[paddlepop]

Person that has worked on the defensive side of Money Laundering here.

The Tornado Cash sanction has been fascinating to watch and my key takeaway has been that there are two camps: that TC is a Money Laundering service or a Privacy service. Both are talking past each other, when it can in fact be both. Each camp see the service as their primary concern and consider the other camp as an unintended secondary.

I am seeing a lot of bad takes. "Money laundering requires all three aspects" particularly irks me because you can just point to KYC regulations to disprove that. "Code is just code" is another, but that is just because the code isn't why someone would be sanctioned or arrested. In the same way that The Pirate Bay was just code, its is how complicit they were in the offence that will get them.

Ultimately, the dichotomy feels like a problem unique to public blockchains, and will only be solved with a ZK L1 chain, whatever that looks like. The solution would require the blockchain equivalent of end-to-end encryption, one where intermediaries have zero knowledge but doesn't require co-mingling of dirty and clean money.

While I think money laundering is a more serious crime than piracy (at least the predicate offenses can be). Watch this play out like Megaupload, never ending legal issues for the first parties, and a technical solution like Mega.

[soufron]

Also legal side here.

I totally concur to your view. The issue would be the level of complicity in the offense of TC hosts... which will not be studied in theory by analysts studying the code, but by investigators looking at mails, meetings, money, interviewing people, etc.

Tech bros tend to forget that there are real people on the side of Law enforcement and that they can actually investigate in a very real and traditional manner, with surprisingly good results.

[vertis]

"The unreasonable effectiveness of traditional law enforcement techniques"

[zach_garwood]

I wouldn't call it unreasonable. Police are pretty bad at investigating and actually solving crimes.

[easrng]

> Ultimately, the dichotomy feels like a problem unique to public blockchains, and will only be solved with a ZK L1 chain, whatever that looks like. The solution would require the blockchain equivalent of end-to-end encryption, one where intermediaries have zero knowledge but doesn't require co-mingling of dirty and clean money.

Like monero?

[paddlepop]

For project maintainers, yes absolutely Monero.

But then either only ever use Monero for everything (like pre-2013 bitcoin), or exchanges will need the will to "proof" the source of funds aren't illicit.

[riedel]

How does Montero solve the problem of co-mingling dirty and clean money. As far as I understand there is still considerable illicit transactions within a block thus supporting indirectly bad actors (in e2ee I do not see that problem that clear)

Is there any cryptocurrency Blockchain (or research) that can limit the amount of currency held by each natural person (e.g. to an equivalent of roughly 10000 USD purchasing power) while providing anonymity for individual transactions to the outside? I would actually be willing to adopt such a trade-off roughly equivalent to cash (even paying transaction fees). At the moment I would not use crypto currencies because I do not feel that I share the values of the block chains.

[easrng]

Montero is a song by Lil Nas X, it doesn't solve the problem of co-mingling dirty and clean money.

[riedel]

It seems that gboard autocorrect likes hip hop better than crypto. (Guess I simply forgot to install the language files for Esperanto)

[nootropicat]

>one where intermediaries have zero knowledge but doesn't require co-mingling of dirty and clean money

how would that be different from tornado? There's no legal difference between a contract with a balance and an internal utxo tree, and a blockchain with a total balance and an internal utxo tree.

[yieldcrv]

yeah you should ignore the hot takes and just read this article from the EFF and the linked Coin Center article on this.

otherwise nobody else knows what you are talking about and it just reads like strawman arguments to discredit something nobody here actually said.

The issues are that the order does not distinguish between an un/incorporated organization of humans called Tornado Cash, and the autonomous smart contract that those humans do not control. The autonomous smart contract has no way of petitioning to removing itself from the SDN list, which is a prerequisite for inclusion in the SDN list, and a prerequisite for an American to get a license or have any remedy under the Administrative Procedures Act. Another division of the Treasury, FinCEN already has knowledge on this distinction and has said it in the past, while the OFAC division is acting like it is not aware of that guidance at all. There are other issues with that.

The follow-on issues are that this creates a chilling effect on speech and expression. Nobody knows their liability surface, and alters their own behavior because they aren't sure if they're going to prison or not.

[JumpCrisscross]

> solution would require the blockchain equivalent of end-to-end encryption, one where intermediaries have zero knowledge but doesn't require co-mingling of dirty and clean money

How would you draft a statutory safe harbor for GitHubs and Coinbases when it comes to handling mixers as well as the wallets connected to them?

[paddlepop]

As someone else has stated elsewhere in this discussion, I don't think GitHub have much to worry about. Tornado Cash the service was sanctioned, and MS would choose to censor the repo out of an abundance of caution. In the same way that the pair that open-sourced the ransomware PoC didn't get arrested because they are further away from the offenses.

I have mixed thoughts on safe harbor for centralised exchanges, they are the closest thing we have to banks in cryptoland. Mostly because with grey areas like that, a prosecution is only going to be pursued with clear evidence they knew but did nothing.

[pjc50]

> statutory safe harbor for GitHubs and Coinbases when it comes to handling mixers

KYC-plus: provided that they can prove somehow that their mixer is not handling money for sanctioned entities, they can be left alone.

