GRAPE (GRP/GGT) Web4 Crypto Scam? Exposing Stephen Andrew James McCullah’s Grap3.com Pump-and-Dump

For two years he went to ground after a New Zealand High Court judge called his defamation suit a gagging writ and hit him with indemnity costs.

Now Stephen Andrew James McCullah is back on YouTube doing AMAs and pitching a new miracle: GRAPE / GRP / GGT at Grap3.com.

This time I’m not just dissecting the hype—I’m making it personal. I’m going to name, shame, and timestamp every false claim he makes. If you’re thinking about touching GRAPE, read this first.

Ashley McCullah – The New Wife Behind the GRAPE Relaunch

After vanishing for nearly two years following the collapse of LunaOne (XLN)—where over 11,000 investors lost their money—Stephen McCullah has reappeared in Missouri under a new name, a new marriage, and yet another “opportunity.” LunaOne investors were left holding worthless tokens that McCullah distributed as a supposed “credit” toward future projects that never materialised. Despite public outrage and ongoing recovery efforts, McCullah has moved on to launch his next pump-and-dump scheme: GRAPE (Grap3.com), which he claims will revolutionise blockchain and AI.

What makes this new chapter especially troubling is that McCullah has now married Ashley McCullah, a mother of four and the owner of The Betty, a hair salon in Springfield, Missouri. The marriage took place on Sunday, March 9, 2025, and shortly afterward, Ashley deleted both of her Instagram accounts. We have verified her business information, contact details, and the salon’s public location. Investigators and victims attempting to recover lost funds from LunaOne and GRAPE now have a critical lead — Stephen’s whereabouts can be traced through his new wife and her business operations.

Ashley McCullah, by association, now finds herself at the centre of an ongoing multi-million-dollar crypto investigation. As a business owner and mother, she surely understands the seriousness of these allegations and the impact Stephen’s actions have had on thousands of families. Whether she remains silent or chooses to cooperate with authorities will speak volumes. What is clear is that Stephen McCullah is no longer impossible to find — he is back in Missouri, and his trail leads directly through The Betty.

TL;DR = “Too Long; Didn’t Read.”

• McCullah’s 2023 High Court case against me collapsed the morning of a key hearing; the Court found it was brought to stifle publication, not to be tried, and awarded indemnity costs.
• His new GRAPE pitch repeats the same tactics: moving timelines, manual/custodial token swaps, audit-later promises, PR-only “news”, and physics-defying performance claims (e.g., “every user node adds 1,000 TPS”).
• Below: a short history, a receipts-backed breakdown of GRAPE’s site and AMAs, and a Quote Wall that pins him to his own words.

What the Court already said about his tactics

In 2023, in the New Zealand High Court (Christchurch), Stephen McCullah sued me for NZD $3.85m over defamation (see McCullah v De Hek [2023] (PDF)). On 22 June 2023, just before a scheduled security-for-costs hearing, he discontinued the case. On 17 August 2023, Associate Judge Paulsen found the proceeding was a “gagging writ” aimed at stifling publication—not a case to be tried—and ordered indemnity costs in my favour.

What happened between us

In late 2022 I interviewed LunaOne presale buyers and began publishing evidence about McCullah/Hyper Technologies. His lawyers sent a cease-and-desist; I refused and kept reporting. In May 2023 he filed the $3.85m defamation claim while his camp pushed smear emails and anonymous complaints. We applied for security for costs; on the morning of that hearing he folded. On 17 August 2023 the Court awarded me indemnity costs. Since then, he’s reappeared pushing GRAPE (GRP/GGT) with the same influencer/presale choreography—and I’m documenting every claim.

A short history: from “living dinosaur” PR to crypto déjà vu (receipts timeline)

2012 — Congo Kickstarter & media blitz
Launches a Kickstarter/PR push to find a “living dinosaur” and a dog-sized tarantula in the Congo (~US$29k raised). Big promises, no verifiable scientific outcome.

2018–2019 — Apollo Currency / Apollo Fintech (APL)
Markets “world’s fastest”/“all-in-one” blockchain. A Dutch court later finds Apollo breached Jelurida’s NXT license (major code reuse without compliance); Jelurida issues a public statement. Pattern begins: bold claims, messy receipts.

