Offline site and US sanctions: game over for Tornado Cash? This is news that, if not to discourage hackers, will at least give them a hard time. Tornado Cash (TORN), the anonymization protocol that has been used to scavenge hundreds of millions of dollars siphoned off from vulnerable blockchains, has apparently just been decommissioned. The US Treasury had placed it on its blacklist yesterday.
US Treasury adds Tornado Cash to its blacklist
Yesterday, August 8, the Office of Foreign Assets Control (OFAC), affiliated with the United States Department of the Treasury, placed Tornado Cash and its founders on its list of “Specially Designated Nationals”.
The famous list of Specially Designated Nationals (SDN) brings together various foreign dignitaries, businessmen, and politicians targeted by economic sanctions.
In the case of Tornado Cash, all of its operational funds are blocked: the address of its smart contract on the Ethereum network, the address of its wallet receiving user donations, and its address Bitcoin. We can read in the OFAC press release the nature of the facts alleged against the protocol, following an investigation launched a few weeks ago:
“Despite assurances to the contrary, Tornado Cash has repeatedly failed to impose effective controls intended to prevent it from routinely laundering funds to malicious actors and without measures to address those risks. The Treasury will continue to take aggressive action against mixers that launder virtual currency to criminals and those who help them."
A series of coordinated sanctions against the site
In the wake of the US federal authorities, a whole group of actors linked to the blockchain has decided to put the protocol to death.
Circle (the issuing company of the USDC stablecoin) has announced that it has frozen dozens of addresses that have interacted with the anonymization protocol. A core of 44 addresses have been disclosed as being specifically linked to Tornado Cash individuals, executives, and team members.
Github, a Microsoft platform very popular with developers, has banned Roman Semenov, co-founder of the protocol. The latter made it known on Twitter, and faced several inflammatory comments:
The tornado.cash site has even been taken down, as seen in the image below. This is probably the result of a blockage on the hosting servers (Amazon Web Services?) because the founders have not announced that they have deactivated their site.
The tornado.cash website has been inaccessible since yesterday
Blender.io, 1inch, Tornado Cash: the problem of anonymization protocols
Tornado Cash is to date the second cryptocurrency mixing protocol to have drawn the wrath of the American authorities. Last May, OFAC sanctioned Blender.io, accusing it of “ supporting malicious cyber activities and money laundering in stolen virtual currency ”. Clearly, the formidable group of North Korean hackers Lazarus, at the boot of the North Korean state itself.
If the sanctions took a long time to fall, several blockchain analysis companies had already highlighted the problem: the massive use by hackers of Tornado Cash, to make disappear the funds stolen during major hacks and blur the tracks.
The Lazarus group, for example, is implicated in the Ronin sidechain hack last March. In all, 624 million dollars (173,600 ETH and 25.5 million USDC) had been stolen from this computer bridge dedicated to the game Axie Infinity (AXS). A large portion of these funds flowed through Tornado Cash.
More recently, funds stolen from the Harmony blockchain during an attack on the Horizon bridge were sent to the protocol. Three days after the theft of $100 million in BUSB, USDC, ETH, and WBTC, the loot had started to be gobbled up in batches on the mixer.
Cryptocurrency “mixers” all work on the same model: when you deposit, your cryptocurrencies are sent to a smart contract that mixes them with those brought by other depositors. The more contributors there are, the more the mix proves to be effective and difficult to unravel for potential on-chain detectives.
An anonymization score (called “ anonymity set ”) even measures the degree of confidentiality added to your deposit. In this way, the depositor can decide the right time to withdraw their crypto equivalents from the protocol via different wallets.
Tornado Cash could be reborn under another name
The killing of Tordano Cash is news that should give major malicious hacker collectives a hard time, starting with the North Koreans Lazarus and APT38, then the Russians Conti-Ryuk, Sodinoboki (Reil), Grandcarb, and TrickBot.
The rub is that the underlying Tornado Cash smart contract could simply be replicated under another name. You should know that all of the code for it is available on GitHub, a platform that developers use to share (and store) the code of their projects.
Like peer-to-peer streaming and download sites, we can therefore expect to see the protocol reappear under a new domain name. Not to mention similar projects that will certainly take up the place left vacant.
At the same time, on-chain detectives, like the companies PeckShield and Elliptic, are working to reconstruct by algorithms the flows of cryptos transiting to and from these mixing protocols. Progress is significant but does not yet provide all of the desired answers.
It's unlikely to ever see Tornado Cash working again. The hacks however are not about to stop.
READ MORE: FED Meeting: Cryptos Are Exploding!
0 Comments