TRM Labs ‘does not engage in any’ blocking of sanctioned addresses, only provides ‘risk data’

In the wake of the dusting attacks following the TRMTornado Cash sanctions, TRM Labs has issued a statement clarifying how DeFi platforms can leverage its data to block affected wallet addresses.

DeFi protocol Aave said on Aug. 14 that the TRM Labs API is responsible for banning users on platforms that connect to Tornado Cash. In response, TRM Labs revealed on August 15 that the ban list was generated based on the settings and risk thresholds specified in the protocol.

is not involved in blocking specific addresses and provides risk data to customers for use in compliance programs. Organizations using TRM can configure their own settings and risk thresholds to block Or decide which addresses to freeze.”

The alleged dusting attack, which falsely flagged addresses, was due to a mistake in specifying parameters that fit the Tornado Cash sanction scenario.

How DeFi Protocols Use the TRM Wallet Screening API

TRM Labs is a blockchain data provider that helps financial institutions and governments fight fraud, money laundering and financial crime. We provide blockchain addresses licensed by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) and assist clients in taking necessary actions against licensed addresses and entities.

To access on-chain details of authorized addresses, DeFi platforms must integrate with the TRM Wallet Screening API. This API allows DeFI protocols to query data about authorized addresses and transactions. The result is typically a list of affected addresses with no insight into the extent of their involvement.

To get a clearer picture of why an address was approved, the protocol configures its settings to Information you want to get from the API.

The configuration details the risk level of authorized addresses. TRM’s API currently categorizes risk thresholds as follows:

• Ownership Risk Address is on a sanctions list.
• Counterparty risk addresses trading with authorized addresses.
• Indirect Risk The address received (or sent) funds through multiple channels to or from authorized addresses.

This explains the fate of many addresses sent 0.1 ETH and caught in dusting attacks that allude to well-known addresses such as Brian Armstrong and Justin Sun. The address was initially banned, but was resolved after sanctions parameters were adjusted.