Sen. Warren vows reintroduction of AML bill that extends to DAOs and DeFi

February 15, 2023 Coin Telegraph

While the Senator did not expand on other details of the upcoming bill, she suggested that DeFi should not be exempt from AML laws.

A bi-partisan anti-money laundering (AML) bill that covers “decentralized entities” such as decentralized finance (DeFi) protocols and DAOs will soon be reintroduced to Congress, according to United States Senator Elizabeth Warren.

Warren, a vocal crypto critic, argued at the Feb. 14 Senate Banking Committee’s hearing entitled “Crypto Crash: Why Financial System Safeguards are Needed for Digital Assets” that the crypto community wants decentralized entities running on code to be exempt from AML requirements:

“In other words, they want a giant loophole for DeFi written into the law so they can launder money whenever a drug lord or a terrorist pays them to do so.”

Due to this, Warren said she would re-introduce the Digital Asset Anti-Money Laundering Act of 2022 that she first introduced on Dec. 15, 2022. It was read twice before being referred to the Senate Banking Committee and has received no further traction since.

If legislated as it was, the seven-page bill would have prohibited financial institutions from using digital asset mixers such as Tornado Cash, which are designed to obscure blockchain data.

*Senator Warren speaking at the “Crypto Crash” committee hearing on Feb. 14. Source:* *U.S. Senate Banking Committee*.

It also would have resulted in unhosted wallets, miners, and validators being required to write and implement AML policies.

The Senator noted current AML laws “don’t cover big parts of the crypto industry,” and claimed crypto exchange ShapeShift took advantage of the lack of regulation when it restructured itself as a DeFi platform in July 2021, adding:

“They said we're making this shift, quote, ‘to remove itself from regulated activity.’ Translation: Launder your money here.”

Warren claimed “big-time financial criminals love crypto,” and argued that crypto was “the method of choice for international drug traffickers,” North Korean hackers and ransomware attackers, adding:

“The crypto market took in $20 billion last year in illicit transactions, and that's only the part we know about.”

These figures are backed up by a Jan. 12 report from blockchain analytics firm Chainalysis, which found that the total cryptocurrency value received by illicit addresses reached $20.1 billion throughout 2022.

According to a United Nations official speaking at a Counter-Terrorism Committee meeting in October 2022, cash is still the preferred choice for financing terrorists although they are beginning to turn to crypto more frequently.

North Korean hackers operating with Lazarus Group have also faced headwinds attempting to use crypto with the exchanges Binance and Huobi again freezing accounts, and in the process millions worth of crypto, linked to the notorious outfit.

Binance and Huobi freeze $1.4M in crypto linked to North Korean hackers

February 15, 2023 Coin Telegraph

Binance and Huobi freeze .4M in crypto linked to North Korean hackers

accounts

The North Korean-based hacker outfit Lazarus Group resorted to different privacy mixers attempting to anonymize the stolen funds, but it didn’t work.

Cryptocurrency exchanges Binance and Huobi have again frozen accounts linked to the $100 million Harmony Horizon bridge attack on Jun. 24, 2022.

Around $1.4 million worth of crypto frozen by the trading platforms came from accounts linked to the notorious Lazarus Group operating out of North Korea.

The investigation was carried out by blockchain analytics firm Elliptic, according to a report shared by the firm on Feb. 14. However, the firm didn’t state what coins or tokens were frozen.

Exchanges @binance and @HuobiGlobal today froze accounts containing $1.4 million stolen by North Korea’s Lazarus Group. This was made possible thanks to intel from Elliptic’s real-time investigations tools and a swift response by the receiving exchanges.https://t.co/f5bVpm8yfH
— elliptic (@elliptic) February 14, 2023

Elliptic explained it passed on the intelligence to Binance and Houbi who then acted promptly to freeze the Lazarus Group-linked accounts:

“The stolen funds remained dormant until recently, when our investigators began to see them funneled through complex chains of transactions, to exchanges. By promptly notifying these platforms about these illicit deposits, they were able to suspend these accounts and freeze funds.”