[thesausageking]

> In the same way that The Pirate Bay was just code, its is how complicit they were in the offence that will get them.

Can you explain what you mean by this? To me, publishing code that can be used to do something is very different from running it and allowing people to use it.

[paddlepop]

That's exactly what I mean, its the service that is getting sanctioned. The people that "knew and didn't do enough to stop it" will be arrested.

My meaning of "code is just code" as a bad take, was just that the code part in isolation wasn't sanctioned.

[t_mann]

> publishing code that can be used to do something is very different from running it and allowing people to use it

that difference is non-existent when code is published as a smart contract

[woojoo666]

A smart contract doesn't run on it's own, you still need computers to run it. Not to mention for Tornado cash, you also need people interacting with the contract and sending money to it, since it doesn't do anything on its own

[t_mann]

It's run by the miners and users and disconnected from the people who published the code (who may also be miners and users, but needn't be)

[paulpauper]

"Money laundering requires all three aspects"

What are the aspects?

[jaywalk]

> Typically, it involves three steps: placement, layering and integration. First, the illegitimate funds are furtively introduced into the legitimate financial system. Then, the money is moved around to create confusion, sometimes by wiring or transferring through numerous accounts. Finally, it is integrated into the financial system through additional transactions until the "dirty money" appears "clean."

https://www.fincen.gov/history-anti-money-laundering-laws

[phaust]

More-so than that, I see a conflation and confusion on the different stakeholders and components of Tornado Cash, on both sides of the ML/privacy split you describe.

Note that the TC smart contracts are completely autonomous now (no entity with privileged permission or receiving a fee). They are truly non-custodial and necessary functionality is either executing on-chain or locally on the client.

So a user can make full use of tornado cash suite (smart contracts + UI) without ever having to interact with or pay a fee to anyone involved in the project.

Now, if a user withdraws manually, they will still need to submit a withdraw transaction and pay some ETH for gas (transaction cost), which will link that ETH with the withdrawn funds. So there is a chicken-and-egg problem here. To solve this, the UI integrates with a network of relayers who will facilitate the withdrawal transaction and cover the gas for a percentage fee. Relayers aren't hardcoded in the UI or smart contract and users can choose their own third-party relayer. The relayer network is permissionless and autonomous as well - anyone who sets up the software and commits enough funds will be one. In newer versions of the TC UI, only relayer nodes which have staked a minimal amount of TORN tokens are showed for selection, and there is a ranking and preference of relayers who have higher amounts staked.

This relaying, on the other hand, can absolutely be seen as a service. There could be a case for ML to have against that network of relayers. And potentially (though this is new territory for courts I think) TORN token holders and/or governance participants. This clear separation between the components and stakeholders and the removal of the need of privileged actors is precisely what makes TornadoCash different from legacy mixers.

I think it's very unfortunate that even people in the space characterize this TC as such as a "service", as I think it's best viewed as "not a service" - to this point, there are no service providers apart from the serving of the self-hostable client web UI. Which is optional. It's hard to tell in which cases this is a conscious oversimplification and in which cases people aren't aware of the nuance.

If I'm allowed to make a rough comparison from the best of my understanding to Bittorrent for those who remember the TPB saga:

  Ethereum nodes: Bittorrent DHT
  Tornado Cash UI: Bittorrent client in a web UI
  Tornado Cash smart contracts: software executing in the "DHT" (by every node)
  Relayer server-side API (old UI): Bittorrent tracker
  TORN DAO smart contract (new UI): Bittorrent tracker, except there's no server anymore and it all executes in the DHT

Having the DHT stand in for blockchain is not fully accurate of course but should hopefully get the major point across. Makes sense?

> Person that has worked on the defensive side of Money Laundering here.

Would love to have a follow-up from you with thoughts on the above.

[paddlepop]

I think mainly that I do not envy the lawyer that has to make the service argument.

We could get lost in the technical details of why it is or isn't a service but ultimately they only need to prove that x person of the project knew about the issues, could have done something about it (like shut it down), and didn't do enough.

It was just the one contract wasn't it? i.e. someone was responsible for deploying the contract that inputs and outputs the blending between addresses. In this scenario, the other permission less stuff is theatre.

[Vespasian]

So no one profits from TC financially at all?

The people who did deploy the contracts did it out of the goodness of their hearts? that seems..odd.

[jsmith45]

My understanding is that a good chunk of the TORN tokens issued by "DAO" are earmarked for developers of TC, and these token could be sold for money, etc.

Plus the initial developers could run relay nodes to make money, and can even do it in a way that is basically impossible to prove, by using TC itself when withdrawing the profits made by their relay nodes. Back before sanctions, even at a centralized exchange, nobody would think anything is odd about TC developers exchanging out coins previously transferred through the TC system. After all they care about privacy and don't want people to be able to trace back to all their previous transactions.

[from]

They profited from issuance of the TORN token but they did not take fees out of every deposit. Relayers are the ones who receive fees for withdrawals (about 0.1 ETH) and depending on your point of view could be unlicensed money transmitters (and if they are still operating after Tornado was designated then sanctions violators).