Into the storm: The murky world of cryptocurrency mixers

Published at: Dec. 7, 2022

Cryptocurrency mixing services are a divisive subject in the industry. Some advocate for the privacy-enabling features of these protocols while others maintain that they are mainly used for illicit means.

For platforms like Tornado Cash, the mainstream verdict is “guilty as charged.” The infamous decentralized mixing protocol was sanctioned by the United States Office of Foreign Assets Control (OFAC) in August 2022, essentially making it illegal for anyone to make use of the service.

Tornado Cash continues to be a contentious topic and one of its developers, Alexey Pertsev, controversially remains in detention in the Netherlands while investigators look to build a case against the Russian developer and his alleged role in the mixer’s operation.

In a proverbial sense, one man’s loss is another man’s gain and that seems to be the case for cryptocurrency mixers according to a report from blockchain analytics firm Elliptic.

A blow to money-laundering operations

As highlighted in its analysis, Elliptic reveals that over $7 billion worth of cryptocurrencies were processed by Tornado Cash. An estimated $1.54 billion of illicit cryptocurrency was laundered through the platform, with a user base that included the likes of North Korean Lazarus Group state hackers.

In the wake of OFAC’s sanctions, Tornado Cash liquidity pools saw their holdings drop by 60% which is said to have drastically reduced the anonymizing potential of the platform for large-scale money laundering operations.

With Tornado Cash ostensibly shut down, a number of alternative mixing services have been identified as potential threats to cryptocurrency service providers and criminal investigators. Elliptic highlights six different protocols that have been used as mixers in the wake of Tornado Cash’s prohibition.

Not all mixers are being used for illicit means

Elliptic’s report unpacks how these mixer protocols operate in different ways and provide a variety of outcomes for potential users. A top-down view shows that these obfuscation protocols have mixed over $41 million of cryptocurrency, which pales in comparison to the total amount that was processed by Tornado Cash.

Ether (ETH), BNB (BNB), Wrapped Ether (wETH) and Tether (USDT) are the most commonly mixed tokens, given their usability within decentralized finance (DeFi). Elliptic’s figures notably exclude Polygon-based tokens.

Two particular protocols account for the highest mixing capacity of the tools analyzed and as a result, make up three-quarters of the cryptocurrency mixed.

The first is Railgun, a decentralized protocol that, according to Elliptic, caters to professional traders and DeFi users looking to conceal investment strategies. Railgun Privacy System removes wallet addresses from transactions on public blockchains using zero-knowledge-proof technology. It claims to be ERC-20 token compatible and has no mixing limit.

Cyclone Protocol is the second protocol, a Tornado Cash fork that touts a number of enhancements said to include yield farming to contributors of anonymity pools. Elliptic reports that Cyclone is able to mix 100 ETH/100,000 USDT in one instance and is available on IoTEX, Ethereum, BNB Smart Chain and Polygon.

Aside from Cyclone, which Elliptic highlights as the highest risk protocol among the six in its report, funds being mixed by these services “largely reflect legitimate DeFi trading activity.”

Just $40,000 of mixed funds were traced back to DeFi thefts which suggests that current activity reflects a lack of adoption of these alternative mixing protocols by nefarious actors and criminal elements.

Keeping tabs

Despite the fact that a relatively small amount of cryptocurrency has been mixed by nefarious actors, Elliptic still provides a cautionary note aimed at a couple of the services it highlighted.

Cyclone Protocol is identified as the highest-risk service in the wake of Tornado Cash sanctions. The service’s high transaction limit, large liquidity available in its mixing pools, and its ability to process Tornado Cash’s eponymous governance token (TORN) are cause for concern according to Elliptic:

“It’s confirmed use to launder at least some proceeds of DeFi exploits, the large amount of funds it has since processed and the apparent absence of its developer team to address concerns only strengthen these risks.”

Buccaneer V3 (BV3) was scored as a “medium-high” risk tool. The Ethereum-based token (BUCC) allows users to “bury” funds for an indefinite period of time without having to mix, pool or cycle transactions. A decoy mode displays fictitious BUCC balances on user interfaces as an obfuscation technique.