Since the Harmony exploit, it has been well documented that Lazarus Group resorted to the now United States OFAC-sanctioned privacy mixer Tornado Cash in an attempt to break the transaction trail back to the original theft.

While this supposedly makes it easier to cash out funds at an exchange, Elliptic investigators were able to trace the entirety of the stolen funds sent through the mixer in this case, the report stated.

Elliptic CEO Simone Maini suggested the events showed the industry was taking on the responsibility to prevent money laundering and stop crypto from becoming a “haven” for illicit activity:

“Today, money laundering was detected and stolen funds linked to North Korea were frozen, in real time. As an industry we have the power and responsibility to prevent digital assets becoming a haven for money launderers and sanctions evaders, and ensure that they are a force for good.”

The Harmony bridge attack was also attributed to the Lazarus Group by the United States Federal Bureau of Investigation (FBI) on Jan. 24.

This isn’t the first time Binance and Huobi have cooperated together on the matter.

The two platforms managed to freeze and recover 121 Bitcoin (BTC), worth $2.5 million at the time, linked to the Harmony attack on Jan. 16.

The recovery was, however, only a fraction of the $63.5 million laundered over that weekend, according to crypto sleuth ZachXBT, which he claims was funneled through Ethereum-based privacy protocol RAILGUN before being sent off to three different exchanges:

1/2 North Korea’s Lazarus Group had a very busy weekend moving $63.5m (~41000 ETH) from the Harmony bridge hack through Railgun before consolidating funds and depositing on three different exchanges. pic.twitter.com/huDumaJeSh
— ZachXBT (@zachxbt) January 15, 2023

Recent efforts from Elliptic last week also found that Lazarus Group has laundered about $100 million in Bitcoin through “Sinbad,” which they claim to be a re-launch of the now OFAC-sanctioned privacy mixer Blender.

Lazarus Group is believed to have stolen well over $2 billion in crypto since it shifted its focus to the industry in 2017 according to estimates from Elliptic.

OFAC-compliant blocks on Ethereum hit three-month low of 47%

February 14, 2023 Coin Telegraph

Block Builders

Back in November, the percentage of Ethereum blocks complying with orders from the Office of Foreign Asset Control peaked at 79%.

The percentage of Ethereum blocks complying with orders set by the United States Office of Foreign Asset Control (OFAC) has now fallen to 47% — the lowest level since Oct. 11.

The latest milestone in reversing censorship comes nearly three months after the percentage of OFAC-compliant blocks peaked at 79% on Nov. 21.

OFAC-compliant blocks are those that exclude transactions involving parties sanctioned by the U.S. Treasury Department’s Office of Foreign Assets Control.

A fall in compliant blocks could be seen as a win for those who oppose censorship within the Ethereum ecosystem.

*Percentage of OFAC-compliant blocks following the Ethereum Merge on Sept. 15. Source.* *MEV Watch.*

Blockchain consulting firm Labrys, the creator of MEV Watch, said in a statement thathe fall may be attributed to more validators opting to use MEV-boost relays that do not censor transactions in accordance with OFAC requirements.

“In particular, the BloXroute Max Profit relay, Ultrasound Money relay and Agnostic Boost relay have picked up most of the change in market share.”

MEV-boost relays act as trusted mediators between block producers and block builders, which enables Ethereum validators to outsource their block production to other block builders.

Lachlan Feeney, the CEO of Labrys, said in a Feb. 14 statement that he’s happy with how the Ethereum community has responded to the censorship issue since it first surfaced post-Merge.

He noted the recent fall in censorship-compliant blocks was particularly notable given it was achieved without a user-activated soft fork (UASF). He noted that “many members” of the Ethereum community had called for the soft fork prior to the Merge to combat censorship.

“I am incredibly proud of the Ethereum community for the progress we have made with this issue,” said Feeney, adding:

“When we released the MevWatch tool drawing attention to a flaw within Ethereum, the community did not stick its head in the sand but instead rose to the occasion and made significant progress addressing the issue.”

However, “there is still more work to be done,” Feeney stressed.

