Bankless - Is DeFi Illegal Now? Tornado Cash Case Update | Jake Chervinsky
Episode Date: October 8, 2024Today Jake Chervinsky is back on the podcast to discuss Tornado Cash developer Roman Storm's court case and its implications on DeFi and the crypto industry. Could DeFi be made illegal in the Uni...ted States? Are DeFi developers going to be prosecuted if criminals use their code? Is it just DeFi? What other sectors could be at risk? The answers to these and many other questions are discussed in today’s episode. ------ BANKLESS SPONSOR TOOLS: 🐙KRAKEN | MOST-TRUSTED CRYPTO EXCHANGE https://k.xyz/bankless-pod-q2 🗣️TOKU | CRYPTO EMPLOYMENT https://bankless.cc/toku ⚡️CARTESI | LINUX-POWERED ROLLUPS https://bankless.cc/CartesiGovernance 🦄UNISWAP | BROWSER EXTENSION https://bankless.cc/uniswap ⚖️ ARBITRUM | SCALING ETHEREUM https://bankless.cc/Arbitrum 🛞MANTLE | MODULAR LAYER 2 NETWORK https://bankless.cc/Mantle ------ ✨ Mint the episode on Zora ✨ https://zora.co/collect/zora:0x0c294913a7596b427add7dcbd6d7bbfc7338d53f/75?referrer=0x077Fe9e96Aa9b20Bd36F1C6290f54F8717C5674E ------ TIMESTAMPS 0:00 Intro 4:44 Roman Storm’s Case 12:52 Is DeFi at Risk? 18:20 The Ruling & Its Implications 21:29 Money Transmission Explained 25:52 Roman Storm’s Arrest 30:54 Are All DeFi Protocols At Risk? 36:17 Prosecution of Privacy 43:11 What This Ruling Means & What’s Next 48:41 Best & Worst Case Scenario 53:11 Other Sectors At Risk 57:35 Other Cases 1:03:48 Totalitarian Nightmare 1:08:21 SEC Updates 1:12:00 US Election 2024 1:17:30 Geofencing 1:23:21 Are We Winning & Conclusion ------ RESOURCES Jake Chervinsky https://x.com/jchervinsky Jake Chervinsky’s Tweet https://x.com/jchervinsky/status/1839412423096467753 A Practical Guide to Geofencing https://variant.fund/articles/practical-guide-to-geofencing/ Defend Roman Storm https://juicebox.money/@defend-roman-storm ------ Not financial or tax advice. See our investment disclosures here: https://www.bankless.com/disclosures
Transcript
Discussion (0)
This is, in my view, for the first time, the United States government saying the developer of an open-source immutable smart contract protocol should go to prison for how someone else abused that protocol, even though there was nothing he could do to stop it.
Welcome to bankless, where we explore the frontier of internet money and internet finance.
This is Ryan Sean Adams. David's out today, so I'm here to help you become more bankless.
Pretty hard to go bankless if they make it illegal to go bankless.
On Friday, September 26th, a U.S. judge ruled that, quote, control of funds was not necessary, end quote, for money transmitter laws to apply to the tornado cash developer Roman Storm.
This is a court case I'm referencing that we've talked about a number of times on bankless.
If you're not familiar with it, we'll get into some of the details in today's episode.
The question I had when I heard about this was, did they just make devalued?
defy de facto illegal in the United States, the development of defy? This is a terrifying precedent
regardless, and it really begs the question, do all defy developers become criminals if criminals
use their code? Are defy protocols now unregistered money transmitters? And what would that mean?
Is the Department of Justice waging a war on money laundering? Or are they trying to wage a broader
war on privacy and all forms of decentralized crypto? Crypto lawyer Jake Chavinsky is our
guest today, and he shed some light on all of these questions. We've called this tornado cash case
the most important case in history so far of our fight for crypto freedoms. I think it'll answer
questions like, can code be sanctioned by governments? Can crypto developers be arrested at the whim of
an enforcement official? That's what's at stake in this case. This case, and others like it,
is not just about our right to financial privacy. That's important and that's part of it. But it's
about our broader right to develop and run software and preserve our civil liberties in this digital
age. Liberties that I'm afraid are starting to erode. We're in the expert hands of Jake to help us
navigate this. The episode today was sponsored by our recommended crypto exchange, Cracken. If you have
not created an account and gotten started, go do it. There's a link in the show notes today.
If you want a crypto trading experience backed by world-class security and award-winning support
teams, then head over to Cracken, one of the longest standing in most secure crypto platforms in the
world. Cracken is on a journey to build a more accessible, inclusive, and fair financial system,
making it simple and secure for everyone, everywhere to trade crypto. Cracken's intuitive trading tools
are designed to grow with you, empowering you to make your first or your hundreds trade in just a few
clicks. And there's an award-winning client support team available 24-7 to help you along the way,
along with a whole range of educational guides, articles, and videos. With products and features like
Cracken Pro and Cracken NFT Marketplace and a seamless app to bring it all together, it's really
the perfect place to get your complete crypto experience. So check out the simple, secure, and powerful
way for everyone to trade crypto, whether you're a complete beginner or a season pro. Go to crackin.com
slash bank lists to see what crypto can be. Not investment advice, crypto trading involves risk of loss.
Launching a token, don't let complex legal and tax issues slow you down. Toku provide specialized
support to optimize your launch and ensure that you as a founder and your team and your investors
get the most tax-efficient outcomes. The Toku team understands the crypto space inside and out
and will ensure your token launch is fully compliant while maximizing tax efficiency.
Toku can connect you with the best attorneys if you need them to make sure that you have the best advice,
and Toku can help to optimize your taxes so you pay the least possible amount of taxes while still maintaining legal compliance.
With Toku's guidance, you can concentrate on building your company while Toku handles the logistics.
Token launches don't have to be complicated.
Talk to Toku today to get a free initial token valuation.
Have you ever felt that the tools for developing decentralized applications are too restrictive
and fail to leverage advancements from traditional software programming.
There's a wide range of expressive building blocks
beyond conventional smart contracts and solidity development.
Don't waste your time building the basics from scratch
and don't limit the potential of your vision.
Cartesey provides powerful and scalable solutions for developers
that supercharge app development.
