Congrats to the devs. This is a historic moment for computing and distributed tech, and will pave the way for Ethereum’s next updates: scalability, privacy, stronger censorship resistance, easier UX and account abstraction.
Yes, of course this is my opinion. The transition has been years in the making and the amount of research and contributions to computing, distributed systems, and cryptography that this transition has created has been immense.
Congrats to the devs. This is a historic moment for computing and distributed tech, and will pave the way for Ethereum’s next updates: scalability, privacy, stronger censorship resistance, easier UX and account abstraction.
This is how all tech works - trains, cars, power stations. We build things that are initially inefficient. We eventually transition to energy efficient tech. We celebrate. It’s rare the transition can reduce 99.95% of energy footprint the size of a country within a minute of activating the new tech.
The difference is that PoW is not "inefficient". Rather, it is intrinsically wasteful by its very nature.
Take an inefficient car for instance. There are diminishing returns in its utility after a certain point of energy use. On the other hand, there are no diminishing returns in PoW. The more energy you use, the more money you make.
Sure? It was both an inefficient and wasteful mechanism to secure consensus. This is why developers have been actively researching and developing how to switch Eth to PoS for years.
Electric heaters are the classic exception in energy efficiency calculations. The heat produced is only wasted in that it will eventually dissipate. But heat is exactly what you wanted when you turned the heater on, and so heaters are often described as 100% efficient. I guess with heat pumps this logic makes less sense. It is more efficient to move heat around than to generate it.
Not quite sure how this relates to Proof of Work. People don't generally run mining rigs because they want to generate heat. The heat is almost always waste.
I've always wondered if the economics of using CPUs in heaters to do something useful and generate heat would ever work out.
Trains, cars and power stations serve a purpose. The blockchain only creates waste with nothing in return. Yeah it does pollute less now, but it's still too much.
This very sanction is against a tech called “Tornado Cash” which is not an organization or person. If somebody forks the protocol and renames it, and everybody uses it in place of TC, it will probably be under scrutiny by US treasury.
I'd wager it'll end up getting treated like a machine gun. As soon as something too recognizably close to it pops up again, onto the list it goes. In fact, now that I think on it, I could see a case whereby an Office to monitor new smart contracts pops into existence that categorizes pieces of logic such that usage thereof requires some form of bureaucracy.
The "if the U.S. government publishes smart contracts, I win" --Vitalik Buterin or whoever snark may not be as far fetched once tooling is bettee understood.
Humorously enough, ATF already has more than enough experience at that of enforcement (surveiling new designs and classifying new works as NFA/non-NFA) for it to not be converged upon as a potential model for regulation of such logical constructs.
Throw im some aggravating statutory enhancements for any crimes to which cryptocurrency mixing is found to be a component, and you've got a recipe for at least ensuring normal folk in U.S. jurisdictions tend to stay away from it.
...Good God. I hate this. Please don't make me right on half of these guesses.
You actually could publish “illegal code” because code is protected under 1st amendment, as free speech. Legal precedent has been set by Bernstein v US DoJ.
There is an open question about whether publishing non custodial contract code on Ethereum counts as providing a service. If you post 10 lines of immutable code onto Ethereum, and some years later a user chooses to run this code on their machines for criminal behavior, should you be prosecuted?
The open source software and cryptographic protocol is implicitly targeted with this order. You can see it in how private companies are now handling the Tornado Cash code and contributor accounts. If you create a similar privacy tool with zk-SNARKs do you really think it won’t also become a target for sanctions in time?
This is known as “chilling effect” in a legal context.
To expand on this, the chilling effect here is that even if the code behind tornado cash isn't explicitly illegal, using it on a blockchain in practice is incredibly risky.
People who might otherwise want to use this for financial privacy would be wary, since if they deposit funds to the contract, they don't have any way to know if they'll be able to use the unlinked funds later if withdrawn.
450m is a whopping 6% of all deposits on Tornado Cash[1]. The total percentage of illicit activity on the protocol is reported to be in the 10-30% range[2].
What percentage of activity in an E2EE chat application like Matrix is illicit? If a significant but minority percentage of its use is facilitating criminal discussion, should those open protocols also be sanctioned?
This isn't about the fraction of illicit use. A large fraction of Americans with numbered/anonymous Swiss bank accounts did nothing wrong with them - a much larger fraction than tornado cash users. However, they were still banned for US citizens due to US KYC rules.
The land of free speech is obsessed with being able to trace money as it travels. No surprise they would go after a service whose explicit purpose is to break the chain of custody on money.
Sure. Then it is irrelevant how much money was funding whom, only that a non-zero amount of value was not strictly traceable through typical financial surveillance systems, and so the US automatically deems this activity illegal regardless of how the funds were used.
This is where the “privacy on the blockchain should be a basic right” argument comes in, and what the plaintiff appears to be arguing.