OFAC most notably sanctioned Ether (ETH) and USD Coin (USDC) wallet addresses that transact using the Ethereum-based privacy mixing tool Tornado Cash on Aug. 8.

*A visualization of the last 100 blocks showing which are OFAC-compliant. Source.* *MEV Watch*

After the first 24 hours of Ethereum under its new proof-of-stake consensus mechanism on Sept. 16, only 9% of blocks were OFAC-censored.

However this figure sharply increased over the next two months, peaking at 79% on Nov. 21.

The percentage of OFAC-compliant blocks then hovered around the 68-75% range until Jan. 29 when it was 66%. Since then, it has steadily decreased despite a few minor spikes.

Vitalik Buterin divulges the ‘largest remaining challenge’ in Ethereum

January 23, 2023 Coin Telegraph

Coin Telegraph

While the concept of stealth addresses appears complex in theory, Buterin previously described it as a “low-tech approach” compared to other Ethereum privacy solutions.

Ethereum co-founder Vitalik Buterin has shared a possible solution to what he describes as the “largest remaining challenge” on Ethereum — privacy.

In a blog post on Jan. 20, Buterin acknowledged the need to come up with a privacy solution because by default, all information that goes onto a “public blockchain” is public too.

He then arrived at the concept of “stealth addresses” — which he said can potentially anonymize peer-to-peer transactions, nonfungible token (NFT) transfers, and Ethereum Name Service (ENS) registrations, protecting users.

An incomplete guide to stealth addresses:https://t.co/21Q18BrD30
— vitalik.eth (@VitalikButerin) January 20, 2023

In the blog post, Buterin explained how on-chain transactions can be carried out between two parties with anonymity.

Firstly, a user looking to receive assets will generate and keep a “spending key” which is then used to generate a stealth meta-address.

This address — which can be registered on ENS — is then passed onto the sender who can perform a cryptographic computation on the meta-address to generate a stealth address, which belongs to the receiver.

The sender can then transfer assets to the receiver's stealth address in addition to publishing a temporary key to confirm that the stealth address belongs to the receiver.

The effect of this is that a new stealth address is generated for each new transaction.

*Vitalik Buterin’s stick figure diagram of how a stealth address system may work. Source:* *Vitalik.ca.*

Buterin noted that a "Diffie-Hellman key exchange" in addition to a “key blinding mechanism” would need to be implemented to ensure that the link between the stealth address and the user's meta-address can't be seen publicly.

The Ethereum co-founder added that ZK-SNARKs — a cryptographic-proof technology with built-in privacy features — could transfer funds to pay transaction fees.

However Buterin emphasized that this may lead to problems of its own — at least for the short term — stating “this costs a lot of gas, an extra hundreds of thousands of gas just for a single transfer.”

Stealth addresses have long been touted as a solution to address on-chain privacy issues, which have been worked on since as early as 2014. However very few solutions have been brought to market thus far.

It also isn’t the first time Buterin has discussed the concept of stealth addresses in Ethereum.

In August 2022, he dubbed stealth addresses as a “low-tech approach” to anonymously transfer ownership of ERC-721 tokens — otherwise known as NFTs.

The Ethereum co-founder explained that the stealth address concept proposed offers privacy differently to that of the now U.S. Office of Foreign Asset Control (OFAC)-sanctioned Tornado Cash:

”Tornado Cash can hide transfers of mainstream fungible assets such as ETH or major ERC20s [...] but it's very weak at adding privacy to transfers of obscure ERC20s, and it cannot add privacy to NFT transfers at all.”

Buterin offered some advice to Web3 projects that are developing a solution:

“Basic stealth addresses can be implemented fairly quickly today, and could be a significant boost to practical user privacy on Ethereum."

"They do require some work on the wallet side to support them. That said, it is my view that wallets should start moving toward a more natively multi-address model [...] for other privacy-related reasons as well," he adde

Buterin suggested that stealth addresses may introduce “longer-term usability concerns,” such as social recovery issues. However, he is confident the problems can be properly addressed over the long-term:

“In the longer term, these problems can be solved, but the stealth address ecosystem of the long term is looking like one that would really heavily depend on zero-knowledge proofs,” he explained.

