Scams

According to the Chainalysis' previously cited report, scam activity is the second most threatening illicit activity in the DeFi space, right after interaction with a sanctioned entity.

When it comes to countering those practices, preventing interaction between legit users and a sanctioned, often state-sponsored, entity it is always a clear path: one can easily look up the continuously-growing list of sanctioned addresses published by the U.S. OFAC and search through it. Although there are important legal implications to always be kept in mind regarding exchanging funds with sanctioned entities, they are not always trying to steal users funds, as scamers do. For example, the Tornado cash smart contract sanctioned in the summer of 2022 was a privacy-enhancing on-chain tool that allowed malicious actors to launder stolen funds. There are no reports warning that Tornado Cash tried to scam someone or steal their assets.

On the other hand, scams have only one clear objective: to trick legit users into giving away their assets or crucial information about it. Regardless where the information targeted by the scam is located, on/off-chain, scammers usually try to impersonate a legit on-chain identity (e.g. Uniswap V3 smart contract) or a centralised, off-chain entity such as a representative from Binance's customer support department. The problem in combating these types of malicious practices lies not only in the decentralised nature of blockchain, in which once funds are lost, there is no central unit capable of rolling back the transaction, but also in shedding light and make people aware of entities and addresses used for scams.

Beside sanctions, where there is a trustworthy, official list of addresses that tells people what to watch out for and be aware, scammers usually move quicker, changing addresses and even networks, making it harder to increase the awareness of large masses.