Blockchain indexing services rely on contract events to help archive data and provide us with a record of transactions in a nice user interface, commonly referred to as a "block explorer", such as Etherscan. But malicious contracts can appear to be extremely "normal" and yet taint these events, tricking block explorers into giving unsuspecting users misleading information about the origin of the tokens. For example, a malicious user could deploy a simple ERC20 contract and "airdrop" tokens to...