TRM Labs: A "Detective Company" Helping DeFi Projects Advocate Sanctions

This article comes fromdecrypt & cryptoslate, by Liam J. Kelly & Christian Nwobodo

Odaily Translator |

Odaily Translator |

As soon as the news came out, the entire encryption industry was shaken, because many DeFi projects were worried that they would be implicated without knowing it. After all, the "anonymity" feature of encrypted transactions makes it difficult for you to confirm who the counterparty is. In order not to be affected, many platforms began to cut their tails to survive. For example, dYdX, a decentralized derivatives exchange, was one of the first projects to respond to this news. They quickly cut off all kinds of encryption addresses interacting with Tornado Cash; Then the DeFi lending agreement Aave also quickly took action-in the process, people suddenly discovered that a young "detective company" occupied the absolute C position, because those encrypted entities and DeFi projects in order to comply with US sanctions laws are using this TRM Labs, a provider of crypto regulatory technology services, provided the services of one data provider to obtain data on sanctioned blockchain addresses.

secondary title

Who is TRM Labs?

According to Crunchbase data, TRM Labs was established in 2017 as a blockchain intelligence analysis company. So far, it has raised approximately US$80 million through five rounds of financing transactions. Its investors include Tiger Global Fund and Amex Ventures of American Express. , Visa, Citi Ventures, DRW Venture Capital, Jump Capital, Marshall Wace, Block (formerly Square, Inc.) and PayPal Ventures and other well-known venture capital institutions and financial giants in the industry.

Since launching from Y Combinator in 2019, TRM Labs’ revenue has grown 600% year-over-year, and its team has grown from 4 to 60 people, now including members from the FBI, U.S. Secret Service, and Europol. Security threat finance experts, and data scientists from Apple, Amazon, and Google.

When it comes to the encryption market intelligence analysis market, many people may first think of companies such as Elliptic and Chainalysis that provide blockchain address tracking services. In contrast, TRM Labs' blockchain intelligence platform can visualize cross-chain data and threat intelligence, on-chain customer due diligence, transaction monitoring, advanced analysis, customer relationship management, etc., and use big data and machine learning to automatically Detect suspicious activities such as money laundering and market manipulation, which in turn helps organizations detect crypto fraud and financial crime more intuitively and easily, which is why fast-growing cryptocurrency companies such as Circle, FTX US and MoonPay choose TRM Labs to monitor and detect suspicious activities And to meet anti-money laundering (AML) regulatory requirements.

On the whole, TRM Labs seems to be playing the role of a “whistleblower” for the supervision of DeFi projects, so what advantages does TRM Labs have compared with other peers?

secondary title

What makes TRM Labs special: Helping DeFi protocols "filter" addresses

As a blockchain data provider, TRM Labs mainly helps financial institutions and governments combat fraud, money laundering and financial crimes. They will provide customers with blockchain addresses sanctioned by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) to Help clients take necessary actions against sanctioned addresses and entities.

In order to obtain detailed information on the chain of sanctioned addresses, DeFi platforms must integrate with TRM Labs' application program interface "TRM Wallet Screening API", so that they are allowed to query sanctioned addresses and transaction data. In addition, in order to have a clearer understanding of why an address is sanctioned, the protocol can be configured to retrieve the required information through the API. At the same time, the risk level of sanctioned addresses will also be listed in detail. Currently, the TRM Labs API divides risk thresholds into the following three categories:

1. Ownership risk - the address is on the sanctions list, whether the address appears on the sanctions list or is associated with an entity on the sanctions list;

2. Counterparty risk - addresses that have traded with sanctioned addresses.

3. Indirect risk - receiving (or sending) funds to (or from) sanctioned addresses through multiple channels.

With the spread of counterparty sanctions risk to random addresses "dusting attacks" (referring to scammers sending extremely small amounts of tokens to tens of thousands of addresses on the network to track transaction data of their wallets in order to destroy the anonymity of wallet owners and targeted phishing attacks on victims), TRM Labs will also provide users with additional data points to allow them to estimate between the sanctions risk of "real transactions" and "malicious transactions", This explains why some celebrity addresses, such as Brian Armstrong and Justin Sun, can be properly resolved by adjusting the sanctions parameters after being “dusted” and blocked.

By providing risk parameters, DeFi projects can have a very intuitive understanding and facilitate better decision-making. For example, a DeFi project can know whether the address it interacts with is directly listed on the sanctions list of the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC), and whether it has indirectly interacted with such addresses and to what extent. Generally speaking, the further down the platform's list of affected addresses, the more users will be blocked. TRM Labs explained that in terms of risk warnings, centralized exchanges like Binance or FTX usually perform better than DeFi projects in implementing risk markers, because such companies will more strictly abide by global anti-money laundering standards.

secondary title

Controversy over TRM Labs

Although TRM Labs provides a convenient address "filtering" service, this practice has caused some controversy in the encryption industry.

On August 14, DeFi lending agreement Aave stated that users associated with Tornado Cash on its platform had been blocked, and this work was done through TRM Labs. In this regard, TRM Labs does not agree. It clarifies that the block list is generated according to the protocol's own settings and risk thresholds. risk data.

For DeFi projects such as dYdX and Aave, using TRM Labs services can indeed quickly recover some losses, but it has exposed another problem: if a project can be pressed at will and some users are prohibited from using it, So wouldn't the decentralization of DeFi be threatened? According to TRM Labs, whether to block addresses is entirely up to the relevant projects themselves. In this way, will DeFi projects gradually become traditional financial enterprises? How can DeFi projects find the best balance between decentralization and financial regulation?