With a Cartese virtual machine,
you can run a full Linux OS and access decades of rich code libraries
and open source tooling for building in Web3.
And with Cartese's unique roll-up framework,
you'll get real world scaling and computation.
No more competing for block space.
So, if you're a developer looking to push the boundaries of what's possible in Web 3,
Cartesey is now offering up to $50,000 in grants.
Head over to Cartesey's grant application page to apply today.
And if you're not a developer, those with staked CTSI can take part in the governance process
and vote on whether or not a proposal should be funded.
Make sure your vote ready by staking your CTSI before the vote to open.
Bankless Nation, very excited to introduce you once again to Jake Chavinsky.
He is probably Bankless's favorite crypto lawyer on Twitter.
As evidenced by the number of times, he's been on the Bankless podcast.
And he's here, once again, he is the chief legal officer at Variant Fund.
He's on the board of the Defi Education Fund.
And we're here to talk about a very big case, a very important case that is going on in the U.S. right now.
This is the Tornado Cash case.
But first of all, Jake, welcome to Bankless.
Thanks for having me back.
Ryan, great to be here.
Do you need to say your typical legal disclaimer, since I've had you on enough.
I know that this sort of needs to be said, yes?
Yes, and thanks for prompting me, because sometimes I forget and then halfway through I have to stop.
So yes, I am a lawyer, but nothing I say here is intended as legal advice.
So don't do or not do anything just because I talk about it here.
And if you do need counsel, feel free to reach out and I'm happy to make a recommendation.
There you go.
Jake is a fantastic lawyer, but he is not your lawyer of Bankless Nation.
So just remember that.
I want to start with this tweet.
So this happened on Friday the 26th.
There was a ruling in the Roman Storm case.
And at the time, I didn't know the significance of that ruling, but that's why I invited
you on the podcast, really talk about this ruling.
And you tweeted this out, Judge Fela, her ruling denying Roman Storm's motion to dismiss
the indictment is an assault on the freedom of software developers everywhere.
This will go down in history as a perversion of law and a travesty of justice.
And it will go down on appeal if that's what it takes.
Strong words, fiery words, there, Jake.
You are one who, you know, your voice on crypto Twitter generally is very rational, very,
very moderate, very considered, I would say.
So to hear these fiery words coming out of you was like a kind of a wake-up call for me.
Can you give us the context?
Why did you tweet this out?
And what happened on that Friday, September 26th?
Happy to do that, and I appreciate your kind words, and I really do try to be as reasonable in my public statements as possible. And, you know, often there are very loud voices on either side of an issue. And, you know, in this case, I'm not just blowing hot air. I think that Judge Fail is ruling on the motion to dismiss the indictment in the criminal prosecution of Roman Storm, one of the developers behind the tornado cash protocol is really a dangerous precedent to set for not just crypto, but for open source software development generally. So maybe,
let me start by giving you the procedural posture where we are in this case and then we can get
into what Judge Fela ruled last week in her oral ruling, not written ruling on the motion to dismiss.
That sounds good. And one thing I want to say about this, we'll talk about this case,
the Roman Storm ruling as kind of the thing that's most recently happened. There are a series of
cases that are kind of tied together in this tornado cash case. Some in the U.S., some outside of
US. We might touch upon some of the other cases. The Roman Storm one is probably the largest going on
in the U.S. and the most significant going on in the U.S. right now. There's almost a tornado cash
versus the governments around the world like meta case because it's a series of cases that are all
tied together. But okay, let's get into the Roman Storm case, the 26th, September 26th, and the ruling
that was made. So can you talk about the background for that and T us up here? Yeah, happy to do that. And also we can
step a little more meta than that, even and talk about just sort of the global battle for privacy
as well, because that's really how all of this sort of fits in. But to zoom in first on the Roman
Storm case, the government decided, and when I say the government, I mean the Department of Justice,
which enforces the criminal law in the United States, decided to indict the developers behind
the tornado cash protocol, so that includes Roman Storm, on three different criminal charges.
conspiracy to commit money laundering, conspiracy to operate an unregistered money transmitting business,
and conspiracy to violate Aiba, which is the law that creates all of the sanctions rules in the United States.
In other words, transacting or facilitating a transaction with a sanctioned party.
In this case, the Lazarus Group in the DPRK, North Korea.
And the reason the government took such an interest in the Tornado Cash case is because, as we all know,
as we were all able to see, thanks to the transparency of a public blockchain, tornado cash did end up
being used as a mixer by some bad actors in the space, even though the vast majority of use
of tornado cash was ordinary people who just wanted to protect their privacy on chain.
And in the course of the prosecution, as a defense lawyer would do in basically any case,
Roman Storm and his counsel filed a motion to dismiss the indictment.
And the industry really showed up to support that motion to dismiss. So I co-authored an amicus brief, along with Amanda Tuminelli at the Defi Education Fund, arguing why that motion should be granted, coin center filed an amicus brief, the blockchain association, and many others. And in essence, the argument on a motion to dismiss an indictment is, even if you accept all of the factual allegations that the government makes in the indictment, those facts do not add up to a crime.
And the core of the argument in the tornado cash case for Roman Storm is that he is not credibly
accused in the indictment of actually committing those offenses, conspiracy to commit money laundering
or operate an unregistered transmitting business, money transmitting business, or violate sanctions
merely because he wrote code that he put onto a blockchain that operates in an autonomous
and self-executing fashion and then was abused by bad actors after the fact without his personal
involvement. So that was essentially the argument that was made in the motion to dismiss the indictment.
And we can dig more into the details there. But just, yeah, go ahead, Ryan.
It seems like a clear-cut argument. I mean, is it a pretty clear-cut argument? Is there
precedent around this? Well, you would hope that it would be a clear-cut argument that
that individuals should not be held liable for the bad acts of some other third party that
they are not actually participating in. But in this case, it does get a lot more complicated for a
couple of reasons. What the government did in the indictment, at least in my personal opinion,
is they really conflated the ways in which Storm was involved in the tornado cash protocol.
