DeFi protocols Aave, Uniswap, Balancer, ban users following OFAC sanctions on Tornado Cash
Several decentralized applications on the Ethereum network have implemented code changes to revoke access from “sanctioned” addresses. Currently identified protocols are Aave, Uniswap, Ren, Oasis, and balancer. Yearn’s Banteg identified the GitHub repositories in question via a Tweet early Saturday morning.
when defi apps started reporting you, with links
2021-10-25 uniswap https://t.co/ym0wdNPJS6
2022-05-10 ren https://t.co/9588mTitKe
2022-06-29 balancer https://t.co/5V1FaxPUOn
2022-08-11 Oasis https://t.co/GzkOQXXPb9
2022-08-12 aave https://t.co/vYY8MjqZ1p
(never) inhale, bend pic.twitter.com/1FkgVPnUqb
– banteg (@bantg) August 12, 2022
Penalize “filtered” addresses.
The “address filtering” that has been implemented revolves around TRM Labs, a compliance company offering services to dApps through an API. A page on the TRM Laboratories website refers to the applicable tool for “new Russia-related designations”.
However, following OFAC’s decision to sanction all addresses linked to Tornado Cash, it appears that users who have interacted with Tornado Cash are now also labeled as “sanctioned” and thus banned from platforms using TRM’s API. Labs.
The penalties are not imposed on addresses linked to Russia but on all users, including US citizens, who have ever received funds from a Tornado Cash address.
Considering the recent dusting attack of high profile addresses such as Brian Armstrong, Justin Sun and several venture capitalists, it seems that they have been blocked from Aave, Uniswap and other applications using TRM Labs.
Sprinkling attacks prompt high-profile bans
A tweet from Tron founder Justin Sun shed light on the issue as he claims he can no longer interact with Aave. Sun tweeted that Aave blocked his account after receiving 0.1 ETH from a random account via Tornado Cash.
The text on the screenshot shared with the tweet reads: “This address is blocked on app.aave.com because it is associated with one or more blocked activities.”
#PeckShieldAlert More than 600 addresses received 0.1 $ETH of https://t.co/LLczi0PVvh: 0.1 ETH contract which has been added to the OFAC sanctions list, including big names and centralized exchanges.
Some users claimed that they were blocked by @AaveAave due to the “airdrop”. https://t.co/WeXfpiSi7N pic.twitter.com/cB4M5T29Ya
— PeckShieldAlert (@PeckShieldAlert) August 13, 2022
According PeckShieldAlertover 600 ENS addresses received 0.1 ETH from Tornado Cash, and many of those who received the fund were blocked by Aave.
Aave’s decision to block these accounts is in line with the US Treasury Department’s Office of Foreign Assets Control (OFAC) decision to ban Tornado Cash. OFAC banned Tornado Cash, citing several connected addresses, saying North Korean hacker group Lazarus was using it.
Following the ban, GitHub deactivated the Tornado Cash creator’s account. The crypto mixer website and Discord server were also taken offline. One of its developers was arrested in the Netherlands.
While many criticized GitHub’s decision, no one expected a decentralized platform not directly under US regulation to block any address connected to Tornado Cash.
But it looks like Aave isn’t the only Defi platform to abide by the ban. Defi Exchange, dYdX has also blocked addresses that have interacted with Tornado Cash in the past.
The move affected multiple accounts, including users who either did not interact with Tornado Cash or even knew the origin of the funds they received in various past transactions.
The founder of Assure, a DeFi KYC platform, told CryptoSlate, “We have opened Pandora’s box. Where will this end? He continued,
“The recent OFAC sanctions against Tornado Cash and the arrest of the developer are very concerning. The concept of banning and sanctioning open source code on the Internet with a real use case is completely contrary to the WEB3 philosophy.
It’s Silk Road again, and we know how it went. Ross Ulbricht is still rotting in prison since his conviction in 2015.”
