In recent weeks we’ve witnessed one of the biggest events to date surrounding crypto privacy – the United States Treasury’s sanctioning of Tornado Cash – an open-source tool for decentralized smart contracts.
Built on Ethereum, Tornado Cash enables users to maintain their anonymity on the blockchain by “mixing” potentially identifiable and/or corrupted funds with other legitimate funds to obfuscate the source and destination addresses.
The U.S. Treasury barred US citizens and companies from using the platform, accusing of it of helping hackers including the infamous Lazarus Group to launder proceeds from their criminal activities. Mounting concerns suggest that these strict sanctions against Tornado Cash could have a knock-on effect on every web3 protocol, including ones providing privacy.
Still, as long as Ethereum isn’t changed or taken down, no one can modify or limit existing smart contracts on the decentralized protocol. However, assessments that Tornado Cash didn’t implement basic measures to curb risks of malpractice in their code leave very few surprised.
Tornado Cash: A Brief History
Tornado Cash is a protocol that describes itself as a privacy tool. It obscures transaction history, guaranteeing privacy using a heavy computation method called zk-SNARKs. Tornado Cash has long been one of the most well-known mixing protocols on Ethereum, used by thousands in the DeFi space. Unfortunately, it was also a space for laundering the proceeds of cybercrime, which is ultimately what the U.S. Treasury honed in on.
Tornado Cash is not the only way to anonymize transactions on the blockchain. In the past, privacy coins such as Monero, Zcash, Verge, and others were used for the same purpose. However, Tornado was the most popular, with the vast majority of applications that support ETH having some exposure to the mixing service. This is the first time that the US Treasury has effectively sanctioned a protocol. Instead of targeting said hackers or going after identifiable bad actors, the government has imposed a sweeping ban on a piece of open source code that exists on the Ethereum blockchain.
The source code for Tornado Cash and related accounts have since disappeared from Github, a code-hosting platform for version control and collaboration. But the smart contracts are still on the Ethereum blockchain indefinitely, meaning that there is no bearing on the functioning of Tornado Cash contracts themselves.
Many understand that Tornado Cash is still a protocol on a blockchain, and can be accessed relatively easily, namely through the InterPlanetary File System (IPFS) – a distributed file storage protocol that allows computers all over the globe to store and serve files as part of a giant peer-to-peer network. Despite the sanction, the US government holds no say in actually shutting the application down, nor can it stop people from interacting with the code or redeploying it to a new, non-sanctioned address.
Behind the Ronin & Nomad Hacks
On a blockchain where everything is traceable and public, Tornado’s cache represents a break in that chain. Which is why anytime there’s a sizeable hack, you’ll usually hear the name Tornado Cash getting thrown around.
Chainalysis estimates that Tornado Cash has received over US$7.6 billion worth of Ethereum since its inception in 2019, the majority of which have come from illicit or high-risk sources. Hackers behind the recent Curve.finance exploit have also started sending stolen tokens through Tornado Cash.
The latest crypto hack, and perhaps the largest exploit in DeFi history, saw US$625 million in cryptocurrency assets stolen from the Ronin Network. As a protective measure against these types of attacks, the Ronin sidechain has nine validators requiring five signatures to authorize withdrawals. The hacker, however, had access to over five validators’ private keys. Most of the funds that were hacked during the incident have been moved through Tornado Cash.
Tornado Cash was implicated again for the Nomad bridge attack back in August, where US$200 million was stolen through spoof transactions on the cross-chain bridge during a routine storage upgrade on one of Nomad’s smart contracts. The original cause of the attack is said to have stemmed from Nomad’s smart contract failing to properly validate the inputs from each transaction.
As an unmitigated byproduct of having zero effective controls, Tornado Cash has facilitated anonymous transactions where funds origins, destinations, and counterparties have indiscriminately been made obscure.
Due to the increase in DeFi’s popularity in recent years, the total value locked (TVL) of user funds deposited in decentralized finance protocols has increased exponentially, in turn gaining more attention from malicious hackers. As crypto users demonstrate increased appetites for swapping assets between different blockchains, we are witnessing more frequent bridge attacks on platforms that rely purely on smart contracts and algorithms to custody assets.
Bridges have always been prone to exploits due to bugs and vulnerabilities in their software and coding. We know and are willing to repeatedly advocate that improving any web3 platform, including bridges, demands effective audits. According to the rekt news leaderboard, it is abundantly clear that the vast majority of hacked smart contract protocols were unaudited.
We are working in spaces where stolen assets could be moved without any accountability or ties to origin. The stakes have never been higher, and auditing has never been more necessary. While we might sanction Tornado Cash for negligence this time, who’s to blame next? And why are we so certain there will be a next time?
Jasper Lee, an expert in systems programming, and vulnerability assessment, is Sooho.io’s audit tech lead and a Ph.D candidate at Hanyang University ERICA. He was previously chief technology officer at SCVSoft and Hillstone Finance Foundation. At Sooho.io, Jasper continues to expand the horizons of DeFi for potential investors and blockchain pioneers, promoting greater diversification and leading new standards for blockchain security and compliance.