February 24, 2023

Compliant DeFi - the way out of Commingling Clean and Illicit Funds in a Decentralized Finance Economy

Compliant DeFi - the way out of Commingling Clean and Illicit Funds in a Decentralized Finance Economy
  • Exhibiting signs of recovery after an FTX debacle-induced slump, the Total Value Locked (TVL) in DeFi crossed the mark of US$50 billion in February 2023.
  • Cybercrimes also grew between 2021 and 2022, as a total of US$20 billion went to illicit addresses in 2022. 
  • Amid growing interest from institutional investors, the need for a tool to pinpoint the origin of funds becomes even more pressing for DeFi protocols.

The Decentralized Finance economy is a multi-billion dollar space. And with the crypto prices surging in value against the US Dollar, an indication of recovery after the FTX exchange debacle, the total value locked in decentralized finance crossed the US$50 billion mark for the first time since November 8th, 2022. 

According to the DeFi TVL statistics tracker defillama.com, the total value locked in DeFi was more than US$51 billion on February 16th, 2023.  

The renewed interest in decentralized finance and the evolving financial technology space with its foundations on cryptocurrency-like distributed ledger technology stems from the core benefits it offers. 

Why Do People Prefer Decentralized Finance?

The differentiating proposition of DeFi is in its name - it is decentralized. Unlike centralized finance institutions - like banks, credit card issuers, and other traditional non-banking financial institutions - DeFi does not require intermediaries to facilitate the movement of funds between two parties. Resultantly, it is free from the disadvantages or drawbacks that intermediaries bring with them. 

Intermediaries charge fees for their facilitation services, making the process costlier. Besides, intermediaries have their distinct onboarding mechanisms. They are in charge of whom they would allow for a transaction and whom they would not. These selection criteria are often so exhaustive that it makes the process inaccessible for many. 

Totally opposite to intermediary-controlled centralized finance, decentralized finance rests on the philosophy of peer-to-peer transactions. And thus, by its very nature, it is more inclusive and equitable. 

With its deployment of self-executing smart contracts and distributed ledgers, DeFi protocols ensure that peer-to-peer transactions happen efficiently and securely. 

All one needs to access funds through decentralized protocols is an internet connection. And since a transaction happens between two peers without any third-party getting involved, the process is low-cost. The interest rate at which a particular lender would agree to lend funds to a borrower depends on a negotiation between two parties, which often helps the borrower avail competitive interest rates. 

Summarily, decentralized applications equip a significant volume of the unbanked or underbanked population to access funds, even globally, without worrying much about a host of unnecessary and barrier-creating paperwork. At the same time, it creates an avenue for people who hold crypto assets in their portfolio to invest them and generate substantial earnings rather than keeping them idle. All these happening on high-security blockchains ensure that both the access and rewards are less risky. 

The Risks Involved in Decentralize Finance

Blockchain technology is an evolving space powered by several other emerging technologies. Yet, malicious actors often successfully find loopholes to exploit the system. 

Ransomware attacks, stealing funds criminally, using crypto funds for terrorism, carrying out elaborate scams, frauds - all these elements have plagued the decentralized finance space to varying extents. The result is cryptocurrencies ending up in illicit addresses. 

Chainalaysis, an American blockchain firm based out of New York City, conducts an annual exercise to ascertain the quantum of funds that went into illicit addresses. And according to its 2023 report, a total of US$20 billion went to illicit addresses in 2022. In 2021, this value was US$18 billion. 

Hackers and cybercriminals attacking decentralized exchanges - known as DEXes - use mixers to commingle funds so that the origin of the hacked funds stays untraceable. In February 2023, for instance, a decentralized exchange system CoW Swap was attacked that resulted in a loss of nearly 550 BNB, valued at US$181,600. Immediately after the theft, the hackers sent the money to the crypto mixer Tornado Cash to obfuscate the origin of these funds. 

The Tornado Cash mixing service was also used to hide the origin of the funds after the decentralized exchange QuickSwap was attacked by hackers to get away with US$220,000 in a flash loan exploit.

Events like these have highlighted a particular aspect of cybercrimes in the crypto assets domain. Hackers mingle clean and illicit funds through a mixer to hide or obfuscate the origin of funds. It often makes the crime untraceable. The DeFi economy and its businesses are rather aware of the pitfalls of commingling and alerted, especially at a time when institutional investors and funds are showing increasing interest in getting involved in the sector.

