It seems strange to me that there is a consensus on this site that communications privacy is a human right but that financial privacy is a terrible evil. In fact all of the arguments pro/con (terrorists, drug dealers, etc can benefit from it) are basically identical yet there exists this double standard. The truth is that these now-sacred laws that ended financial privacy really only started being enforced in America in the 80s and their European equivalents in the late 90s. Are we really any safer now than we were then? The proponents of these laws always claim that if only they could close the loopholes they would be successful. First it was bearer shares, then it was "shell banks", then it was money orders, now it's gift cards, luxury real estate, and cryptocurrency. I am skeptical that closing all these supposed loopholes will actually move the needle on crime. As long as you can 10x your money bringing cocaine from Colombia to America or robocalling grandmas, people are going to do it and new reporting requirements or whatever may make them pay 25% for laundering instead of 10% but it won't put them out of business.
1. I would not call it consensus, for example the top comment on this article disagrees with that ‘consensus’
2. Here are two nuanced arguments about each that I’ve seen:
Communications privacy is good in the small and mirrors the world with earlier technology with some differences. In the large it can allow maintaining much larger conspiracies than were previously possible with private meetings. One may consider it acceptable from a privacy and free speech perspective to allow secret communication in small groups but less secret communication in large groups. Indeed for political speech in a modern democracy you generally want it in public anyway, and WhatsApp and signal have small group sizes so you get this anyway. For very large groups, leaks seem hard to avoid. A counter argument might be that militaries / companies are in some sense like conspiracies in the way they want to keep state/trade secrets. However in typical democracies there may be document release schedules/transparency laws and internal company information may be revealed through patents, subpoenas, or just plain old leaks.
The money argument is that whereas people typically have similar amounts of private speech, some people have many orders of magnitude more money than others. Privacy for communication is then reasonably fairly distributed across the population (though those with more to hide may gain more) whereas privacy for money is mostly an advantage for the people with lots of it. Giving the people who are already rich and powerful this kind of advantage in avoiding scrutiny/taxes may not be considered fair or desirable. A counter argument could be that it is unfair for the rich to be exposed to such increased scrutiny merely because of their money.
> It seems strange to me that there is a consensus on this site that communications privacy is a human right but that financial privacy is a terrible evil
Why is that strange?
Financial 'privacy' allows corporate interests to buy government officials or just buy governments, it allows despots and oligarchs to move money with impunity, allows dictators to steal mercilessly from their people and 'clean' the money in other nations. And yes, it allows terrorists, drug dealers and criminals to go about their business too.
These are not identical concerns to privacy of speech. To paint them as such seems overly reductive.
> Are we really any safer now than we were then?
We are certainly better able to fight corruption and laundering of dirty money in the west than we have been in the past, yes. Are we 'safer'? Who knows, but it's about a lot more than a bit of cocaine, it's about the integrity of democracy itself.
AML is the least effective policy of all times. Infinite cost for practically zero results. 0.2% success rate while it increase costs for everyone and, worse, severely limits economic opportunity for many people in unprivileged industries/countries.
Money has been massively stigmatized, because that is a prerequisite for centralizing control over economic interaction.
The beneficiaries of this centralized control are any one who depends on government spending or regulatory restrictions for their job, it's your parents and neighbours, your partner and cousin. This is a massive cohort - who are over-represented in the top 10% of income earners [1] - who participate in the manufacturing of consent for restrictions on our right to engage in mutually voluntary economic interactions with other consenting adults.
I have to believe the motivation is much more likely placed with the treasury having the most complete view of everyone’s finances, seeing as basically every dollar earned in the US was done so on the shoulders of tax revenue-directed infrastructure, projects, research, and defense apparatus.
Something like this going mainstream would require us to completely reform the way the country collects revenue and might even affect our access to debt, so (in their eyes) why not just stomp out the promising ones with whatever justification is easiest?
Why are you looking for principles when most reactions are driven by emotion? Many of crypto’s loudest representatives are smug assholes. People love seeing arrogant folks taken down a peg (deservedly or no).
> The truth is that these now-sacred laws that ended financial privacy really only started being enforced in America in the 80s and their European equivalents in the late 90s. Are we really any safer now than we were then?
AML/KYC is not just about terrorism (where it's doubtful if these measures actually have much effect, given how much terrorism is state-sponsored or -backed), it's more about organized crime - and I'd say that yes, organizations like the OG Italian mafia have a way harder time these days. Particularly Italy has made a lot of progress combatting them.
> there is a consensus on this site that communications privacy is a human right but that financial privacy is a terrible evil
Money can be transferred; speech can't be transferred. That's a significant enough difference to them that "why is privacy for one good but privacy for the other bad?" seems like a facile comparison.
