US attack on crypto mixers threatens collateral privacy damage

Aggressive US moves to block cryptocurrency mixing services employed by North Korean state-sponsored hackers are sparking howls of opposition in the country. The crypto community argues that Washington is going too far, preventing legitimate users from protecting their privacy and stifling software developers.

On Monday, the US Treasury banned Americans from dealing with the crypto mixer Tornado.cash, an Ether
ETH
eum-blockchain platform that attempts to hide the source of digital assets by aggregating users’ funds and then allowing them to withdraw a random selection equal to their deposit. The Treasury said Tornado.cash facilitated the laundering of $455 million in digital assets stolen by Lazarus Group, the North Korean state-sponsored hacking organization. The sanctions follow a similar action in May against Blender.io, a crypto blender accused of facilitating the laundering of $20.5 million in funds stolen from the $620 million Ronin Bridge hack in March, the largest crypto hack to date, executed by Lazarus Group, according to the US FBI.

Under pressure from US and UN sanctions, the Democratic People’s Republic of Korea has turned to crypto hacking to fund illegal “weapons of mass destruction (WMD) and ballistic missile” programs, according to a statement from the Treasury. Ari Redbord, head of legal and government affairs at TRM Labs, described the Ronin Bridge hack as a watershed moment that shifted the Treasury’s perception of crypto hacks from financial crimes to national security concerns.

“North Korea was really one of the first to use cryptocurrency to launder money,” Redbord said. “I think they realized very quickly that hacking or attacking cryptocurrency companies was really a way to steal money at internet speeds.”

Tornado.cash penalties are notable due to the large volume of legitimate and illegitimate transactions processed through the service. A bona fide use would be someone who wishes to spend cryptocurrency without allowing the recipient to view the full on-chain transaction history associated with their wallet address.

The sanctions prohibit any U.S. person from transacting with Tornado.cash or any of the wallet addresses added to the Treasury’s Specially Designated Nationals and Blocked Persons list. The sanctions against Tornado.cash and Blender.io are the first cases where the Treasury has targeted an open source and decentralized tool rather than individuals or entities.

“It really blurs the line between being a developer who is just writing code and being a regulated money transmitter,” says Justin Ehrenhofer, vice president of operations at wallet developer Monero.
XMR
.com and the multi-coin Cake Wallet. “With cryptocurrencies and the added flexibility that comes with them to create financial products over the years, it’s easier for people who just write code to release things that people can use to make transactions. transactions without going through a financial intermediary.”

In response to the latest sanctions, Circle, the organization behind USDC
USDC
stablecoin, blacklisted wallet addresses linked to Tornado.cash. As a result, 75,000 USDC is effectively frozen on the platform. In an act of protest to illustrate the potential collateral damage of Treasury sanctions, an anonymous user sends wallet addresses of known celebrities small amounts of Ethereum from a Tornado.cash wallet.

Although the sanctions do not extend to banning the operations of non-US entities in other countries, they cut them off from the US financial system, which is often a devastating blow. In the case of Tornado.cash, the website is already down and, at the time of writing, approximately 28,700 ETH has been withdrawn from the 100 ETH Tornado pool since the sanctions announcement, according to TRM’s analysis.

The Tornado.cash action may indicate that similar action will be taken against products such as Privacy Coins. The two most important are Monero and Zcash
ZEC
, which aim to bring the privacy and fungibility of cash to online transactions. Ehrenhofer said it might be difficult to sanction a large network like Monero, but he feels even more uncomfortable after Tornado.cash was announced.

“It certainly brings us closer to government action against specific tools, as far as sanctions go, so I would say it’s definitely a step back, it’s scarier than before,” Ehrenhofer said.

In a widely publicized speech about the sanctions, Peter Van Valkenburgh, research director at the cryptocurrency policy think tank Coin Center, argued that the Treasury was hampering free speech for software developers. He noted that some Tornado.cash contributors had their accounts on Github, a hosting service for software development, shut down. While this may be a business move on the Github account, he described it as having a “chilling effect” on free speech.

“Whether by design or not, the end result has been that cryptographers and developers have been afraid to contribute to privacy projects, because it’s not a good idea for what you’re working on to be shared under a such a negative day,” Ehrenhofer said.

One possible solution to the tension between individual users’ desire for privacy and governments’ responsibility to limit national security threats is to integrate anti-money laundering and sanctions screening tools into products such as cryptocurrency mixers. Companies such as TRM Labs and Chainalysis already offer free sanctions screening tools that help developers comply with sanctions. However, this plan only works if developers continue to build privacy-focused platforms.

“If you’re the lead developer working on a project that got sanctioned, imagine explaining it to your bank,” Ehrenhofer said. “No, I didn’t do anything wrong. I was never charged with a crime, but what I did was sanctioned by the US government.