A Public Accusation: From Platform to Founder
Prominent on-chain detective ZachXBT recently posted on X publicly accusing Tokenlon and imToken of serving as high-risk channels for illicit fund flows. Citing on-chain data, he identified a significant proportion of transactions on both platforms linked to pig butchering scams and investment fraud, and directly called on co-founder Ben He to face legal accountability.
ZachXBT also named additional platforms—Butter Network, HiFiSwap, Bridgers, and SWFT—flagging these aggregators and cross-chain routing tools as priority monitoring targets for illicit fund flows, and calling for stronger regulatory intervention.
Aggregators and Cross-Chain Routing: The Structural Origins of a Compliance Blind Spot
There are structural reasons why aggregators and cross-chain routing protocols have become high-risk entry points for illicit funds. These platforms typically do not hold user assets directly, face relatively loose KYC requirements, and enable rapid multi-chain fund movement that is significantly harder to trace than activity on centralized exchanges.
For fraud proceeds, multi-hop transfers through aggregators can effectively obscure asset origins. Long-running scams like pig butchering operations frequently rely on exactly these protocols to achieve obfuscation during final cash-out.
Platform Liability: Neutral Tool or Complicit Channel?
ZachXBT's accusations raise a deeper industry question: when a protocol is systematically used for illicit fund flows, does the defense of "I'm just a tool" still hold?
Global regulators are progressively extending AML responsibilities to decentralized protocols and aggregation layers. Platforms that cannot produce effective transaction risk monitoring records will find themselves in an extremely vulnerable position under future regulatory scrutiny. Trustformer KYT enables full-path risk flagging across cross-chain and aggregated transactions, helping protocol operators build a robust compliance defense before regulatory inquiries arrive.