- Railgun denies misuse by North Korean hackers.
- Multiple reports suggest otherwise.
- The protocol came into the spotlight following an investment by Vitalik Buterin.
Railgun, a privacy-focused protocol using zero-knowledge proofs, came into the spotlight recently, after receiving high-profile backing. Specifically, Ethereum co-founder Vitalik Buterin invested 100 ETH, or $325,000 into the protocol.
However, this attention has prompted many observers to comment on the protocol’s alleged use by North Korean hackers. In response to these allegations, Railgun presented a strong denial, saying that any use by hackers is purely speculation.
Railgun’s Response to Claims About North Korean Hackers
On Monday, April 15, in response to allegations that North Korean hackers, known as the Lazarus group, might have exploited Railgun’s privacy technology for illicit purposes, Railgun issued a strong denial. They emphasized the robust security of their protocol and claimed it does not allow for sanctioned parties to participate.
Sponsored
“Any suggestion that sanctioned individuals, governments, or entities such as North Korea have used RAILGUN have no evidence & are based only on speculation,” the protocol stressed, according to crypto reporter Colin Wu. “From 2023, all RAILGUN transactions go through a Private Proofs of Innocence check, which verifies that transactions do not come from sanctioned or malicious activity,” they added.
Private Proofs of Innocence is a system Railgun uses to ensure that all transactions processed through Railgun are not associated with any known malicious or sanctioned entities. According to Railgun, all transactions going into the system undergo a check against a list of transactions and wallets deemed undesirable. The protocol then generates a blinded proof, which accompanies the funds through any subsequent transactions through Railgun.
Sponsored
Any external exchanges or independent parties receiving the funds can verify this proof without revealing sensitive information about the user’s identity or transaction details.
Did North Korean Hackers Use Railgun?
However, despite Railgun’s security measures, multiple reports suggest that hackers have used the protocol. According to crypto investigator ZachXBT, on January 16, the Lazarus group moved $63.5 million from the Harmony Bridge hack through Railgun.
Moreover, in its January report, blockchain research firm Elliptic claimed that North Korean hackers moved to Railgun following the lawsuit against Tornado Cash. While not a crypto mixer per se, Railgun allows for the anonymization of crypto transfers.
Unlike Tornado Cash, Railgun has systems in place to block sanctioned addresses. However, the system is not perfect. The effectiveness of its Private POI system depends heavily on the real-time updating and accuracy of the lists that identify undesirable transactions and actors.
If new wallets or transactions associated with illicit activities are not promptly added to the blocklist used by the POI system, these funds could be shielded and circulated within the Railgun system before being recognized as originating from a malicious source.
On the Flipside
- After US authorities sanctioned Tornado Cash, the mixer saw a significant drop in volume. However, despite sanctions, Tornado Cash continues to operate on decentralized networks.
- The Lazarus Group has been implicated in several significant cybersecurity incidents. In addition to the $100 million Harmony Bridge hack, they also stole $625 million from the Ronin network in 2022.
Why This Matters
The controversy behind North Korean hackers using Railgun has significant implications for crypto. For decentralized technologies to gain and retain trust, they must demonstrate effectiveness in privacy protection and robustness against misuse.
Read more about the recent Senate probe into FTX:
Did CFTC Know About the FTX Collapse? Warren Issues Probe
Read more about tokenized assets:
RWA’s Are On the Rise: MANTRA CEO Discusses Their Future