Garden Finance, a Bitcoin bridging service, has been accused of assisting hackers to launder money. ZachXBT, a crypto analyst, said that over 80% of Garden Finance’s fees were sourced from laundered money. Garden Finance had around $300,000 in fees. ZachXBT is convinced that Garden Finance is somehow involved in shady transactions and that he can prove it by conducting blockchain analysis. ZachXBT believes there is a link between the Bybit hack of $1.4 billion and the Garden Finance platform. The contention exists over whether 30 BTC was used to enable money laundering. Garden Finance has replied that the 30 BTC was used before the Bybit hack occurred. The debate between Garden Finance and ZachXBT is ongoing.
The Bybit hack occurred on February 21, 2025, involving an exploit of a cold wallet, resulting in the loss of $1.4 billion in Ethereum. The attacker compromised a SAFE wallet used by a Bybit developer and exploited the wallet five days after the initial compromise. ZachXBT, amongst other blockchain analysts, traced the stolen funds to DeFi addresses used by North Korea’s Lazarus Group. However, when confronted with the latest accusations, Garden Finance co-founder Jaz Gulati said ZachXBT was basing his analysis on misinformation. ZachXBT asked why money launderers were topping up Garden Finance’s liquidity from Coinbase while moving compromised Bybit funds. The debate continued, with other developers stepping in to give their opinions about the recent controversy.
Jaz Gulati, co-founder of Garden Finance, defended his platform against the allegations. He pointed out that the 30 BTC of fees were collected before the Bybit attack, refuting the claim that they had somehow been involved. ZachXBT continued his analysis by claiming other links between Bybit and the WazirX hack, which was linked to the Lazarus Group. ZachXBT surmised that the problem was exacerbated by the fact that Garden Finance was not analysing its blockchain data to prevent a single actor from controlling the network. ZachXBT essentially said the network was compromised due to a lack of decentralized structures within the ecosystem. The arguments against the Garden Bridge may be valid drawbacks to the Bitcoin bridge system, which nefarious groups could hijack to launder money. However, these vulnerabilities may be inherent to the bridging infrastructure rather than the intent of Garden Finance developers.
James Scaur, a supporter of Garden Finance, jumped into the debate to support Gulati and to possibly provide a valid reason for the blockchain links. Scaur suggested that the Pareto distribution could provide a valid reason for the unequal distribution of liquidity providers, indicating that only a small number of liquidity nodes give the majority of liquidity for a service. Scaur suggested an alternative reason for the blockchain links that ZachXBT uncovered, pointing out that at any given time, there may be only a few liquidity providers present. Scaur further argued that it is a difficult task to block hackers from using swap services and does not necessarily imply complicity on the part of Garden Finance. However, ZachXBT was not convinced by Scaur’s argument, responding that Garden Finance lacked decentralisation because a single node provided the majority of liquidity for weeks after Garden Finance changed the threshold for large swaps to 10 cbBTC. ZachXBT also pointed out that Garden Finance had minimal activity apart from Bybit transactions, making the platform easy to analyse and spot illicit transactions.
Decentralisation loopholes and compliance issues have plagued the blockchain industry lately, with various problems that could disrupt the integrity of blockchains across the globe. Garden Finance prides itself on being a decentralized, trustless bridge service. However, ZachXBT has accused the service of having a single point of failure, which North Korean hackers are exploiting. Jaz Gulati, co-founder of Garden Finance, has not been impressed by ZachXBT’s accusations and has tried to defend his service from being linked with the Bybit hack. However, if a single liquidity provider can dominate the bridging service, the service may function as a private exchange for nefarious activities. Lazarus Group uses various DeFi and mixer services to launder their hacked proceeds. Whether Garden Finance was complicit in helping North Korean hackers or whether they were duped into supporting illicit activities is yet to be established. Traders, however, may be interested in the validity of these bridging services to ascertain whether their funds are truly being swapped with a trustless infrastructure.