2020 — United Allied States (UAS) micro-nation
Promotes a “sovereign entity” project and is presented as its “first president.” Grand governance claims; little independent validation.

2020–2022 — GSX / Stratus / Gold Inc
Gold-backed claims, exchange-listing promises, and a rotating product slate. Community questions pile up about ownership of mines, listings, and deliverables.

Q3–Q4 2022 — LunaOne (XLN) presale & launch
Influencer-led presale at $0.15/token with a $0.25 listing promise. On listing, many presale buyers say tokens weren’t delivered; market opens near $0.05. A corporate post frames it as a strategic decision. Influencer videos disappear/rebrand; XLN price drifts toward pennies.

Nov–Dec 2022 — Reporting, C&D, and ownership reveal
You publish interviews with presale buyers and start compiling receipts. Harmans (for McCullah/Hyper Technologies) sends a cease-and-desist demanding takedowns. Their letter identifies HyperTech as the company behind LunaOne, contradicting prior denials circulating in the community.

Jan–Mar 2023 — Long-form exposé & lawsuit filed
You release a 4h47m breakdown tying together prior ventures, claims, and the Jelurida/Apollo license case. 9 March 2023: McCullah files a NZD $3.85m defamation suit in the NZ High Court (Christchurch).

22 June 2023 — Fold on the morning of scrutiny
On the morning of the security-for-costs hearing, McCullah discontinues his lawsuit.

17 August 2023 — Court calls it a gagging writ
Associate Judge Paulsen finds the proceeding was a “gagging writ” (brought to stifle publication, not to be tried) and awards indemnity costs against him.

2024 — “Asset rescue” narratives start to surface
Spin-offs/rebrands and side projects begin positioning themselves as solutions to prior damage—without addressing core receipts (code, audits, listings, governance, investor remediation).

2025 — GRAPE / GRP / GGT relaunch push
Reemerges with Grape (Grap3.com), claiming VINE (DAG, hundreds of thousands TPS), ANNE (AI-written smart contracts), post-quantum security, 1,000 TPS per user node, and a top-20 target in six months. Roadmap hides behind an expired SSL cert; migrations involve manual, time-boxed swaps; “news” is mostly sponsored PR; team page is marketing-heavy, engineering-light.

FourthStar: the “asset rescue” that sells you more risk

After LunaOne’s blow-ups, FourthStar appeared claiming to “buy assets” and offering token “credits” to “make the community whole.” Without signed transfer documents, independent audits, or a transparent refund program, this reads like a rebrand that pushes victims into a fresh, issuer-controlled token—not remediation.

Headline claim: “FourthStar buys LunaOne assets, offers tokens to win back the community.”
What it looks like in practice: a classic rebrand-and-rescue play—wrap prior failures in a new brand, dangle “credit/swap” offers, and migrate the community into another promoter-controlled token.

Red flags to spell out:

• No independent sale/transfer proof: If assets were “bought,” where are the contracts, escrow proofs, and IP assignments?
• Worthless-for-worthless swaps: “Credits” into a new, thin-float token with no audits or revenue = value theatre, not restitution.
• Continuity of control: If the same people (or close associates) control issuance/treasury, nothing material has changed.
• Silence on victims: Real remediation starts with public refund policies, not fresh presales.
• Compliance vacuum: Any US/EU-facing “offers” need real disclosures and, often, registration or exemptions.

Pattern at a glance

• Announce → Presell → Under-deliver → Rebrand → Recruit influencers → Threaten critics → Refund a few under NDA → Repeat.
• Control the float, control the story: issuer-run swaps, tiny circulating supply, self-funded “liquidity,” influencer pushes.
• Receipts avoided: no open code, no third-party audits, no reproducible performance, no regulator letters, no real victim remediation.

The new pitch: GRAPE / GRP / GGT

GRAPE markets itself as the “first Web3 infrastructure for a decentralized Internet,” powered by VINE (a DAG ledger claiming 700,000+ TPS) and ANNE (an AI assistant that allegedly writes smart contracts from prompts). Their “six pillars” page lists Security, Storage, Flexibility, Scalability, Compatibility, Adoption—but shows no code, no audits, no benchmarks.

