The Tornado Cash case raises the level of the clash over privacy and cryptocurrencies

The Tornado Cash case raises the level of the clash over privacy and cryptocurrencies

On Monday 8 August, Ofac (Office of Foreign Assets Control), a government body headed by the US Treasury Department, issued an act which included the site of the well-known Tornado Cash software and 45 specific addresses hosted on the Ethereum network in the list of Specially Designated Nationals and Blocked Persons, foreign entities and individuals with whom American citizens are prohibited from interacting, under penalty of very severe administrative and financial penalties.

In the following days, moreover , 29-year-old engineer Alexey Pertsev, a Russian computer engineer and major contributor to the Tornado Cash code, was arrested in the Netherlands on unsubstantiated charges of aiding financial crimes and money laundering. The Dutch authorities have not been able to specify in detail the objections, but the preliminary hearing judge confirmed the arrest and set the next hearing in 90 days.

As if that were not enough, the US government has shot down the servers that hosted the landing page of the mixing service and forced, the best known platform that hosts the code of hundreds of thousands of open-source computer programs, to delete the Tornado Cash repository. Furthermore, dozens of service providers related to the use of virtual currencies, including the major exchanges, DeFi's decentralized applications such as Aave and Compound, the USDC stablecoin issuer have blocked inbound and outbound transactions to all those users who had come into contact with the offending addresses. A violent ban carried out with strength and determination by the international government and police agencies, which only a few haggard and irreducible protesters have stood up to, with stubbornness but without great results.

It is not the first time that Ofac has issued a contrasting measure against a cryptocurrency mixer, since already on 6 May the government body had intervened with a similar measure to prohibit users and American providers use the services offered by the site, guilty of facilitating cryptocurrency laundering activities in favor of the Lazarus Group, a group of cyber-criminals close to the DPRK, the dictatorial government of North Korea and in fact insuring - downstream of as many illegal accesses to cryptocurrency exchanges and IT extortion to Western companies - the financing of missile systems and other weapons of mass destruction. Also in this case, moreover, the accusation against Tornado Cash is that of having allowed the laundering of over 7 billion dollars, including the 455 million stolen from the bridging system called Harmony and the over 200 million stolen from the crypto. US startup Nomad.

Cryptocurrency mixing services Blender and Tornado Cash, as well as other mixing and tumbling services such as CoinJoin on Bitcoin protocol and MimbleWimble on Litecoin protocol, are used by holders of virtual currencies to obfuscate sending operations between addresses and wallets and thus making it more difficult to track transactions. Basically, these services combine the transactions and execute them simultaneously, mixing the incoming and outgoing flows so that it is no longer immediately possible to understand where the cryptocurrencies used come from and where they go. To give an example, it is as if the operations of thousands of users were grouped together and each flow divided into coins of one cent euro, and then mixed each operation by taking funds from each user to deliver the payments to their respective recipients. Reconstructing every single operation and knowing who paid whom becomes extremely difficult, if not practically impossible.

Unlike the payment instruments used in traditional finance, in fact, blockchains allow registration and subsequent analysis, in a way transparent and executable by anyone, of any movement of funds, as well as the verification of the balance and movements of any virtual portfolio. In this way, it is extremely easy to verify the origin of the funds and easily trace the origin of each payment, also allowing a rather invasive user profiling: it is as if - having the Iban of a current account - you could check the balance , list the previous operations and note each type of entry and exit, thus reconstructing the work of each user who interacted with it.

Now someone can argue with the typical "if you have nothing to hide, there is no problem being controlled "(even without knowing that the sentence is attributable to Goebbels), but the examples of why greater confidentiality is useful in financial transactions are simple and understandable by anyone: let's say, for example, that a user intends to make a large donation to the Ukrainian army or non-governmental organizations active in a war territory. Are we sure that he would like to be identified and profiled by the Russian secret services? And if a user frequently uses cryptocurrencies in his daily life - to make purchases, make financial investments, set aside funds for the future of his family - would he be happy to be profiled in every move by the giants of the web and digital marketing agencies? The difference between traditional payment systems - and even more so with cash - is evident. With current services that allow the use of virtual currency, the privacy of the individual is severely tested and transaction obfuscation systems will be increasingly necessary if we are to reach mass adoption tomorrow.

