Tornado Cash develops a sanction -compliant web interface
Tornado Cash develops a sanction -compliant web interface
- The front-end website of Tornado Cash prevents the access of OFAC sanctioned wallet addresses
- The unchangeable smart contracts based on the mixing service remain unchanged and therefore work as before
The data protection tool Tornado Cash, which was used in the past to cover up the proceeds from several fraud, fraud and hacks, updated its web frontend on Friday to limit the access of wallet addresses that were sanctioned by the Office of Foreign Assets Control of the US Ministry of Finance (OFAC)
tornado cash used @kettenanalysis oracle contract for block Access to the DAPP. -
The protection of the financial privacy is essential for the protection of our freedom, but should not go at the expense of non -compliance. https://t.co/tzze7bvjzt
tornado.cash 
(@Tornadocash) 15. April 2022
The step follows yesterday's update of OFAC that identified the wallet, from which it is known that it has received the funds stolen from the Ronin Bridge, which is controlled by the North Korean Hacking Organization Lazarus Group. The wallet still contains 144,000 of the original 173,000 ether, which have a value of around $ 439 million on Friday at 1:30 p.m.
The change to the decentralized application (DAPP) of Tornado Cash has no effect on the code of the underlying data protection protocols-a number of intelligent contracts on Ethereum that should give transactions in the transparent public blockchain network a certain level of data protection.
to understand the difference between a protocol and a website that increases user-friendliness is not always easy for web3 newcomers, as the latest results show uniswap.
In the Google and Facebook web2 world, a website runs on a server that belongs to a company that exists in the jurisdiction of a country. In the case of Tornado Cash, the Smart-Contract code runs on a public Ethereum and cannot be changed, .
"Nobody - including the original developer - can change or shut down," says the documentation.
The service is even accessible from a decentralized memory frastructure, which is known as IPFS, and not on a certain centralized web server.
what does that mean for the hackers?
The main user interface of Tornado Cash is an application that implements the following: Chainalysis sanctioned oracle -basically a black list of Ethereum addresses, which is led by the blockchain data platform Chainalysis. The address used in the Ronin-Hack was added to this list.
The Tornado-Cash protocol itself can continue to be used as before by using an alternative front-end user interface. However, this does not mean that it can be used successfully to disguise the origins of the ether that was stolen from the Ronin-Brücken-Exploit.
The co -founder of Chainalysis, Jonathan Levin, has advertised the ability of the company to expose transactions of blender such as Tornado Cash, especially if they contain large amounts of value in relation to the total available liquidity.
"The fact that the entire industry and all law enforcement and supervisory authorities can have all the access to the services and which companies are behind these transactions, enables us to take unprecedented steps to work out illegal activities," said Levin in March in front of a Senate committee.
. .
The web interface, which is compliant with Tornado Cash Spins Up Sanction, is not a financial advice.