In response to Justin Sun’s tweet, Alex and Omega highlighted a potential workflow that could cause widespread contagion in the DeFi ecosystem, as shown below. Given the current implementation, there are concerns that a malicious actor could send Ethereum via Tornado Cash to wallets with large loans to trigger a liquidation event.
1. Identify all major loans on @AaveAave and plan a possible liquidation cascade
2. Send ETH from @TornadoCash to all portfolios with large loans
3. Let AAVE block all wallets
4. Short ETH
5. Initiate ETH Dump
6. Look at the liquidation cascade and no one can do sth. on this subject
— αlex | αlex and Ωmega (@alexandomega) August 13, 2022
If portfolios with active loans are Aave prohibited, they will not be able to add additional capital to manage their LTV. Therefore, if the price of the underlying assets fell, there could be a large liquidation event as users would not be able to access their accounts.
This is unlikely in practice because protocols have a responsibility to their users to allow them access to their funds. However, as shown by the error message on Sun’s tweet, it seems that only the frontend of the application is blocked.
Users may be able to interact with the protocols through the CLI or fork the project to create their front end UI. This is beyond many users, but those with significant funds should be able to access locked assets through this method.
A forbidden search for Sun wallet address “0x3ddfa8ec3052539b6c9549f12cea2c295cff5296” indicates that he has over $100 million in Aave tokens. It holds $91 million in aTUSD, $58 million in aUSDC, and $19 million in aDAI. These funds currently appear to be unrecoverable through Aave’s front-end UI.
TRM Labs approach
The bigger concern, however, is how TRM Labs decides what constitutes a sanctioned address. If a wallet receives funds directly from Tornado Cash, there is a direct correlation. However, what if a user sends said funds to a DEX and exchanges them for another token? Will the wallet that participates in the exchange now also be considered a sanctioned wallet? This is a real possibility if he is in possession of ETH, which once went through Tornado Cash.
A chart created by Block119 analyst ElBarto Crypto shows that 90% of Ethereum addresses have just four degrees of separation with Tornado Cash, with 41% just two degrees.
Six degree tornado silver is one thing. Even crazier, while only 0.03% of addresses have received tornado cash ETH, nearly half of the entire ETH network is just two hops away from a tornado cash receiver. pic.twitter.com/LDU9g0r7tQ
— ElBarto_Crypto (@ElBarto_Crypto) August 13, 2022
The potential for billions of ETH to become “blacklisted” is a real possibility in the OFAC sanctions fallout. TuongVy Le, head of regulation and policy at Baincap Crypto, told CryptoSlate,
” It is a problem. There must be standards and transparency on how we all must comply with this unprecedented and new sanctioning of smart contracts and TC wallets.
TuongVy Le, who is a former SEC, then commented on TRM Labs’ approach to the compliance issue caused by OFAC,
“TRM seems to be taking an expansive approach, which is understandable as sanctions violations are serious and there is a lot of uncertainty as to how they apply here. At the same time, I think we need to ask if there is an inherent conflict of interest when these compliance providers work for both the private sector and the government.
In response to some concerns that the DeFi protocols in question could send user data to OFAC, Balancer confirmed that “user addresses” would be sent to “federals” but “nothing else”.
Balancer only sends user addresses, absolutely nothing else. We do not send IP addresses or additional information.
—Balancer Labs (@BalancerLabs) August 12, 2022
A balancer developer, Tim Robinson, added that all data is sent through “lambda so that users’ IP addresses are not sent to TRM”.
legal text != code implementation
All TRM requests go through a lambda so that users’ IP addresses are not sent to TRM: https://t.co/J4HkQfzdaN
Everything is open source
— Tim Robinson (@timjrobinson) August 13, 2022
As of this writing, the incidents have had no apparent impact on the price of Ethereum or the broader crypto markets. Ethereum is trading just below $2.00 after finally breaking psychological resistance overnight.
CryptoSlate has contacted the platforms in question with which we have direct lines of communication. Currently, there has been no response, but this article will be updated when more information becomes available.