactions in which this address created a smart contract.

Below is a list of smart contract addresses created by 0x197 :

  1. 0xf96aeb3cbe23fa29ddde0759eed5061342064031

  2. 0x57bfffd48366f78e787e167419c8c05cdb849ede (labeled Gladius: Token Sale; created on October 14th, 2017)

  3. 0x6b48744123363fbe8ed94b6b1c8d608c2a147ffb (Created 11/5; Error Warning on Etherscan indicating gas ran out during contract creation attempt — resulted in a failed attempt)

  4. 0x71d01db8d6a2fbea7f8d434599c237980c234e4c (Primary Gladius Token Contract; Created on November 5th, 2017)

In addition, it appears that this address received transactions from:

Analyzing the addresses above yields a number of wide-ranging conclusions. However, rather than listing them all, this report will continue by first looking at the general crowdsale address (where funds were collected) for Gladius Network.

That address can be found here: 0xaaf4281fd8142dc3263b3303b0a6f62d00b2d07e (notably this was the last address created after the Gladius Token address was created on November 5th).

Analyzing the Gladius Network Crowdsale

Let’s take a look at the contract below:

In the picture above, there is a ‘beneficiary address’ attached to the crowdsale — which provides yet another lead and addition to the 17 addresses identified above (excluding Gemini) that were created by Gladius Network.

Specifically, the “beneficiary address” = 0x38fe864dcb9cb039c7f3d0adc0a7efeb9c864cd9

Notably, this beneficiary address is a multisig smart contract address that was originally created by 0xc19fd2748a4d5d7906a3fb731ff6186fe526cc28 (yet another address that was not listed above).

It is worth noting that the beneficiary address was not officially added as a beneficiary address (April 23rd, 2018) until several months after the Gladius Network crowdsale address was implemented.

Going Back to the GLA Crowdsale Address

Given the fact that there are smart contract addresses that have already been identified as being affiliated with Gladius Network that were created before November 5th, 2017, it is worth sifting through publicly available information online to see when the crowdsale actually took place and how many, if there was more than one, that took place.

Given the fact that there were a host of smart contract addresses created between October 13th-15th, 2017, before another batch was released on November 5th, 2017, it appears highly likely that there was a private sale/presale before the ‘official’ ICO was launched.

In searching for corroborating information, a few noteworthy excerpts were found that confirm this hypothesis.

Specifically, a number of social media posts from Gladius Network’s own Twitter profile corroborate that there was a ‘pre-sale’:

What’s also notable is that the post above states that the public pre-sale was still active. This distinction raises the question of whether there was a private pre-sale.

That question can be answered via further smart contract analysis as well as additional online investigation.

With regards to the latter technique of online investigation, a cursory search reveals the following tweet by Gladius Network indicating that there was a pre-sale before the public sale:

Even more information about private pre-sale can be found in the following post on the Gladius Network ANN thread (from

The post above was submitted on October 31st, 2017 and it states:

“We have decided to prolong the current funding period, the private presale, by 23 days until November 23rd for a number of reasons”

Surprisingly, even the Medium article by Gladius Network regarding the private sale (which was also posted on October 31st, 2017) is still active at the time of writing and can be found here.

Below are some screenshots from the article:

With the above in mind, let’s return back to Bloxy to see what information we can glean from Gladius Network’s ‘private presale’.

As noted before, the contract that is currently being examined was created on November 5th, 2017.

Above, we can see that this contract address received 20,237 Ethereum via 1,556 contributions to this address. The other entries are irrelevant.

In addition, on the right side of the page, the ‘whitelist’ option is boxed in red to show that the number of addresses that were whitelisted matches those that contributed to the private pre-sale.

Thus, it can be said with near certainty that these 1,556 addresses are contributors to the Gladius Network ICO.

Upon clicking the link we arrive at this page:

At this point, the most useful tool for analysis would be the website, ‘Etherscan’, because it allows for a CSV download with corresponding prices at the time of transfer.

Etherscan will allow us to retrieve the following information:

  • Total Ethereum collected by Gladius Network at this crowdsale address

  • Value of Ethereum at the time of transfer

  • Value of the Gladius Network token at all stages of the sale [private presale/public presale/public sale(?)]