Ransom refusals hit attackers where it hurts: 40% revenue drop in 2022 — Chainalysis

January 20, 2023 Coin Telegraph

Allan Liska

A number of industry pundits believe the U.S. Office of Foreign Assets Control’s threat to impose sanctions has victims thinking twice about paying up.

Ransomware victims have seemingly had enough of the extortion, with ransomware revenues for attackers plummeting 40% to $456.8 million in 2022.

Blockchain intelligence firm Chainalysis shared the data in a Jan. 19 report, noting that the figures don’t necessarily mean the number of attacks is down from the previous year.

Instead, Chainalysis noted that companies have been forced to tighten cybersecurity measures, while ransom victims have been increasingly unwilling to pay attackers their demands.

*Total value extorted by ransomware attackers between 2017 and 2022. Source:* *Chainalysis.*

The findings formed part of Chainalysis’ 2023 Crypto Crime Report. Last year, revenue from ransomware was a whopping $602 million at the time of the 2022 report, which was later tipped up to $766 million when additional cryptocurrency wallet addresses were identified.

Chainalysis added that the nature of blockchain means that attackers are having an increasingly hard time getting away with it:

“Despite ransomware attackers’ best efforts, the transparency of the blockchain allows investigators to spot these rebranding efforts virtually as soon as they happen.”

Interestingly, ransomware attackers resorted to centralized cryptocurrency exchanges 48.3% of the time when reallocating the funds — up from 2021’s figure of 39.3%.

*Destination of funds leaving ransomware wallets between 2018 and 2022. Source:* *Chainalysis.*

Chainalysis also noted that mixer protocols such as the now OFAC-sanctioned Tornado Cash, increased from 11.6% to 15.0% in 2022.

On the other hand, fund transfers “high-risk” cryptocurrency exchanges fell from 10.9% to 6.7%.

Victims refusing to pay

In insights shared with Chainalysis, threat intelligence analyst Allan Liska of Recorded Future said that the United States Office of Foreign Assets Control’s (OFAC) advisory statement in September 2021 may partly account for the revenue fall:

“With the threat of sanctions looming, there’s the added threat of legal consequences for paying [ransomware attackers].”

A statistical analysis carried out by Bill Siegel, CEO of ransomware incident response firm Coveware also suggested ransomware victims are becoming less reluctant to pay up:

*Siegel’s probability chart suggests that ransomware victims have become increasingly unwilling to pay their attackers. Source.* *Chainalysis.*

Cybersecurity insurance firms are also tightening up their underwriting standards, Liska explained:

“Cyber insurance has really taken the lead in tightening not only who they will insure, but also what insurance payments can be used for, so they are much less likely to allow their clients to use an insurance payout to pay a ransom.”

Many firms won’t renew policies unless the insured systems are comprehensively backed up, integrate Endpoint Detection and Response security and utilize multi-authentication mechanisms, Siegel noted.

The revenue drop came despite an explosion in the number of unique ransomware strains in circulation, according to data shared by cybersecurity firm Fortinet.

However, Siegel explained that while it looks like competition in the ransomware world is increasing, many of the new strains are being carried out by the same organizations:

”The number of core individuals involved in ransomware is incredibly small versus perception, maybe a couple hundred [...] It’s the same criminals, they’re just repainting their get-away cars.”

Chainalysis also explained that the “true totals” for the figures provided in the report are likely to be much higher because not every cryptocurrency address controlled by ransomware attackers has been identified.

Sanctions couldn’t ‘pull the plug’ on Tornado Cash: Chainalysis

January 10, 2023 Coin Telegraph

chainalysis

While it has become harder to access the crypto mixer today, for better or worse, decentralization means it's near impossible to put an end to it.

Sanctions aimed at decentralized crypto mixer Tornado Cash weren’t able to completely cut off its usage, though it has hamstrung the service, a blockchain analytics firm has shared.

