DeFi Web Apps Block Users Hit by Tornado Cash ‘Dust Attack’

Tron founder Justin Sun was blocked by the front-end web app of DeFi protocol Aave over the weekend after a Tornado Cash ‘dust attack.’


Source: DALL·E


key takeaways

  • Sun claimed he was sent 0.01 ETH from an anonymous source via Tornado Cash, leading to Aave blocking his blockchain address
  • Privacy advocates say the Treasury’s move to ban Tornado Cash is a violation of human rights

Prominent crypto users reported being blocked by web apps of major DeFi (decentralized finance) protocols over the weekend, as the ecosystem continues reckoning with recent Tornado Cash sanctions.

Tron founder Justin Sun claimed he was “officially blocked” from lending protocol Aave after someone “randomly” sent him a small amount of ether via crypto mixer Tornado Cash.

More than 600 addresses were hit with the same 0.01 ETH ($19.25) “dust attack,” according to analytics unit PeckShield, including crypto exchanges and public figures such as Coinbase CEO Brian Armstrong and Jimmy Fallon.

Last Monday, Tornado Cash was placed on the Office of Foreign Assets Control’s blacklist over its usage by North Korean hacker crew Lazarus Group to launder stolen digital assets. The ban made it illegal for US citizens to interact with its Ethereum smart contracts.

Read more: Coin Mixers and Privacy Coins: Can They Resist Censorship?

OFAC in total sanctioned 45 Ethereum addresses associated with Tornado Cash, many of them USDC contracts, leading MakerDAO co-founder Rune Christensen to float ditching the stablecoin from its treasury altogether.

Days later, Dutch financial crimes agency FIOD arrested a 29-year-old Tornado Cash developer in Amsterdam over their suspected involvement in facilitating money laundering via the platform.

Sun tweeted his ban on Friday. “This address is blocked on because it is associated with one or more blocked activities,” the screenshot reads. Ethereum proponent Anthony Sassano said he experienced similar treatment.

Aave later responded to the social media outcry with its own Twitter thread. The firm explained it had implemented a API maintained by compliance startup TRM Labs to ensure it’s in line with US sanctions.

Loading Tweet..
Aave later clarified that TRM Labs’ API did not make incorrect calls, but rather Aave’s front-end implementation was responsible for the errors.

TRM Labs’ API identifies “all wallets that have interacted with Tornado Cash contracts post-sanctions, even so-called ‘dusted’ self-custodial wallets,” Aave said.

This explains why some users were unable to access the protocol’s front-end, even though its web app is hosted by peer-to-peer protocol Inter-Planetary File System.

Web apps for other popular DeFi protocols, including decentralized exchange Uniswap and automated market maker Balancer, also reportedly blocked users flagged by TRM Labs’ database.

“The team [Aave] mitigated these issues by immediately addressing this, and we continue to evaluate responsible and reasonable risk mitigation given the circumstances,” Aave said. Sassano later tweeted to confirm his block had been lifted.

DeFi still weighing full impact of Tornado Cash sanctions

While their web apps rely on centralized services, Aave, Uniswap and Balancer are non-custodial, peer-to-peer platforms powered by immutable smart contracts.

This means anyone at all can spin up alternative front-ends that don’t utilize automated block lists like TRM Labs’, allowing blocked users to interact with their permissionless protocols.

Still, seeing high-profile individuals such as Sun indirectly impacted by the Treasury’s recent ban is somewhat troubling. The department’s move has been called into question by activists and proponents, who say “hair-raising precedent” is an “unconstitutional restriction on free speech.”

Privacy advocates argue Tornado Cash is intended to preserve sensitive information relating to a user’s wallet, including the amount stored, where funds are sent and received, and general DeFi activity.

Digital rights advocacy group Fight for the Future last week wrote that the Treasury made a “clumsy attempt” to sanction Tornado Cash, compromising human rights and the US’ first amendment.

“The Internet is feeling the chilling effects of this choice: the open source code used to run has been taken down from Github,” the group said. “Unfortunately it seems that such an effect is exactly what the US government was seeking.”

Commonplace sanctioning of smart contracts could have wide-reaching repercussions for DeFi and the blockchain industry writ large, proponents say.

Loading Tweet..

Fireblocks CEO Michael Shaulov believes technology built over the past decade to catch bad actors has led to increased threat intelligence sharing between industry and law enforcement. Although, the systems in place are not perfect, he said.

“In theory, Tornado Cash has a lot of interesting properties for anonymizing your transactions,” Shaulov told Blockworks in an interview. “But in practice, we all know that the people that were using it for a sizable part of the activity were not the good guys.”

Shaulov mused on the idea of a continuously updated database “at the wallet level,” with the addresses made public in a bid to aid other platforms and protocols from engaging with tainted wallets.

Shaulov, who spent four years in Israeli intelligence developing monitoring software for law enforcement, likened the Treasury’s actions against Lazarus and Tornado Cash to that of a game of “cat and mouse” across DeFi.

“Chasing after bad people on the internet is not a new thing,” he said, adding that banning protocols like Tornado Cash wasn’t a real solution.”

“It’s open source,” Shaulov said in relation to Tornado Cash’s code. “What prevents the next person from basically spinning that contract another 50,000 times?”

Shaulov then suggested increased intelligence sharing between all related parties, such as Tornado Cash, Uniswap and the Treasury, who could then programmatically blacklist all wallets belonging to terrorists, for example.

Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.

Explore the growing intersection between crypto, macroeconomics, policy and finance with Ben Strack, Casey Wagner and Felix Jauvin. Subscribe to the On the Margin newsletter.

The Lightspeed newsletter is all things Solana, in your inbox, every day. Subscribe to daily Solana news from Jack Kubinec and Jeff Albus.


Upcoming Events

Salt Lake City, UT

MON - TUES, OCT. 7 - 8, 2024

Blockworks and Bankless in collaboration with buidlbox are excited to announce the second installment of the Permissionless Hackathon – taking place October 7-8 in Salt Lake City, Utah. We’ve partnered with buidlbox to bring together the brightest minds in crypto for […]

Salt Lake City, UT

WED - FRI, OCTOBER 9 - 11, 2024

Pack your bags, anon — we’re heading west! Join us in the beautiful Salt Lake City for the third installment of Permissionless. Come for the alpha, stay for the fresh air. Permissionless III promises unforgettable panels, killer networking opportunities, and mountains […]

recent research

Research Report Templates.png


ZKPs enable efficient offchain transaction processing and validation, resulting in increased throughput and reduced fees. Solana's ZK Compression leverages ZKPs to minimize onchain storage costs, while Sui's zkLogin streamlines user onboarding by replacing complex key management with familiar OAuth credentials.


The crypto asset manager lowered its planned fee from 0.25% to 0.15%, undercutting its competitors


Plus, a look at planned ETH ETF fees and how they differ from their BTC counterparts


North Korea suspected in breach of Indian exchange’s multisig wallet


Plus, Sanctum’s CLOUD token has officially launched — but not without problems


It’s not yet clear whether Donald Trump is pumping bitcoin. But an unofficial memecoin is still seeing benefit.