They make a bunch of allegations about what Storm had done, including writing the immutable,
smart contracts that comprise the Tornado Cash Protocol, but not just that. They also alleged
that he was operating a website, right? You can go learn about Tornado Cash online. He was operating
a user interface, or at least was making updates to a user interface that people could use to
access the protocol. He also was involved in creating a relayer network, which was a separate
off-chain system that allowed users to better protect their privacy when they used Tornado
cash. But the government admits in the indictment that the core of the tornado cash protocol,
the pool contracts that people actually use in order to get privacy and that North Korea was
using in this case were not in Roman Storm's control. And that's why the argument was he can't be
committing a conspiracy to commit money laundering if he literally could not conduct the transaction
that constitutes money laundering because that transaction is literally out of his control
through an immutable smart contract protocol.
And the same issue for operating an unregistered money transmitting business,
which we should get into this a little bit later,
has been pretty well defined already, not by the Department of Justice,
but by FinCEN over at the Treasury Department.
And the way they define this type of business just doesn't sync up with how the Department
of Justice described it in the indictment.
This is a key piece here because I want folks to see this case as I'm now starting to see it,
you know, post this ruling and even before is because this isn't just about tornado cash.
It's far broader than that.
It's not even just about privacy.
It is that.
But it's also far broader than that.
What you just said is, did Roman Storm have control over an immutable smart contract is pretty key?
because everything that we are building in Defi is an immutable smart contract, at least the purely
decentralized things are.
So you think of like the Uniswap protocol, right?
It's a non-custodial smart contract that has some funds inside of it, but it's outside
of the bounds of the developers of the Uniswap protocol, right?
It's immutable.
It's on chain.
They don't control it.
They can't access it.
They cannot moderate who puts funds inside of the Uniswap protocol.
That's been true of Uniswap v1 all the way to V4 today.
So this is broader than just privacy.
It's certainly broader than just tornado cash.
This is about all of decentralized finance, isn't it?
Because a lot of this hinges upon this idea of, you know,
did Roman Storm, was he responsible for the non-custodial smart contract deployment,
essentially a defy protocol that he published on the Ethereum blocker?
chain. Is that about right or what have it gotten wrong in that description? I think you're absolutely
right and maybe a few thoughts about this. One is this really strikes to the heart of what we are
trying to do in defy. The purpose of defy is to create decentralized systems that do not rely on
trusting a single centralized third party in order to operate or in order for users to get access
to them. The second that you reintroduce a centralized intermediary with control,
over a smart contract in a traditional wed-to-finance kind of way, then you're not doing
defy anymore, at least in my opinion, right? You're losing all the benefits of resilience and
transparency and trustlessness and permissionlessness that is at the heart of what we are trying
to build in this industry. And if you go all the way back to 2013, so let's go back in time to sort of
the beginning of the analysis of this particular regulatory issue, the financial crimes enforcement
Network, which is a Bureau of the Treasury Department that enforces the anti-money laundering laws,
recognized that this nature of a public blockchain, its decentralization, and its
permissionlessness, was in tension with the Bank Secrecy Act, which essentially says if you are
a financial institution and you're processing transactions on behalf of customers, then you have
some anti-money laundering compliance obligations. You need to monitor those transactions. You need to do
KYC, know your customer, identify who all your customers are. You need to identify suspicious
activity. You need to report that to the government. You need to have internal controls to make
sure that you as a company are following all of those rules and a number of other types of
compliance obligations. Now, in the context of a decentralized smart contract protocol,
there is no way to identify the users of the protocol. There is no financial institution
that can comply with those obligations. But in the very early days, when folks were
were still wrapping their mind around what is a blockchain-based business, there were questions
about whether a centralized exchange should be treated like a financial institution under the Bank
Secrecy Act. And thankfully, FinCEN was maybe the only agency at any point in time to give
clear guidance about when compliance with the Bank Secrecy Act was necessary. And they explained
if you have control over user funds, if you are a money transmitter under their regulations,
meaning you accept funds from one party and transmit funds to another party or another location,
while you're a money transmitter and you have to comply with all those regulations.
And over the course of years from 2013 all the way up to 2019,
FinCENC continued to give guidance about when actors in the crypto industry were or were not money transmitters under their regulations.
This all came to fruition in 2019 guidance that summed up FinCEN's entire view on this issue.
And the 2019 guidance is probably the most referenced regulatory guidance of anything in crypto.
It's something that all of us for the last five years in Defi have looked to to understand.
Do we need to KYC users of this system or not?
And in my view, the 2019 guidance makes very clear that an immutable smart contract protocol is not a
money transmitter, or rather the developers of that protocol, are not money transmitters by virtue
of developing the protocol, and do not need to register with FinCent. Nonetheless, here comes
the Department of Justice in this criminal prosecution, and their argument is we are not bound
by Treasury's guidance. You all in the industry may feel like you've been following what they told you
to do for the last five years. That may satisfy them, but not us. And even if you are not in violation of
the Bank Secrecy Act,
Nonetheless, you may be violating the criminal law and you may have to go to prison for it.
So that's what's happening in this case.
So that's essentially what they're saying about tornado cash.
And that's why the stakes are so much wider.
The stakes are potentially all of defy in the United States.
So can you get us to the, like, and just to clarify my understanding of this, Jake, is like in the ruling, maybe we'll get to the ruling that happened on that Friday and September.
in the ruling, the judge by saying that Roman Storm had responsibility, that tornado cash and his
development of tornado cash was essentially a money transmitter, right? Then de facto, is she not implying
that all defy protocols, potentially smart contracts, could be money transmitters? Or was this just tied to
privacy? Anyway, let's get to the actual ruling and what the implications might be. So what happened in the
ruling on the 26th. Yeah. So as I said, in the motion to dismiss the indictments, there were many
arguments, but the crux of the argument was Roman Storm was not operating an unregistered money
transmitting business because what he was doing, offering a website, offering a user interface,
writing the original code, working on the relayer network. That is not money transmission,
because he was not accepting funds and then transmitting funds on behalf.
of any other person. He never had custody over user funds. He didn't have control over the protocol.
And the judge basically said, that is not my interpretation of the law. My view of the law is a person
does not need to have control over user funds or custody over those funds in order to engage
in money transmission. And, you know, it's very important to note, first of all, that motions to dismiss
indictments are very rarely granted. So in a sense, it's not surprising that storm lost the motion.