When you want to make legal arguments, you do it when you have good facts, and this is not that time.
The facts about Tornado cash are terrible: pretty much everyone using it is either doing something provably illegal or trying to avoid being found, you have to go out of your way to use it (and pay an extra fee), and it's been part of a large number of bad news stories about crypto theft. A minimum of 10% of its throughput is provably due to frauds and thefts, and probably a lot more. It is not an exaggeration to say that many people's life savings have been funneled through Tornado cash into the wallets of criminals. In comparison, numbered Swiss bank accounts likely had more legitimate use than Tornado cash.
In comparison, the facts about Monero, Zcash, and the Wasabi BTC wallet (another mixer, but attached to a wallet) are a lot better. Privacy is free and/or the default option with those services, and they are a little more like cash: lots of victimless crimes (darknet sales, etc.), some use by ransomware attacks, but also a lot of legitimate use.
This lawsuit has a nonzero chance of throwing out the baby (privacy on blockchains) with the bathwater (tornado cash).
25% of funds being illicit does not mean “pretty much everybody” is using it for illicit reasons. Your argument really falls apart here, but the sweeping generalizations don’t help.
Monero and TC are equal parts useful for non-criminals who are seeking privacy.
It's also worth noting the headline of that link: "Crypto Mixer Usage Reaches All-time Highs in 2022, With Nation State Actors and Cybercriminals Contributing Significant Volume"
Quoting from later in that study, "Overall, if we label cybercriminal organizations with known nation state affiliations, we can see that these groups make up a significant and growing share of all illicit cryptocurrency sent to mixers."
It's not 10-30% as you summarized. It's 12% last year increasing to 23% this year, or nearly doubling from a 1/8 to 1/4 share.
This source does not support the position that illicit traffic is an insignificant share of mixer traffic.
There is no doubt known cyber criminals and enemies of the US are using this tool. The question I raised is: what percentage of illicit activity is acceptable? If the E2EE chat app Matrix facilitates 10-30%, should it also be considered a primarily criminal tool worthy of a sanction?
I will point out that of the 170 or so nations recognized widely on Earth right now.. many or most have changed borders substantially, pretty recently.. and almost every one has changed leadership and political control. The concept of a Nation being illegal somehow is related to markets control and military alliances.. I am not convinced that individuals from the three or four major world powers get to declare whole nations with different law, to simply be illegal.
> If someone built something that said "Launder your [256 bit integers] here" and it took in a bunch of [256 bit integers], and then [encrypted] it sans fees to hide where it came from... they'd say it was [256 bit integer] laundering and arrest the person.
When you compare this to encrypting 256 bit integers, text, or E2EE chat protocols, the shock is easier to understand. People should not be treated as a criminal for building Matrix E2EE protocol that enables privacy, they should not be treated as criminal for building Tornado Cash protocol that enables privacy.
Except the law isn’t talking about the private key or the encryption or the math, it is talking about what they are using those things for.
You are focusing on the numbers themselves and the math, but that isn’t the important part. This would be like someone getting arrested for check fraud and then trying to argue, “they are just a bunch of lines on a paper in a certain format, how can that be a crime!”
The crime isn’t that arrangement of ink on the paper, the crime is using those lines on the paper to commit fraud. Same thing here, it isn’t the numbers or math that are criminal, it is using those numbers and math to commit crime.
The sanctions apply directly to the protocol and it’s code, and this is the issue. It is not applying to persons, or criminal actions.
It would be like sanctioning the Matrix protocol and it’s code because it has facilitated terrorist communication. Obviously terrorists planning a bombing over Matrix protocol are engaging in criminal behavior, but this doesn’t mean the protocol itself is also a criminal entity.
Okay so you’re saying NFTs are absolutely meaningless, what the holder solely owns is a 256 bit integer and absolutely nothing else?
Anyway, in this case unlike debatably with nfts, there is concrete value tied to possessing knowledge of the integer so acting like it’s just sharing random numbers is deceptive and rather easily detected deception. resorting to deceptive arguments generally makes people turn against the position of the one trying to deceive so if advocating for tornado devs, one should avoid that argument unless one is actually trying to make people against them.
The point is: the protocol encrypts a private key, a private key is an integer, or text hash. Saying that it is OK to build tools that encrypt text, like Matrix protocol, but it is not OK to build tools that encrypt private-keys-as-text is a slippery slope.
Which one is it?
- privacy is a right, and people should be allowed to share knowledge privately
or,
- privacy is not a right, and people should only be allowed to share knowledge if that knowledge is not associated with "value"
Repeating an argument _verbatim_ this many times just comes across as patronizing. We get it. You think numbers can’t be outlawed. You’re wrong and in general, pedantry/technicalities about theoretical computer science is _not_ going to help you when considering human power structures.
Someone else has told you this already, but you seem intent on ignoring it.