1) Site hygiene is broken

• The roadmap page threw a hard browser warning (expired TLS / net::ERR_CERT_DATE_INVALID on 27 Sept 2025, NZ time).
• The roadmap copy has typos (“2o25”) and is just a list of nouns—no dates, no owners, no links.

If you can’t renew a TLS cert, you’re not shipping “post-quantum” security. You’re shipping a landing page.

2) Team page = marketing heavy, engineering light

You’ll find Influencer Director, Media & Comms, Partnerships, Community, and Support—but no CTO, no protocol/consensus leads, no cryptographers, no security/DevOps, no compliance (despite biometrics and “national payments” claims). One name has no title. No LinkedIn/GitHub/papers/patent numbers.

3) Six “pillars” with no scaffolding

• Security: “Quantum-resistant DART” + biometrics—but no algorithms named (Kyber/Dilithium/Falcon/SPHINCS+), no audits, no privacy/threat model.
• Storage (DCS): No durability math, no proofs of storage/retrievability, no erasure coding/slashing.
• Flexibility (branch-chains): Cross-domain bridge design is MIA (bridges are crypto’s #1 failure point).
• Scalability (shards): “Unlimited TPS” without cross-shard atomicity/DA/fork-choice details.
• Compatibility (interoperable NFTs): No standard named; no custody/wrapping model.
• Adoption: Listed twice; their social footprint is tiny.

“News” page reality check: PR, influencers, and a broken Bloomberg link

Grape’s “In the News” page reads like a press-release carousel, not independent reporting. Most items are syndicated PR or partner content (think Yahoo Finance reposts, BestStocks, Hackernoon/TechBullion/TechTimes, Barchart, ZyCrypto, Analytics Insight, Crypto Adventure). The one labeled Bloomberg currently doesn’t load/redirects. Net effect: what’s presented as “news” is marketing and influencer blurbs, and the flagship Bloomberg citation is non-functional.

How to check this yourself quickly: open each link → look for “sponsored/partner content” labels or identical copy across sites → confirm whether there’s a real reporter byline and editor → note if the Bloomberg item actually resolves.

“Decentralized Internet”… on WordPress?

Grape says it’s building the first Web3 infrastructure for a decentralized Internet—yet the public site is running on WordPress (standard Web2 stack). WordPress isn’t bad, but if your layer-1 can power “Web4” apps, dogfood it: host your own marketing site (or a mirror) on your network/IPFS, publish the repo, and prove uptime.

How you can confirm in seconds: view source for a WordPress generator tag, check for /wp-content, /wp-includes, or /wp-json endpoints. Pair this with the expired TLS and placeholder roadmap, and the message is: marketing first, tech later.

We read GRAPE’s Lightpaper (v0.5). Here’s what it actually claims

GRAPE pitches two “proprietary” pillars—VINE (a DAG ledger) and ANNE (an AI assistant)—to power a “Web4” stack with 700,000+ TPS, biometric login (even ECG), “quantum-resistant” encryption (DART), interoperable NFTs, decentralized cloud storage (DCS), a launchpad/DEX/marketplace, and a two-token model (GRP main coin + GGT governance). Tokenomics in this PDF show a 10,000,000 GRP total supply split 40% pre-distribution, 40% “Grape Labs,” 10% DAO, 10% rewards; “planned exchange listing price: $25,” 120-day hold with 20% APY, and 30%/20%/10% sell tariffs in the first 90 days post-stake.

Representative lines from the Lightpaper (v0.5):

• “700.000+ TPS,” “10x faster than Solana,” “unlimited scalability.”
• “Grape’s total token supply is half the BTC total supply … and the network power of most of the top 30 coins combined.”
• Biometrics including ECG for wallet access/recovery.
• “A proprietary quantum-resistant module (DART).”
• Tokenomics: total 10,000,000 GRP; 40% pre-distribution; 120-day hold + 20% APY; sell tariffs 30%/20%/10%; planned listing price $25; first exchanges: Uniswap & BitMart.