The standard is extremely difficult to meet. Courts are very deferential to the government.
They basically say, well, as long as the indictment sort of hints that there was a crime,
as long as the language of the statute that alleges an offense is someworthy in the indictment,
then more or less this can go to trial. But Judge Fela went way beyond just saying this
of indictment is at least sufficient to move on to trial. She actually made a holding on the
core legal issue that control is not necessary to engage in money transmission. And she sort of
steps back and does what I think is a bit of a slight of hand that the government does as well,
which is to describe tornado cash as a whole as a service. So she says that Roman Storm was
offering a service that was the tornado cash protocol. But she doesn't engage. But she doesn't engage,
at all with the details about what that service actually might be. And I think we could all agree
that, you know, Storm was offering some type of service. There was a business here. There were ways in
which he was being compensated for that business. But the business was not the business of money
transmission. And that's something that Judge Fela, at least in my opinion, just didn't engage
with in the ruling. Okay. So can we talk about this term money transmission? Because we're
talking a lot about this this court hinges upon the judge's definition of like what money
transmission actually is and who's a money transmitter and who's not we'll talk more about that
but like why is that even important so say i'm a money transmitter jake uh does this imply some
level of responsibility a culpability a set of things i have to do uh why is money transmission
so important here yes it's a great question and this might get a little bit in the weeds of the law
but hopefully the listeners will appreciate understanding a bit more how these different statutes play together.
Exactly to your point, if you are a money transmitter, then you are a type of regulated financial institution under the Bank Secrecy Act, which is that law that the Treasury Department, FinC, enforces.
As a money transmitter, you have to go register with FinCN, you have to KIC all of your customers or users, you need internal controls, you need to designate a compliance officer,
you need to do all kinds of reporting and record keeping under the Bank Secrecy Act.
So being a money transmitter imposes a lot of compliance obligations on you under Title 31 of the U.S. Code, which is where the Bank Secrecy Act is.
Totally separately from that, you also could be subject to criminal liability under Title 18 of the U.S. Code.
That's where all the criminal laws are that the Department of Justice enforces.
And Title 18 makes it a crime, specifically under Section 8.
1960 to operate an unregistered money transmitting business. So the way that ordinarily we would think about
this before the Department of Justice recently took a different position is, if you're a money
transmitter but you don't register with FinCEN, you've committed two separate violations.
Number one, a civil violation under Title 31 of the Bank Secrecy Act. The Treasury Department
might enforce that violation against you. And number two, a criminal violation under Section
1960 of Title 18, then the Department of Justice might come and prosecute you criminally.
But we all assumed that this was all or nothing, right? You've either complied with the law
or you've not complied with the law and violated both of those different statutes.
Here, the Department of Justice is saying, that's wrong. You can be in compliance with Title 31
following all of Treasury's guidance and nonetheless be engaged in money transmission as we
differently define it under section 1960. And that, frankly, breaks my brain. I don't know how an industry
could possibly operate when we can't follow the guidance of the Treasury Department, which is tasked with
enforcing this type of statute. So you said, is it Title 18? 1960.
Title 18 is the criminal code, yes. That's the criminal code. And this is what Roman Storm was
explicitly charged with, among other things, a violation of Title 18. You said that is a criminal charge.
So when you talk about criminal charges, right?
So, I mean, we're talking about what, like jail time?
Like, what are the penalties for this type of a criminal charge?
Yeah, the potential penalty for operating an unregistered money transmitting business under 18 U.S.C. Section 1960s, five years in prison.
And, you know, he's also accused of violating Section 1956, which is the money laundering statute.
You know, you could tack on more years for that.
And then there's also the sanctions violation, which, again, all hinges on a sense.
essentially the same general allegation that Storm is liable for third-party misconduct that he could
not control at the time that it took place.
So these charges stack too, right, Jake?
You know, it depends on sentencing.
You know, often if there is a conviction for more than one charge, the sentences end up
running concurrently so you could get three, five-year sentences, but you don't serve 15 years.
You know, you serve the five minus some for good behavior.
This is all stuff that gets worked out in sentencing.
but we are talking about the liberty of a software developer.
You know, this isn't just a question of whether there could be a fine for a company
or whether the business can continue operating.
This is, in my view, for the first time,
the United States government saying the developer of an open source immutable smart contract protocol
should go to prison for how someone else abused that protocol,
even though there was nothing he could do to stop it.
It's actually wild.
And, of course, we don't know all of the facts and all of the facts,
and all of the evidence will come out in the court case.
And that court case will go to trial December 2nd.
So I don't think either of us are here saying,
like, we know all of the facts
and all of the evidence of this case.
But can we talk about the circumstances
through which Roman Storm was actually arrested?
So someone hearing that might be,
well, but we live in a reasonable society.
Okay, Jake, yeah, these laws are kind of on the book.
But, like, you're saying things like, you know,
DeFi developer,
could go to jail and they could be like criminals.
That's not practically how the U.S. works, right?
I mean, we are a country of innovation.
We support developers and entrepreneurs.
But can we just talk about the circumstances by which Roman Storm was actually arrested?
So he was a privacy defy developer, right, deployed tornado cash.
We've already talked about some of the other activities that he did in association with this deployment.
my understanding, Jake, is he was actually arrested from his house, you know, somewhere in Washington
State in the, like, early hours of the morning. I don't know if he had a family there, but, like,
in front of his family. It was, like, literally arrested. So this wasn't the case of, like,
hey, you're getting some warnings and we'd like you to comply and you need to do XYZ, like,
or else. It was suddenly the FBI, a SWAT team's at his house and yonking him and, like,
taking him into custody. Is, is that accurate? Because that's what we're not.
what I seem to remember from this.
Well, I remember the same report.
I don't want to scare people too much, right?
I don't want all the defy developers listening to this to think that men and windbreakers
are going to show up at their door at 6 a.m. tomorrow and put them in handcuffs because I don't
actually think that that's what's likely to happen.
And I don't want to scare anybody too much.
