DeFi protocols Aave, Uniswap, Balancer, ban users following OFAC sanctions on Tornado Cash Liam ‘Akiba’ Wright 8 hours ago 5 min read
Decentralization could be under attack as Aave, Uniswap, Balancer and much more reportedly ban wallets that have interacted with Tornado Cash. A centralized dataset developed by TRM Labs is apparently in charge of the accounts being banned.
5 min read
Updated: August 13, 2022 at 9: 22 pm
Cover art/illustration via CryptoSlate
Several decentralized applications on the Ethereum network have implemented code changes to revoke access from sanctioned addresses. The currently identified protocols are Aave, Uniswap, Ren, Oasis, and balancer. Banteg from Yearn identified the GitHub repositories involved with a Tweet early Saturday morning.
when defi apps started snitching you, with links
2021-10-25 uniswap https://t.co/ym0wdNPJS6
2022-05-10 ren https://t.co/9588mTitKe
2022-06-29 balancer https://t.co/5V1FaxPUOn
2022-08-11 oasis https://t.co/GzkOQXXPb9
2022-08-12 aave https://t.co/vYY8MjqZ1p
(never) yearn, curve pic.twitter.com/1FkgVPnUqb
banteg (@bantg) August 12, 2022
Sanctioning screened addresses.
The address screening that is placed into place revolves around TRM Labs, a compliance company offering services to dApps via an API. A full page on the TRM Labs website identifies the tool as applicable for new Russia-related designations.
However, following a OFAC proceed to sanction all addresses linked to Tornado Cash, it would appear that users which have interacted with Tornado Cash are actually also being called sanctioned and therefore banned from the platforms using TRM Labs API.
The sanctions aren’t being positioned on addresses linked to Russia but on any users, including USA citizens, who’ve ever received funds from the Tornado Cash address.
Given the recent dusting attack of high-profile addresses such as for example Brian Armstrong, Justin Sun, and many VC firms, it seems they are blocked from Aave, Uniswap, and another applications using TRM Labs.
Dusting attacks cause high-profile bans
A tweet by Tron founder, Justin Sun, has spotlighted the problem as he claims to now struggle to connect to Aave. Sun tweeted that Aave has blocked his account after he received 0.1 ETH from the random account through Tornado Cash.
The written text on the screenshot distributed to the tweet reads, This address is blocked on app.aave.com since it is connected with a number of blocked activities.
#PeckShieldAlert Over 600 addresses received 0.1 $ETH from https://t.co/LLczi0PVvh: 0.1 ETH contract that was put into the OFAC sanction list, including Big Names and Centralized exchanges.
Some users claimed they were blocked by @AaveAave because of the “airdrop”. https://t.co/WeXfpiSi7N pic.twitter.com/cB4M5T29Ya
PeckShieldAlert (@PeckShieldAlert) August 13, 2022
In accordance with PeckShieldAlert, over 600 ENS addresses received 0.1 ETH from Tornado Cash, and several of these who received the fund got blocked by Aave.
Aaves decision to block these accounts would be to the united states Treasury Departments Office of Foreign Assets Control (OFAC) decision to ban Tornado Cash. OFAC banned Tornado Cash, citing several connected addresses, claiming that North Korean hacker group Lazarus has been deploying it.
Following a ban, GitHub deactivated the account of the Tornado Cash creator. The crypto mixers website and Discord server also went offline. Among its developers was arrested in holland.
Even though many have criticized GitHubs move, no-one expected a decentralized platform in a roundabout way under US regulations to block any address linked to Tornado Cash.
Nonetheless it appears like Aave isn’t the only real Defi platform complying with the ban. Defi exchange, dYdX also blocked addresses which have interacted with Tornado Profit days gone by.
The move affected several accounts, including users who didnt connect to Tornado Cash as well as knew the foundation of the funds they received in a variety of past transactions.
The founder of Assure, a DeFi KYC platform, told CryptoSlate, Weve opened Pandoras box. Where does it end? He continued,
The recent OFAC sanctions on Tornado Cash and arrest of the developer are gravely concerning. The idea of banning & sanctioning open source code on the web with a genuine use case is totally counter to the WEB3 ethos.