  • An aggregate list of all wallets that contributed to the contract address

And several additional metrics if so desired.

Before doing so, further analysis on the contract itself must be conducted.

The smart contract address reviewed above can be found here on Etherscan.

At the beginning of the transaction history, this can be seen:


The Ether values are ‘0’ because various functions are being called. As Bloxy recorded, the smart contract that was reviewed prior, on November 5th, 2017.

These transactions are as follows (oldest to most recent):

  1. Establishing smart contract crowdfund parameters [Function: setup(uint256 _start, address _token, uint256 _tokenDenominator, uint256 _percentageDenominator, uint256 _minAmountPresale, uint256 _maxAmountPresale, uint256 _minAcceptedAmountPresale, uint256 _minAmount, uint256 _maxAmount, uint256 _minAcceptedAmount)]

  2. Establishing various distribution and lock-up periods [Function: setupPhases(uint256 _baseRate, uint256[] _phaseRates, uint256[] _phasePeriods, uint256[] _phaseBonusLockupPeriods, bool[] _phaseUsesVolumeMultiplier)]

  3. Establishing payout periods for various stakeholders [Function: setupStakeholders(address[] _stakeholders, uint256[] _stakeholderEthPercentages, uint256[] _stakeholderTokenPercentages, bool[] _stakeholderTokenPayoutOverwriteReleaseDates, uint256[] _stakeholderTokenPayoutFixedReleaseDates, uint256[] _stakeholderTokenPayoutPercentages, uint256[] _stakeholderTokenPayoutVestingPeriods)]

  4. Establishing the whitelist for the crowdsale [Function: setupWhitelist(address _whitelist)]

The fifth transaction (after the smart contract TX) is perhaps the most interesting one because it ties in three wallet addresses that were previously unidentified up to this point.


In order to ‘decode’ what functions were called in the above-listed transaction, the ‘state changes’ must be viewed on EtherScan:

From there, it can be observed that there are three separate ‘storage’ addresses that were designated for the primary Gladius Network contract.

What this means in laymen’s terms are that there were three additional smart contracts that were created in this contract.

The addresses of each are shown below:

The addresses are:

These addresses have already been identified in the list of smart contracts created by Gladius Network in the prior section. However, their purpose as it relates to the ‘bigger picture’ of the Gladius Network system and token sale have not been analyzed thus far.

Analyzing the Addresses Above

A search of the first address on Etherscan leads to this page:

Some relevant details about this wallet address:

  • Etherscan shows 6,891 TX (all kinds) for this address.

  • The last TX was on January 23rd, 2018 (first transaction was on October 14th, 2017, which established this address as a smart contract).

  • The address that created this contract is the same address that created the Gladius crowdsale contract.

Brief Analysis of the Contract Itself

Below is a screenshot of the page on Etherscan that contains the actual code for the contract:

As can be seen in the photo above, the address currently being examined was established to whitelist participants.

The source code for this address can be found here (Zerononcense uploaded this): ; however, the features on Etherscan’s website ease the burden of analysis significantly.

There is nothing remarkable about the contract, but for those that are curious, a code audit can be found here:

Given what was dissected above, outlining Contract 0x1a0987a5c068ec6ce645bb897d8de4c82281deae’s primary purpose as a means of white labeling contributors for the Gladius crowdsale contract, the expectation is that all of the transactions related to 0x1a0987a5c068ec6ce645bb897d8de4c82281deae be functions that add addresses to the whitelist.

By reviewing the contract’s details on Bloxy, the following can be seen:

There is a notable discrepancy between the number of addresses that were whitelisted for the crowdsale through the 0x1a0987a5c068ec6ce645bb897d8de4c82281deae contract address set up by Gladius and the accounts that were ultimately added to the Gladius crowdsale.

Further inspection shows that, out of the 6,883 total addresses that were added to the whitelist contract, 1585 were authenticated.