But first, we don't know whether there were conversations between the Department of Justice
and Storm or others at Tornado Cash or their counsel before there was an arrest.
frankly, it would shock me if there was no contact at all and doors got kicked down without any
warning whatsoever. So I think that that's an unlikely result, although indeed, if the government
does decide to make an arrest, they usually don't tell you way in advance because they're worried
that you're going to free. And especially in crypto, you know, where it's, you know, there may be
some risk of flight. I think the government tries not to let folks know in advance that there may be
an arrest. But I think if I were to
steal man the government's case
here, not the case on the facts,
but in terms of how they're operating,
let me give at least my
most reasonable interpretation or what
I think that someone working for the Department
of Justice would say if they
had the freedom to actually discuss this,
which by the way, they don't. So we don't really
know what's going on behind the scenes.
I think what they would say is
we are not coming after all of
defy, and we are certainly not coming
after all open source software developers,
that's preposterous.
We're reasonable people
and we understand
the world operates
on open source software.
We are going after
people who are building tools
that are being abused
by our geopolitical enemies
by a brutal dictatorial regime,
North Korea,
which none of us
should be supporting in any way.
And we are only doing that
because we know that the developers,
and again, this is what they would say,
it's not my view,
but they would say
where we know that the developers
are aware of that
illicit use of the technology that they built. And nonetheless, despite that knowledge,
they are continuing to profit from their work and they're continuing to try to improve it.
And they are not doing anything in their power. And there are some things potentially in their
power to do to try to stop that type of illicit use. But no one else needs to be worried about
this. We exercise prosecutorial discretion. And if you are trying to work with us to stop the bad guys,
then you don't have to be worried about men and windbreakers coming to your house at 6 a.m.
tomorrow morning.
That is, I think, what they would say.
My response to that is, that's a nice thought.
We're not here in crypto to trust the government to do the right thing.
In fact, we're here to build technology that stops bad actors, whether they're in government
or anywhere else, from exerting their outsized influence and power to take advantage of other people.
And even if we think the government is making good decisions now,
I think everyone could be worried about what a next administration looks like, no matter what side of the political aisle you're on and whether there could be some abuse of prosecutorial discretion in a form of selective prosecution where the government decides we're only going to go after people we don't like.
And we're going to interpret the law so broadly that there is no more rule of law.
The law is, if we don't like you, we're going to come get you.
And to me, that's what this legal precedent sounds like as the Department of Justice is describing their authority to prosecute software developers under Section 1960.
I mean, it's a little bit like, you know, trust me, bro, enforcement.
And that's what's so concerning about this because, like, you don't know who is on the other side of that enforcement.
And that's not how the legal system works.
That's not how the U.S. is supposed to be designed.
We should have a set of civil liberties that protect us from like this kind of enforcement.
let me ask kind of a question that may be somewhat of the elephant in the room. So this defy
protocol was targeted for privacy use cases. And to your point, the vast majority of its transactions
were just people simply trying to preserve their privacy when interacting on chain. So chains
like Ethereum, of course, Bitcoin, et cetera, they don't have privacy native to the layer one. So if you
want that, like any level of privacy without some third party seeing how you transact, you know,
the way I might pay you $100 bill and you and I don't have to tell anyone. It's not recorded
anywhere. It's not on a public ledger. We want that to maintain that cash level privacy. Then Tornado
Cash was an avenue to do that. Lots of people in the U.S. in crypto use this as just like a tool,
including my co-host, David Hoffman, by the way. He's a part of another like Tornado Cash
related lawsuit that we could talk about later. But anyway, the elephant in the room is, of course,
Tornado Cash was built for privacy. There are other defy and protocols that
are a bit more general, not necessarily privacy, but like a automated market maker, say like a
Uniswap, for instance. And of course, the Uniswop Labs front end can implement whatever they want
as far as future KYC, future screening, they can, you know, de-list assets, they can do whatever
they want. But the code itself that operates, any of the Uniswap protocols, right, is immutable
on chain. Any other third party could spin up an interface. You don't even need an interface. You could
trade tokens using kind of like command line firmware type stuff without a user interface. And there is
nothing stopping any quote unquote bad actor from, and I should acknowledge North Korea is
absolutely a bad actor. Like acknowledge the national security concern here. Like understand that
piece of it. Right. What we're talking about is the legal precedent the sets. But anyway,
any actor can participate without the developer's permission. And so how does that, like why, why should
this stop at tornado cash, why does this not filter down into all of the other D5 protocols?
Is there some sort of argument about proportion of like illicit bad actor use? Or is that what
the judge is implying? Or is that the entire problem that this is also vague at this point?
I think that's exactly the problem. And if you look at the criminal statute that Storm is
accused of violating, operating an unregistered money transmitting business, there's nothing
even in there about illicit financial activity, or at least it can apply even if there is
no illicit activity whatsoever. So if you take the government's theory on its face, I do think
you could apply it to any number of other types of defy protocols. Now again, the government is going to
say that's not their intent. And their real goal and the purpose of these statutes in the first
place is to give them authority to root out bad actors and money laundering. Ah, they want the flexibility.
here, right? That's exactly right. And Judge Fela, in her oral ruling, even said, you know, sure,
technically speaking, in the past, money transmitters have had control over user funds. But I don't see
that as being necessary under the statute. And I have to interpret the statute as being flexible
to keep pace with novel ways that people are trying to abuse the financial system. So she's sort of
admitting that she is expanding the law in a new way, but that the law is intended
to cover new types of conduct so the government will have the authority that it needs to go after
illicit actors. So I do think that this is a concern for everyone else. More so, though, than the
legal analysis. And this is so often the case with crypto because laws and regulations are so
vague and hard to understand when you apply them in a decentralized permissionless environment.
The question is not what the law says. The question is one of practical risk and practical
calculations by the government, what they want to go after and what they don't. And when they look at something
like Uniswap, a decentralized exchange protocol, that itself does not provide privacy. In other words,
there's really no way to use something like Uniswop to obscure the source of funds. All the transactions
are going to get traced. And so you can't launder money because you can't stop the government from
tracing transactions through the protocol. The government basically says, yeah,
We can trace this stuff, so we don't really feel like we need to characterize this as an unregistered money transmitter.
It's when you have privacy that the government says, we are not comfortable with this.
And many people have noted, so this isn't my thought, but if cash, which of course is totally private, were invented today, the government would almost certainly not want to allow it because they want to surveil all of our transactions all of the time.