What is Commingling?

International Monetary Fund's Fintech notes have set a definition for commingling. Let us start with that. 

Commingling of Assets of Service Providers: The IMF Outline 

Imagine a scenario where a crypto service provider has gone bankrupt. In such a case, there is every possibility that the client's assets (coins or tokens) would get mixed up with the provider's other assets. 

It would be practically impossible to separate one from the other unless the provider has complied with regulatory frameworks that made necessary arrangements beforehand to make the client assets bankruptcy-proof. 

Such commingling was evident in the FTX debacle. On his first live public appearance after the collapse of the once among the most globally revered exchanges, the founder Sam Bankman-Fried admitted to having "unknowingly commingled funds." 

Knowing that his admission could lead to criminal implications in the future, Bankman-Fried also claimed that the commingling was not intentional. He said, "I wasn't trying to commingle funds." 

While Bankman-Fried admitted to commingling, we have already seen that fraudulent or malicious actors utilize DeFi or crypto mixers to mingle funds beyond recognizability to serve their purposes. We must understand how crypto mixers work to get to the root of commingling. 

Crypto Mixers for Financial Privacy

As evident from their name, Mixers are services that blend cryptocurrencies from many users. The purpose is to obfuscate the origins and owners of these funds. With Bitcoin, Ethereum, and other public blockchain assets, it is hard to achieve privacy. 

This is where mixing services come into play, enabling crypto holders to achieve financial privacy. However, in the hands of malicious actors, these mixers can become a tool for cybercrime. It is important to point out here that it's not the technology that is good or bad; it's the intention of the person or group using the technology. 

Crypto Mixers and Cybercrime

According to a Chainanalysis study report, in 2022, crypto addresses tied to illicit activities transferred nearly one-tenth of their funds to mixers. The report analyzed the share of all sent funds going to mixers by sending address type. 

Illicit addresses had nearly 10% of their all sent funds going to mixers. It was significantly higher than every other category on the list, including high-risk exchanges, gambling platforms, p2p exchanges, etc. 

Mixing or comingling funds through mixers has a systematic work pattern. It starts by collecting, pooling, and randomly shuffling the cryptocurrencies deposited by many users only to withdraw them to new addresses later - under the control of each user. Crypto mixing services charge a small service fee for it.

Deposited funds coming out of mixers become difficult to track when mixers - most of them - allow users to withdraw randomized amounts at randomized intervals. Some other players vary the transaction fee and the withdrawal address type to hide that a mixer was even used.

Crypto Mixers: Diverse Formats

Possibly the oldest format of mixers - the centralized custodial ones - take temporary ownership of user funds. Considered unregistered money services businesses, these mixers come with additional privacy risks.

The CoinJoin types of mixers - built into privacy wallets - combine users' funds with the assets of multiple other users in a single transaction and repeat the process multiple times. While the centralized custodial mixers take custody of funds, the CoinJoin type does not ever hold their users' funds. 

Apart from the CoinJoin type, there is another category of non-custodial mixers known as Smart Contract mixers. These mixers do not combine user funds in just one transaction. 

Instead, the Smart Contract mixers blend cryptocurrencies in several different ways. And the users who send their funds to the mixers receive a cryptographic note acting as proof that they are the depositors of these funds. Later on, they can send these notes to the mixer to withdraw to a new address. 

Fraud in Commingling and Mixing Services

The risks and concerns related to commingling and mixing are not unfounded. There have been multiple instances where mingling or mixing of funds has been purposefully done to launder money. 

In December 2021, Larry Deen Harmon of Bitcoin mixing service Helix pleaded guilty to the charges of laundering US$300 million worth of funds. The investigation by the FBI revealed that Helix had moved more than 350,000 bitcoins on its customer's behalf. These funds came from darknet markets and were generated from illegal drug trafficking activities. 

The scope of punishment for such offenses is severe. It could be prison time as long as 20 years and a fine as high as US$500,000 or double the property value involved in the transaction. 

In Helix's case, it was also found to be violating the United States Banking Secrecy Act. And the Financial Crimes Enforcement Network, or FinCEN, assessed a penalty worth US$60 million for the crime. 