The consensus is that there is a profound difference between slipping someone a dollar bill and slipping them coffers full of cash. We don't need to know where that dollar bill goes, most likely. We do need to know where those coffers went. Scale matters. Quantitative changes are qualitative changes.
Anti-money laundering laws may not prevent organized crime. But organized crime massively benefit from their absence. Solutions don't need to be 100% effective to be useful.
The difference between communications and finance is that finance is integral to the state. Currency and taxes are a core instrument of the state (even its capability for direct physical violence requires finance to maintain and exert). Even so, privacy only applies to SOME forms of communication just as it still applies to SOME forms of finance (though for the latter this is more often de facto than de jure). If you want true communications privacy, you need to build parallel systems that don't interact with public or compromised ones and even then there's the risk of someone taking information from one system to another and leaking it (this is why OPSEC/INFOSEC/COMSEC is such a big deal).
The US sanctioning Tornado Cash and the resulting repercussions is deeply concerning. Whether or not you like crypto, you should not be supporting this if you are a researcher, academic, technologist, cryptographer, or privacy advocate. The code for Tornado Cash is a series of cryptographic and mathematical functions that can be repurposed for a variety of applications unrelated to privatizing user wallets. The protocol itself is designed for one reason: to give users privacy through end to end and zero knowledge cryptography.
Allowing it to remain open source and accessible as a tool for blockchain privacy and codebase for cryptographic research is a net benefit for the entire world.
A comparison would be that US decides to sanction the open Matrix protocol along with any user, developer, source host, or sponsor that has ever contributed to it in the past - because it can facilitate end-to-end encrypted terrorist communication.
> The code for Tornado Cash is a series of cryptographic and mathematical functions that can be repurposed for a variety of applications unrelated to privatizing user wallets.
You can deconstruct anything like this: "a gun is merely a set of mechanical parts that can be repurposed for a variety of applications unrelated to shooting things".
Besides, the code or math isn't banned or illegal, the organisation is. Quite different things.
> A comparison would be that US decides to sanction the open Matrix protocol along with any user, developer, source host, or sponsor that has ever contributed to it in the past
That is not what happened so it's not a comparison at all.
No one has said you can't distribute the TC source code.
What you can't do is run a money laundering service with it. And the vast majority of TC transactions seem to have been exactly that - ways of hiding crypto from tax offices.
> A comparison would be that US decides to sanction the open Matrix protocol along with any user, developer, source host, or sponsor that has ever contributed to it in the past - because it can facilitate end-to-end encrypted terrorist communication.
A better comparison is the Phantom Secure sting, where a network that was used for primarily criminal purposes was shutdown.
In US Constitutional law, bare communication has significantly greater protections than the non-speech-related transfer of money from one party to another.
I'm really starting to think there is an argument where the OFAC list cannot apply to smart contracts, at least on Ethereum or EVMs.
OFAC literally means the Office of Foreign Assets Control, it cannot be applied domestically to American assets.
In EVMs, no node is aware of which node saw a transaction first to relay it to miners. Therefore, one argument is that the deployment of the contracts cannot be known to be done in a non-American source. To strengthen an adversarial argument one could move to the account owner that paid for the contract deployment, but I believe there are challenges for that as well since sole custody of a private key cannot be known, only assumed.
This isn't to weasel around any attempt at government control or consequences, only the OFAC designation. It seems like the incorrect authority.
> This also might be the first time where a piece of code got sanctioned.
It's not, though. The project got sanctioned and by extension the services it provides. The blockchain implementation of said service is rather unique, but I don't think this is technically any different from projects like Popcorn time being sued/shut down despite their p2p systems.
The difficulty with smart contracts is that it's hard to take those services down. After all, you can't take a smart contract out of ethereum. The legal ramifications of this are interesting: the undeletable nature of blockchains and their capacity to store arbitrary data or execute arbitrary code could taint the entire blockchain when bad actors unleash services that cannot possible be taken down, causing anyone participating in the blockchain system to be an accomplice. Or perhaps the governments of the world will look at this more pragmatically and simply consider the contract dead, only sanctioning new people who call upon the contract to execute transactions.
This indestructibility of the blockchain is often sold as a benefit, a way to stick it to the government, but the real world doesn't care about your technical implementations when the police tells you to shut it down. Designing a system that you cannot control or shut down may not be a great idea, especially if interactions with said system are logged permanently and publicly.
> It's not, though... any different from projects like Popcorn time being sued/shut down
An OFAC sanction is orders of magnitude more serious than Popcorn Time being taken down via DMCA requests and lobbying. I don't think that's a fair comparison.
