$5 Million Stolen Funds Blocked, Privacy Mixer Railgun Turns Into DeFi Protocol "Clawback Tool"?

By: blockbeats|2025/02/14 11:30:02

Hacker's Loot, Can Actually Be Forced to Return?

On February 12, the zkLend lending protocol on Starknet was hacked, losing nearly $5 million. However, the hacker did not expect that after mixing the money into Railgun, the final step before whitewashing could be immediately blocked by Railgun's protocol policy, forcing a return.

After the incident, zkLend suspended withdrawal services to safeguard the remaining funds and posted a message to the community stating that the team is actively working with multiple partners to track the hacker's identity and fund flow, promising transparency, and eventually will release a detailed investigation analysis report. In addition, zkLend also proposed to the hacker that they could keep 10% of the funds as a white hat bounty, with the remaining 90% (3,300 ETH) being transferred back to zkLend's Ethereum address. Upon receiving the transfer, the hacker would agree to waive any and all liability related to the attack.

As of the time of writing, there has been no response from the hacker regarding this proposal. zkLend posted on social media that they have reported the incident to the Hong Kong Police, the FBI, and the Department of Homeland Security and will initiate legal proceedings.

Million Stolen Funds Blocked, Privacy Mixer Railgun Turns Into DeFi Protocol

On February 13, Ethereum co-founder Vitalik, who has always supported Railgun, posted on social media, specifically explaining how Railgun successfully avoided dealing with criminal proceeds this time.

After Vitalik's post, the market's response to this news was very sensitive, and Railgun surged. According to market data, as of the time of writing, Railgun has seen a 7.00% increase in the past 24 hours, with trading volume up 162.31%.

On-Chain Anti-Money Laundering, How Does Railgun Do It?

Speaking of Railgun, this clearly anti-money laundering policy protocol, we have to mention the leading mixer service project, Tornado Cash.

Tornado Cash and Railgun both belong to the privacy track and are the first projects to provide mixer services. Its privacy protection features have made it a tool for hackers and criminals to launder money and hide funds, attracting the attention of governments and regulatory agencies worldwide, especially the U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) sanctions against it.

In August 2022, the U.S. Department of the Treasury imposed sanctions on Tornado Cash, stating that the service had facilitated money laundering of over $7 billion in the past three years and assisted the North Korean state-sponsored hacker group Lazarus Group in evading U.S. sanctions. In May 2024, one of the founders of Tornado Cash and core developer, Alexey Pertsev, was sentenced to 5 years and 4 months in prison.

Tornado Cash, due to its lack of anti-money laundering capabilities, became a convenient tool for hackers and money laundering criminals. The regulatory crackdown sounded an alarm for the entire privacy track. Learning from the lessons of Tornado Cash, Railgun, as a frontrunner in the privacy track, naturally had to learn from it and had a clear direction for improvement: anti-money laundering.

Railgun has adopted a more rigorous anti-money laundering strategy, focusing on enhancing compliance while maintaining privacy. The core of this strategy is to ensure that the platform can protect user privacy while effectively meeting regulatory requirements and preventing funds from being used for illicit activities. The following are the specific measures Railgun has taken:

The first step, Railgun did not solely focus on optimizing the code but cleverly compiled a blacklist from regulators, compliance platforms, and other sources. The blacklist covers transaction data related to illegal activities such as money laundering, fraud, and sanctions violations, providing specific targets for precise enforcement.

The second step, after any user makes a deposit, there is a 1-hour detection period during which various algorithms analyze whether the deposit may be related to the blacklist. The entire process is fully encrypted, only outputting a conclusion of "association" or "non-association," without revealing sensitive information such as user addresses, transaction history, or balances, ensuring user privacy is technically protected.

The third step, one hour later, the user can utilize zero-knowledge proofs (ZKPs) for private withdrawals. Additionally, Railgun's internal protocol policy stipulates that if a suspicious address attempts to mix coins, the funds from that suspicious address will be forcibly returned.

Finally, Railgun proactively complies. All proofs generated by user wallets can be provided to exchanges or regulatory agencies, and these third-party entities can verify proof validity through validation algorithms without accessing user fund flows, wallet activity details, or identity data. This mechanism meets external organizations' scrutiny requirements for transaction compliance while completely avoiding the risk of user privacy leaks, achieving "trustless self-attestation."

It is precisely this combination of privacy protection, compliance mechanisms, and risk control strategies that formed the final line of defense in intercepting money laundering attackers in the zkLend incident.

The founder of Slowmist also stated, "This is a very good privacy solution."

Privacy Track, Where to Go Next?

While Railgun is building a regulatory moat, regulatory policies in the United States seem to be easing.

On November 27 last year, the U.S. Fifth Circuit Court of Appeals ruled that the U.S. Treasury Department's sanction on the Tornado Cash smart contract was illegal. For the cryptocurrency community and all who care about defending freedom, this was a historic victory. The founder of Uniswap referred to it as "an immutable smart contract beating the Treasury Department in court."

Will this ruling breed more and more calls in the privacy track for "code is law" while actually fostering criminal projects?

Regardless, in the current environment of increasingly clear cryptocurrency regulations post-Trump administration, Railgun, which combines privacy and compliance, should set an example for the development of this track.