On Aug. 8, the Office of Foreign Assets Control (OFAC) announced sanctions against the crypto mixer for its role in the laundering of crime proceeds.

In a report published on Jan. 9, Chainalysis said the sanctions did have some effect, causing total inflows to the mixer to drop by 68% in the 30 days after the sanctions came into force.

1/ The first section preview of our 2023 Crypto Crime Report is here, and it’s all about sanctions.

In this we look at how the US’ crypto-related sanctions strategy has evolved over time and 3 of OFAC’s biggest #crypto service designations to date.https://t.co/gOp1rHOQgx
— Chainalysis (@chainalysis) January 9, 2023

However, the firm also emphasized that because Tornado Cash is a smart-contract-based decentralized platform, “no person or organization can ‘pull the plug’ as easily on Tornado Cash as they could with a centralized service.”

Chainalysis gave the example of darknet marketplace Hydra, which in contrast, saw its cryptocurrency inflows drop to zero after German police seized its servers as a result of sanctions.

Chainalysis explained that while sanctions applied to Tornado Cash saw its “front-end website taken down, its smart contracts can run indefinitely, meaning anyone can still technically use it at any time,” adding:

“That suggests sanctions against decentralized services act more as a tool to disincentivize the service’s use rather than cutting off usage completely.”

OFAC came down hard on Tornado Cash in Aug. 2022 due to concerns that individuals and groups had allegedly used the mixer to launder billions worth of crypto since 2019 including the $455 million stolen by the North Korea-affiliated Lazarus Group.

The agency then amended those sanctions in November as it cracked down on the platform even further for: “enabling malicious cyber activities, which ultimately support the DPRK’s [weapons of mass destruction] program.“

In its latest report, Chainalsis’ research indicated that illicit use of Tornado Cash was primarily related to crypto hacks and scams, with a rough average of 34% of all inflows being attributed to having originated from such.

While the sanctions could not stop the mixer entirely, it did effectively work to spook people away from using that platform, with total inflows dropping by 68% in the following month.

Specific figures are not given, however the chart shows that daily inflows were at times hitting nearly $25 million per day in the 30 days prior to the sanctions, and then subsequently dropped under $5 million per day in the aftermath.

*before and after Inflows for sanctioned plaforms: Chainalysis*

“Those incentives appear to have been powerful, as its inflows fell 68% in the 30 days following its designation. That’s especially important here given that Tornado Cash is a mixer, and mixers become less effective for money laundering the less funds they receive overall,” the report reads.

This week, a separate report from blockchain security firm SlowMist also gave some indications about the type of money that flowed through Tornado Cash in 2022. According to the firm’s research, 1,233,129 Ether (ETH) worth $1.62 billion was deposited into the platform last year, with 1,283,186 ETH pulled out ($1.7 billion).

3/ TornadoCash: In 2022, users deposited a total of 1,233,129 ETH to it and withdrew 1,283,186 ETH from it.

ChipMixer: In 2022, users deposited a total of 40,065.33 BTC to it and withdrew 22,582.44 BTC from it.

View the full PDF report for additional details. pic.twitter.com/ib2KnnpN9b
— SlowMist (@SlowMist_Team) January 9, 2023

Into the storm: The murky world of cryptocurrency mixers

December 7, 2022 Coin Telegraph

Coin Telegraph

A handful of obfuscation protocols are competing for the user base of OFAC-sanctioned Tornado Cash.

Cryptocurrency mixing services are a divisive subject in the industry. Some advocate for the privacy-enabling features of these protocols while others maintain that they are mainly used for illicit means.

For platforms like Tornado Cash, the mainstream verdict is “guilty as charged.” The infamous decentralized mixing protocol was sanctioned by the United States Office of Foreign Assets Control (OFAC) in August 2022, essentially making it illegal for anyone to make use of the service.

Tornado Cash continues to be a contentious topic and one of its developers, Alexey Pertsev, controversially remains in detention in the Netherlands while investigators look to build a case against the Russian developer and his alleged role in the mixer’s operation.

In a proverbial sense, one man’s loss is another man’s gain and that seems to be the case for cryptocurrency mixers according to a report from blockchain analytics firm Elliptic.

