The event that has attracted market attention and accumulated tens of millions of dollars in bets on Polymarket, “Which Crypto company will ZachXBT expose for insider trading?” has finally come to an end.
On February 26, on-chain detective ZachXBT officially released an investigation report, pointing the finger at DeFi trading platform Axiom Exchange. The report alleges that senior employees of the platform are suspected of abusing internal management privileges, illegally accessing users’ private wallet data for a long time, and turning this sensitive information into a tool for insider trading.
This article will deeply analyze the chain of evidence revealed by ZachXBT, when “on-chain transparency” is hijacked by “off-chain black box management”.
ZachXBT Exposes Axiom Exchange Insider Trading Scandal
Axiom Exchange was jointly created by founders Mist and Cal, and was selected for Y Combinator Winter Batch (W25) in early 2025. This platform has delivered a stunning cumulative revenue of over $390.00M in just one year.
However, behind the brilliant financial data, a senior business development employee named Broox Bauer is turning Axiom’s back-end tools into a private hunting ground.
According to ZachXBT’s investigation, Broox Bauer is not acting alone. He has established an organized “information monetization” process. The core of the process is Axiom’s internal control dashboard. Broox can freely query any user’s private information through promotion codes, wallet addresses, or UIDs.
Broox stated in a recording that he can “find out anything about that person,” and his operations are also highly aware of anti-reconnaissance: initially only querying 10 to 20 wallets to avoid triggering system anomaly alerts.
The locked targets are not randomly selected. For example, a KOL named Marcell became a key tracking target because he had been using his private wallet to purchase a large number of meme coins for a long time and was promoting liquidity exit to his fans. The private wallets of these traders are rarely public and have a low address reuse rate, making this information extremely valuable for arbitrage.
Establish organizations and rules, such as another Axiom employee Ryan (Ryucio) assisting in finding user information, hiring Gowno as a moderator, and compiling these private wallets into Google Sheets for tracking. These violations have lasted for more than ten months (starting in April 2025), and the chain of evidence includes back-end management screenshots of victims such as “Jerry” and “Monix”.
These materials also raised questions: Why do business development tools have cross-functional access rights? The monitoring warnings and permission isolation that should have existed obviously did not work.
Axiom’s official response still cannot hide the structural failure behind it
After the ZachXBT report was released, Axiom’s official response followed a standard public relations crisis management approach: issuing a statement expressing “shock and disappointment”, revoking permissions and launching an investigation. However, this still cannot hide the structural failure behind it. This type of event reveals the platform’s failure in permission control, rather than just the personal behavior of a single employee.
- Missing audit logs
In traditional finance or mature Web2 technology companies, any operation that accesses sensitive user data must leave a log. If a business development employee can query hundreds of wallet addresses unrelated to their business across functions, the system should trigger a warning in the first place. Axiom’s ten-month regulatory vacuum shows that its internal system may not have any “abnormal behavior detection mechanism” at all, and it is even doubtful whether “operation records” are retained.
- The scope of victims is still unclear
Axiom’s statement did not mention the scale of affected users. This raises deeper concerns: If Broox Bauer can access it, what about other employees? The report mentions that the moderator Gowno and another business development employee Ryan were accomplices in his crime, suggesting that this abuse of power may be relatively easy. When an organization’s governance structure is based on “trust” rather than “system”, the marginal cost of internal corruption is extremely low.
Permissions are just a formality? The data governance black hole of Web3 startups
Further examine the core of this scandal. The dimensions of back-end accessible data listed in the ZachXBT report are alarming: a complete list of user wallets, wallets that users are tracking, complete transaction history, wallet memo names set by users, and associated accounts. This list covers not only transaction data, but also the entire picture of a user’s complete on-chain behavior pattern.
In traditional financial institutions, access to this type of data is subject to strict “minimum necessary information principles.” Any employee must not access sensitive customer data without a clear business necessity; all access behaviors must retain auditable operation logs and be regularly checked by the compliance department.
The design logic of this mechanism is very simple: it does not rely on the personal moral standards of employees, but reduces the space for damage before problems occur through the dual constraints of technology and systems. Axiom’s back-end obviously did not meet this standard.
What is even more thought-provoking is that this type of problem is not an isolated case in Web3 startups. Rapidly expanding teams often concentrate engineering resources on product iteration, while the construction of compliance and data governance architecture is postponed or even regarded as an issue of “listing coins first”.
However, once the platform reaches a scale like Axiom, the data sensitivity that back-end tools can touch has long exceeded the early stages, while the construction of protection mechanisms often remains at the level of the initial stage.
This case also reveals a unique absurd paradox of Web3: on-chain transparency does not equal off-chain transparency. Blockchain gives transactions “anonymous transparency”. Everyone can see the flow of addresses, but it is difficult to see the entities behind them; however, the real risk occurs the moment users complete registration, bind wallets, and set memos: they hand over the most critical correspondence relationship of “I am the owner of this address” to the platform’s centralized database.
After that, anonymity gradually becomes an illusion. Once this identity is linked to more information, labeled with more tags, or even abused, on-chain transparency no longer protects users, but becomes the most accurate tool in the hands of perpetrators.