-- Price

On June 9, The Kobeissi Letter, citing Goldman Sachs data, reported that global investors are selling South Korean stocks at an unusually rapid pace. In the latest trading session, foreign investors sold about $801 million worth of Kospi constituent stocks again; total foreign outflows last week reached about $10 billion, and the market has been in net foreign selling on nearly every trading day over the past month. According to the data cited in the report, foreign investors have sold about $75 billion worth of South Korean stocks so far this year. Meanwhile, South Korean retail and institutional investors together recorded roughly $69 billion in net buying over the same period, suggesting that the market’s main buying support has come from domestic capital rather than returning overseas funds. The information currently disclosed still mainly comes from The Kobeissi Letter’s retelling and Goldman Sachs data summaries, while public details on the statistical period and the specific definition of “selling” remain relatively limited.

Fortune Warns of Strategy’s Financing Structure Risks as Bitcoin Premium Narrows

Fortune warned that Strategy’s Bitcoin treasury model faces growing financing risks as MSTR’s net asset premium narrows and preferred stock dividend pressure increases.

Ferrari Challenge Le Mans: Carl Moon to Dominate in WEEX Livery

The art of absolute control. Inside Carl Moon’s Ferrari 296 Challenge quest at Le Mans, taming the storm together with the official WEEX livery.

Sahara AI Responds to SAHARA’s Sharp Drop: No Contract or Product Security Issues Found, Internal Investigation Underway

Sahara AI responded to SAHARA’s 60% price drop, saying no token contract or product security issues have been found and an internal investigation is underway.

WEEX Deposit/Withdrawal Dynamic Island: Your Asset Status, Always in Sight

WEEX introduces Deposit and Withdrawal Info on Dynamic Island for iOS. See fund transfer progress on your dynamic island, lock screen, or while using other apps. No more guessing. No more refreshing.

Scaling Crypto Derivatives: The Digital Asset Infrastructure Behind High-Volume Trading

In the fast-moving digital asset ecosystem, derivatives platforms face an extreme architectural test. High-leverage futures markets demand more than just standard security—they require absolute operational precision, zero-latency matching engines, and ironclad structural scalability, all while navigating intense market volatility.

As global platforms scale to meet these demands, the industry is shifting away from rigid, monolithic setups toward a more agile, "decoupled" infrastructure philosophy.

The Blueprint for High-Volume Copy Trading

For elite global exchanges like WEEX (founded in 2018), this architectural choice becomes critical when scaling high-volume retail features like social copy trading. When thousands of users automatically mirror the real-time strategies of elite traders simultaneously, it triggers sudden, monumental spikes in concurrent transactional volume.

To prevent execution latency or settlement bottlenecks during these peak volatility events, a platform's primary engine must remain entirely dedicated to risk management, copy-trade synchronization, and order matching.

The Architectural Rule: New-generation platforms must separate front-end user execution engines from heavy backend infrastructural overhead to eliminate operational friction.

By separating these layers, platforms can maintain complete sovereignty over their trading environments and user experiences while strategically aligning with institutional-grade infrastructure ecosystems. This strategic framework allows modern exchanges to leverage advanced Digital Asset Custody infrastructure such as Cobo’s behind the scenes, ensuring that backend wallet management scales elastically alongside trading spikes.

Capitalizing on Market Momentum and 400× Leverage

In a derivatives arena where platforms offer up to 400× leverage on perpetual contracts, capital efficiency and market agility are core business metrics. To capture market momentum, an exchange needs the ability to rapidly expand its asset offerings, supporting everything from legacy crypto assets to sudden, trending altcoins across a massive library of trading pairs.

Adopting a flexible, scalable Wallet-as-a-Service (WaaS) solution such as Cobo’s could completely rewrite the development timeline for high-growth exchanges. Instead of spending months of engineering capital building out custom backend wallet architectures for every new blockchain network, platforms can deploy localized infrastructure in days.

This agility allows platforms to instantly scale their listings to over a thousand trading pairs without compromising security or delaying time-to-market. It mirrors the exact operational advantages seen during high-velocity market events, similar to how advanced wallet infrastructure empowers platforms during sudden asset surges; allowing exchanges to pass that speed and liquidity directly to their global user base.

A Mature Foundation for Growth

The synergy between trusted infrastructure ecosystems and global trading platforms represents the natural evolution of a maturing crypto market. As WEEX continues to scale its global spot and derivatives offerings for over 6 million users, adopting robust backend paradigms proves that platforms no longer have to compromise between cutting-edge trading velocity and uncompromised structural security.

Get Paid to Onboard? Try WEEX’s New Homepage with Rewards for Registration, Deposit & Trade

WEEX just launched a brand new homepage and a 3-step new user onboarding guidance. Complete Registration → Deposit → Trade to earn exclusive rewards. Faster navigation, clear progress, and instant bonuses. Download the latest WEEX App to try it now.

WEEX Custom Layout: Build Your Perfect Trading Workspace in Seconds

WEEX introduces custom layout on futures trading page: left/right panel switch, hide/show core modules, full-screen focus, and one-click reset. Trade your way now.

Morning Report | BitMine increased its holdings by 126,971 ETH last week; trader Eugene announced his exit from the crypto market

Overview of Important Market Events on June 8th

Wang Chuan: How can one not feel anxious after the neighbor Old Wang made thirty times profit by investing in storage stocks? (Seven) - A quarter-century cycle