https://hackmd.io/@idegen/E10-Tornado-Cash-Sanctioned-Saber-Protocol-UnmaskedI, Degen - E10: Tornado Cash Sanctioned, Saber Protocol Unmasked - 8/11/2022Listen at: idegen.fmContact us: @idegenfmIntroWelcome to I, Degen - We track down and explore the most exciting crypto hacks, mysteries, exploits, and anything that feeds our crypto curiosity each week. We dig in, cutting through the misinformation and hype in search of a signal in the noise.Episode SummaryThis week we dive into the unprecedented Tornado Cash sanctions, including the arrest of a suspected developer. We also spent some time on the fascinating story of two brothers that operated 11 anon personas to fake a thriving DeFi ecosystem on Solana with the popular Saber protocol.Weekly ThoughtWhat’s your crypto narrative, and how is it defined/created?I,Degen - WeeklyNomad Bridge Hack UpdateNomad announces bounty: CoinTelegraph reports that 88% of the exploiters were copycatsExcellent technical breakdown by Coinbase Threat IntelReport of a consensus level attack on EthereumCurve.fi DNS hijack results in theft of 570K - some stolen funds frozen on the move though FixedFloatEthereum POS merge scheduled for September 15-16 Master of Anons: How a Crypto Developer Faked a DeFi Ecosystem from CoindeskThe Macalinao brothers used a web of bogus identities to create the illusion of a dev community, juicing value on the Saber protocol and Solana blockchain. Now they’re moving to Aptos.Ian Macalinao says that Saber and Sunny comprised $7.5 billion of the total Solana TVL of $10.5 billion at their peak. He believes this contributed to SOL’s meteoric rise when the token reached a record high of $188.11 devs all the same personprotocols built on Saber, used to artificially inflate TVLCrypto data website DeFiLlama has changed the way it presents key decentralized finance (DeFi) metric metric in response to this newsI, Degen - Deep Dive Tornado Cash SanctionedWhat: U.S. Treasury Sanctions Notorious Virtual Currency Mixer Tornado CashWhat is TC, and how does it work?Tornado Cash is a decentralized application launched on the Ethereum blockchain in 2019 that allows someone to un-link the source and destination of coins. That is to say, provide privacy or ‘mix’ coins.When you deposit your 1 ETH on the contract, you have to provide a “commitment”. This commitment is stored by the smart contract. When you withdraw 1 ETH on the other side, you have to provide a “nullifier” and a zero-knowledge proof. The nullifier is a unique ID that is in connection with the commitment and the ZKP proves the connection, but nobody knows which nullifier is assigned to which commitment (except the owner of the depositor/withdrawal account). - Understanding Zero-Knowledge Proofs Through the Source Code of Tornado CashWhy sanctions?Tornado Cash, which has been used to launder more than $7 billion worth of virtual currency since its creation in 2019. - Treasury.govWe should point out that statement is not factually accurate, as not all coins moving through TC were being laundered.“Despite public assurances otherwise, Tornado Cash has repeatedly failed to impose effective controls designed to stop it from laundering funds for malicious cyber actors on a regular basis and without basic measures to address its risks. Treasury will continue to aggressively pursue actions against mixers that launder virtual currency for criminals and those who assist them.”- Brian E. Nelson - Secretary of the Treasury for Terrorism and Financial IntelligenceLet’s look at a breakdown of funds received by TC from Chainanalysis:- https://blog.chainalysis.com/reports/tornado-cash-ofac-designation-sanctions/Points of interest38 Addresses sanctionedTC dev arrested in the Netherlands on 8/10.“suspected of involvement in concealing criminal financial flows and facilitating money laundering,” and that “multiple arrests are not ruled out” as investigations into Tornado Cash continue. The Vergefirst smart contract sanctionedFamous accounts dusted by TC coinTC Withdrawals increase (but how does increase in WDs == increate in usage?) - Maybe an attempt to get coins out before the platform updates blacklists?as with most things crypto, there are lots of uninformed opinions on this oneTORN (DAO token for TC) down from ~$30 to ~$14The Resistance-https://twitter.com/jchervinsky/status/1557804087856570368The tornado cash opportunity. How we can learn from this attack to prevent it from happening againI, Degen - Most creative personal hack attempt of the week?References/LinksCurve.fi DNS hackhttps://twitter.com/FixedFloat/status/1557116267378708481TC Featurehttps://decrypt.co/107075/ethereum-cofounder-used-blacklisted-tornado-cash-donate-ukrainehttps://twitter.com/decryptmedia/status/1557042485091831817?s=21&t=SMK4-GTe2D8y0_zA8p67NAhttps://blog.chainalysis.com/reports/torna...

Ver todos los episodios