A blow to money-laundering operations

As highlighted in its analysis, Elliptic reveals that over $7 billion worth of cryptocurrencies were processed by Tornado Cash. An estimated $1.54 billion of illicit cryptocurrency was laundered through the platform, with a user base that included the likes of North Korean Lazarus Group state hackers.

In the wake of OFAC’s sanctions, Tornado Cash liquidity pools saw their holdings drop by 60% which is said to have drastically reduced the anonymizing potential of the platform for large-scale money laundering operations.

With Tornado Cash ostensibly shut down, a number of alternative mixing services have been identified as potential threats to cryptocurrency service providers and criminal investigators. Elliptic highlights six different protocols that have been used as mixers in the wake of Tornado Cash’s prohibition.

Not all mixers are being used for illicit means

Elliptic’s report unpacks how these mixer protocols operate in different ways and provide a variety of outcomes for potential users. A top-down view shows that these obfuscation protocols have mixed over $41 million of cryptocurrency, which pales in comparison to the total amount that was processed by Tornado Cash.

Ether (ETH), BNB (BNB), Wrapped Ether (wETH) and Tether (USDT) are the most commonly mixed tokens, given their usability within decentralized finance (DeFi). Elliptic’s figures notably exclude Polygon-based tokens.

Two particular protocols account for the highest mixing capacity of the tools analyzed and as a result, make up three-quarters of the cryptocurrency mixed.

The first is Railgun, a decentralized protocol that, according to Elliptic, caters to professional traders and DeFi users looking to conceal investment strategies. Railgun Privacy System removes wallet addresses from transactions on public blockchains using zero-knowledge-proof technology. It claims to be ERC-20 token compatible and has no mixing limit.

Cyclone Protocol is the second protocol, a Tornado Cash fork that touts a number of enhancements said to include yield farming to contributors of anonymity pools. Elliptic reports that Cyclone is able to mix 100 ETH/100,000 USDT in one instance and is available on IoTEX, Ethereum, BNB Smart Chain and Polygon.

Aside from Cyclone, which Elliptic highlights as the highest risk protocol among the six in its report, funds being mixed by these services “largely reflect legitimate DeFi trading activity.”

Just $40,000 of mixed funds were traced back to DeFi thefts which suggests that current activity reflects a lack of adoption of these alternative mixing protocols by nefarious actors and criminal elements.

Keeping tabs

Despite the fact that a relatively small amount of cryptocurrency has been mixed by nefarious actors, Elliptic still provides a cautionary note aimed at a couple of the services it highlighted.

Cyclone Protocol is identified as the highest-risk service in the wake of Tornado Cash sanctions. The service’s high transaction limit, large liquidity available in its mixing pools, and its ability to process Tornado Cash’s eponymous governance token (TORN) are cause for concern according to Elliptic:

“It’s confirmed use to launder at least some proceeds of DeFi exploits, the large amount of funds it has since processed and the apparent absence of its developer team to address concerns only strengthen these risks.”

Buccaneer V3 (BV3) was scored as a “medium-high” risk tool. The Ethereum-based token (BUCC) allows users to “bury” funds for an indefinite period of time without having to mix, pool or cycle transactions. A decoy mode displays fictitious BUCC balances on user interfaces as an obfuscation technique.

The service could be attractive for illicit use cases as it makes use of a Gas Station Network in order to pay transaction fees by claiming a small proportion of transferred BUCC. This could allow users to avoid using regulation-compliant cryptocurrency exchanges and services:

“BV3 therefore claims that it solves the ‘funding problem’ — the issue that addresses typically need to source ETH to pay transaction fees, typically from a centralized KYC exchange.”

A caveat provided by Elliptic is that BV3 uses technology that is still being tested, with its features and capabilities still to be fully realized. The remaining four protocols all have factors that Elliptic believes will inhibit large-scale illicit use.

Treasury officials would have done more for national security by leaving Tornado Cash alone

December 5, 2022 Coin Telegraph

Coin Telegraph

Tornado Cash contributes to our national security interests more than it undermines them.

