Tornado Cash Dust Attack

Table of Contents

An unknown user made a series of 0.1 eth transactions through Tornado Cash to high-profile Ethereum addresses, wallets belonging to celebrities such as Coinbase CEO Brian Armstrong, Justin Sun Jimmy Fallon, Beeple but also clothing brand Puma and even a wallet created for donations to Ukraine.

The sender’s goal, however, is anything but a donation. The transactions in fact would appear to be a troll, implicating the recipients in regulatory problems with the U.S. government as well as banning them from major decentralized applications.

The Treasury Department’s Office of Foreign Asset Control (OFAC) sanctioned the Tornado Cash application, banning people and entities in the U.S. territory from interacting with it.

Tornado Cash is a privacy application that allows users to obscure their transactions by making them completely private, this is possible by pooling cryptocurrencies deposited by users, mixing them, and then redistributing them to secondary addresses.

The platform is accused of helping its user to launder more than $7 billion in crypto since its founding in 2019, funds more often than not, coming from the most notorious hacks of recent years, such as Harmony Blockchain’s Bridge ($96 million) or this month’s exploit against Nomad Bridge ($7.8 million).

After being sanctioned, the DApp saw its community Discord channel and website go offline, plus a developer involved in the dApp’s activities was arrested in Amsterdam on Wednesday.

Justin Sun, the founder of Tron, highlighted the problem by claiming to be unable to interact with Aave.

The platform blocked his account after receiving Ether through Tornado Cash, thus associating his address with other addresses considered malicious and blocked.

Many decentralized applications such as Aave, Uniswap, Ren, Oasis, and Balancer in fact to remedy the problem would have implemented their own code to revoke access to the sanctioned addresses.

The address screening task is managed by TRM Labs a compliance company that offers services to dApps via an API.

The company, following OFAC guidance, is labeling as sanctioned all addresses interacting with Tornado Cash, which are consequently banned from applications using the service.

The idea of sending 0.1 Eth to known wallets originated on Twitter in a post by Depression2019, the meme highlights how absurd it is to sanction users who receive these funds without even being in power to decline the transaction, highlighting the difficulty of effective regulation where there are no intermediaries.

According to PeckShieldAlert, over 600 ENS addresses received 0.1 ETH from Tornado Cash, and many of those who received the funds got blocked by Aave.

Another problem lies in how TRM Labs decides to label an address as sanctioned, an analysis created by ElBarto Crypto shows that 90% of Ethereum addresses have just four degrees of separation from Tornado Cash, with 41% within just two degrees, this can make us imagine how thousands of addresses containing billions of Ethereum might be blacklisted.

Sponsored content

Related Articles

See All