Author here. Agreed that software projects regularly get sanctioned. I meant to imply "smart contracts".
Also, Didn't the US try to also ban crypto algorithms and in-effect certain math itself?
The good thing is that it's become a "hobby" mechanism. Imagine the scenario where you come into £1m in cash by "finding" it. What are you going to do with it? You can't buy a house, you can't put it in the bank, you can't invest it in stock or a pension. You could subsidize your lifestyle a bit - but not vastly due to the risk of someone noticing.
The best idea that I can come up with is to start a cash business and launder the money through that; for example a burger van or something... Probably you could build that to about 100k a year and get away with it, just, maybe. Quite a lot of work and inconvenience to do it. Of course you could try and get it laundered in a criminal conspiracy (a-la breaking bad) but you will just get robbed. Maybe used cars would work as well.
Maybe you could drive round and buy up some nice wine or something like that that keeps for a long time... I think you can pay cash for a couple of hundred without attracting too much attention.
You are on the clock as well - every 5 years or so the notes change and stop being accepted.
The point is that cash works well for the low end informal economy, builders and plumbers and window cleaners can make their businesses work with it. It doesn't work so well for oligarchs. Crypto does. That's just one reason it's so bad and I don't mourn for this.
The state will not give up it's monopoly on money or violence. Anyone who challenges either of these will find the other deployed against them.
I'd identified this pattern before that cash provides a sort of "non scalable privacy". Individual notes aren't really traced and normal size cash transactions can be private. The larger the transaction, the larger the physical bundle of notes gets. You can fit £1m into a briefcase maybe, but if you want to move $12bn you need a serious military operation: https://www.theguardian.com/world/2007/feb/08/usa.iraq1
Whereas with digital money, one penny and a trillion dollars are equally weightless. Huge transactions that can't be interdicted start to raise problems for the state, as you say.
> You are on the clock as well - every 5 years or so the notes change and stop being accepted.
In what country are you basing this comment on? I haven't heard of any cash notes becoming "outdated" or "expired" after five years in any country I frequent.
> It doesn't work so well for oligarchs
It does work well as long as everyone is inside the gray/black markets, as they won't ask questions where you got your £1m cash from when you buy a property in the dark from them. How do you think most large shipments of drugs are being sold/bought? Trading cash for the drugs, almost exclusively. That's why when the police does busts of large shipments, they often come across large cash stashes as well, if the deal was just made.
Here in Belgium they're making a serious effort to stamp out the use of cash. It's harder and harder to get it, cash machines just close down or are inside a building that closes at 8PM, 10PM even in areas full of bars.
The thing is that it's become so easy now to pay by card, basically anyone can get a payment terminal the size of an iPhone and all cards are now contactless.
So while I'm against it, I think the govt + banks are successful and we can't provide many counter arguments apart from privacy / libertarian ones that most people dgaf about
For those who think this is a good thing: can you explain why people should have access to HTTPS and Tor (web privacy), PGP and Signal (communication privacy), but not Tornado Cash (financial privacy)?
> What happens to the FOSS developers who contributed to the project? Are they sanctioned as well?
devs were mostly anonymous, IIRC. Coindesk says “Tornado Cash developer Roman Semenov's GitHub was suspended.” [1]
> What will happen to the tainted money? This figure is about 400M$. I expect a secondary market for TCtETH (Tornado cash tainted ETH)
indeed. the feds haven’t seized any money. the 10,000s of TC users still have anonymized possession of decent sums of money and have effectively been told “you can’t legally use this for goods and services”. have the feds just created a bunch of $1000 coupons for DNMs?
> What happens to the protocols/pools/(d)apps which interacted with it?
contract still live, i assume. i think it was governed by a DAO so if they haven’t/don’t hurry up and lock that down there’s risk of a malicious takeover as the TORN token devalues. if you blacklisted everything that these tokens interact with you'd blacklist like 10% of crypto. AMMs and bridges are in some sense just a much more diffuse tumbling service. i guess it works for now because most people running Ren nodes (for example) don't understand that they're helping people launder, whereas the TC service is much more in-your-face.
Tornado Cash published their UI a month ago. their GitHub’s been taken down but i expect mirrors will surface. it should be totally possible to keep using the service — expect significantly decreased liquidity — and the fun part (for me) will be to sit and watch to what degree the decreased normie use of TC kills the thing v.s. just slows it down.
the GitHub ban is a warning to me though. i’m in (non-crypto) circles where we largely host our own repos, but few of us publicly mirror the software we build upon. makes me think i should start doing so in advance.
