Railgun, an on-chain privacy protocol, is enjoying strong adoption as rival crypto mixers cease operations, including attracting support from Vitalik Buterin, Ethereum’s chief scientist.

On May 22, Railgun garnered attention after Buterin moved 80 ETH worth nearly $300,000 using the protocol. Data from Arkham Intelligence shows Buterin executing transactions via Railgun monthly over the past six months, including a transfer of 100 ETH in April.

“Railgun uses the privacy pools protocol, which makes it much harder for bad actors to join the pool without compromising users’ privacy,” Buterin tweeted at the time. “Privacy is normal.”

Buterin’s adoption has shone a spotlight on Railgun, helping to push its all-time transaction volume into ten figures. Railgun has processed $1.16 billion worth of transactions since the protocol’s launch in January 2022, according to Dune Analytics.

Data from DefiLlama shows the protocol’s total value locked (TVL) rising 146% to $76.2 million from $31 million in mid-April, and 460% from $13.6 million at the start of the year.

Railgun is a privacy protocol designed to obscure blockchain transactions, enabling users to conceal their wallet addresses. It leverages zero-knowledge succinct non-interactive arguments of knowledge (ZK SNARKs), a zero-knowledge proof (ZKP) technology. ZKPs bolster privacy by allowing the verification of data on-chain without publicly revealing said data.

Railgun rises as rival crypto mixers fall

Railgun’s growing market share comes as many crypto mixing protocols are shutting down amid the sector facing a regulatory offensive from U.S. authorities.

In August 2022, the U.S. Treasury sanctioned Tornado Cash, then the leading Ethereum privacy protocol, prohibiting U.S. citizens from interacting with its smart contracts. The unprecedented move marked the first time that code was placed on the Office of Foreign Assets Control’s (OFAC) list of Specially Designated Nationals.

The action came in response to the Lazarus Group, a North Korean state-sponsored hacking organization, using Tornado Cash to obscure the flow of stolen assets.

The sanctions led to a 64% drop in Tornado Cash’s total value locked (TVL) from $460 million on August 8, 2022, to under $165 million six weeks later. However, Tornado Cash now appears to be doing just fine without U.S. users — currently boasting a $513 million TVL.

The U.S. Treasury has recently stepped up its actions against mixing protocols. In November, the department sanctioned Sinbad.io, a virtual currency mixer similarly implicated in laundering stolen assets for Lazarus Group.

Last month, the co-founders of Samourai Wallet, another cryptocurrency mixer service, were also charged with facilitating money laundering and operating without a license. Sinbad was allegedly used to launder stolen assets from the bridge exploits targeting Harmony and Axie Infinity carried out by the North Korean hackers. Samourai was also alleged to have been used by cybercriminals for sanctions evasion, drug trafficking, and the procurement of child sexual abuse materials.

“Mixing services that enable criminal actors, such as the Lazarus Group, to launder stolen assets will face serious consequences,” said Deputy Secretary of the Treasury Wally Adeyemo.

In response to the threat of regulatory action, Wasabi Wallet, a popular Bitcoin wallet, announced it would no longer offer its Coinjoin feature, which provides privacy for on-chain transactions, starting in June. Wasabi also began blocking U.S. residents from accessing its services starting April 27.

Lazarus moves to Railgun?

Railgun has also faced accusations of adoption from Lazarus Group.

In January 2023, security researcher ZachXBT tweeted that North Korea’s Lazarus Group moved $63.5 million in assets stolen from the Harmony bridge using Railgun, before depositing the assets on three different exchanges.

But Railgun refuted the ZachXBT’s claim in April.

“This is not true and it’s false reporting,” Railgun tweeted. “That group is blocked from using the Railgun system by the ‘Private Proofs of Innocence’ system which went live over a year ago.”

The Lazarus Group is a notorious hacking collective believed to be affiliated with the North Korean government. The U.S. government has accused the group of conducting cyber operations to fund North Korea’s illicit weapons programs. Lazarus is allegedly responsible for numerous high-profile cyberattacks and cryptocurrency thefts, including the infamous Sony Pictures hack.