Another possibility is Ironfish(https://ironfish.network/), but I don't know how much liquidity there exists in either of these. I don't think you could launder/hide $4bn through either of these. Perhaps slowly over a long period of time.
Ironfish is just a testnet so there is zero liquidity there because it isn't even launched.
Tornado cash has about $700mm right now deposited in it, with the vast majority of that being in the 100 ETH deposit pool.
They absolutely could have done it over time. They could have bridged the Bitcoin using the RenVM protocol to receive renBTC, done a combination of selling the renBTC and let arbitrageurs provide the liquidity as the couple would have had to sell a little below market. They could then deposit the ETH in Tornado.cash. Simultaneously to speed things up, they could have deposited the renBTC into an onchain staking protocol to borrow against it, using the borrowed proceeds as their liquidity, and possibly even just forgetting about the collateral and letting the protocol take it eventually.
Even though they would be a large part of the Tornado.cash pool, it would actually only be "for now" because there are several other heists of large seizes that are turned away from Tornado.cash because it is too small. So liquidity begets liquidity. I would content that even if they had become 60% of the pool, boosting its size to $1.5bn, that it would have attracted many more deposits, I could see Tornado.cash being a $3bn pool by now, given the size of heists that I know of.
Tornado.cash of course is not good enough to reintegrate back into the economy, under your name. So then they could have employed the reintegration.
With clean money they earned from salary, they could have created a random token on the Ethereum network, lets call it SHIBA INU (SHIB), made sure to keep a bunch of the tokens for themselves, and then withdrawn tornado cash notes to 100,000 addresses which programmatically bought SHIB, and pumped the token 52885982.4% and just been a lucky trader that cashes out with long term capital gains they pay. They would have had many more billions doing that.
Its too bad that people could try to throw a "conspiracy to commit" charge at me too, the moment I use Tornado Cash or launch an erc20 token now, but its more important to me that my speech isn't chilled so that you all can have a better discussion about it.
An excellent overview of how the crypto ecosystem glues together. Also a shame that understanding and explaining how these technologies can be (and probably are!) used together leads to accusations of criminal past or intentions.
I have a question: is it possible to write scripts to do the above automatically? Or does it have to be a manual process?
Few people understand the ecosystem thoroughly (I admit that I do not), so few people can implement the manual process properly. One mistake equals 0 privacy.
Also, would they be allowed to use renVM since everyone knew that these accounts contained bad bitcoin?
It is possible to write scripts to do this automatically, and randomized activity.
There is a push for more and more permissionless bridges. All the bridge builders and their communities shy away from that obvious discussion because they do host and earn basis points from any crypto that passes over the bridge, even if it is obviously from a heist. It would put a bridge, especially that bridge, in a tough spot if these hackers did too much too soon, the hackers would have needed to be watching bridge technology and from this indictment it just looks like they werent.