> have effectively been told “you can’t legally use this for goods and services”
No, they haven’t. When the Russian central bank was sanctioned, everyone who’s done business with them didn’t lose the dollars they were paid. They’re under more scrutiny, when they spend any of their dollars, because they were proximate to a sanctioned entity. But the funds are still theirs.
> contract still live, i assume. i think it was governed by a DAO so if they haven’t/don’t hurry up and lock that down
Most smart contracts are deployed in such a way as to be immutable. They can also be cloned trivially. The source has already been backed up to IPFS.
They might as well ban elliptic curves.
Also, someone already used TC to send 0.1ETH to dozens of celebs such as Jimmy Fallon and Dave Chappelle, because crypto works like email. You can't prevent someone from sending something and you can't prove it was or wasn't them that initiated it.
> contract still live, i assume. i think it was governed by a DAO
Just chiming in to make it clear that the protocols that have to do with the core service are not governed by a DAO and are fully immutable. Nobody can change or shutdown those smart contracts without the blockchain itself manipulating things, which is for all intents and purposes impossible.
>"the GitHub ban is a warning to me though. i’m in (non-crypto) circles where we largely host our own repos"
I am a small fish that develops software products for clients and for my own company. The chances of me being punished by Github are probably close to 0 since I do not do anything even remotely related to money, politics and other "hot and exiting" areas. Still unless explicitly requested by client I always host my own stuff either on my premises or on rented dedicated servers from OVH and Hetzner. The whole idea of someone else controlling my assets drives me up the wall and I am trying to avoid it as much as reasonably possible.
There are a ton of legitimate, non-criminal reasons to use Tornado Cash. Maybe it just feels weird for random strangers on the internet to be able to figure out your net worth when that's not something you share with my family and closest friends.
The real thing at stake here is freedom of speech. Following this OFAC announcement the code was immediately censored from Github. This is because OFAC violations can land you in jail for up to 30 years. This means that code, which is clearly just speech, is being censored. Either first amendment, free speech rights will be eroded or governments will have to relinquish their control when it comes to who deciding how you can spend your money. Governments clearly aren't going to give up their control without a fight.
Sometimes there's a political and ideological aspect to our work as software engineers. I'm reminded of brave heroes like Martin Hellman and Phil Zimmermann who risked going to prison over our right to access cryptography. The internet as we know it today only exists because they were willing to break the law at immense personal risk.
We need people with that kind of courage more than ever today.
> I really hope that the political authorities dig deeper and technically understand services like Tornado cash and come to a realisation that criminal behaviour exists everywhere and cannot be blanket banned by shutting down legitimate services. You can’t just end up banning hard cash just because its used by criminals and for money laundering. (They tried this in India but it didn’t go as expected).
First we had "drugs", then we had "terrorists", then we had "pedophiles", and now we have "money laundering". All of these things really do exist and really are bad, but their negative impact on society is strategically overstated and the measures taken against them are mostly ineffective against the thing they are purported to combat, yet cause significant amounts of "collateral" damage to the privacy and freedom of all of us.
So the article says the blockchain is, by design as a public ledger, a privacy nightmare.
And we have to use it (for some unstated reason).
So the only solution must be to enable money laundering so people can get their privacy back.
My take: that seems kind of backwards. How about we just don’t use the thing that purposely exposes everyone data? If people want privacy then that seems like a design flaw.
Enabling (maybe limited) money laundering is not a good solution. It’s a very odd band-aid on the real problem.
This is a false dilemma. We have more choices than “enable money laundering” and “no one has privacy”.
Let's say you're a business that accepts crypto and what if someone sends you ETH or some coins like USDC. Is it your job to check that these coins didn't come from Tornado? It's quite hard to do that. What if account A got their ETH from Tornado, then sent it to account B, which then exchanged the ETH to USDC on Uniswap, which then sent the USDC to account C, which then sent the USDC to you.
This is a problem for Bitcoin as well. What if someone got ETH from Tornado. Then converted the ETH to renBTC (https://renproject.io/) on Uniswap. Then converted the renBTC to BTC. Are those Bitcoins now somehow tainted?
This new law makes crypto essentially unusable (at least for US persons).
If $1B collectively were to be donated to the democratic and republican parties via Tornado Cash (and they had to use TC to claim it), I suspect we'd see a pretty fast reversal of this sanction.
>Any (d)app you use will instantly know your entire transaction history
>Imagine you sign up with your email on a random website and they suddenly now have access to your entire bank statement. Higher medical insurance premiums because they know that you transacted often in an online pharmacy. Expensive delivery charges because they know you can afford it.
Isn't this a major issue with Ethereum-SSO whether or not Tornado Cash is sanctioned? If you need to use a mixer to avoid any site you sign into gauging your net worth, isn't it kind of broken by default?