One of the most powerful moments in a new crypto user’s journey happens the first time they send a sizable amount of money to their private wallet. It’s an awe-inspiring, serious moment — and it’s a little scary to experience the power and personal responsibility of the technology firsthand with your own real money.

A second powerful moment occurs when the same user is introduced to a block explorer, looks up their address and sees that same transaction there on the blockchain for all to see.

There are competing visions of what Bitcoin (BTC), Ether (ETH) and other cryptocurrencies will achieve. They may be the future of gold, payments, currency or bank accounts. But no matter your crypto vision, none can work without achieving the same level of privacy enjoyed by cash or, at a minimum, credit cards. While credit card companies conduct unparalleled surveillance on our financial life, at least our transactions are not viewable on a public ledger.

There are a number of tools to achieve privacy available in crypto, from privacy coins to mixers and conjoining transactions on the Bitcoin blockchain. These tools are used by everyday users, and in some cases, they are used by bad actors — just like cash. Or to be more precise, crypto and crypto privacy tools are used by criminals with less frequency than cash.

Crypto is safer than fiat.

Chainalysis: Transactions involving illicit addresses represented just 0.15% of cryptocurrency transaction volume in 2021.

United Nations: estimated money laundered globally in one year is 2-5% of global GDP, or $800B - $2 trillion in USD.

Sources
— CZ Binance (@cz_binance) May 6, 2022

The United States Treasury Department’s Office of Foreign Assets Control sanctioned one particular project, Tornado Cash, that was the most effective privacy tool on Ethereum. Much has been written about the sanction and the threat represented by sanctioning code as speech, and two lawsuits have been filed to push back against OFAC’s efforts.

What has been lost in the FTX drama over the last few weeks is the deft maneuvering that OFAC has engaged in to improve its strategic position in the litigation. On Nov. 8, OFAC “redesignated” Tornado Cash “on the basis of new information.”

Two significant legal challenges brought forward a few weeks prior that poked holes in OFAC’s designation are the likely source of the “new information.” OFAC can only sanction groups, not computer code, and OFAC seems to be pushing a novel theory in its second designation that the decentralized autonomous organization around Tornado Cash was part of a group, even though the DAO had no power to change the code since the admin key was burned.

Supporters of the designation argue it was overall a fair trade to achieve national security goals. The stated reason for the designation was that Tornado Cash “obfuscated the movement of over $455 million stolen in March 2022” by North Korean hackers.

But did it really? Privacy tools require a large anonymity set to work. That’s the only way that small transactions by ordinary users can hide in a large crowd. And it works only if privacy tools are used correctly, without privacy mistakes like making mirror transfers into and out of shielded assets within a short timeframe.

Consider that when North Korean hackers made that specific transfer, it represented 20% of the entire Tornado Cash pool. The sheer volume of ETH North Korea was trying to move through the Tornado Cash protocol meant that it wasn’t obtaining any meaningful privacy by using the tool. It evokes a comical vision of Godzilla trying to cover himself with a fig leaf.

The Treasury Department would have achieved more for national security by allowing North Korean hackers to maintain a false sense of confidence and continue using the tool while it surveilled their transactions using statistical tracing analysis. What OFAC achieved instead amounts to little more than national security theater.

Meanwhile, it has done real harm to the Ethereum blockchain. One example, as noted by Ethereum co-founder Vitalik Buterin, is that Tornado Cash anonymized donations to support Ukraine. If the Treasury Department’s sanction against Tornado Cash is allowed to stand, it can sanction anything from computer code and applications to specific assets.

Almost as if on cue, former Treasury official Juan Zarate argued in a recent interview that the Treasury Department should use the Patriot Act more “creatively” to sanction entire classes of assets in crypto. It’s a short step from there to sanctioning gold coins or other everyday assets.

Society doesn’t countenance the sanctioning of things merely because criminals happen to use them. Criminals drive on roads. They use tools available at the hardware store. They use these things in furtherance of their crimes.

