Into the storm: The murky world of cryptocurrency mixers
A handful of obfuscation protocols are competing for the user base of OFAC-sanctioned Tornado Cash.
Cryptocurrency mixing services are a divisive subject in the industry. Some advocate for the privacy-enabling features of these protocols while others maintain that they are mainly used for illicit means.
For platforms like Tornado Cash, the mainstream verdict is “guilty as charged.” The infamous decentralized mixing protocol was sanctioned by the United States Office of Foreign Assets Control (OFAC) in August 2022, essentially making it illegal for anyone to make use of the service.
Tornado Cash continues to be a contentious topic and one of its developers, Alexey Pertsev, controversially remains in detention in the Netherlands while investigators look to build a case against the Russian developer and his alleged role in the mixer’s operation.
In a proverbial sense, one man’s loss is another man’s gain and that seems to be the case for cryptocurrency mixers according to a report from blockchain analytics firm Elliptic.
A blow to money-laundering operations
As highlighted in its analysis, Elliptic reveals that over $7 billion worth of cryptocurrencies were processed by Tornado Cash. An estimated $1.54 billion of illicit cryptocurrency was laundered through the platform, with a user base that included the likes of North Korean Lazarus Group state hackers.
In the wake of OFAC’s sanctions, Tornado Cash liquidity pools saw their holdings drop by 60% which is said to have drastically reduced the anonymizing potential of the platform for large-scale money laundering operations.
With Tornado Cash ostensibly shut down, a number of alternative mixing services have been identified as potential threats to cryptocurrency service providers and criminal investigators. Elliptic highlights six different protocols that have been used as mixers in the wake of Tornado Cash’s prohibition.
Not all mixers are being used for illicit means
Elliptic’s report unpacks how these mixer protocols operate in different ways and provide a variety of outcomes for potential users. A top-down view shows that these obfuscation protocols have mixed over $41 million of cryptocurrency, which pales in comparison to the total amount that was processed by Tornado Cash.
Ether (ETH), BNB (BNB), Wrapped Ether (wETH) and Tether (USDT) are the most commonly mixed tokens, given their usability within decentralized finance (DeFi). Elliptic’s figures notably exclude Polygon-based tokens.
Two particular protocols account for the highest mixing capacity of the tools analyzed and as a result, make up three-quarters of the cryptocurrency mixed.
The first is Railgun, a decentralized protocol that, according to Elliptic, caters to professional traders and DeFi users looking to conceal investment strategies. Railgun Privacy System removes wallet addresses from transactions on public blockchains using zero-knowledge-proof technology. It claims to be ERC-20 token compatible and has no mixing limit.
Cyclone Protocol is the second protocol, a Tornado Cash fork that touts a number of enhancements said to include yield farming to contributors of anonymity pools. Elliptic reports that Cyclone is able to mix 100 ETH/100,000 USDT in one instance and is available on IoTEX, Ethereum, BNB Smart Chain and Polygon.
Aside from Cyclone, which Elliptic highlights as the highest risk protocol among the six in its report, funds being mixed by these services “largely reflect legitimate DeFi trading activity.”
Just $40,000 of mixed funds were traced back to DeFi thefts which suggests that current activity reflects a lack of adoption of these alternative mixing protocols by nefarious actors and criminal elements.
Despite the fact that a relatively small amount of cryptocurrency has been mixed by nefarious actors, Elliptic still provides a cautionary note aimed at a couple of the services it highlighted.
Cyclone Protocol is identified as the highest-risk service in the wake of Tornado Cash sanctions. The service’s high transaction limit, large liquidity available in its mixing pools, and its ability to process Tornado Cash’s eponymous governance token (TORN) are cause for concern according to Elliptic:
“It’s confirmed use to launder at least some proceeds of DeFi exploits, the large amount of funds it has since processed and the apparent absence of its developer team to address concerns only strengthen these risks.”
Buccaneer V3 (BV3) was scored as a “medium-high” risk tool. The Ethereum-based token (BUCC) allows users to “bury” funds for an indefinite period of time without having to mix, pool or cycle transactions. A decoy mode displays fictitious BUCC balances on user interfaces as an obfuscation technique.
The service could be attractive for illicit use cases as it makes use of a Gas Station Network in order to pay transaction fees by claiming a small proportion of transferred BUCC. This could allow users to avoid using regulation-compliant cryptocurrency exchanges and services:
“BV3 therefore claims that it solves the ‘funding problem’ — the issue that addresses typically need to source ETH to pay transaction fees, typically from a centralized KYC exchange.”
A caveat provided by Elliptic is that BV3 uses technology that is still being tested, with its features and capabilities still to be fully realized. The remaining four protocols all have factors that Elliptic believes will inhibit large-scale illicit use.
Go to Source
Author: Gareth Jenkinson