> Higher medical insurance premiums because they know that you transacted often in an online pharmacy. Expensive delivery charges because they know you can afford it.
Sometimes I manage to forget how depressing the healthcare system in the USA is, but am always jarringly reminded in the most unexpected of places
What will happen to the tainted money? This figure is about 400M$. I expect a secondary market for TCtETH (Tornado cash tainted ETH)
This is why crypto was never fungible or useful for privacy purposes. Gold and other precious medals can be melted. Crypto can never be seamlessly mixed. No matter how hard you try, transactions and trails can be reconstructed. The only way to mix is to generate a huge amount of noise.
This was inevitable. For the past 2 years or so years hackers would process their loot with Tornado. There is no way the govt. would stand for this. It's similar to how the Wanna Cry hack , in 2017, made KYC much more common because the hackers used exchanges to convert stolen BTC into monero. All it takes is a handful of people to abuse a service for it to be tainted/ruined for everyone else.
The US has been hostile to the businesses around crypto for some time now, this is just one more reason to keep it away from the eyes of the US govmt if you are in their jurisdiction.
TCtETH is not a thing... Ethereum is not using a UTXO model and even if it was some serious off chain analysis would be required to make something like that work
[+] [-] from|3 years ago|reply
[+] [-] dan-robertson|3 years ago|reply
2. Here are two nuanced arguments about each that I’ve seen:
Communications privacy is good in the small and mirrors the world with earlier technology with some differences. In the large it can allow maintaining much larger conspiracies than were previously possible with private meetings. One may consider it acceptable from a privacy and free speech perspective to allow secret communication in small groups but less secret communication in large groups. Indeed for political speech in a modern democracy you generally want it in public anyway, and WhatsApp and signal have small group sizes so you get this anyway. For very large groups, leaks seem hard to avoid. A counter argument might be that militaries / companies are in some sense like conspiracies in the way they want to keep state/trade secrets. However in typical democracies there may be document release schedules/transparency laws and internal company information may be revealed through patents, subpoenas, or just plain old leaks.
The money argument is that whereas people typically have similar amounts of private speech, some people have many orders of magnitude more money than others. Privacy for communication is then reasonably fairly distributed across the population (though those with more to hide may gain more) whereas privacy for money is mostly an advantage for the people with lots of it. Giving the people who are already rich and powerful this kind of advantage in avoiding scrutiny/taxes may not be considered fair or desirable. A counter argument could be that it is unfair for the rich to be exposed to such increased scrutiny merely because of their money.
[+] [-] Nursie|3 years ago|reply
Why is that strange?
Financial 'privacy' allows corporate interests to buy government officials or just buy governments, it allows despots and oligarchs to move money with impunity, allows dictators to steal mercilessly from their people and 'clean' the money in other nations. And yes, it allows terrorists, drug dealers and criminals to go about their business too.
These are not identical concerns to privacy of speech. To paint them as such seems overly reductive.
> Are we really any safer now than we were then?
We are certainly better able to fight corruption and laundering of dirty money in the west than we have been in the past, yes. Are we 'safer'? Who knows, but it's about a lot more than a bit of cocaine, it's about the integrity of democracy itself.
[+] [-] nnx|3 years ago|reply
https://www.tandfonline.com/doi/pdf/10.1080/25741292.2020.17...
[+] [-] ETH_start|3 years ago|reply
The beneficiaries of this centralized control are any one who depends on government spending or regulatory restrictions for their job, it's your parents and neighbours, your partner and cousin. This is a massive cohort - who are over-represented in the top 10% of income earners [1] - who participate in the manufacturing of consent for restrictions on our right to engage in mutually voluntary economic interactions with other consenting adults.
[1] https://www.hoover.org/research/california-state-government-...
[+] [-] nrb|3 years ago|reply
Something like this going mainstream would require us to completely reform the way the country collects revenue and might even affect our access to debt, so (in their eyes) why not just stomp out the promising ones with whatever justification is easiest?
[+] [-] wilde|3 years ago|reply
[+] [-] mschuster91|3 years ago|reply
AML/KYC is not just about terrorism (where it's doubtful if these measures actually have much effect, given how much terrorism is state-sponsored or -backed), it's more about organized crime - and I'd say that yes, organizations like the OG Italian mafia have a way harder time these days. Particularly Italy has made a lot of progress combatting them.
[+] [-] credit_guy|3 years ago|reply
I consider myself entitled to have my Amazon purchases private. Guess what? They are. I don't need a blockchain for that.