You did not answer my simple question. :) Sorry to be a broken record by comparing this to E2EE privacy protocols, but many commenters on HN only seem to think privacy is worthwhile when in the form of a chat app.
> The US sanctioning Tornado Cash and the resulting repercussions is deeply concerning. Whether or not you like crypto, you should not be supporting this if you are a researcher, academic, technologist, cryptographer, or privacy advocate. The code for Tornado Cash is a series of cryptographic and mathematical functions that can be repurposed for a variety of applications unrelated to privatizing user wallets. The protocol itself is designed for one reason: to give users privacy through end to end and zero knowledge cryptography.
> Allowing it to remain open source and accessible as a tool for blockchain privacy and codebase for cryptographic research is a net benefit for the entire world.
> A comparison would be that US decides to sanction the open Matrix protocol along with any user, developer, source host, or sponsor that has ever contributed to it in the past - because it can facilitate end-to-end encrypted terrorist communication.
Zero evidence this is connected to U.S. sanctions. Dutch law protects even cash transactions less than American law.
When the investigation started, in June, the U.S. had already released evidence Tornado Cash was used to launder money. If a Dutch person kept working on it, it might be trivial to show they broke Dutch criminal statute.
> org that arrested him specifically mentions the US sanctions in their press release
I'm not arguing it's irrelevant. Just that this doesn't look like a sanctions arrest. Tornado Cash was sanctioned on 8 August. There hasn't been enough time for someone to violate the sanctions and produce enough evidence to get arrested. More likely: the same alleged crimes that got Tornado sanctioned prompted this arrest.
The first time a developer of open source, non-custodial and autonomous smart contract code has been arrested comes days after the US sanctions the same smart contract.
It says in the article that the person has benefited financially from this. It's not about making open source, I don't know why people are raising that red herring. Implementing a mixer is (probably) not illegal in The Netherlands, putting one in production and setting it up in such a way that you benefit from it absolutely is.
I don't believe it's a coincidence that the sanctions and the arrest happened close together, there's likely some coordination there. But it's really unlikely the sanctions somehow are relevant in this case.
> first time a developer of open source, non-custodial and autonomous smart contract code has been arrested comes days after the US sanctions the same smart contract. Probably just a coincidence
Zero chance this is solely on account of U.S. sanctions. It takes time to build an arrest case under domestic law, as well as for sanctions to percolate across legal systems.
There was likely coördination. Maybe the Dutch waited, to bolster their arrest case. Maybe the evidence that Tornado was used to launder money processed under similar time frames at OFAC and the FIOD.
I often wonder if people are aware that the US is basically a one world government. You cannot run. If you believe you are innocent, and you run to any other "somewhat free" country, they will send you right back to get railroaded through the "justice" system. If you do something outside the real jurisdiction of the US, they will find a way to put you in their jurisdiction.
The US has significant control over European countries. They're nearly vassal states to a degree.
This is the second comment of this type I am seeing on HN following this story. I find this line of defense odd. There is no direct evidence, but anyone even somewhat familiar with OFAC sanctions knows how far they can reach.
By this logic every blockchain developer should be arrested. The TC developers are not collecting fees directly, but they probably did give themselves a large supply of tokens to maintain control over the protocol, since the tokens were designed for governance.
You can name any blockchain and see the same pattern. You can name many applications on top of blockchains, like Uniswap, and see similar. All of these protocols are known to facilitate some amount of illegal activity. Does this mean all developers of these protocols should be charged?
No this means that you should talk with a serious law firm before you start one of these projects. OFAC, KYC, securities, AML/CFT, so many laws apply and without expert advice you can end up in a bad spot
"Dax has advised and continues to work with many of the leading companies, industry associations and consortia. Projects include U.S. and international digital currency exchanges, vaulting and custody solutions, bitcoin kiosks, tokenized gold and commodities, decentralized exchanges, autonomous smart contracts, stable coins, and Non-fungible tokens (NFTs). Beginning in late 2016, Dax worked with his colleagues to apply a new level of legal counseling to established software projects undertaking token sales related to decentralized applications (DApps) and distributed protocols..."
There is still no legal precedent around a case like this as it relates to DAOs and autonomous smart contracts, so a law firm could not have told you anything except "we can neither confirm nor deny." If there is another US sanction that targets a non-custodial smart contract and open source project, please do share.
Devastating that it has come to "do not code an E2EE privacy tool because you might find yourself in jail one day."
> no legal precedent around a case like this as it relates to DAOs and autonomous smart contracts, so a law firm could not have told you anything except "we can neither confirm nor deny."
Have you hired counsel? This isn’t what lawyers do.
Good counsel should provide guard rails. They will say this is novel and that they can’t guarantee anything, but lawyers do that anyway. They’re giving advice, not judgement.
One of those rails would involve responding to credible public allegations around being used to launder money by Pyongyang.