The service could be attractive for illicit use cases as it makes use of a Gas Station Network in order to pay transaction fees by claiming a small proportion of transferred BUCC. This could allow users to avoid using regulation-compliant cryptocurrency exchanges and services:

“BV3 therefore claims that it solves the ‘funding problem’ — the issue that addresses typically need to source ETH to pay transaction fees, typically from a centralized KYC exchange.”

A caveat provided by Elliptic is that BV3 uses technology that is still being tested, with its features and capabilities still to be fully realized. The remaining four protocols all have factors that Elliptic believes will inhibit large-scale illicit use.

Tags
Related Posts
Blockchain and crypto can be a boon for tracking financial crimes
Governments around the globe have also become more aware of the crypto market and the various ways in which it can be regulated. Despite a growing adoption rate and involvement of mainstream financial giants, however, naysayers continue to portray crypto as a tool for miscreants and criminals. Several crypto platforms and decentralized finance (DeFi) protocols have been compromised over the years, owing to various code vulnerabilities or centralization problems. However, stealing of money is the easiest part, while moving that money and cashing it out is nearly impossible. This is primarily because most crypto transactions are recorded on a public …
Adoption / April 28, 2022
Why the BitMEX charges could be bad news for DeFi
In the aftermath of criminal charges against BitMEX, the crypto community is debating whether the decentralized finance sector is also set to face the wrath of regulators. On Oct 1, the U.S. Commodity Futures Trading Commission announced charges against three BitMEX executives for violating the Bank Secrecy Act (BSA) due to the exchange’s allegedly weak anti-money laundering and know-your-customer (KYC) policies. DeFi protocols, including Decentralized Exchanges (DEXs) have made a virtue of having minimal AML and KYC procedurs. However many now wonder if DEXs are also obliged to comply with the BSA, even though most projects seek to decentralize ownership …
Blockchain / Oct. 2, 2020
Report: Crypto crimes declined in 2020, but DeFi hacks are on the rise
Cryptocurrency-related crimes have slowed down in 2020, but some sectors within the crypto industry have become a new hotbed for criminal activity, a new report says. Citing major crypto analytics firm CipherTrace, Reuters reported on Nov. 10 that total losses from crypto thefts, hacks and fraud dropped from $4.4 billion in 2019 to $1.8 billion over the first 10 months of 2020. CipherTrace CEO Dave Jevans said that the general decline of criminal activity in the crypto industry is a result of increased security measures: “What we have seen is that exchanges and other cryptocurrency players have implemented more security …
Bitcoin / Nov. 10, 2020
Crypto exchanges tackle insider trading after recent convictions
In January, the brother of a former Coinbase product manager was sentenced to 10 months in prison for wire fraud conspiracy in what prosecutors called the first case of insider trading involving cryptocurrencies. In September 2022, Nikhil Wahi entered a guilty plea for executing trades based on private data obtained from his brother, Ishan Wahi, a former product manager for Coinbase. Most countries have laws against insider trading, which carry stiff penalties like jail time and heavy fines. The recent insider trading investigation against crypto exchanges by the United States Securities and Exchange Commission indicates that regulatory bodies are prepared …
Regulation / Feb. 7, 2023
DeFi exploits and access control hacks cost crypto investors billions in 2022: Report
Cyber criminals used a variety of novel ways to carry out hacks and exploits in 2022, with over $2.8 billion of cryptocurrency stolen last year. According to a report from CoinGecko using data sourced from DeFiYield’s REKT Database, nearly half of the total crypto stolen in 2022 was fleeced using diverse methods. This includes bypassing verification processes, market manipulation, ‘crowd looting’ as well as smart contract and bridge exploits. The biggest hack of 2022 was carried out through an access control hack. Sky Mavis, the developer behind popular game Axie Infinity, saw its Ronin bridge hacked in March 2022, leading …
Blockchain / Feb. 13, 2023