Uniswap, the leading decentralized exchange by both total value locked (TVL) and volume, has been criticized for its partnership with blockchain intelligence firm TRM Labs.
On Dec. 2, Banteg, a pseudonymous core developer for yield aggregator Yearn Finance, shared a screenshot from Uniswap’s front-end interface stating that users’ public wallet addresses are securely collected and shared with TRM for “risk and compliance reasons.”
Convex Labs researcher Nick Bax posted the GitHub commit for the Uniswap upgrade believed to have introduced the collection of wallet data from the front-end interface. The commit is dated Oct. 25 of this year and described as extending “privacy and terms.”
Eliezer Ndinga, the research lead at investment product provider 21Shares, responded that Uniswap had made their partnership with TRM Labs clear in its updated Terms of Service FAQ, adding that Uniswap is “not the only DeFi interface relying on analytics firms like TRM. The Uniswap terms state:
“With the help of TRM Labs, a blockchain intelligence service provider, we’re assessing the risk presented by wallet addresses that interact with the Uniswap Labs app in order to apply an industrywide standard of categories of risk (e.g. addresses associated with ransomware or stolen funds). The initial assessment will help us understand how the Uniswap Labs app is being used and respond as needed, while maximizing user privacy.”
In a statement sent to The Defiant on Friday, Uniswap said using blockchain intelligence is a common industry practice to protect platforms from risk. It deemed the partnership necessary to fulfill its aim to be a robust platform that “empowers users.”
“In line with that commitment, we’ve partnered with TRM to conduct an assessment to detect risk of wallet addresses interacting with the Uniswap app to an industrywide standard of risk such as ransomware and stolen funds,” Uniswap said.
Synthetix community ambassador “Milli3_.eth” pondered how Uniswap would respond should TRM inform them that an address is non-compliant, such as originating from a sanctioned territory. “What do they do with the info? do they act on it? do they track it? also what fits the criteria of ‘compliance’?” they added.
While many commenters responded to Baneg’s screenshot by declaring boycotts against Uniswap or promoting their chosen DEX, not all users are concerned.
“Why is this even needed? Just look at the on-chain addresses that interacted w/ the Router,” said Julian Villella, a founder in residence at Entrepreneur First in Canada.
Twitter user “RichHHawk” added: “It’s only a problem if they combine with information not on the blockchain (your IP address, browser and computer information).”