That's how law enforcement works in the modern worlds, and they are not going to give that up easily just because we built technology that doesn't require centralized intermediaries in order for us to transact at a distance.
This is so interesting.
So basically, in theory, this judge's ruling, and we'll talk about the significance of this judge's ruling because this judge does not get the last say on this issue.
I mean, per your tweet, and it will go down on appeal if that's what it takes.
You think ultimately this will be struck down.
But let's say this judge's theory holds.
then she's basically saying if you're if you're a developer deploying an immutable smart contract and a third party actor uses that or does something with that code you might be a money transmitter and you might be prosecuted under title 18 1960 under you know criminal charges but practically what you're saying is the u.s government apparatus and the doj and everybody who's kind of looked at this issue they're not at i mean you swapsed
been operation for a long time. DFI's been out there for a very long time. I mean, you've
been in this like industry for as long as anyone, Jake. I mean, looking at these issues. And
they're not knocking down DFI developer's doors and arresting them. And it's because
we have this maybe uneasy impasse in that our layer ones and DFI itself are transparent,
are not private. And so they've kind of like not prosecuted it in the way they're coming
after tornado cash. Where they are, like, targeting is when privacy, when there's a layer of privacy,
when they can't see in the transaction itself, who the source is, that's what they're most worried
about. And so that's where we get the ire of the U.S. government. I guess that's kind of the,
the trust me, bro, is like you're kind of trusting that the DOJ is not going to come after any of our
other defy protocols just because they're not private, because they're public. And so we have this
uneasy impasse where they have all of these powerful analytic tools and they can, you know, trace.
They essentially get their AML KYC anyway. It's just in the background where they can track all
these transactions. It's another quip that I think is somewhat true. It's like along with, you know,
cash being, you know, illegal if it was proposed today, I think if Bitcoin had privacy on like
the base layer of Bitcoin or Ethereum had privacy on the base layer of Ethereum, I don't know that
the governments around the world would have allowed it to propagate in the way that it has. And I sort of, you know,
view that as a, you know, a practical matter. It seems to be when there's a mutable smart contract code and
privacy combined, that's when you face the full might of the financial surveillance like government
apparatus. That's what they really don't like. I think that's spot on and very well said. And, you know,
I should add, you know, I have friends at the Department of Justice, they're very good people, right? They want to do
the right thing. They're working for the government because they believe in what they're doing,
and we should be grateful that they're there because we do need them to go after the actual bad
actors. And I do think, you know, one way to put it is trust me, bro, but another is to say they
are trying to make good decisions about how they wield their prosecutorial discretion.
The problem is what we want to see is for them to go after the actual bad guys, the people
who are engaged in criminal conduct, not the people who are building neutral tools that can be used
by ordinary people for totally reasonable and legitimate purposes. We want to protect privacy, right?
Privacy is guaranteed to us by the Fourth Amendment to the United States Constitution.
I, for one, still really like the Constitution. The Bill of Rights, my favorite part for sure.
The Fourth Amendment, probably my favorite amendment, maybe after the First Amendment. The Fifth is
pretty good, too, and the 14th as well. But you see what I'm saying.
right? We have to balance the very reasonable goals of the folks of the Department of Justice
to stop illicit activity and protect people to genuinely protect us from bad actors with
our civil liberties. What we cannot say is we will abandon privacy entirely because that will
make it easier for the government to hunt down the bad guys. Because what that leads to,
every single time you see the rise of an authoritarian government anywhere in the world,
And we have so many concerns about authoritarianism now here in the United States,
no matter where you are in the political spectrum, is the first thing they do is they take
advantage of their control over the financial system and over the criminal justice system
to go after their enemies, their political enemies.
And if we interpret the law this broadly to give the government this much power,
we have to be very worried about how they will use that power next.
New projects are coming online to the mantle layer two every single week.
Why is this happening?
Maybe it's because Mantle has been on the frontier of Layer 2 design architecture since it first started building Mantle DA, powered by technology from EigenDA.
Maybe it's because users are coming onto the mantle layer 2 to capture some of the highest yields available in Defy.
And to automatically receive the points and tokens being accrued by the $3 billion dollar mantle treasury in the Mantle reward station.
Maybe it's because the Mantle team is one of the most helpful teams to build with giving you grants, liquidity support, and venture partners to help bootstrap your mantle application.
Maybe it's all of these reasons all put together.
So if you're a dev and you want to build on one of the best foundations in crypto
or you're a user looking to claim some ownership on Mantle's Defi apps,
click the link in the show notes to getting started with Mantle.
The Uniswap wallet is officially the preferred wallet of bankless,
and it's the one we use any time when we want to transact on chain.
Whether you're on your browser or on the go, Uniswap wallet makes it easier than ever
to swap anytime, anywhere.
Use your wallet to transfer funds directly from a top centralized exchange
and tapping thousands of tokens across Ethereum.
and over 10 other chains like base, arbitram, and optimism.
Uniswap wallet delivers deep liquidity, fast execution, and reliable quotes with zero gas swaps
through Uniswap X.
And when it comes through security, you can rest easy knowing it's backed by Uniswap Labs,
one of the most trusted teams in Defy.
Their code is open source and independently reviewed, so you know it's protected.
So why wait?
Download the Uniswap wallet today on Chrome, iOS, and Android.
And don't forget to claim your free uni.eith username directly in the mobile wall.
Start swapping smarter with Uniswap.
The Arbitrum Portal is your one-stop hub to end.
entering the Ethereum ecosystem.
With over 800 apps, Arbitrum offers something for everyone.
Dive into the epicenter of Defy,
where advanced trading, lending, and staking platforms
are redefining how we interact with money.
Explore Arbitrum's rapidly growing gaming hub
from immersed role-playing games,
fast-paced fantasy MMOs, to casual luck battle mobile games.
Move assets effortlessly between chains
and access the ecosystem with ease,
via Arbitrum's expansive network of bridges and onrits.
Step into Arbitrum's flourishing NFT
and creators-based where artists, collectors, and social converge and support your favorite streamers
all on chain. Find new and trending apps and learn how to earn rewards across the Arbitrum ecosystem
with limited time campaigns from your favorite projects. Empower your future with Arbitrum.