Contradictions & high-risk patterns (mapped to its own PDF)

1. Total supply conflict (Lightpaper vs. AMAs).
   The Lightpaper fixes GRP total supply at 10,000,000 with “half the BTC total supply” scarcity framing. Your recent AMAs talk about moving to 27 billion. Both can’t be true—either the PDF is obsolete, or the AMA promise is; one representation to buyers is false/outdated.
2. Price-setting + sell tariffs masquerading as “protection.”
   “Planned exchange listing price: $25,” a mandatory 120-day hold with 20% APY, then 30%/20%/10% tariffs on selling—these are issuer-controlled levers that manufacture scarcity and dampen selling, not organic market discovery. That’s market-shaping, not decentralization.
3. Extraordinary performance claims, zero methodology.
   “700,000+ TPS,” “unlimited scalability,” “top 30 combined network power”—but the PDF provides no benchmark setup, no open testnet results, no third-party audits or reproducible methodology. Until audited, these are marketing claims, not evidence.
4. “Quantum-resistant” without naming algorithms.
   DART is called “proprietary” and “quantum-resistant,” but the PDF doesn’t name a NIST-tracked scheme (e.g., CRYSTALS-Dilithium / Falcon / SPHINCS+), parameters, libraries, or audit history. Crypto-security claims without specifics are red flags.
5. Biometric wallet access/recovery (incl. ECG) = privacy & attack surface risk.
   The paper suggests restoring access via biometrics and mentions ECG. Binding your keys to biometric templates (especially ECG) raises serious privacy, revocation, and coercion issues; there’s no published threat model or independent security review.
6. Centralized control baked into economics.
   40% to “Grape Labs,” 10% to DAO, 40% pre-distribution, plus the team’s stated ability to direct listings/liquidity implies issuer dominance over supply, fees, and listings—hard to square with “Web4 decentralization.”
7. Branch-chains & fee customization = centralization risk.
   Letting projects run their own fee rules/coins on “branch-chains” can be powerful—but also fragments security and governance while concentrating discretion with the issuer who runs the factory. No governance safeguards are detailed.
8. Roadmap timing (2023–2024) vs. present reality.
   The PDF lists aggressive 2023–24 milestones (PoC VINE testnet, public testnet, DEX/Launchpad/Marketplace, mainnet/sharding, ANNE). Today, their public materials still don’t ship audits, open code, or reproducible benchmarks alongside those milestones. Treat timelines as aspirational marketing until proven.

Likely-misleading / unsupported statements (from the PDF)

• “Half the BTC total supply … with the network power of most of the top 30 coins combined.”
  This is apples-to-marketing-oranges: “network power” isn’t a defined metric, and the supply claim contradicts the 27 billion supply touted in AMAs. If GRP is moving to 27 B, the “half BTC supply” line is flatly wrong.
• “700,000+ TPS; unlimited scalability; 10x faster than Solana.”
  No setup details, no validators/client specs, no fault-testing, no independent benchmarking. Until third-party audits/benchmarks appear, regard this as unverified advertising.
• “Quantum-resistant DART.”
  No algorithms named, no parameters, no audits. Without specifics, this is not a verifiable claim.
• “Planned listing price: $25; first exchanges Uniswap & BitMart.”
  Pre-announcing a price and engineering sell tariffs is classic price-anchoring. Real markets find their price; issuers don’t pre-set it and penalize early sellers.

Bottom line for readers

The Lightpaper is heavy on grand claims and issuer control mechanisms, light on auditable evidence. Its own numbers conflict with recent public pitches. Until there are open repos, external audits, and reproducible performance reports, this reads like a marketing wrapper—not a delivered, decentralized L1.

Download the Lightpaper (v0.5)
(We archived a copy for reference. Compare every marketing line to what’s actually shipped.)

Company registration & jurisdiction: templated T&Cs, unverified issuer

GRAPE’s own Terms name “Grape, Inc., a [Seychelles] corporation”—with the jurisdiction left in square brackets throughout (e.g., “State of [Seychelles],” JAMS arbitration “in [Seychelles]”), no company number, no registered office, no directors/beneficial owners, and no regulator license.

The same Terms say the company will accept only money for issuance (“only money will be accepted”), can delay or suspend redemptions, defines a unilateral “Reversion” that lets tokens be pulled back to a company-controlled wallet with buyback pricing set at the company’s sole discretion, bans class actions, and imposes a one-year claim window. Translation: you’re sending funds to an issuer that hasn’t even cleanly stated what/where it is, while contracting away venue, collective redress, and practical recovery options if things go wrong.

