Ethereum is at present reporting the very best each day community progress in its historical past, a statistical surge that ostensibly indicators a large return of consumer exercise.
Over the previous week, the Ethereum mainnet processed 2.9 million transactions, a brand new all-time excessive in keeping with Token Terminal information.
This exercise was accompanied by a pointy leap in each day energetic addresses, which rose to roughly 1.3 million from roughly 0.6 million in late December.
Critically, this explosion in throughput has occurred whereas transaction prices have remained negligible. Common transaction charges have stayed within the “pennies” vary of $0.10 to $0.20 regardless of the report demand.
For a community that traditionally noticed charges spike between $50 and $200 throughout the 2021-2022 NFT increase, this represented a basic shift in financial accessibility.
Nevertheless, forensic evaluation suggests this progress is just not fully natural. Whereas floor metrics point out a bull-market revival, safety researchers warn that a good portion of this site visitors is pushed by malicious actors.
These attackers are exploiting the community’s newly lowered charges to launch industrial-scale “tackle poisoning” campaigns, focusing on customers with automated scams disguised as reputable exercise.
The scaling context
To grasp the sudden spike in quantity, one should have a look at the current structural modifications to the Ethereum protocol. For years, the community was highly effective however economically unusable for most individuals.
Leon Waidmann, head of analysis on the Onchain Basis, identified that since he entered crypto, Ethereum mainnet charges had been just too excessive for the typical consumer.
He famous the community was too costly for retail, too costly for frequent utilization, and too costly to construct consumer-scale apps.
Nevertheless, that modified about one yr in the past when Ethereum builders methodically scaled the community whereas trying to guard decentralization and safety.
This led to a few main protocol upgrades that superior the roadmap.
The primary was the Might 2025 “Pectra” improve, which elevated blob capability by elevating the goal blobs per block from 3 to six and the max from 6 to 9. This successfully doubled anticipated blob throughput.
Then, the community’s “Fusaka” improve adopted in December 2025, transport Peer Knowledge Availability Sampling (PeerDAS). This allowed validators to confirm blob availability by way of sampling somewhat than downloading your complete dataset, enabling increased throughput whereas protecting node necessities cheap.
Most not too long ago, the Blob Parameter-Solely (BPO) fork in January 2026 raised the blob goal from 10 to 14 and the max to 21. These pragmatic updates had been designed to unlock important capability for the blockchain community.
The financial results of those upgrades grew to become obvious rapidly because the community’s mainnet charges dropped sharply, and easy transactions grew to become low-cost once more.
Waidmann identified that constructing instantly on Layer 1 grew to become viable at scale, prompting prediction markets, real-world property, and funds to maneuver again to the mainnet.
On the similar time, stablecoin transfers on the community reached roughly $8 trillion within the fourth quarter.
Ethereum’s report exercise is just not including worth
Whereas the report exercise exhibits indicators of a blockchain within the ascendancy, on-chain information counsel that these actions haven’t added actual worth to the community.
Knowledge from Alhpractal exhibits that the Metcalfe Ratio, which compares market capitalization to the sq. of the variety of energetic customers, is declining. This means that valuation is just not protecting tempo with actual community adoption.
Moreover, Ethereum’s Adoption Rating is at present at degree 1, the bottom tier in its historic vary. This displays a chilly market, with valuation relative to on-chain exercise low.
Contemplating this, Matthias Seidl, the co-founder of GrowThePie, recommended that the community’s exercise improve won’t be natural.
He cited the instance of a single tackle receiving 190,000 native ETH transfers from 190,000 distinctive wallets in a single day.
Seidl famous the variety of wallets receiving native transfers is comparatively steady, however the variety of wallets sending native transfers elevated rather a lot (2x). He highlighted that many native transfers (sending vanilla ETH) use solely 21,000 gasoline, the most affordable type of EVM transaction.
These are at present accounting for nearly 50% of all transactions. Compared, sending an ERC20 token prices roughly 65,000 gasoline, and one stablecoin switch wants as a lot gasoline as three native ETH transfers.
Tackle poisoning?
In the meantime, Ethereum’s newest burst of on-chain exercise is being traced to an previous rip-off, repackaged for a cheaper-fee period.
Safety researcher Andrey Sergeenkov famous {that a} wave of address-poisoning campaigns has been exploiting low gasoline prices since December, inflating community metrics whereas seeding transaction histories with lookalike addresses designed to trick customers into sending actual funds to attackers.
The mechanics of those assaults are easy: scammers generate “poisoning” addresses that resemble a goal’s reputable pockets tackle by matching the primary and final characters. After a sufferer completes a traditional switch, the attacker sends a small “mud” transaction to the sufferer so the spoofed tackle seems of their current historical past.
The guess is that, at some later level, the consumer will copy the familiar-looking tackle from their exercise feed with out verifying the complete string.
Contemplating this, Sergeenkov ties the surge in new Ethereum addresses to that playbook. He estimates new tackle creation ran about 2.7 instances the 2025 common, with the week of Jan. 12 peaking at roughly 2.7 million new addresses.
When he decomposed the flows behind the expansion, he concluded that roughly 80% was pushed by stablecoin exercise somewhat than natural consumer demand.
To check whether or not this appeared like poisoning, Sergeenkov appeared for a telltale signature: addresses that obtained a sub-$1 stablecoin switch as their first interplay.
By his rely, 67% of the brand new addresses match that sample. In absolute phrases, he discovered 3.86 million out of 5.78 million addresses obtained “mud” as their first stablecoin transaction.
He then narrowed the search to the senders: accounts transferring lower than $1 of USDT and USDC between Dec. 15, 2025, and Jan. 18, 2026.
Sergeenkov counted distinctive recipients for every sender and filtered for these distributing to not less than 10,000 addresses. What surfaced, he says, had been good contracts designed to industrialize the marketing campaign. These are codes that may bankroll and coordinate lots of of poisoning addresses in a single transaction.
One contract he reviewed included a operate labeled `fundPoisoners`, which, in his description, disperses stablecoin mud and a small quantity of ETH for gasoline to a big batch of poisoning addresses directly.
These addresses then fan out, sending mud to thousands and thousands of potential targets to fabricate deceptive entries in pockets transaction histories.
The mannequin depends on scale as most recipients won’t ever fall for it, however the economics work if a tiny fraction do.
Sergeenkov pegs the efficient conversion fee at round 0.01%, implying the enterprise is constructed to tolerate excessive failure charges. Within the dataset he analyzed, 116 victims collectively misplaced about $740,000, with one loss accounting for $509,000 of that complete.
The gating issue has traditionally been value. Tackle poisoning calls for thousands and thousands of on-chain transactions that don’t instantly generate income until a sufferer mis-sends funds.
Sergeenkov argues that, till late 2025, Ethereum community charges made the mass-send technique more durable to justify. Nevertheless, with transaction prices roughly six-fold decrease, the risk-reward calculus shifted sharply in favor of the attacker.
Contemplating this, Sergeenkov argued that scaling Ethereum throughput with out hardening its user-facing security has created an surroundings the place “report” exercise may be indistinguishable from automated abuse.
In his view, the business’s obsession with headline community metrics dangers masking a darker actuality during which cheaper blockspace can simply subsidize mass-targeted scams as reputable adoption, leaving retail customers to bear the loss.
