The Purpose and Perils of Crypto Privacy Tools

Using mixers is becoming increasingly risky and not always effective for criminals, Chainalysis executive says

by Ben Strack /
article-image

Blockworks exclusive art by axel rangel

share

key takeaways

  • Mixing services pool together crypto transactions to obfuscate the fund sources and improve privacy
  • Recent crypto seizures by authorities in Florida and Germany involved alleged criminal use of mixers

Crypto services designed to improve transaction privacy continue to be used in illegal activities, but using so-called mixers for nefarious purposes is becoming increasingly risky. 

A cryptocurrency mixing service is used to privately transfer cryptoassets between wallets by comingling funds in a pool of assets belonging to many participants.

The hacker who last month exploited the Ronin Network for roughly $625 million recently transferred thousands of ether to Tornado Cash, a privacy tool for Ethereum. More than 165,000 ETH remains in the attacker’s wallet.

Tornado Cash, a decentralized protocol for private transactions on Ethereum, breaks the on-chain link between source and destination addresses, according to its website. The protocol uses a smart contract accepting ETH deposits that can be withdrawn by a different address. The longer the funds remain in the pool before being withdrawn, the greater the privacy protections.

“While Tornado Cash can be used for illegal activities, like money laundering or tax fraud, many believe that it is a crucial tool for maintaining financial anonymity,” NetSPI Chief Technology Officer Travis Hoyt told Blockworks.

“Due to the nature of mixers like Tornado Cash obscuring transactions, consumers that lack a full understanding of crypto’s security infrastructure may be susceptible to risks such as inadvertent money laundering.” 

Also last week, federal prosecutors in Florida seized roughly $34 million worth of crypto and German authorities confiscated about $25 million worth of bitcoin. The alleged criminals in both cases used mixing services to mask transactions.

But obscuring sources of funds through mixers is an increasingly risky option for bad actors, especially when trying to move the large quantities needed to evade sanctions, launder stolen funds or cash out the proceeds of a darknet marketplace, according to Gurvais Grigg, Chainalysis’s global public sector chief technology officer.

“Mixers require the participation of many users inputting comparable amounts of cryptocurrency in order to provide the desired obfuscation, and the liquidity often can’t support this,” he told Blockworks. 

Mriganka Pattnaik, co-founder and CEO at Merkle Science, agreed that mixers, tumblers or privacy coins do not have sufficient liquidity for individuals to move hundreds of millions of dollars in untraceable ways. He noted that cash is still the preferred monetary medium for smart criminals.

A Chainalysis report published in February found that while illicit crypto transactions reached an all-time high of $14 billion last year, criminal activity’s share of cryptocurrency transaction volume has never been lower.

Grigg noted that Chainalysis’s recently publicized demixing capabilities may further disincentivize mixer usage for illicit purposes. Forbes reported in February that Chainalysis has a “previously secret forensics tool” that was able to demix transactions tied to The DAO hack of 2016 and track their output to four exchanges.

A Chainalysis spokesperson declined to share further details about the blockchain data platform’s demixing efficacy.

The latest seizures

Still, alleged criminals are using the mixing services. 

A Florida man allegedly used an online alias and made more than 100,000 sales of illicit items and hacked online account information — such as for HBO, Netflix and Uber — on several dark web marketplaces, according to a Monday statement.

He used “tumblers” — mixing services that pool together multiple cryptocurrency transactions — and illegal dark web money transmitter services to launder one cryptocurrency for another. 

The tumbler distributes the cryptocurrency to a designated cryptocurrency wallet at random times and in random increments to obscure the original source of funds, officials said. Law enforcement agents seized various cryptocurrency wallets associated with the illegal dark web conduct.

The seizure came a day before German authorities revealed Tuesday that the country’s Federal Criminal Police Office (BKA) and its Central Office for Combating Internet Crime (ZIT) took down servers of Hydra Market, the world’s largest darknet marketplace. The agencies confiscated about $25 million worth of bitcoin after an investigation that began in August.

Focused on trading illegal narcotics, the Russian-language darknet platform had been accessible through the Tor network since at least 2015. Roughly 17 million customers and 19,000 seller accounts were registered on the marketplace.

