Are you exposed? How Chainalysis cracked the Wasabi Bitcoin privacy wallet
Chainalysis used open source techniques to trace funds leading to allegations revealing The DAO hacker.
Although the Bitcoin network is a permanent open record of transactions, many third parties have built privacy functionality on top of it. One such service is Wasabi Wallet, which uses a mixer protocol, Tor integration, and is free to use and open source.
Mixers work by “mixing” transaction inputs and outputs together so that the relationship between senders and receivers isn’t clear. Thus a degree of anonymity is provided by making it difficult to trace the flow of funds.
In her recently released book Cryptopians, which details the early days of Ethereum, journalist Laura Shin claims Wasabi Wallet was the weak link, resulting in blockchain data analysis firm Chainalysis tracing stolen funds from The DAO hack of 2016.
How did hackers exploit The DAO?
Decentralized Autonomous Organizations (DAOs) refer to a decentralized fund in which token holders govern how it is run through proposals and voting. There is no hierarchical structure, only holders making decisions upheld by smart contracts.
The first DAO created was called The DAO and set up by Slock.it, which Blockchains LLC acquired in June 2019.
It launched in 2015 to raise funds for Web3.0 projects and startups. As the first of its kind, it became a smash hit, attracting 12 million ETH of investment ($150 million at time, but $30.2 billion today).
However, attackers managed to exploit a recursive calling vulnerability, meaning they could withdraw funds without the withdrawal being reflected in the account balance. This enabled hackers to set off a loop of withdrawals indefinitely, resulting in the loss of 3.6 million ETH ($50 million at the time, but $9 billion today).
Some of the stolen funds were sent to a Wasabi Wallet for washing. But a flaw in the protocol setup meant Chainalysis could deanonymize the mixer functionality using open source methods.
How did Chainalysis “break” the Bitcoin privacy Wasabi Wallet?
Shin claims this was possible because Wasabi Wallet failed to fully implement the ZeroLink protocol.
ZeroLink claims to fully anonymize Bitcoin transactions using a defined pre-mix and post-mix mixing technique. Pre-mix functionality is said to be easily implemented “without much overhead.” However, adding post-mix functionality to a wallet was an altogether more complex affair.
“Post-mix wallets on the other hand have strong privacy requirements, regarding coin selection, private transaction and balance retrieval, transaction input and output indexing and broadcast.”
Instead, it’s claimed that Wasabi Wallet opted for a “peel chain” method that offers fewer protections, resulting in Chainalysis being able to trace transactions from the DAO hack.
Fun fact. Wasabi 🍌 never implemented ZeroLink. They didn't even come close to doing so. Nopara dropped the ball early on and went for the easy out: a peel chain. Chainalysis runs rings around Wasabi 🍌. pic.twitter.com/bLmyDt7qip
— TDevD [No KYC, no T&C, no 🍌] (@SamouraiDev) February 23, 2022
As such, Chainalysis did not “break” Bitcoin as such, only take advantage of a careless integration.
Nonetheless, there is an increasing narrative that financial privacy, as it pertains to cryptocurrency, is somehow wrong. While it’s true the majority of crypto transactions are above board, that hasn’t stopped authorities from enforcing ever-stricter policies.