If OFAC’s vague sanction of “Tornado Cash” is allowed to stand, it can sanction any protocol or asset in crypto. And that threatens to destroy any meaningful vision of crypto’s future.

J. W. Verret is an associate professor at the George Mason Law School. He is a practicing crypto forensic accountant and also practices securities law at Lawrence Law LLC. He is a member of the Financial Accounting Standards Board’s Advisory Council, a member of the Zcash Foundation's board of directors, and a former member of the SEC Investor Advisory Committee. He also leads the Crypto Freedom Lab, a think tank fighting for policy change to preserve freedom and privacy for crypto developers and users.

This article is for general information purposes and is not intended to be and should not be taken as legal or investment advice. The views, thoughts and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.

‘I Wanted to Punch Kanye’ — Free Speech Waffler Elon Musk’s Nonsensical Take on Bitcoin, CBDCs, and Censorship

December 5, 2022 Bitcoin.com

Breaking: Ankr confirms exploit, asks for immediate trading halt

December 2, 2022 Coin Telegraph

aBNBc

The decentralized-finance protocol said it is working with exchanges to immediately halt trading of its BNB staking rewards token, aBNBc.

BNB Chain-based decentralized finance (DeFi) protocol Ankr has confirmed it has been hit by a multi-million dollar exploit on Dec. 1.

The attack appeared to be first discovered by on-chain security analyst PeckShield at approximately 12:35 am UTC on Dec. 2.

Within an hour of the attack, Ankr confirmed on Twitter that the aBNB token has been exploited and that they’re working with exchanges to immediately halt trading of the compromised token.

Our aBNB token has been exploited, and we are currently working with exchanges to immediately halt trading.
— Ankr (@ankr) December 2, 2022

The attacker was purportedly able to mint 20 trillion Ankr Reward Bearing Staked BNB (aBNBc), a reward-bearing token for BNB staked on the protocol.

According to a Twitter post from on-chain analysis firm Lookonchain, the exploiter has since used services such as Uniswap, Tornado Cash, and various bridges to swap and obfuscate the funds in order to gain around $5 million worth of USD Coin (USDC).

It also added in a following post that “all underlying assets on Ankr Staking are safe at this time, and all infrastructure services are unaffected.”

Seems that @ankr got hacked an hour ago!

The exploiter minted 20T aBNBc and dumped it on #PancakeSwap.

At present, the exploiter have successfully exchanged more than 5 million $USDC.https://t.co/hF1tgNYw0t pic.twitter.com/XIPjBi6wvs
— Lookonchain (@lookonchain) December 2, 2022

In comments to Cointelegraph about the attack, blockchain security firm Beosin suggested the exploit was likely the result of vulnerabilities in the smart contract code combined with compromised private keys, which may have come from a technical upgrade by the Ankr team about 12 hours ago.

Beosin also noted that the mass minting episode caused the price of aBNBc to fall 99.5% from $303.89 to $1.53 in a matter of hours, according to data from CoinMarketCap.

@ankr has been exploited. $aBNBc has dropped -99.5%.
The hacker minted tons of $aBNBc and made a profit of 5,500 BNB (~$1.6 million)
The deployer changed the implementation contract to the vulnerable contract address before the attack (possibly due to private key compromise). pic.twitter.com/GJheXh0oDp
— Beosin Alert (@BeosinAlert) December 2, 2022

“It is possible that the deployer’s private key was exposed in this upgrade, leading to an attacker using deployer privileges to modify the contract,” a Beosin spokesperson told Cointelegraph.

In a Dec. 2 Twitter post, crypto exchange Binance also confirmed its team is engaged with relevant parties to investigate the matter further, adding that Binance's user funds are not at risk.

We are aware of the attack targeting @ankr's aBNBc token. Our team is engaged with the relevant parties and @BNBCHAIN to investigate further.

This is not an attack against #Binance, and your funds are SAFU on our exchange. This thread will be updated should there be any updates.
— Binance (@binance) December 2, 2022

Cointelegraph contacted Ankr when the exploit was first discovered but did not receive an immediate response.

Tornado cash