[+] [-] bb88|3 years ago|reply
[+] [-] unknown|3 years ago|reply
[deleted]
[+] [-] mcphage|3 years ago|reply
Money can be transferred; speech can't be transferred. That's a significant enough difference to them that "why is privacy for one good but privacy for the other bad?" seems like a facile comparison.
[+] [-] Consultant32452|3 years ago|reply
[+] [-] throwaway-jim|3 years ago|reply
[+] [-] unknown|3 years ago|reply
[deleted]
[+] [-] fezfight|3 years ago|reply
[deleted]
[+] [-] hnbad|3 years ago|reply
Anti-money laundering laws may not prevent organized crime. But organized crime massively benefit from their absence. Solutions don't need to be 100% effective to be useful.
The difference between communications and finance is that finance is integral to the state. Currency and taxes are a core instrument of the state (even its capability for direct physical violence requires finance to maintain and exert). Even so, privacy only applies to SOME forms of communication just as it still applies to SOME forms of finance (though for the latter this is more often de facto than de jure). If you want true communications privacy, you need to build parallel systems that don't interact with public or compromised ones and even then there's the risk of someone taking information from one system to another and leaking it (this is why OPSEC/INFOSEC/COMSEC is such a big deal).
[+] [-] whatisweb3|3 years ago|reply
Allowing it to remain open source and accessible as a tool for blockchain privacy and codebase for cryptographic research is a net benefit for the entire world.
A comparison would be that US decides to sanction the open Matrix protocol along with any user, developer, source host, or sponsor that has ever contributed to it in the past - because it can facilitate end-to-end encrypted terrorist communication.
[+] [-] Beltalowda|3 years ago|reply
You can deconstruct anything like this: "a gun is merely a set of mechanical parts that can be repurposed for a variety of applications unrelated to shooting things".
Besides, the code or math isn't banned or illegal, the organisation is. Quite different things.
> A comparison would be that US decides to sanction the open Matrix protocol along with any user, developer, source host, or sponsor that has ever contributed to it in the past
That is not what happened so it's not a comparison at all.
[+] [-] nl|3 years ago|reply
No one has said you can't distribute the TC source code.
What you can't do is run a money laundering service with it. And the vast majority of TC transactions seem to have been exactly that - ways of hiding crypto from tax offices.
> A comparison would be that US decides to sanction the open Matrix protocol along with any user, developer, source host, or sponsor that has ever contributed to it in the past - because it can facilitate end-to-end encrypted terrorist communication.
A better comparison is the Phantom Secure sting, where a network that was used for primarily criminal purposes was shutdown.
https://www.reuters.com/world/how-an-informant-messaging-app...
[+] [-] twoodfin|3 years ago|reply
[+] [-] yieldcrv|3 years ago|reply
OFAC literally means the Office of Foreign Assets Control, it cannot be applied domestically to American assets.
In EVMs, no node is aware of which node saw a transaction first to relay it to miners. Therefore, one argument is that the deployment of the contracts cannot be known to be done in a non-American source. To strengthen an adversarial argument one could move to the account owner that paid for the contract deployment, but I believe there are challenges for that as well since sole custody of a private key cannot be known, only assumed.
This isn't to weasel around any attempt at government control or consequences, only the OFAC designation. It seems like the incorrect authority.
[+] [-] jeroenhd|3 years ago|reply
It's not, though. The project got sanctioned and by extension the services it provides. The blockchain implementation of said service is rather unique, but I don't think this is technically any different from projects like Popcorn time being sued/shut down despite their p2p systems.
The difficulty with smart contracts is that it's hard to take those services down. After all, you can't take a smart contract out of ethereum. The legal ramifications of this are interesting: the undeletable nature of blockchains and their capacity to store arbitrary data or execute arbitrary code could taint the entire blockchain when bad actors unleash services that cannot possible be taken down, causing anyone participating in the blockchain system to be an accomplice. Or perhaps the governments of the world will look at this more pragmatically and simply consider the contract dead, only sanctioning new people who call upon the contract to execute transactions.
This indestructibility of the blockchain is often sold as a benefit, a way to stick it to the government, but the real world doesn't care about your technical implementations when the police tells you to shut it down. Designing a system that you cannot control or shut down may not be a great idea, especially if interactions with said system are logged permanently and publicly.
[+] [-] carlosdp|3 years ago|reply
An OFAC sanction is orders of magnitude more serious than Popcorn Time being taken down via DMCA requests and lobbying. I don't think that's a fair comparison.
[+] [-] whoami_nr|3 years ago|reply
[+] [-] tick_tock_tick|3 years ago|reply
You absolutely can. Ethereum has forked in the past to alter inconvenient data / network state.