Minimum proof to publish before anyone buys: certificate of incorporation + company registration number, registered office, officers/beneficial owners, up-to-date Terms with real (not placeholder) jurisdiction, and any licenses/approvals if selling to US/EU buyers.

The Quote Wall: promises vs. reality (his words, your risk)

Videos and Quotes

Supply games & insider enrichment

“We’re moving to a 27 billion supply… people that bought during presale/Binance will get about 2,700×.” — AMA #1 (~00:20–01:24)

Two-tier tokenomics that massively favour early cohorts while newer buyers get 1:1. No migration spec (snapshot, Merkle proofs, vesting, audits).

“CMC does not count anything we hold towards circulating supply.” — AMA #1 (~02:09)

Admits a large team/foundation overhang (unlock risk) while selling “tiny float” scarcity.

“GRP has half the circulating supply of Bitcoin… supply is tiny.” — AMA #6 (01:45–02:06)

Scarcity when selling, expansion when convenient. He flips between circulating vs total vs future supply to suit the pitch.

Forced, custodial swaps (on a timer)

“You’re going to have to move from Ethereum to Binance Smart Chain… a two-week period… send to an address and they’ll be sent right back.” — AMA #5 (18:52–19:27)

That’s a custodial, manual swap with a pressure deadline. Real projects run trustless, audited migration contracts and long windows.

“We should have withdrawals by the first of next week.” — AMA #1 (03:17–03:37)

Time-bound promises without contracts/audits. Pattern: “next week” talk, no receipts.

Audits & “security” (talk first, prove later)

“We will absolutely do audits… Certik and all of the biggest companies.” — AMA #1 (06:06–07:05)

He repeats “audit-soon” while publishing none. Meanwhile, the site had an expired TLS and a placeholder roadmap—Security 101 fail.

“We bought a quantum-resistant encryption a while back… carrying it forward.” — AMA #1 (04:41–05:23)

You don’t “buy encryption.” Real PQC claims name algorithms, libraries, parameters, and audits. None given.

Performance claims that defy physics

“Every single user node adds 1,000 TPS… 100M–500M TPS within possibility.” — AMA #6 (00:02–00:23)

Extraordinary scaling with no open testnet, no reproducible benchmarks, no peer review.

“The first mainnet is simple… the second mainnet is where 1,000 TPS per node comes in.” — AMA #1 (06:27–06:47)
“Running a full node adds 1,000 TPS.” — AMA #5 (06:03–06:18)

Is 1,000 TPS/node future (second mainnet) or now? He says both.

Centralized control & promised yields

“The team has absolute and total control [over supply/spend]… we’ll fund things like exchanges, gifts, partnerships.” — AMA #1 (08:28–08:46)

Issuer-controlled microcap by admission.

“We’ll have 10–15% staking and we’ll pull from the foundation funds to do that.” — AMA #5 (04:48–05:26)

Promised returns funded by the promoter (not protocol revenue) = regulatory red flag.

Hype levers: rankings, relaunches, influencers

“We’ll be a top-20 coin within six months.” — AMA #6 (pitch throughout)

Time-boxed ranking promises with zero deliverables, listings, or audits shown.

“Relaunches pump… MATIC surged 7,000%… GRP was almost $1,000… now < $3 before relaunch.” — AMA #6 (02:06–02:23)

Classic price anchoring & FOMO with thin float and issuer-controlled liquidity.

“We have a massive influencer push lined up.” — AMA #5 (10:52–11:12)

Paid hype + tiny float + admin-controlled swaps = pump conditions.

“Grape is done… only thing lacking is the transition from testnet to mainnet.” — AMA #5 (02:39–03:48)

He calls it “done” with no public repos, no testnet explorer, no audits, and a roadmap typo (“2o25”) behind an expired cert.

“Quick Buy” = issuer-run sales desk for U.S. buyers

“Buy directly… white-glove support. USA buyers choose this option.”
“A significant portion of the proceeds… goes to supporting liquidity on BitMart & Uniswap.”

