Konstantin Kryvopust: is it really possible to remove “dirty” cryptocurrency from the attention of AML services: a review from HAPI Labs


Currently, the volume of criminal funds in cryptocurrencies is more than $15 billion, according to data Chainalysis. This is less than 1% of the total number of assets related to illegal activities.

AML services help track the movement of such coins. Thanks to them, an address that has received many transactions from suspicious sources can be blocked to stop the further flow of funds.

In order to confuse the tracks and reduce the degree of risk of cryptocurrency, attackers resort to many methods.

ForkLog UA, together with the HAPI Labs decentralized security protocol team, figured out how “dirty” cryptocurrency becomes “white” and how AML services should label it in the future.

Which cryptocurrency is considered “dirty”?

The term “dirty” cryptocurrency is used to describe coins or tokens that are associated with a variety of illegal activities, including money laundering, terrorist financing, drug trafficking, fraud, and more.

Blockchain analytics services identify similar assets, track their movement and relationships between different wallets. These include, for example HAPI Explorer and HAPI LABS.

Based on the ratio of coins from different sources on addresses, they also calculate the level of risk of the latter. The higher this indicator, the more likely the administration of the trading platform will freeze the funds and demand proof of their origin.

Tools for tracking ill-gotten assets

The first method that AML services use is this blockchain analysis using special software. It enables researchers to establish links between different wallet addresses, as well as detect wrongdoing.

To process a large amount of information and identify unusual or suspicious transactions, companies use algorithms of machine learning and data analysis.

Known “dirty” crypto-wallets are included in separate ones databases. Researchers can refer to this registry for verification.

Among other things, blockchain experts exchange information about suspicious transactions with government and law enforcement agencies and participate in investigations of crimes related to cryptocurrencies.

Cryptocurrency laundering methods

The most popular ways to complicate the tracking of dirty coins:

  • mixing — mixing cryptocurrencies with the assets of other users to break the connection between the sending and receiving address;
  • cryptocurrency exchange — access to other digital assets or fiat;
  • mining — transactions on miners’ wallets through private channels under the guise of a reward for a mined block;
  • transfers through several wallets, in particular, using crosschain bridges.

NFTs can potentially be targets of laundering schemes, especially if they are associated with rare or historic items and are of high value. However, experts have not yet recorded the growth of such precedents, taking into account the low liquidity of this market.

In addition, there are two more ways of legalizing funds that are not directly related to their laundering.

First, these are state auctions, through which the authorities of various countries sell cryptocurrencies seized from criminals. An amnesty mechanism is used for such coins, after which the future owner will not face problems during AML checks.

“In order to work with assets sold within such auctions, analytical companies track open publications of government bodies. Some services make mistakes during labeling, but this is most often due to a low level of competence,” HAPI Labs experts noted.

The second method is full or partial return of assets to the rightful owner. Often, the latter informs about the payment of a reward to the hacker in case of voluntary recovery of assets.

Attacks using “dirty” assets

In August 2022, DeFi protocol Aave blocked the wallet of Tron Foundation founder Justin Sun after he received ETH from an anonymous user of a sanctioned exchange Tornado Cash.

Cyberattacks by sending “dirty” assets can really lead to the freezing of many accounts. In order to prevent such cases, the platforms need to conduct a full analysis of the actions of the affected user and study the history of the origin of the assets on his balance sheet.

The clients themselves should also inform the administration about the problem and provide all the information necessary for the investigation.

“All services have different mechanisms for confirming the legality of funds. However, it is worth considering that if you have more than 15% of “dirty” assets in your turnover, this is a reason to block funds, and it will be quite difficult to prove innocence,” explained HAPI Labs.

Anti-money laundering in the DeFi segment

Otherwise, the AML policy of decentralized applications that do not store user funds is being built.

For example, the non-custodial exchange Uniswap blocks addresses at the external interface level. In this case, the user cannot use only the platform site, but not the service itself, since it has an open source code.

In the presence of certain technical knowledge, operations are still available through smart contracts. Interaction with the basic Uniswap protocol is also possible through other interfaces, in particular on IPFS.

According to representatives of HAPI Labs, effective ways to combat money laundering in DeFi currently do not exist.

“The most popular services Uniswap and 1inch use the services of the analytical company TRM Labs. But these solutions do not work on-chain at the level of a smart contract, but rather allow to track flows of illegal funds and block interaction with the external interface of the application,” they explain.

For its part, HAPI Labs is developing its own HAPI Protocol protection system, capable of working through APIs and at the smart contract level. It allows you to prevent wallets with a high degree of risk from entering the resource.

It is possible to track, but not to stop

According to HAPI Labs experts, it is not yet possible to talk about the success of AML services in the fight against money laundering.

“We have not found any statistics on how many ‘dirty’ assets have been blocked or confiscated in the past year using these tools. Major crypto market players, such as exchanges or wallets, do not publish similar statistics. In short: you can track a “dirty” crypt, but you can’t stop it,” they explain.

Blockchain analysis tools need to evolve, especially given the role of DeFi services in money laundering. Current solutions do not keep up with the speed of blockchain transactions, so they only allow you to track transactions that went to mixers after the fact.

At the same time, the blocking of cash flows is a problem for centralized services. More often than not, tokens move faster than analysts and law enforcement agencies have time to investigate. In such cases, money arrives at the addresses of custodial services and leaves before it is frozen.

The black market of verified exchange accounts allows fraudsters to conduct operations unhindered even on the most regulated exchanges.

“Existing KYC/AML algorithms use approaches from the traditional financial system and in practice do not work in the fast-growing cryptocurrency market. The new reality requires the development of new methods,” summarized HAPI Labs.

Share post:



More like this