Another point of interest is the ownership being transferred three times, as seen below:

The three ownership addresses are (in order):

  1. 0x197f48540296b76cabe1b7c27f35767338084e03 (Master Address for Gladius)

  2. 0xc19fd2748a4d5d7906a3fb731ff6186fe526cc28 (Ownership Address 2)

  3. 0x96ae477ad5b02921846c201403e3a300f5084423 (Ownership Address 3)

As noted before, the first address listed above is the original creator of the Gladius crowdsale contract as well as the whitelisting contract. This address has been dubbed as ‘Master Address for Gladius’ for simplicity’s sake.

The latter two addresses have yet to be unearthed in this ICO crowdsale analysis, save for the fact that 0xc19 (second address) was mentioned as the creator of the beneficiary address (0x38fe864dcb9cb039c7f3d0adc0a7efeb9c864cd9).

For the sake of semantics and clarity, they have been labeled, ‘Ownership Address 2’ and ‘Ownership Address 3’.

Ownership Address 2 (0xc19fd2748a4d5d7906a3fb731ff6186fe526cc28)

Below is a snapshot of the wallet address at the time of writing on Etherscan:

importPresaleContribution Function

In analyzing the second ownership address for Gladius, a very unique function was discovered, called the ‘importPresaleContribution’ function.

According to Bloxy, this function has only been called 27 times among all Ethereum smart contracts ever created, and each of those times was in relation to the Gladius Network Token Contract(s).

Worthy of note is the block at the bottom of the page on the image directly above that has the header, ‘_Top contributor arguments for importPresaleContribution’.

In total, this function was called 26/27 times by Ownership Address 2 and the reason why this is important to note is because there is a highly obfuscated and confusing distribution of tokens that stem from the use of this unique function.

Below is a picture of the first time that Ownership Address #2 called the function ‘importPresaleContribution’:

Deconstructing the Function Call

In order to get a better idea of what is going on when this function was called by Ownership Address 2, the diagram posted above will be stripped to its ‘bare bones’, in an attempt to reverse engineer what’s going on.

Specifically, on Bloxy, this will be done by unticking the ‘Smart Contract Calls’ and ‘References’ options directly above the graph.

See below:

Above, a transfer of 17,000GLAtokenscanbeseengoingto0x197(GladiusMasterAddress)viatheprimaryGladiusTokenContract(GLA tokens can be seen going to 0x197 (Gladius Master Address) via the primary Gladius Token Contract (GLAtokenscanbeseengoingto0x197(GladiusMasterAddress)viatheprimaryGladiusTokenContract(GLA).

From here, the ‘smart contract calls’ filter will be applied:

In the picture above, we can see that:

  • 0xc19fd (Ownership Address #2) initiates the transaction with the call to ‘GLA Crowdsale’ (0xaaf4281fd8142dc3263b3303b0a6f62d00b2d07e). Since there are two smart contracts (identified via gear icons in the picture above), this address will be called ‘GLA Crowdsale #1’.

  • After this action takes place, there are two events that transpire on the blockchain in accordance to the instructions given by 0xc19 (Ownership Address #2) to 0xaaf (GLA Crowdsale #1).

  • Those two events involve the transfer of funds (17k $GLA) [Event #1] to the Gladius Token Contract (0x71d), followed by 17k $GLA traveling from the Gladius Token Contract (0x71d) to 0x197 (Gladius Master Contract)

It should be noted that the only legitimate Gladius Network Token (i.e., the only redeemable version of Gladius Network on publicly traded networks) is 0x71d01db8d6a2fbea7f8d434599c237980c234e4c.

On the chart above, there is another iteration of the Gladius Network Token contract that is also involved in the sale that has the address: 0x4632d1c31c5d9e28e84eae0173b3afc9aca81ac8

As noted before, address 0x4632, known as the Gladius Token Address (below), was also created by the Gladius Network Master Address.

In addition, there is an alternate GLACrowdsale, TokenSale address listed on the chart below as well.

Below, is a diagram of the same transaction outlined above, except with references attached to it as well:

As can be seen above, the transaction path becomes extremely obfuscated.

In order to gather more information about the distribution of funds in this token sale, the website, ‘’ will be consulted.

When plugging in this particular transaction in, we can view the following:

What is most relevant are the contract messages, token transfers, and log entries (as well as the graphs option, which will also be viewed and analyzed).

