Terrorists, drug dealers, infrastructure hijackers, and scammers are exploiting cryptocurrency smart contracts to move and hide their illicit gains.
In the past, these transactions were paid for in Bitcoin, which has become increasingly traceable. Bad actors are aware of this fact, and have adapted with the help of smart contracts. Crypto smart contracts are little understood, making criminals’ efforts all that much easier.
Why Are Bad Actors Using Crypto Smart Contracts?
Sophisticated criminals and groups are very aware of the power of traditional crypto-forensic solutions. They are turning to “smart contracts” to avoid tracing, capture and prosecution. How does a criminal use smart contracts to avoid identification and capture?
A smart contract enables a criminal to use a crypto-specific computer program to move, and mix, money without human intervention. Cryptocurrency smart contracts are commonplace and run on most modern blockchains. For reference, Bitcoin’s blockchain does not support smart contracts. A criminal can invoke a specific smart contract and move crypto-assets in the blink of an eye, making analysis and tracking extremely difficult.
The Risks of Using Smart Contracts
The flexibility the smart contracts provide are not without its risks. Aside from criminals using them for their illicit transactions, smart contracts have a number of issues that might hinder not just the average user, but law enforcement and government agencies, as well.
Complex Programming Languages
Crypto smart contracts, unlike the traditional legal documents that we see often in various business transactions and activities, are written in programming languages most people may not be able to understand and evaluate all on their own.
This means people with ill intentions can create a smart contract with loopholes and scam individuals and businesses out of their cryptocurrencies, with none being the wiser. Users who can’t understand smart contracts will not be certain that the contract will perform as advertised and intended.
To make matters worse, even a smart contract functioning exactly as intended can become a money laundering vehicle without adequate monitoring and protections.
Reliance to External Data
Frequently, smart contracts rely on oracles, third-party programs that retrieve and verify external data using market data feeds or web APIs. These external data may include prices of cryptocurrencies and other assets, and smart contracts will need them for margin calls and other critical functions.
However, this dependence introduces operational risks, especially since bad actors have been known to target functions around oracles and manipulate DeFi smart contracts. If the data source is inaccurate or otherwise exploitable, there’s no telling what could happen to the contracts that pull information from them.
Cryptocurrency smart contracts can also have errors, flaws, and bugs in their code, which are costly and painstaking to fix. Worst case scenario, it could lead to the loss of a user’s assets, and entire projects have collapsed on account of faulty code.
In October 2021, DeFi platform Compound mistakenly awarded $90 million worth of COMP tokens to their users because of faulty coding. August saw a smart contract vulnerability hack that allowed a bad actor to steal $600 million worth of digital tokens from the Poly Network.
Liability and Relationships
Smart contracts also still have unresolved legal and regulatory issues. For example, if a crypto-smart contract fails or commits an error, who should be responsible? How should jurisdiction on the smart contract be established?
Moreover, since smart contracts don’t need human intervention, it can be hard to make subjective decisions in terms of business relations. For example: a vendor cannot excuse a one-time late payment to preserve a “long-term commercial relationship” with their client because of the automated nature of the contract. And since it cannot make such judgment calls, that unpaid product/service might signal contract termination, and adoption is hindered.
How Can AnChain Help?
Government agencies need ways to deal with such challenges and risks, if they ever hope to regulate the use of smart contracts in the country, as well as around the world. An AI-powered, comprehensive smart contract analytics solution would be a major help in this regard.
AnChain has the global leading database on crypto and smart contract transactions. In summary:
- Deepest: Industry’s largest database: 200 million addresses labels and counting, powered by machine learning
- Fastest: Real-time API returns calls in under a second.
- Smartest: Patented auto-tracing AI-based technology.
- Broadest: UTXO and Smart Contract tracing.
Anchain has taken its part in the anti-money laundering initiatives of the government, as well. We have assisted an international law enforcement agency to crack down on a scam operation that exploited public fear of coronavirus, back in 2020. Criminals were using crypto-smart contracts like the Tether stable coin to launder millions in US dollars.
We have also assisted several companies affected by the Million-Ledger Data Breach June of that year. Over 1 million global Ledger customers were impacted by that breach across America, Europe and APAC, and exposed tons of customers’ private information, including emails, names, physical addresses, and phone numbers.
Does AnChain Work with Government Agencies?
AnChain is proud to have been selected to provide the SEC with smart contract analytics. This partnership will help monitor and regulate the turbulent decentralized finance (DeFi) industry. “The SEC is very keen on understanding what is happening in the world of smart contract-based digital assets… so we are providing them with technology to analyze and trace smart contracts,” said our CEO, Victor Fang.
Our solution is hosted on “GovCloud” too, ensuring the security demanded by government agencies. Ye Li, Investment Manager at SIG, said, “AnChain.AI has made great progress in developing its market-leading crypto security technology to meet its customers’ broad demand in regulatory compliance and transaction intelligence.”