Crypto privacy protocol Railgun’s built-in tool to filter out bad actors has seemingly foiled Inferno Drainer’s latest attempt to launder its stolen cash.
In a July 10 post on X, MistTrack noted that a July 9 attempt to launder a little over 174 Ether (ETH) — worth $533,000 at current prices — was blocked by Railgun, forcing them to send the stolen ETH back to Inferno’s original wallet address.
Railgun contributor Alan Scott Jr told Cointelegraph that Inferno’s malicious attempt to use the Ethereum-based privacy protocol was rejected by Railgun’s automated private proofs of innocence (PPOI) system.
Once the PPOI system was activated, “the tokens could only return to the attacker’s address — they were not welcome in RAILGUN,” said Scott.
“The fact that this attacker could only send tokens back to the original shielding wallet is by design. This is part of PPOI, this technology is brand new, but this a great example that shows it works.”
Railgun, founded in January 2021, uses zero-knowledge (ZK) cryptography to shield wallet balances, transaction history and transaction details, allowing users to use decentralized apps (DApps) on Ethereum or other supported chains while remaining private.
Railgun’s PPOI system was launched by the protocol’s researchers and contributors in January 2023.
It uses cryptographic assurance to ensure that tokens entering the Railgun smart contract are not from a known list of undesirable transactions or actors. To do so, users must create ZK-proof that their funds are not part of a pre-set list of transactions and wallets.
Scott explained the PPOI system works by picking up transactions linked to nefarious actors and then blocking the tokens from being processed through the protocol. The only option available to the sender is to withdraw the tokens back to the original address.
“That transaction flow remains trackable, and attempting to use Railgun provides zero privacy to that actor,” he said.
Inferno Drainer has stolen over $180 million in crypto from over 189,000 victims since its inception in August 2023, per Dune Analytics data.
Related: US senators, FBI aren’t opposed to crypto privacy: Railgun contributor
In April, Railgun hit back at claims stemming from independent crypto reporter Colin Wu, who alleged the protocol had been used by the North Korean hacking consortium Lazarus Group.
Despite blockchain security firm Elliptic labeling Railgun a “prime alternative to Tornado Cash” after the United States government imposed sanctions against the crypto mixer, Ethereum co-founder Vitalik Buterin has defended the protocol on the grounds that privacy is “normal.”
X Hall of Flame: Ethereum’s recent pullback could be a gift — Dynamo DeFi