Vitalik Buterin praises compliance-focused privacy project Railgun for preventing zKLend attacker from laundering stolen funds

Ethereum founder Vitalik Buterin has praised Railgun for successfully thwarting the zkLend attacker’s attempt to wash his stolen funds, demonstrating what compliant, onchain privacy can look like, in a post on Thursday. 

“This is a solid demonstration of Railgun's privacy pools mechanism working in practice, allowing Railgun to avoid serving proceeds of crime without using any snooping / backdoors,” Buterin wrote. 

The move is significant given the hurdles many privacy projects in crypto have faced — including, in recent years, a concerted effort to clamp down on so-called blockchain “mixers,” including Tornado Cash and Bitcoin Fog. 

While Bitcoin was born out of the largely pro-digital-privacy cypherpunk movement, these systems today are largely operational only because anyone can “trustlessly” audit the chain. 

Railgun is a protocol that enables users to conduct anonymous transactions on Ethereum by using zero-knowledge proofs and liquidity pools to hide details about the sender, recipient and transaction amount. 

However, unlike most so-called “mixers,” Railgun has implemented a system called “Private Proofs of Innocence” designed to block illicit funds from entering the privacy pool. When deposited into Railgun, tokens are automatically screened against a list of known malicious addresses. If found to have a suspicious provenance, the tokens will not be allowed to enter the protocol’s privacy set and can only be withdrawn to the original address.

It appears that is precisely what happened on Railgun. 

On Feb. 12, an attacker began exploiting an unknown “rounding error bug” on the Starknet-based money-market protocol zkLend that allowed him to withdraw 3,600 ETH (worth around $9.5 million at the time). 

After inflating his balance by repeatedly depositing and withdrawing wstETH by manipulating the “lending_accumulator,” the attacker bridged his assets to the Ethereum mainchain and moved them to Railgun. 

Because all of this so far was visible onchain, the zKLend team contacted the hacker in an attempt to get him to send back the majority of the funds and keep 10% as a “white hat” reward.

“We are actively tracking the funds and pursuing the identification of the hacker, in collaboration with @StarkWareLtd, the @StarknetFndn, @zeroshadow_io (formerly @chainalysis Incident Response), Binance Security Team, and @HypernativeLabs,” the team posted. 

The attacker has yet to take up the offer, and the funds are sitting in  his address , which has been marked on most blockchain scanners as being associated with the zKLend attack. 

“He can use tornado cash (contracts are still working) or probably can use fake KYC to launder money through CEXes… or maybe use non-KYC exchanges,” blockchain threat researcher Vladimir S. told The Block in a direct message. “But this is very unlikely because his address is flagged everywhere. The best for the attacker is to return the money because otherwise costs for transfering may exceed 90% lol.”

Hackers are increasingly being thwarted by onchain sleuths who can keep track of blockchain hops. To some degree, onchain privacy would increase the threat of attacks. However, projects like Railgun, which cater to “honest” uses like anonymizing payroll and payments, offer a middle-ground approach. 

Buterin has been writing about the possibility of compliant privacy tools since at least 2023 when he co-authored a research paper on "Privacy Pools" that would use curated privacy sets to screen out potential bad actors. 

“If you disagree with Railgun's filters, anyone is free to fork and make their own pool with their own rules, though if you can't get reasonably wide public support you're going to have a tiny anonymity set,” Buterin said.