Bitcoin Bridge Garden Finance Faces Crypto Laundering Accusations Amid $300K Fee Surge
Blockchain investigator ZachXBT has accused Garden Finance, a Bitcoin bridging protocol, of enabling money laundering tied to North Korea’s Lazarus Group.
The controversy erupted after Garden’s co-founder, Jaz Gulati, showcased the platform’s recent success—revealing $300,000 in fees earned over just 12 days—without mentioning the source of the transactions.
According to ZachXBT, more than 80% of the fees during that period originated from wallets linked to the Bybit hack, one of the largest crypto thefts this year.
Challenging the credibility of the platform’s decentralisation claims, ZachXBT responded to Gulati’s 2 June’s post on 21 June,
“You conveniently left out >80% of your fees came from Chinese launderers moving Lazarus Group funds from the Bybit hack.”
Is Garden Finance As Decentralised As It Claims?
Garden Finance promotes itself as a fast, trustless and zero-custody Bitcoin bridge, boasting over 24,984 BTC in swap volume—worth around $1.5 billion—from 40,571 atomic swaps.
Yet ZachXBT argues that a single entity was observed topping up cbBTC liquidity from Coinbase repeatedly, fuelling illicit transactions.
“Explain how it is “decentralized” when I watched in real time for multiple days as a single entity kept topping up cbBTC liquidity from Coinbase for the Chinese launderers as they continued moving Bybit funds?”
From his perspective, the platform functioned more like a controlled exchange than a decentralised service.
The issue of a single dominant liquidity provider challenges the very principle of decentralisation.
It also raises concerns about the platform’s role in processing flagged funds without sufficient oversight.
Garden Finance Responds With Denial And Timeline Defence
In response, Gulati denied any wrongdoing, asserting that the platform had collected 30 BTC in fees prior to the Bybit incident.
He called ZachXBT’s statements “misinformation” and dismissed the claim that Garden is “fake decentralised” as baseless.
The Dune Analytics dashboard cited in the debate showed a total of 40.16 BTC in collected fees.
Garden’s largest single swap stood at 10 BTC, while its 12-day surge brought in around $300,000.
Gulati insisted that fees earned before 21 February—the date of the Bybit exploit—should not be linked to the stolen funds.
What Happened During The Bybit Hack?
On 21 February 2025, Bybit suffered a major breach when attackers compromised a cold wallet through a developer’s SAFE Wallet, leading to a loss of nearly $1.4 billion in Ethereum.
Blockchain analysts later traced large volumes of these funds through DeFi bridges, ultimately linking the movement to the Lazarus Group.
ZachXBT argued that Garden played a role in this laundering chain, citing the suspicious activity of one liquidity provider consistently fuelling transactions.
He also mentioned that he hadn’t even included transactions from the WazirX hack—another exploit attributed to Lazarus, where over $230 million was stolen through a smart contract signature bypass in July 2023.
Supporters Step In But ZachXBT Doubles Down
James Scaur, a supporter of Garden Finance, suggested that the imbalance in liquidity provision could be explained by the Pareto principle—where a small group of providers dominate the volume.
He argued that this concentration is common in decentralised platforms and doesn’t prove wrongdoing.
Scaur noted that Garden may have been exploited rather than complicit, stressing the challenges of blocking bad actors from using open, permissionless protocols.
However, ZachXBT rejected the defence, pointing out that after Garden updated its threshold for large swaps to 10 cbBTC, the same entity continued to dominate the platform.
He argued that Garden’s limited user activity outside of Bybit-linked flows made the illicit usage easy to spot and even easier to prevent—if decentralisation was properly implemented.
Larger Questions Around Crypto Compliance Remain
The situation also arrives just as the industry is confronting wider concerns around compliance and decentralised infrastructure.
The recent arrest of Evita Pay founder Iurii Gugnin in New York—accused of helping launder over $530 million for clients tied to sanctioned Russian banks—further highlights how vulnerable crypto services are to regulatory scrutiny.
Can DeFi Stay Neutral When It Powers Criminal Flow?
Decentralisation has long been praised as the shield against censorship—but when that shield becomes a tunnel for laundering billions, neutrality begins to look like complicity.
Platforms can’t keep hiding behind code if they enable financial crime at scale.
The uncomfortable truth is this: in the name of freedom, are some DeFi projects becoming blind engines for exploitation?