I've not looked at there contract but contracts can kill themselves if setup for it. See the SUICIDE opcode.
[+] [-] sgt101|3 years ago|reply
The good thing is that it's become a "hobby" mechanism. Imagine the scenario where you come into £1m in cash by "finding" it. What are you going to do with it? You can't buy a house, you can't put it in the bank, you can't invest it in stock or a pension. You could subsidize your lifestyle a bit - but not vastly due to the risk of someone noticing.
The best idea that I can come up with is to start a cash business and launder the money through that; for example a burger van or something... Probably you could build that to about 100k a year and get away with it, just, maybe. Quite a lot of work and inconvenience to do it. Of course you could try and get it laundered in a criminal conspiracy (a-la breaking bad) but you will just get robbed. Maybe used cars would work as well.
Maybe you could drive round and buy up some nice wine or something like that that keeps for a long time... I think you can pay cash for a couple of hundred without attracting too much attention.
You are on the clock as well - every 5 years or so the notes change and stop being accepted.
The point is that cash works well for the low end informal economy, builders and plumbers and window cleaners can make their businesses work with it. It doesn't work so well for oligarchs. Crypto does. That's just one reason it's so bad and I don't mourn for this.
The state will not give up it's monopoly on money or violence. Anyone who challenges either of these will find the other deployed against them.
[+] [-] pjc50|3 years ago|reply
(prior to this, there were a few incidents during WW2 where for various reasons vast amounts of value in the form of gold had to be moved around. At considerable risk. https://www.warhistoryonline.com/instant-articles/hms-edinbu... )
Whereas with digital money, one penny and a trillion dollars are equally weightless. Huge transactions that can't be interdicted start to raise problems for the state, as you say.
[+] [-] capableweb|3 years ago|reply
In what country are you basing this comment on? I haven't heard of any cash notes becoming "outdated" or "expired" after five years in any country I frequent.
> It doesn't work so well for oligarchs
It does work well as long as everyone is inside the gray/black markets, as they won't ask questions where you got your £1m cash from when you buy a property in the dark from them. How do you think most large shipments of drugs are being sold/bought? Trading cash for the drugs, almost exclusively. That's why when the police does busts of large shipments, they often come across large cash stashes as well, if the deal was just made.
[+] [-] stef25|3 years ago|reply
The thing is that it's become so easy now to pay by card, basically anyone can get a payment terminal the size of an iPhone and all cards are now contactless.
So while I'm against it, I think the govt + banks are successful and we can't provide many counter arguments apart from privacy / libertarian ones that most people dgaf about
[+] [-] game-of-throws|3 years ago|reply
[+] [-] colinsane|3 years ago|reply
devs were mostly anonymous, IIRC. Coindesk says “Tornado Cash developer Roman Semenov's GitHub was suspended.” [1]
> What will happen to the tainted money? This figure is about 400M$. I expect a secondary market for TCtETH (Tornado cash tainted ETH)
indeed. the feds haven’t seized any money. the 10,000s of TC users still have anonymized possession of decent sums of money and have effectively been told “you can’t legally use this for goods and services”. have the feds just created a bunch of $1000 coupons for DNMs?
> What happens to the protocols/pools/(d)apps which interacted with it?
contract still live, i assume. i think it was governed by a DAO so if they haven’t/don’t hurry up and lock that down there’s risk of a malicious takeover as the TORN token devalues. if you blacklisted everything that these tokens interact with you'd blacklist like 10% of crypto. AMMs and bridges are in some sense just a much more diffuse tumbling service. i guess it works for now because most people running Ren nodes (for example) don't understand that they're helping people launder, whereas the TC service is much more in-your-face.
Tornado Cash published their UI a month ago. their GitHub’s been taken down but i expect mirrors will surface. it should be totally possible to keep using the service — expect significantly decreased liquidity — and the fun part (for me) will be to sit and watch to what degree the decreased normie use of TC kills the thing v.s. just slows it down.
the GitHub ban is a warning to me though. i’m in (non-crypto) circles where we largely host our own repos, but few of us publicly mirror the software we build upon. makes me think i should start doing so in advance.
[1]: https://www.coindesk.com/policy/2022/08/08/crypto-mixing-ser...
[+] [-] JumpCrisscross|3 years ago|reply
No, they haven’t. When the Russian central bank was sanctioned, everyone who’s done business with them didn’t lose the dollars they were paid. They’re under more scrutiny, when they spend any of their dollars, because they were proximate to a sanctioned entity. But the funds are still theirs.
[+] [-] chrisco255|3 years ago|reply
Most smart contracts are deployed in such a way as to be immutable. They can also be cloned trivially. The source has already been backed up to IPFS.