Visit portal.arbitrum.io to find out what's next on your Web3 journey.
Okay. Can we talk about this ruling itself? So the ruling has some, you know,
implications, let's say, for non-custodial defy tools in general, particularly privacy, but
not just privacy. How binding is this ruling? Like, where, you know, where do we go next
with this type of thing? Yeah, so great question. And the answer is it's not binding. And not only
is it not binding, but Judge Fala decided not to issue a written opinion. So all we're ever going
get is this transcript. And that means a couple things. Most importantly, for the lawyers out there who
will understand this, it means the opinion won't go on Westlaw, which is the main research
database that people use to look for a precedent that is persuasive, even if it's not binding.
So this is actually going to be pretty hard for people to find. You could say that was
intentional that she didn't want the opinion to be cited, although frankly, very few orders
on motions to dismiss indictments get written up as written orders. So it may not be that
know-worthy that she decided not to write it up. The sort of downside of her not writing it
is that the transcript is pretty, it's pretty vague. You know, she didn't give us the deep
reasoned analysis that you would ordinarily get from a written opinion. So as you know, Ryan,
when, you know, we get orders from judges, including, frankly, from Judge Fela, on some of the
SEC's cases, right, motions to dismiss in motions for summary judgment, they're very long,
dozens of pages, lots of case citations, very deep and detailed explanations of what the basis
of the ruling was, we're just not going to get that here. And in a sense, that's a blessing for us
in the industry, because it's not that likely that the next judge confronted with a similar
set of facts or a similar legal argument will go to Judge Fela and just say, well, she already
comprehensively dealt with this issue, so I'm just going to cite her and defer my judgment to
hers. I think that's a really positive thing. Then there's the fact that,
This order itself probably doesn't get appealed on its own.
What happens next is the case goes to trial.
And the trial is currently set for early December.
I think it's December 2nd.
And from everything I can see, just looking at the public docket,
it seems like the parties are on pace to go to trial in December.
Now, obviously, who knows what will happen at trial.
There will be weeks of testimony and evidence submitted to a jury,
12 Americans who are, you know, peers of Storm will get to decide,
did the government actually meet its burden of proving beyond a reasonable doubt
that Storm actually committed these offenses?
And what could happen is the jury could say, found not guilty, acquitted.
And that would be the end of the entire story.
There would be no further discussion of any legal issue.
The case would just disappear.
On the other hand, if Storm is convicted, the jury finds,
that he committed one or more of these offenses,
then you will have an appeal.
And the appeal could be about any number of issues
that came up during trial,
including things having absolutely nothing to do
with any of these issues around money transmission
or government authority, right?
Evidence that was submitted that shouldn't have been
or, you know, things of that nature.
Also, what would likely be challenged
is not the order on this motion to dismiss,
but rather jury instructions that Judge Phala
will give to the jury explaining to them what the law is to help them decide whether storm is guilty
or not guilty. So we're going to get more over time from Judge Fela that will be challenged.
And in all likelihood, this ruling on the motion to dismiss just gives us a sense of how she's
going to continue interpreting the law going forward. And this judge is the same judge who's going to be
presiding over the kind of the main case that happens in December. And you're nodding your head, yes.
And the instruction she gives to the jury, will they,
be instructions that like, you know, about this non-custodial versus custodial issue? In other words,
well, she kind of, you know, slant the jury to say, hey, still a money transmitter, you know, even with
non-custodial. So you have to factor that into your analysis. I mean, in other words, can this
really sway the jury towards one interpretation of the law? So often that is what happens.
We don't know what the jury instructions will look like, how many of them there will be, what
issues they will be on. And the process of figuring out jury instructions involves both of the
parties. So at some point, Judge Fela will ask both Storm and his counsel and also the government.
What jury instructions do you think that I should give? You can imagine, or guess at least,
that the government is going to want very strong authority in the jury instructions. They'll want
her to instruct the jury in order to find a violation of Section 1960. You do not need to find that
Roman Storm had control over user funds, et cetera, et cetera.
And often judges do sway a jury in the way that they give instructions.
But there's no way to know that right now.
For all we know, Judge Fela will decide, I don't need to give a jury instruction on this issue.
I think it's totally clear all on its own.
The jury can just read the statute.
And if they have a question, they can also send questions as they are deliberating.
So, you know, this really is a long process that goes on leading up to the trial in pretrial
motions practice and then also throughout the trial and then also as the jury is deliberating.
Wow. Okay. What's the worst case scenario that could happen for DFI for crypto coming out of
this case? And what's what's kind of the best case scenario? I mean, at this point, the best case
scenario for DFI would be an acquittal. Because I think if the government just loses this case,
even if there's not a legal reasoning that they get as to why, that would be a strong rebrand.
to their attempt to regulate this industry through criminal prosecution of software developers.
So without a doubt, that's the best thing that can happen for Defi. I'll throw in a bit of a pitch,
if you don't mind, that the best way that listeners can help Roman Storm get an acquittal is to
support his defense. And hopefully, Ryan, you and I will tweet out or otherwise publicize
links where people can make donations. Good lawyers are expensive, and Storm does need more funding in order
to make sure that he has the best representation.
You know what's crazy here, Jake?
So we have been talking about this and tweeting it out.
In fact, bankless has donated to this cause.
I've heard from a number of people who are actually afraid of donating to this case.
I mean, that gives you a sense for kind of the chilling effect that this type of case kind of brings.
And I don't know if these fears are rational or not.
I mean, regardless, it is causing a chilling effect.
You know, it's not illegal to donate.
is what I would say. There'll be a link in the show notes. And if you care about these issues,
then well said by Jake, this is what we need to do. Okay, what is, what is so that was the best
case scenario that's acquitted. What's, what's a worst case scenario? Yeah. So, and just exactly
to your point, and this is quite sad. I think in the worst case scenario, Storm would be convicted.
There would be an appeal on this issue that we're discussing, whether there should be some
control requirement under the definition of money transmission in the criminal.
code. That could go up to the Second Circuit Court of Appeals. In a worst case scenario, they would
affirm, meaning they would validate Judge Falo's ruling. That control is not necessary.