According to ZIT and BKA estimates, Hydra Market’s sales amounted to at least 1.2 billion euros in 2020. The “Bitcoin Bank Mixer,” a service for obfuscating digital transactions provided by the platform, made crypto investigations extremely difficult for law enforcement authorities, officials said.

In another case, funds stolen from Crypto.com in January were reportedly being moved through Tornado Cash, according to on-chain data spotted at the time by blockchain security and data analytics company PeckShield.

Tornado Cash co-founder Roman Semenov told CoinDesk that month that the service was designed to be “unstoppable,” noting that the team has little control over what its users do with the protocol. That means that once non-upgradeable software is deployed on an immutable blockchain like Ethereum, it will operate as long as Ethereum — and by extension the internet — does. The popular Uniswap decentralized exchange is another such example.

A Tornado Cash spokesperson did not return a request for comment.

The ethos behind mixers is to harbor more financial freedom and privacy, bringing cash-like anonymity to otherwise public transaction ledgers, by deliberately making transactions hard to regulate, Hoyt said. Such technology can be used lawfully or unlawfully; the only way to avoid risk completely is to not engage at all. 

“While there are a plethora of general resources about crypto available, the industry must prioritize education on the inherent security risks and how to best mitigate these risks,” Hoyt said. “Aside from consumers actively choosing to not utilize mixers, this is the best way to ensure ethical crypto traders remain protected.”

Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.

Explore the growing intersection between crypto, macroeconomics, policy and finance with Ben Strack, Casey Wagner and Felix Jauvin. Subscribe to the On the Margin newsletter.

The Lightspeed newsletter is all things Solana, in your inbox, every day. Subscribe to daily Solana news from Jack Kubinec and Jeff Albus.

Tags

Upcoming Events

Permissionless III Hackathon

Salt Lake City, UT

MON - TUES, OCT. 7 - 8, 2024

Blockworks and Bankless in collaboration with buidlbox are excited to announce the second installment of the Permissionless Hackathon – taking place October 7-8 in Salt Lake City, Utah. We’ve partnered with buidlbox to bring together the brightest minds in crypto for […]

learn more

Permissionless III

Salt Lake City, UT

WED - FRI, OCTOBER 9 - 11, 2024

Permissionless is a conference for founders, application developers, and users. Come meet the next generation of people building and using crypto.

learn more

recent research

Research Report Templates (1).png

Research

Why Solana Mobile Should 100x Their Phone Production

Solana Mobile is a highly ambitious foray into the mobile consumer hardware market, seeking to open up a crypto-native distribution channel for mobile-first applications. The market for Solana Mobile devices has demonstrated a phenomenon whereby external market actors (e.g. Solana-native projects) continuously underwrite subsidies to Mobile consumers. The value of these subsidies, coming in the form of airdrops, trial programs, and exclusive NFT mints, have consistently covered the cost of the phone and generated positive returns for consumers. Given this trend in subsidies, the unit economics in the market for Mobile devices, and the initial growth rate and trajectory of sales, it should be expected that Solana mobile can clear 1M to 10M units over the coming years. As more devices circulate amongst users, Solana Mobile presents a promising venue for the emergence of killer-applications uniquely enabled by this mobile-first, crypto-native distribution channel.

by Luke Leasure

/

news

article-image

Analysis

Empire Newsletter: How US presidencies map to crypto markets

Plus, breaking down Donald Trump’s shifting crypto stance

by Katherine Ross&David Canellis /
article-image

DeFiMarkets

Mt. Gox customers to receive crypto assets after 10-year wait

Markets are holding relatively steady despite the supply shock

by Donovan Choy /
article-image

Markets

Markets brace for volatility as VIX rises to highest level since April 

Analysts are looking ahead to August, a historically volatile month made more interesting this year by the US presidential election

by Casey Wagner /
article-image

Analysis

On the Margin Newsletter: A notoriously rough month for markets is upcoming

Plus, a look into Lighting Labs’ newest feature

by Casey Wagner /
article-image

Opinion

Crypto investors must embrace new tax rules or risk falling behind

Crypto’s Wild West era is over — it’s time to embrace regulation to secure the future of digital assets

by Zac Townsend /
article-image

Analysis

Lightspeed Newsletter: Wine tokenization on Solana

Plus, Solana has now surpassed Ethereum in trailing 30-day decentralized exchange volume

by Jack Kubinec&Jeff Albus /