decrypting defi newsletter header
Decrypting DeFi is Decrypt's DeFi email newsletter. (art: Grant Kempster)

The entire crypto industry continues to collectively unpack the ramifications of the U.S. government's sanctions on crypto mixer Tornado Cash. The move, which included blacklisting of wallet addresses that had used Tornado Cash, has spooked the DeFi world as projects struggle to either resist or adapt to the new law of the land.

The decentralized derivatives exchange dYdX was one of the first projects to react to the news, blocking various crypto addresses that interacted with Tornado Cash. The popular lending protocol Aave also appeared to act quickly, after Justin Sun revealed that his wallet had been blocked.

Though dYdX and Aave have since pulled back some, it still begged the question: If a project can simply flip a switch and ban certain users, how decentralized is it, really?


And now, as DeFi projects scramble to decide what to do, a new sleuthing firm has taken center stage: TRM Labs. The firm, like Elliptic and Chainalysis, has emerged as the key switch-flipping service to which the vast majority of crypto projects have turned to remain compliant.

The company claims that it does not “engage in any blocking of specific addresses.” Instead, TRM Labs says it merely provides its risk data to its customers for “use in their compliance programs."

It's more like a signaling service that can be fine tuned by a DeFi project to raise a flag whenever an at-risk address interacts with the project's webpage or frontend. The decision to block or ban an address thus still falls on the shoulders of these projects.

As TRM Labs put it: "Organizations using TRM configure their own settings and risk thresholds to determine which addresses to block or freeze."

via TRM Labs

In terms of what these risk parameters look like, the sanctions-flagging firm has provided a convenient layout.


The service breaks down, for instance, whether an address interacting with the project is directly listed on OFAC's sanctions list ("ownership risk") or if it's interacted indirectly with such an address and to what extent.

The further down the list of affected addresses a given platform goes, the more and more users become effectively banned.

TRM Labs explained that centralized exchanges, like Binance or FTX, typically implement flagging services much further down the risk ladder than DeFi projects. That’s because these kinds of entities typically follow closer adherence to global AML standards.

The key takeaway here is that the decision to ban addresses is 100% at the discretion of the project in question.

And in this way, DeFi is looking more and more like plain old fintech.

Decrypting DeFi is our DeFi newsletter, led by this essay. Subscribers to our emails get to read the essay before it goes on the site. Subscribe here

Stay on top of crypto news, get daily updates in your inbox.