The peculiarities of Tornado Cash and the intervention of Ofac Including the functioning of the mixing systems, it remains to be asked how Tornado Cash differed from its predecessors and why the ban imposed by Ofac aroused so much discontent among the experts of blockchain, smart contract and web 3.

Unlike - also included in the blacklist of the Treasury Department - in fact, behind Tornado Cash there is no legal entity proper. There is no real company, with a registered office and a legal representative, there is no one who makes decisions and intervenes to provide the obfuscation service. Tornado cash is a dAPP, that is a decentralized application, consisting of an open-source code updated by dozens of programmers (most of them voluntary and anonymous) and loaded - so that it is operational and immutable - on the nodes of the Ethereum network. This feature is, first of all, a source of security for its users: whoever uses it does not have to fear that something will go wrong or that the individuals behind the service will flee with the funds. This could not happen with Blender and with the other mixers, whose operation depended on trust in their respective human operators.

To ban the use of Tornado Cash, Ofac put forty-five addresses on a blacklist. cryptographic, referable to as many instances of a software consisting of smart contracts, persistent scripts that automatically execute the clauses desired by the respective programmers. Unchangeable, verifiable and - therefore - extremely safe and reliable. For some experts, such as Jerry Brito and Peter Van Valkenburgh of Coincenter - a non-profit organization for the dissemination of cryptocurrencies, as well as for the Republican representative of Minnesota in Congress Tom Emmer, who addressed a request for an explanation to the Secretary of the Department of the Treasury Janet Yellen, it would be an excess of delegation: the government body would have exceeded its powers by inserting open-source code in a blackist dedicated to individuals and legal entities. Suffice it to say that the ban would provide for a possibility of appeal, or a change in operations by the recipient of the ban. Remedies that are obviously impossible for a computer program without legal personality and impossible to modify because it is immutable on a blockchain.

Technology - even the authors of this article are certain - should be considered neutral and privacy a fundamental and inalienable right of every individual. The open-source computer code is protected as an expression of freedom of expression by the first amendment of the Constitution of the United States of America and enjoys equivalent protections on the territory of the European Union. If some individuals have used this software to commit crimes, they must be individually prosecuted, as well as those who have possibly favored such conduct. Otherwise, it would be like punishing knife manufacturers for the violent use that could be done by individuals with malicious intentions.

The bigger picture Broadening the view and analyzing the question from a socio-political point of view, one wonders if such a decisive and violent intervention of the OFAC is effectively aimed exclusively at sanctioning the aiding and abetting of North Korean criminals and at avoiding further phenomena related to money laundering or terrorist financing, or if it is not collateral activities to the enforcement of the new recent stringent regulations that oblige service providers related to the use of virtual currencies to Kyc (identification and due diligence) of users, such as the MiCA Regulation and the VI AML Directive and the prohibition of transactions between the so-called unhosted wallet, anonymous wallets of which the identity of the holders cannot be known, included in the so-called Travel Rule, recently introduced by FAFT-FATF in the United States and by the European Commission in the old continent.

Services such as Tornado Cash and decentralized applications such as decentralized exchanges, as well as new generation protocols such as the Zero Knowdlege Protocol - which makes the transaction information visible only to the sender and the recipient rather than to anyone who knows its hash, effectively makes the obligations ineffective and returns to individuals the privacy and anonymity that were - initially - the purposes pursued by Satoshi Nakamoto when brought the bitcoin protocol into the world. As the cryptocurrency marketcap is increasing day by day, taking capital and resources away from traditional markets and making the future of global payment systems and finance evident, the clash between regulators and decentralized blockchain technology has just begun.

Powered by Blogger.