Garden Finance Accused of Laundering 80% of Fees from Hackers

Garden Finance, a Bitcoin bridging service, has been accused by crypto analyst ZachXBT of assisting hackers in laundering money. ZachXBT claims that over 80% of Garden Finance’s fees, amounting to around $300,000, were sourced from laundered funds. The analyst is convinced that Garden Finance is involved in shady transactions and believes there is a link between the Bybit hack of $1.4 billion and the Garden Finance platform. The contention centers around whether 30 BTC was used to facilitate money laundering. Garden Finance has responded by stating that the 30 BTC was used before the Bybit hack occurred, refuting the allegations.

The Bybit hack, which took place on February 21, 2025, involved an exploit of a cold wallet, resulting in the loss of $1.4 billion in Ethereum. The attacker compromised a SAFE wallet used by a Bybit developer and exploited the wallet five days after the initial compromise. ZachXBT and other blockchain analysts traced the stolen funds to DeFi addresses used by North Korea’s Lazarus Group. When confronted with the latest accusations, Garden Finance co-founder Jaz Gulati defended his platform, asserting that the 30 BTC of fees were collected before the Bybit attack. ZachXBT continued his analysis by claiming other links between Bybit and the WazirX hack, which was also linked to the Lazarus Group. ZachXBT argued that the problem was exacerbated by the fact that Garden Finance was not analyzing its blockchain data to prevent a single actor from controlling the network, suggesting that the network was compromised due to a lack of decentralized structures within the ecosystem.

James Scaur, a supporter of Garden Finance, entered the debate to support Gulati and provide an alternative explanation for the blockchain links. Scaur suggested that the Pareto distribution could explain the unequal distribution of liquidity providers, indicating that only a small number of liquidity nodes provide the majority of liquidity for a service. Scaur argued that it is challenging to block hackers from using swap services and does not necessarily imply complicity on the part of Garden Finance. However, ZachXBT was not convinced by Scaur’s argument, responding that Garden Finance lacked decentralization because a single node provided the majority of liquidity for weeks after Garden Finance changed the threshold for large swaps to 10 cbBTC. ZachXBT also pointed out that Garden Finance had minimal activity apart from Bybit transactions, making the platform easy to analyze and spot illicit transactions.

Decentralization loopholes and compliance issues have recently plagued the blockchain industry, with various problems that could disrupt the integrity of blockchains. Garden Finance prides itself on being a decentralized, trustless bridge service. However, ZachXBT has accused the service of having a single point of failure, which North Korean hackers are exploiting. Jaz Gulati has not been impressed by ZachXBT’s accusations and has tried to defend his service from being linked with the Bybit hack. However, if a single liquidity provider can dominate the bridging service, the service may function as a private exchange for nefarious activities. Lazarus Group uses various DeFi and mixer services to launder their hacked proceeds. Whether Garden Finance was complicit in helping North Korean hackers or whether they were duped into supporting illicit activities remains to be established. Traders may be interested in the validity of these bridging services to ascertain whether their funds are truly being swapped with a trustless infrastructure.