Cross-Chain Bridges and Complex Exchangers: The Crypto Market's New Laundromat
While regulators continue to focus on traditional crypto mixers, criminal groups have already shifted to more flexible ways to hide their tracks. Cross-chain bridges and DEX aggregators, initially created for the convenience of Decentralized Finance (DeFi), are transforming into a sophisticated network for laundering digital assets.
When Bridges Become a Disguise
The volumes of cross-chain transactions are already measured in trillions of dollars annually. Analysts estimate that in 2024 alone, decentralized bridges and DEX aggregators processed nearly $2 trillion in transfers, with forecasts for 2025 exceeding $3 trillion. Approximately 10% of this activity—hundreds of billions of dollars—shows signs of sanctioned or other illicit flows.
Bridges enable funds to hop quickly between blockchains, breaking down transfers into dozens of small transactions and mixing them with the "background noise" of DEX liquidity. "For investigators, this severely complicates classic graph analysis methods, especially when funds pass through multiple networks consecutively," note specialists from Match Systems, who regularly handle such investigations.
Chainflip: Transparent Interface, Opaque Reality
Chainflip remains one of the most prominent decentralized bridges, supporting swaps between Bitcoin, Ethereum, Solana, and several Layer-2 networks.
However, as analysts at Match Systems point out, even with its own blockchain explorer, the lack of labeled service clusters makes it extremely difficult to isolate Chainflip's flows in professional analytical tools. An additional challenge is the frequent rotation of operational addresses in both Bitcoin and Solana. For users, this may appear as a security feature, but for the investigative team, it is a headache: tags quickly become outdated, and habitual "common input/output" heuristics lose their accuracy.
Bridges Without Public Explorers: DefiWay and Bitget Bridge
While Chainflip at least provides its own explorer, some other bridges—such as DefiWay and Bitget Bridge—remain true "black boxes". They lack a public transaction explorer, making it impossible to estimate volumes or track suspicious transfers in real-time without deep processing of "raw" blockchain data. For criminals, such protocols are effectively a "blind spot" in the crypto ecosystem, where funds can disappear long before investigators notice the problem. The lack of open data makes these services particularly convenient for malicious actors.
Solana: The New Gray Zone
Over the past year, Solana has become a favored intermediary network for illegal transfers. According to Match Systems' observations, Solana has two to three times fewer addresses that can be reliably linked to services or known organizations than EVM networks or Bitcoin. Ultra-low fees, high throughput, and liquidity on par with top blockchains allow for hundreds of transactions per minute, creating dense "background noise" that interferes with classic tracing algorithms.
While Ethereum and Bitcoin are supported by mature AML toolkits, comprehensive forensics for Solana is still in its infancy, and existing analytical solutions support it only to a limited extent.
Exolix: An Exchanger with Multi-Level Obfuscation
Even after the closure of anonymous exchanges like Exch and TradeOgre, services that provide a high level of anonymity remain. Exolix is one example. The platform has abandoned the traditional "user deposit address / hot wallet" model and has instead built a multi-level infrastructure of operational wallets.
This architecture resembles the practices of high-risk exchanges like Garantex, which used similar methods to reduce the risk of sanctions. According to Match Systems data, Exolix launders funds predominantly within its own pool of wallets—even before withdrawal to an external address. To achieve this, assets are routed through internal cross-chain paths, such as via ZK-bridge and Layerswap. This scheme adds a new layer of concealment and makes external tracking virtually impossible.
New Challenges and the Industry’s Response
Today, cross-chain laundering presents investigators with a range of difficulties: transactions are scattered across different networks, service addresses like Chainflip and Exolix are constantly changing, and bridges without their own explorers remain almost invisible to analysts. The problem is compounded by the fact that most large analytical platforms were historically developed for Bitcoin and EVM networks, while support for Solana is still limited.
"Even experienced teams now require significantly more resources for comprehensive cross-chain monitoring," warn experts from Match Systems. "Simple clustering methods no longer work—we need probabilistic models and temporal link analysis".
