Related papers: Evasion Under Blockchain Sanctions

Evasion Under Blockchain Sanctions

URL: http://arxiv.org/abs/2507.11721v1
Date: Tue, 15 Jul 2025 20:44:29 GMT
Title: Evasion Under Blockchain Sanctions
Authors: Endong Liu, Mark Ryan, Liyi Zhou, Pascal Berrang,
Abstract summary: Sanctioning blockchain addresses has become a common regulatory response to malicious activities.<n>We quantitatively assess the effectiveness of U.S. Office of Foreign Assets Control (OFAC) sanctions over a 957-day period, covering 6.79 million blocks and 1.07 billion transactions.<n>Our analysis reveals that while OFAC sanctions reduced overall Tornado Cash deposit volume by 71.03%, attackers still relied on Tornado Cash in 78.33% of security incidents, underscoring persistent evasion strategies.
Score: 4.628221465696738
License: http://creativecommons.org/licenses/by-nc-sa/4.0/
Abstract: Sanctioning blockchain addresses has become a common regulatory response to malicious activities. However, enforcement on permissionless blockchains remains challenging due to complex transaction flows and sophisticated fund-obfuscation techniques. Using cryptocurrency mixing tool Tornado Cash as a case study, we quantitatively assess the effectiveness of U.S. Office of Foreign Assets Control (OFAC) sanctions over a 957-day period, covering 6.79 million Ethereum blocks and 1.07 billion transactions. Our analysis reveals that while OFAC sanctions reduced overall Tornado Cash deposit volume by 71.03% to approximately 2 billion USD, attackers still relied on Tornado Cash in 78.33% of Ethereum-related security incidents, underscoring persistent evasion strategies. We identify three structural limitations in current sanction enforcement practices: (i) the susceptibility of binary sanction classifications to dusting attacks; (ii) fragmented censorship by blockchain producers; and (iii) the complexity of obfuscation services exploited by users. To address these gaps, we introduce a more practical algorithm for scoring and tracking, grounded in quantitative impurity. On average, our algorithm processes Ethereum blocks within 0.07 $\pm$ 0.03 seconds and achieves 97.61% precision and 74.08% recall when evaluated on the Bybit exploit. Our findings contribute to ongoing discussions around regulatory effectiveness in Decentralized Finance by providing empirical evidence, clarifying enforcement challenges, and informing future compliance strategies in response to sanctions and blockchain-based security risks.

Related papers

Insecurity Through Obscurity: Veiled Vulnerabilities in Closed-Source Contracts [8.824841117757655]
We present SKANF, a novel bytecode analysis tool tailored for closed-source and obfuscated contracts.<n>SKANF combines control-flow deobfuscation, symbolic execution, and concolic execution based on historical transactions to identify and exploit asset management vulnerabilities.<n>Our evaluation on real-world Maximal Extractable Value (MEV) bots reveals that SKANF detects vulnerabilities in 1,030 contracts and successfully generates exploits for 394 of them, with potential losses of $10.6M.
arXiv Detail & Related papers (2025-04-18T01:22:58Z)
Demystifying Private Transactions and Their Impact in PoW and PoS Ethereum [43.548299433042835]
Private transactions, a specialized transaction type employed to evade public Peer-to-Peer (P2P) network broadcasting, remain largely unexplored.<n>We analyze large-scale datasets comprising 14,810,392 private transactions within a 15.5-month Proof-of-Work (PoW) dataset and 30,062,232 private transactions within a 15.5-month Proof-of-Stake (PoS) dataset.
arXiv Detail & Related papers (2025-03-30T16:45:18Z)
Assessing the Impact of Sanctions in the Crypto Ecosystem: Effective Measures or Ineffective Deterrents? [0.0]
This study examines the impact of sanctions on entities' crypto activities. It shows that while sanctions have been effective for half of the examined entities, the others continue to move funds through sanctioned addresses. Punishment entities demonstrate a preference for utilising rapid exchange services to convert their funds.
arXiv Detail & Related papers (2024-09-16T06:43:45Z)
Blockchain Amplification Attack [13.13413794919346]
We show that an attacker can amplify network traffic at modified nodes by a factor of 3,600, and cause economic damages of approximately 13,800 times the amount needed to carry out the attack.<n>Despite these risks, aggressive latency reduction may still be profitable enough for various providers to justify the existence of modified nodes.
arXiv Detail & Related papers (2024-08-02T18:06:33Z)
The Latency Price of Threshold Cryptosystem in Blockchains [52.359230560289745]
We study the interplay between threshold cryptography and a class of blockchains that use Byzantine-fault tolerant (BFT) consensus protocols.<n>Our measurements from the Aptos mainnet show that the optimistic approach reduces latency overhead by 71%.
arXiv Detail & Related papers (2024-07-16T20:53:04Z)
STAKESURE: Proof of Stake Mechanisms with Strong Cryptoeconomic Safety [6.787433978322371]
As of July 15, 2023, Ethererum, which is a Proof-of-Stake (PoS) blockchain, has around 410 Billion USD in total assets on chain. As the amount staked is far less (11x less) than the value secured, the blockchain is insecure "over-leveraged" in a cryptoeconomic sense. We formalize a model for analyzing the cryptoeconomic safety of PoS blockchain, which separately analyzes the cost-of-corruption, the cost incurred by an attacker, and the profit-from-corruption.
arXiv Detail & Related papers (2024-01-11T10:03:00Z)
The Devil Behind the Mirror: Tracking the Campaigns of Cryptocurrency Abuses on the Dark Web [39.96427593096699]
We identify 2,564 illicit sites with 1,189 illicit blockchain addresses, which account for 90.8 BTC in revenue. Our exploration suggests that illicit activities on the dark web have strong correlations, which can guide us to identify new illicit blockchain addresses and onions.
arXiv Detail & Related papers (2024-01-09T16:35:25Z)
Vulnerability Scanners for Ethereum Smart Contracts: A Large-Scale Study [44.25093111430751]
In 2023 alone, such vulnerabilities led to substantial financial losses exceeding a billion of US dollars. Various tools have been developed to detect and mitigate vulnerabilities in smart contracts. This study investigates the gap between the effectiveness of existing security scanners and the vulnerabilities that still persist in practice.
arXiv Detail & Related papers (2023-12-27T11:26:26Z)
Blockchain Large Language Models [65.7726590159576]
This paper presents a dynamic, real-time approach to detecting anomalous blockchain transactions. The proposed tool, BlockGPT, generates tracing representations of blockchain activity and trains from scratch a large language model to act as a real-time Intrusion Detection System.
arXiv Detail & Related papers (2023-04-25T11:56:18Z)
Reputation-based PoS for the Restriction of Illicit Activities on Blockchain: Algorand Usecase [2.94824047753242]
In recent times, different machine learning-based techniques can detect such criminal elements based on blockchain transaction data. We propose a reputation-based methodology for response to the users detected carrying out the aforementioned illicit activities.
arXiv Detail & Related papers (2021-12-21T07:32:22Z)
Quantum Multi-Solution Bernoulli Search with Applications to Bitcoin's Post-Quantum Security [67.06003361150228]
A proof of work (PoW) is an important cryptographic construct enabling a party to convince others that they invested some effort in solving a computational task. In this work, we examine the hardness of finding such chain of PoWs against quantum strategies. We prove that the chain of PoWs problem reduces to a problem we call multi-solution Bernoulli search, for which we establish its quantum query complexity.
arXiv Detail & Related papers (2020-12-30T18:03:56Z)

This list is automatically generated from the titles and abstracts of the papers in this site.