That is Silk Road yet again, and we realize how that played out. Ross Ulbricht continues to be rotting in prison since he was sentenced in 2015.
In reaction to Justin Suns tweet, Alex and Omega highlighted a potential workflow which could cause widespread contagion over the DeFi ecosystem, as shown below. Given the existing implementation, there exists a concern a malicious actor could send Ethereum through Tornado Cash to wallets with large loans to trigger a liquidation event.
1. Identify all major loans on @AaveAave and plan possible liquidation cascade
2. Send ETH from @TornadoCash to all or any wallets with major loans
3. Let AAVE block all wallets
4. Short ETH
5. Initiate ETH dump
6. Watch liquidation cascade and nobody can perform sth. about any of it
lex | lex and mega (@alexandomega) August 13, 2022
If wallets with active loans are banned from Aave, they might struggle to add additional capital to control their LTV. Because of this, if the price tag on the underlying assets declined, there may be a substantial liquidation event as users will be struggling to access their accounts.
That is unlikely in practicality because the protocols have a responsibility with their users to permit them usage of their funds. However, because the error message shows on Suns tweet, it appears that only the applications front end has been blocked.
Users might be able to connect to the protocols via CLI or forking the project to generate their front-end UI. That is beyond many users, but people that have considerable funds will be able to access blocked assets via this technique.
A search of Suns banned wallet address 0x3ddfa8ec3052539b6c9549f12cea2c295cff5296 indicates he has over $100M in Aave tokens. He holds $91 million aTUSD, $58 million aUSDC, and $19 million aDAI. These funds look like unrecoverable via the front-end UI of Aave at the moment.
TRM Labs approach
The largest concern, however, is how TRM Labs decides what takes its sanctioned address. In case a wallet receives funds directly from Tornado Cash, there exists a direct correlation. However, imagine if a user sends said funds to a DEX and swaps for another token? Will the wallet that partakes in the swap now also certainly be a sanctioned wallet? It is a real possibility if it’s in possession of ETH, which includes once been through Tornado Cash.
A chart developed by ElBarto Crypto, an analyst at Block119, implies that 90% of Ethereum addresses have just four levels of separation from Tornado Cash, with 41% in a matter of two degrees.
Six levels of tornado cash is really a thing. Even crazier, while only 0.03% of addresses received ETH from tornado cash, almost half the complete ETH network is two hops from the tornado cash receiver. pic.twitter.com/LDU9g0r7tQ
ElBarto_Crypto (@ElBarto_Crypto) August 13, 2022
The prospect of vast amounts of ETH to become blacklisted is really a real possibility in the fallout of the OFAC sanctions. TuongVy Le, Head of Regulatory & Policy at Baincap Crypto, told CryptoSlate,
That is a concern. There have to be standards and transparency concerning how exactly we all have to be complying with this particular unprecedented and novel sanction of TC smart contracts and wallets.
TuongVy Le, who’s ex-SEC, continued to touch upon TRM Labs method of the compliance issue due to OFAC,
It looks like TRM is taking an expansive approach, that is understandable because sanctions violations are severe and there’s plenty of uncertainty about how exactly it applies here. Simultaneously, I think we have to ask whether there’s an inherent conflict of interest when these compliance providers are carrying out work for both private sector and the federal government.
In reaction to some concerns that the DeFi protocols involved could be sending user data to OFAC, Balancer confirmed that user addresses will be delivered to the feds but nothing else.
Balancer only sends user addresses, nothing at all else. We usually do not send IPs or additional information.
Balancer Labs (@BalancerLabs) August 12, 2022
A balancer developer, Tim Robinson, further commented that data is sent through lambda so users IPs arent delivered to TRM.
legal text != code implementation
All TRM requests proceed through a lambda so users IP’s aren’t delivered to TRM: https://t.co/J4HkQfzdaN
Everything is open source
Tim Robinson (@timjrobinson) August 13, 2022
During writing, the incidents experienced no apparent effect on the cost of Ethereum or the broader crypto markets. Ethereum is sitting just underneath $2,00 after finally breaking through the psychological resistance overnight.
CryptoSlate reached out to the platforms involved that people have direct lines of communication with. Currently, there’s been no response, but this short article will undoubtedly be updated when more info becomes available.