They might as well ban elliptic curves.
Also, someone already used TC to send 0.1ETH to dozens of celebs such as Jimmy Fallon and Dave Chappelle, because crypto works like email. You can't prevent someone from sending something and you can't prove it was or wasn't them that initiated it.
[+] [-] carlosdp|3 years ago|reply
Just chiming in to make it clear that the protocols that have to do with the core service are not governed by a DAO and are fully immutable. Nobody can change or shutdown those smart contracts without the blockchain itself manipulating things, which is for all intents and purposes impossible.
[+] [-] FpUser|3 years ago|reply
I am a small fish that develops software products for clients and for my own company. The chances of me being punished by Github are probably close to 0 since I do not do anything even remotely related to money, politics and other "hot and exiting" areas. Still unless explicitly requested by client I always host my own stuff either on my premises or on rented dedicated servers from OVH and Hetzner. The whole idea of someone else controlling my assets drives me up the wall and I am trying to avoid it as much as reasonably possible.
[+] [-] yata69420|3 years ago|reply
He apparently used it to donate to Ukraine.
[+] [-] joshfraser|3 years ago|reply
The real thing at stake here is freedom of speech. Following this OFAC announcement the code was immediately censored from Github. This is because OFAC violations can land you in jail for up to 30 years. This means that code, which is clearly just speech, is being censored. Either first amendment, free speech rights will be eroded or governments will have to relinquish their control when it comes to who deciding how you can spend your money. Governments clearly aren't going to give up their control without a fight.
Sometimes there's a political and ideological aspect to our work as software engineers. I'm reminded of brave heroes like Martin Hellman and Phil Zimmermann who risked going to prison over our right to access cryptography. The internet as we know it today only exists because they were willing to break the law at immense personal risk.
We need people with that kind of courage more than ever today.
[+] [-] phantomathkg|3 years ago|reply
I think sadly, Israel just did ban hard cash for large transaction. See https://news.ycombinator.com/item?id=32281151
[+] [-] Smithalicious|3 years ago|reply
[+] [-] MBCook|3 years ago|reply
And we have to use it (for some unstated reason).
So the only solution must be to enable money laundering so people can get their privacy back.
My take: that seems kind of backwards. How about we just don’t use the thing that purposely exposes everyone data? If people want privacy then that seems like a design flaw.
Enabling (maybe limited) money laundering is not a good solution. It’s a very odd band-aid on the real problem.
This is a false dilemma. We have more choices than “enable money laundering” and “no one has privacy”.
[+] [-] TarasBob|3 years ago|reply
This is a problem for Bitcoin as well. What if someone got ETH from Tornado. Then converted the ETH to renBTC (https://renproject.io/) on Uniswap. Then converted the renBTC to BTC. Are those Bitcoins now somehow tainted?
This new law makes crypto essentially unusable (at least for US persons).
[+] [-] olalonde|3 years ago|reply
1) The sanctions only apply to U.S. persons.
2) My understanding is that it's fine to accept "tainted" ETH as long as it doesn't directly come from one of the Tornado Cash contract addresses[0].
[0] https://home.treasury.gov/policy-issues/financial-sanctions/...
[+] [-] pcthrowaway|3 years ago|reply
Sad state of affairs
[+] [-] kyle-rb|3 years ago|reply
>Imagine you sign up with your email on a random website and they suddenly now have access to your entire bank statement. Higher medical insurance premiums because they know that you transacted often in an online pharmacy. Expensive delivery charges because they know you can afford it.
Isn't this a major issue with Ethereum-SSO whether or not Tornado Cash is sanctioned? If you need to use a mixer to avoid any site you sign into gauging your net worth, isn't it kind of broken by default?
[+] [-] unknown|3 years ago|reply
[deleted]
[+] [-] komali2|3 years ago|reply
Sometimes I manage to forget how depressing the healthcare system in the USA is, but am always jarringly reminded in the most unexpected of places
[+] [-] paulpauper|3 years ago|reply
This is why crypto was never fungible or useful for privacy purposes. Gold and other precious medals can be melted. Crypto can never be seamlessly mixed. No matter how hard you try, transactions and trails can be reconstructed. The only way to mix is to generate a huge amount of noise.
This was inevitable. For the past 2 years or so years hackers would process their loot with Tornado. There is no way the govt. would stand for this. It's similar to how the Wanna Cry hack , in 2017, made KYC much more common because the hackers used exchanges to convert stolen BTC into monero. All it takes is a handful of people to abuse a service for it to be tainted/ruined for everyone else.
[+] [-] potatototoo99|3 years ago|reply
[+] [-] blurbleblurble|3 years ago|reply