Translation: they sell to you, then use your money to tend their own markets. Where are the Terms of Sale, risk factors, KYC/AML & licenses, LP addresses/locks, and market-maker disclosures? Missing.

Claim-by-claim accountability (pin this above the fold)

The minimum receipts GRAPE must publish before anyone treats it as real

1. Public repos (node/consensus, wallet, bridge, storage, contract engine) + licenses and commit history.
2. Consensus & sharding/branch specs (safety/liveness, cross-shard atomicity, DA, fork choice).
3. Audits: chain, bridge/swap, staking, wallet/biometrics—PDFs with issues + remediation.
4. Benchmarks: open testnet endpoints, reproducible scripts, third-party performance reports.
5. Token matrix: tickers, chains, contract addresses, total vs circulating, vesting/locks, snapshot blocks & Merkle proofs for all migrations (K&X/GDT→GGT; GRP ETH→BEP-20→mainnet).
6. Treasury & liquidity: multisig signers, timelocks, LP wallets, LP locks/vesting, monthly LP reports, market-maker agreements.
7. Compliance: if they claim “national payments,” a stablecoin, or “working with a country,” show licenses, regulator letters, reserve attestations.
8. Security hygiene: fixed TLS, security.txt, bug bounty, key-management & privacy (biometrics).
9. Partnership receipts: name the AI partner and the country; publish MOUs/contracts; ship working demos.

If you’ve been affected

• Document everything: screenshots, wallet addresses, TX hashes, timestamps, emails/DMs, any addresses used for manual swaps.
• Do not send tokens to custodial swap addresses without a public, audited contract.
• Report to your regulator/consumer authority if you were misled or funds are withheld.
• Share your story (with receipts). I’ll keep collating victim statements and expert reviews.

Stephen, if you’re reading this: you hid for two years. You’re back doing AMAs, and you’re repeating the same routine. I’m going to document every claim, timestamp every contradiction, and publish every missing receipt. If you’ve finally built what you say, prove it—with code, audits, benchmarks, licenses, and contracts. Otherwise, stop selling fairy tales.

Disclaimer: How This Investigation Was Conducted

This investigation relies entirely on OSINT — Open Source Intelligence — meaning every claim made here is based on publicly available records, archived web pages, corporate filings, domain data, social media activity, and open blockchain transactions. No private data, hacking, or unlawful access methods were used. OSINT is a powerful and ethical tool for exposing scams without violating privacy laws or overstepping legal boundaries.

About the Author

I’m DANNY DE HEK, a New Zealand–based YouTuber, investigative journalist, and OSINT researcher. I name and shame individuals promoting or marketing fraudulent schemes through my YOUTUBE CHANNEL. Every video I produce exposes the people behind scams, Ponzi schemes, and MLM frauds — holding them accountable in public.

My PODCAST is an extension of that work. It’s distributed across 18 major platforms — including Apple Podcasts, Spotify, Amazon Music, YouTube, and iHeartRadio — so when scammers try to hide, my content follows them everywhere. If you prefer listening to my investigations instead of watching, you’ll find them on every major podcast service.

You can BOOK ME for private consultations or SPEAKING ENGAGEMENTS, where I share first-hand experience from years of exposing large-scale fraud and helping victims recover.

“Stop losing your future to financial parasites. Subscribe. Expose. Protect.”

My work exposing crypto fraud has been featured in:

• Bloomberg Documentary (2025): A 20-minute exposé on Ponzi schemes and crypto card fraud
• News.com.au (2025): Profiled as one of the leading scam-busters in Australasia
• OpIndia (2025): Cited for uncovering Pakistani software houses linked to drug trafficking, visa scams, and global financial fraud
• The Press / Stuff.co.nz (2023): Successfully defeated $3.85M gag lawsuit; court ruled it was a vexatious attempt to silence whistleblowing
• The Guardian Australia (2023): National warning on crypto MLMs affecting Aussie families
• ABC News Australia (2023): Investigation into Blockchain Global and its collapse
• The New York Times (2022): A full two-page feature on dismantling HyperVerse and its global network
• Radio New Zealand (2022): “The Kiwi YouTuber Taking Down Crypto Scammers From His Christchurch Home”
• Otago Daily Times (2022): A profile on my investigative work and the impact of crypto fraud in New Zealand