Below are the Contract Messages:

In the picture above, we can see that 0xaaf (Original GLA Crowdsale Address) was responsible for sending making calls to:

  • 0x4632d1c31c5d9e28e84eae0173b3afc9aca81ac8 (Alternate Gladius Token)

  • 0x57bfffd48366f78e787e167419c8c05cdb849ede (Alternate GLA Crowdsale Smart Contract)

  • 0x71d01db8d6a2fbea7f8d434599c237980c234e4c (Gladius Token)

The log entries show the following:

As can be seen above, there are two different token transfers that occur in this transaction.

One of those token transfers is to the 0x197f address (Gladius Master Contract owner) and the other is to 0x71d0, which is the Gladius Token Address.

The only other entity that could be transferring tokens to the 0x71d0 address would be the pseudo-Gladius Token Address (0x463) contract address depicted above.

However, the tokens aren’t being transferred from the prior contract. Instead, the function ‘balanceof(Who’ was called in order to ascertain how many tokens had been distributed from the prior iteration of the Gladius Token Sale contract (0x463) to pre-sale purchasers.

Thus, it appears that the former Gladius Token Contract (0x463) was used as a place marker for the eventual Gladius Token Contract.

Tracking All Recipients of the ‘importPresaleContribution’ Function

To map out the flow of token transfers in a more concise manner, Zerononcense has created a table that contains the following information from the function ‘importPresaleContribution’ with regards to token transfers initiated by 0xc19fd:

Breaking Down Funds Actually Earned By Gladius

The reason for the extensive analysis into Gladius Network’s wallets, provided above, was to get to the heart of the questions of, ‘How much did Gladius Network truly raise in their ICO?’

According to the SEC (and many other public sources), Gladius Network raised a total of approximately $12.5 million in their token sale.

However, further investigation into the wallets owned by Gladius Network yields a slightly different total.

Below is a list of smart contract addresses created by 0x197 :

  1. 0xf96aeb3cbe23fa29ddde0759eed5061342064031 (no funds)

  2. 0x57bfffd48366f78e787e167419c8c05cdb849ede (labeled Gladius: Token Sale; created on October 14th, 2017)

  3. 0x6b48744123363fbe8ed94b6b1c8d608c2a147ffb (Created 11/5; Error Warning on Etherscan indicating gas ran out during contract creation attempt — resulted in a failed attempt)

  4. 0x71d01db8d6a2fbea7f8d434599c237980c234e4c (Primary Gladius Token Contract; Created on November 5th, 2017)

While the list above is formidable, the time and analysis required to answer the question of how much was raised (in Ethereum) by Gladius Network during their numerous sale phases (private presale/public presale/public sale), we will start with the first contracts that were formed by Gladius.

Analyzing the Gladius Network Master Token Address (0x197f48540296b76cabe1b7c27f35767338084e03)

Below are the internal transactions going from this wallet address:

#1 — Analyzing Funds Going to the Pre-Sale Gladius Token Contract (0x57bfffd48366f78e787e167419c8c05cdb849ede)

Going back to the Presale Gladius Token Contract, we can see below that it received 3,740.67 Ethereum (internal transactions):

The transactions above that are circled in blue will not be credited as outgoing from this address because they are being sent to another address that is already on the list of wallet addresses provided above. This is being done specifically to avoid double counting any transactions.

Apart from the other outgoing transactions going to 0x38f and 0x197, it appears that the 0x201f2 smart contract address has been used to receive funds from 0x57 in addition to several others.

Thus, it has been added to the list of wallets to analyze.

In total, the 0x57 address received

One very unique function that was encountered while breaking down the Gladius Token can be found here:

The function is called ‘importPresaleContribution’ and 0xc19fd2748a4d5d7906a3fb731ff6186fe526cc28 (address) was used to call the function. That address also belongs to Gladius. The 0xc19fd2748a4d5d7906a3fb731ff6186fe526cc28 in specific is the second address that received ownership of Gladius’ whitelisting address (0x1a0987a5c068ec6ce645bb897d8de4c82281deae).