In another instance, a Russian-Swedish national was arrested in April 2021 in the US for laundering US$335 million in cryptocurrency since 2011. The arrested, Roman Sterlingov, operated the cryptocurrency mixing service Bitcoin Fog. It was the longest-running crypto mixer and a go-to service for money launderers. 

According to the US Justice Department, Bitcoin Fog has moved more than 1.2 million bitcoin for as long as it has been operational. Like Helix, Bitcoin Fog received most of its cryptocurrencies from darknet marketplaces, earned from illegal drugs, computer fraud, abuse, and identity theft. 

Commingling clean and illicit funds in DeFi and the crypto world is something sanctioned entities practice often. A Chainalysis 2022 report shows that the Russian darknet market Hydra - sanctioned in April 2022 - accounted for half of all funds moving to mixers from sanctioned entities this year.

Nearly all the remaining funds that moved from sanctioned entities to mixers came from two groups associated with the North Korea Government: the Lazarus Group and Blender.io. 

Risks, Legality, Enforcement: How Commingling of Funds is Impacting the Crypto Industry?

We have already seen that the ill-gotten laundering of funds by obfuscating the fund's origin is a risk that the commingling and mixing of crypto assets pose. The risks involved with the blending, mixing, or commingling funds need a nuanced redressal mechanism. It is because mixers also help in achieving privacy. 

And there is no reason why there should not be any services providing crypto asset holders with scope to maintain privacy with their funds. This is precisely why authorities can not tag them as explicitly illegal. 

The Financial Crimes Enforcement Network, or FinCEN in the United States, has asked individuals and centralized businesses providing mixing services to register mandatorily as money transmitters under the Bank Secrecy Act (BSA). 

These businesses have three obligations

(i) They need to register with FinCEN. 

(ii) They need an anti-money laundering and KYC compliance program in place.

(iii) They must comply with all applicable reporting and record-keeping requirements. 

However, legal compulsions must be adhered to for them to be effective. There have been frequent enforcement actions against crypto funds mixing and commingling services. 

Approximately four years ago, the Dutch Fiscal Information and Investigation Service (FIOD) seized six servers controlled by Bitmixer.io, a service that used to mix Bitcoin, Bitcoin Cash, and Litecoin funds. 

The US Treasury's Office of Foreign Assets Control (OFAC), too, issued its first-ever sanctions on a crypto mixer, Blender.io, in May 2022. The OFAC noted the mixer played a malicious role in laundering stolen crypto assets by North Korean state-sponsored hackers. 

According to the US Treasury press release, Blender facilitated the mixing of proceeds worth $20.5 million obtained from one of the largest virtual currency heists. The heist was carried out by the DPRK state-sponsored cyber-hacking group Lazarus from a blockchain project linked to the well-known online game Axie Infinity. 

Similarly, the OFAC sanctioned the most popular Ethereum mixer Tornado Cash for laundering funds stolen by North Korea-linked hackers by attacking Ronin and Harmony Bridges. 

With all these put into context, it is crucial that efforts to mix and commingle clean and illicit funds for treacherous purposes have to be stopped. For that, regulators must start working with VASPs instead of working against them. And while doing so, it is equally crucial to ensure minimal to no impact on the crypto users, both privacy and user experience-wise. 

What is to be Done?

The growth in the DeFi economy has been there for everyone to see. Decentralized finance apps have helped a lot of unbanked and underbanked people access funds by offering them an intermediary-free platform. Decentralized exchanges have eased the trading of assets. 

However, security has to be strong for the DeFi economy components to achieve their full potential, with clear ways to identify the origin of the funds. After all, any involvement in illicit funds can be a huge blow to large institutional investors, both legally and reputation-wise. 

A tool that can precisely pinpoint the origin of the funds would do wonders for the DeFi protocols as well as the institutional investors and funds seeking to make a move into the world of decentralized finance.


Shyft Network powers trust on the blockchain and economies of trust. It is a public protocol designed to drive data discoverability and compliance into blockchain while preserving privacy and sovereignty. SHFT is its native token and fuel of the network.

Shyft Network facilitates the transfer of verifiable data between centralized and decentralized ecosystems. It sets the highest crypto compliance standard and provides the only frictionless Crypto Travel Rule compliance solution on the blockchain while ensuring user data is protected.

Visit our website to read more: https://www.shyft.network, and follow us on Twitter, LinkedIn, Discord, Telegram, and Medium. Also, sign up for our newsletter to keep up-to-date.