In response to the new challenges, leading forensic platforms are rapidly developing cross-chain analytics: technologies like "bridge fingerprints," probabilistic flow graphs, and temporal link analysis are already transitioning from laboratories into real-world tools. Practice shows that even the most complex schemes can be unraveled—but only if specialists get involved in the first hours after an incident.
When Bridges Become a Disguise
The volumes of cross-chain transactions are already measured in trillions of dollars annually. Analysts estimate that in 2024 alone, decentralized bridges and DEX aggregators processed nearly $2 trillion in transfers, with forecasts for 2025 exceeding $3 trillion. Approximately 10% of this activity—hundreds of billions of dollars—shows signs of sanctioned or other illicit flows.
Bridges enable funds to hop quickly between blockchains, breaking down transfers into dozens of small transactions and mixing them with the "background noise" of DEX liquidity. "For investigators, this severely complicates classic graph analysis methods, especially when funds pass through multiple networks consecutively," note specialists from Match Systems, who regularly handle such investigations.
Chainflip: Transparent Interface, Opaque Reality
Chainflip remains one of the most prominent decentralized bridges, supporting swaps between Bitcoin, Ethereum, Solana, and several Layer-2 networks.
However, as analysts at Match Systems point out, even with its own blockchain explorer, the lack of labeled service clusters makes it extremely difficult to isolate Chainflip's flows in professional analytical tools. An additional challenge is the frequent rotation of operational addresses in both Bitcoin and Solana. For users, this may appear as a security feature, but for the investigative team, it is a headache: tags quickly become outdated, and habitual "common input/output" heuristics lose their accuracy.
Bridges Without Public Explorers: DefiWay and Bitget Bridge
While Chainflip at least provides its own explorer, some other bridges—such as DefiWay and Bitget Bridge—remain true "black boxes". They lack a public transaction explorer, making it impossible to estimate volumes or track suspicious transfers in real-time without deep processing of "raw" blockchain data. For criminals, such protocols are effectively a "blind spot" in the crypto ecosystem, where funds can disappear long before investigators notice the problem. The lack of open data makes these services particularly convenient for malicious actors.
Solana: The New Gray Zone
Over the past year, Solana has become a favored intermediary network for illegal transfers. According to Match Systems' observations, Solana has two to three times fewer addresses that can be reliably linked to services or known organizations than EVM networks or Bitcoin. Ultra-low fees, high throughput, and liquidity on par with top blockchains allow for hundreds of transactions per minute, creating dense "background noise" that interferes with classic tracing algorithms.
While Ethereum and Bitcoin are supported by mature AML toolkits, comprehensive forensics for Solana is still in its infancy, and existing analytical solutions support it only to a limited extent.
Exolix: An Exchanger with Multi-Level Obfuscation
Even after the closure of anonymous exchanges like Exch and TradeOgre, services that provide a high level of anonymity remain. Exolix is one example. The platform has abandoned the traditional "user deposit address / hot wallet" model and has instead built a multi-level infrastructure of operational wallets.
This architecture resembles the practices of high-risk exchanges like Garantex, which used similar methods to reduce the risk of sanctions. According to Match Systems data, Exolix launders funds predominantly within its own pool of wallets—even before withdrawal to an external address. To achieve this, assets are routed through internal cross-chain paths, such as via ZK-bridge and Layerswap. This scheme adds a new layer of concealment and makes external tracking virtually impossible.
New Challenges and the Industry’s Response
Today, cross-chain laundering presents investigators with a range of difficulties: transactions are scattered across different networks, service addresses like Chainflip and Exolix are constantly changing, and bridges without their own explorers remain almost invisible to analysts. The problem is compounded by the fact that most large analytical platforms were historically developed for Bitcoin and EVM networks, while support for Solana is still limited.
"Even experienced teams now require significantly more resources for comprehensive cross-chain monitoring," warn experts from Match Systems. "Simple clustering methods no longer work—we need probabilistic models and temporal link analysis".
In response to the new challenges, leading forensic platforms are rapidly developing cross-chain analytics: technologies like "bridge fingerprints," probabilistic flow graphs, and temporal link analysis are already transitioning from laboratories into real-world tools. Practice shows that even the most complex schemes can be unraveled—but only if specialists get involved in the first hours after an incident.
Blog