Managing "Dusting" Attacks: Legal Protocols for Unsolicited Sanctioned Assets
The Executive Verdict
1. The Trap: Why "Sending It Back" is a Crime
In Web3, you can't stop inbound funds. But interacting with them—even to return them—is a "Dealing" violation. The moment funds hit your wallet, treat them as if they are encased in concrete. Frozen.
2. Technical Segregation: "Coin Control" and Sub-Ledgers
Bitcoin (UTXO): Use "Coin Control" to freeze the specific UTXO. Ethereum (Account): Set a "Minimum Balance Floor" (e.g., Balance of 101 ETH, 1 ETH is dirty -> Never go below 1.0000001 ETH).
Diagram of a Water Tank (Wallet). Red Dye (Sanctioned Funds) sits at the bottom. The "Safe Zone" is everything above the red line. The red line must never be crossed.
3. The OFAC Reporting Protocol (10-Day Clock)
You must tell the government you have their money. File a "Report of Blocked Transactions" within 10 days. Include: Sanctioned Sender, Tx Hash, Date, and Amount. This creates your Safe Harbor.
4. Managing Banking Relationships (The "Pre-empt" Call)
Banks see the Chainalysis flag. Notify them BEFORE they ask. "We received unsolicited dust, have isolated it, and filed with OFAC." Transparency prevents debanking.
5. The "Nuclear Option": Wallet Migration
If the wallet is too tainted (toxic waste), migrate the CLEAN funds to a new wallet. Leave the dirty funds + dust for gas behind. Mark the old wallet as "BURNED/BLOCKED" and never touch it.
6. "Tornado Cash" Considerations
Direct usage is illegal. Indirect receipt (someone sent you mixed funds) triggers a SAR (Suspicious Activity Report). Consult counsel on whether to Block or just Report based on materiality.
7. The "Anti-Hype" Checklist for Compliance Officers
1. Monitoring Alerts (SDN List). 2. OFAC Portal Access. 3. No-Interaction Policy (Staff Training). 4. Custodian Segregation Tools.
8. Case Study: The "Renaming" Attack
Attackers dusted CEOs (Armstrong) to force interaction. Protocols (Uniswap) had to build frontend filters. The lesson: Protocol compliance is smarter than manual panic.
⚠️ The "Good Samaritan" Risk
F.A.Q // Logical Clarification
Do I pay taxes on sanctioned dust?
"Likely No. "Dominion and Control" is required for income. If you legally can't touch it, you don't own it (yet)."
Can I burn the tokens?
"No. Burning is a transaction. It alters the property status. Do not touch."
What if sanctions are lifted?
"Apply for a "Specific License" from OFAC to unblock and move the funds."
Module ActionsCW-MA-2026
Institutional Context
"This module has been cross-referenced with Legal Strategy / Sanctions Compliance standards for maximum operational reliability."