Decentralization at the protocol level is never the same as the company
Axiom’s scandal reveals more than just the personal misconduct of a few employees. It is more like a mirror, reflecting a major contradiction that the entire Web3 industry has long avoided under the narrative of “decentralization”: decentralization at the protocol level is never the same as decentralization at the company operation level.
When the core business of a platform still relies on centralized back-end systems, manual customer service, and employee judgment, the labels of “DeFi” or “Web3” are more like front-end decorations. Users believe in the immutability of smart contracts, but forget that the moment they complete personal information input and bind their wallets, they have handed over the most critical information to a completely centralized organization.
Trust is never free. In places where systems are not yet mature, the party with the most asymmetric information always bears the cost of trust.
[ChainCatcher]
Axiom Exchange Insider Scandal: When On-Chain Transparency Collides with Off-Chain Corruption
The recent investigation by respected on-chain detective ZachXBT has exposed a systemic insider trading scandal at Axiom Exchange, a platform that generated over $390 million in revenue in just one year. This isn’t merely a case of rogue employees; it represents a fundamental governance crisis that challenges the very foundation of trust in Web3 platforms.
The Scandal Unpacked
According to ZachXBT’s meticulous investigation, senior business development employee Broox Bauer established an organized “information monetization” operation leveraging Axiom’s internal dashboard. Bauer and accomplices (including employees Ryan and moderator Gowno) exploited unrestricted access to user data including private wallet addresses, tracked wallets, transaction histories, and wallet memo names—information that should be strictly protected under any reasonable data governance framework.
What makes this case particularly egregious is its scale and duration. The operation lasted over ten months (since April 2025), demonstrating not just individual misconduct but institutional failure. The perpetrators targeted high-value users like KOL Marcell, whose private wallets contained valuable trading information not publicly available. This data allowed them to front-run trades and exploit market inefficiencies before they became visible on-chain.
Market Impact and Token Price Implications
For Axiom specifically, this scandal represents an existential threat. The platform’s valuation, which was presumably based on its impressive revenue figures and Y Combinator pedigree, now faces severe de-rating. The immediate price impact on any Axiom token would likely be catastrophic, with potential for 70-80% declines similar to other major DeFi exploits.
More broadly, this case serves as a cautionary tale for the entire DeFi sector. Investors must now scrutinize centralized platforms with renewed skepticism, particularly those that have experienced rapid growth without corresponding investment in internal controls. The market may see increased volatility across exchange tokens and DeFi platforms as institutional investors reassess counterparty risks.
The Governance Paradox: On-Chain vs. Off-Chain
This scandal illuminates a critical paradox in the Web3 ecosystem: on-chain transparency does not equate to operational transparency. Blockchain technology provides transparent transaction records, but users must surrender critical off-chain information (wallet ownership correspondence, personal details) to centralized platforms to participate.
The fundamental error lies in assuming that “decentralization” at the protocol level automatically translates to decentralized operations. In reality, most DeFi platforms rely on centralized backends, manual customer service, and employee discretion—creating significant information asymmetries that can be exploited.
Systemic Risks and Vulnerabilities
The Axiom case reveals several systemic vulnerabilities across the industry:
-
Permission Control Failures: Many Web3 startups prioritize product development over robust permission systems, resulting in employees having access to far more data than necessary for their roles.
-
Audit Log Deficiencies: The absence of basic audit trails—standard in traditional finance—suggests that many crypto platforms lack even rudimentary monitoring systems.
-
Rapid Scaling Without Governance: As platforms like Axiom scale rapidly, their data governance architecture often remains primitive, creating dangerous blind spots.
-
“Trust-Based” Systems: Organizations that rely on employee trust rather than system safeguards are vulnerable to exploitation, as the marginal cost of corruption becomes extremely low.
Investment Opportunities Amidst Crisis
While this scandal presents significant risks, it also creates opportunities for platforms that get governance right. Investors should consider:
-
Platforms with Proven Data Governance: Projects that implement zero-knowledge proofs, encrypted computation, or other privacy-preserving technologies may emerge as leaders in the post-Axiom landscape.
-
Decentralized Oracles: Solutions that minimize centralized data aggregation points could see increased adoption as users seek to reduce counterparty risks.
-
Compliance-Focused Platforms: Ironically, platforms that implement stronger compliance and audit mechanisms may ultimately attract more institutional capital by reducing regulatory and reputational risks.
-
Tokenized Governance: Projects where token holders have meaningful control over platform operations and data access policies may benefit from increased trust.
The Path Forward
The Axiom scandal should serve as a catalyst for the industry to develop more robust data governance frameworks. This includes:
- Implementing “least privilege” access controls where employees can only access data necessary for their specific roles
- Establishing comprehensive audit trails for all data access
- Conducting regular third-party security assessments
- Creating transparent reporting mechanisms for data access incidents
Ultimately, the crypto market cannot afford to ignore these structural vulnerabilities. As the industry matures, platforms that fail to implement proper governance will face not just regulatory scrutiny but also market rejection from increasingly sophisticated investors.
The Axiom case is a stark reminder that in a system built on cryptographic trust, the human element remains the weakest link. Until Web3 platforms develop governance frameworks that recognize this reality, the industry will continue to face preventable scandals that undermine user confidence and slow institutional adoption.