Circuit court's right opinions. A circuit court opinion going the wrong way on this issue would be
binding in the Second Circuit. So the next time the government brings a case in the Southern District
of New York, the judge would be required to follow the Second Circuit's ruling. Perhaps there could be
appeal up to the Supreme Court. You know, we're now talking many years down the road and the
Supreme Court doesn't take a whole lot of cases, especially when there's only one circuit court
opinion on the issue. They usually look for cases where one circuit court has said one thing and another
circuit court has said another thing. So everyone is aware that in different parts of the country,
the law is different and the Supreme Court is trying to resolve that split. We wouldn't have
that, I think, in this case. So it's hard to imagine Supreme Court review. Also,
So unlike some of the other cases we tend to bring to the Supreme Court, or at least want to in the crypto industry, where the Supreme Court is very suspicious of the administrative state and its authority, where the court is limiting the ability of the SEC, for example, to assert its jurisdiction, the Supreme Court tends to be much friendlier to the government in cases involving national security and law enforcement.
So it's hard to put together five Supreme Court justices who would side with us on this issue
if, in fact, the second surrogate has decided that control is not necessary under Section 1960.
So worst case scenario, this does become the law of the land.
And like you said, folks are afraid to build immutable smart contract protocols in the United States
without being told by their lawyers, if you want to build this, you have to put KYC into it before you launch it.
I think that's the protocol itself, not just the user interface, into the protocol itself, right?
That's what a lawyer would say if control is not necessary, if that becomes the precedent.
I mean, I do think that's the implication here, right?
And I do wonder if there are going to be some conservative lawyers out there who even hear what Judge Fela just said and start advising their clients.
You can't launch a decentralized permissionless smart contract protocol because even though you don't control it, you still might be a money transmitter.
So you have to do KYC literally on chain, which I suppose could be theoretically possible somehow.
But if that's what we're doing, it's not defy.
It's not defy any longer.
And I don't think it's what motivates any of us to be here.
Wow.
Control not necessary.
Can I ask briefly, this would seem to have implications beyond crypto.
Of course, this is a crypto-focused podcast.
But we're talking about code that's published in some way, in an open-source way.
and a bad actor using this code.
I mean, does this have implications for like AI, let's say?
Like AI models and like generation?
I mean, where does this kind of thing stop?
I think it has vast implications outside crypto.
I think, you know, even before we get to AI,
just think about what money transmission means
if it doesn't require control or custody of user funds.
Is my internet service provider a money transmitter?
because I used the internet in order to use a defy protocol.
Does Comcast need to register now with the government
and start tracing all of my transactions?
So I think that even in the scope of money transmission,
this is very dangerous.
Even before that, Jake, I think of being an ETH validator.
I mean, what is that?
I mean, you're certainly processing some transactions, aren't you,
as part of this?
Absolutely.
Absolutely.
And, you know, thankfully, again, Finsen,
in its guidance about money transmission
as always said, minors and validators are not money transmitters. But you have to wonder if the
Department of Justice is going to say, well, they're not Title 31 money transmitters, but they are Title 18
money transmitting businesses. And I just, I don't know how crypto could survive in the United States
if that were the case. But to your question, outside crypto, we are dealing with this, again,
core issue of when a software developer is liable for a third party that misuses software that
they created without their knowledge and without their participation. A.I can be used for anything,
whether it's getting information or whether it's a future world of AI agents, where all of us
are using some type of AI agent to go out and do things for us on the internet. Well, is the creator,
the developer of the AI agent going to be liable for everything that anyone does with that agent
just because they built the neutral tool? Again, I don't think we can have a modern digital world if the
government gets to target literally anybody they dislike just because they are interpreting the law
this expansively.
Anyone they dislike.
And even if you just say, well, it's only the privacy sort of case.
Well, I guess my question is like, how about somebody who develops some new encryption algorithm,
you know, ZK Snarks or, you know, RSA encryption?
And this is certainly used in, you know, privacy context.
It's open source code.
Are they on the hook for how North Korea might use their encryption software?
And it's crazy to imagine that, but if you go back to the 90s and you go back to the crypto wars, right, not the cryptocurrency wars, long before we were building on blockchains, that was the fight that was happening in the 1990s.
The government was deeply suspicious of and not accepting of end-to-end encryption on the internet.
They wanted to treat encryption as munitions.
And it really wasn't until commerce came online that the government backed off.
with that perspective. And there are a lot of people who are now in crypto who were fighting that
battle back then, who will explain this a lot better than I can. But it wasn't that we convinced
the government, hey, encryption's okay. You don't have to worry about us having private communications
with people on the other side of the world. It was that businesses showed up and said, hey,
we need to take credit card payments on the internet. And there's no way we can do that if we don't
have widespread encryption. So back off. And that's what got the government to back off. And I think
the best hope, and I say,
all the time in so many different contexts. The best hope for crypto to overcome some of these
concerns about the risks that decentralized public blockchains pose. And let's be honest about this,
there are risks. There's no question about that. But the way we overcome the risks is that the
benefits are so much greater that there is no way to deny the advancement of the technology.
And that's why my hope for anyone who's listening to this right now, if you're a builder,
keep building, build consumer apps that are undeniably valuable that everybody wants to use,
and that's going to put us in the best position to win not just the court battles, but the policy
battles in Washington, D.C., because that's where this is ultimately going to get sorted out.
Make it so useful the authoritarians can't turn it off, right? It would be disasters for them to
turn it off. Okay, so that's just one piece of the ruling, the most significant piece. Let's just
drive by a few other related tornado cash cases. So there was a case ongoing in the Netherlands,
which was one of the, I guess, co-founders of Tornado Cash, Roman Storm's co-founder,
is a Roman Pertsv?
Alexei Pertsv.
Excuse me.
There's another Roman involved here, too, but Alexei Perzv.
Was the background on that case?
I believe he was actually convicted in the Netherlands.
That's going an appeal, but the case did not work out favorably for crypto and defy in that situation.
Now, do you know what the latest is there?
Yeah, so there were three developers of Tornado,
after three main developers, Roman Storm, Roman Seminov and Alexei Perzav, and all three of them
are being pursued for criminal charges somewhere in the world.
Perzzev was arrested and charged in the Netherlands, and he already had his trial and unfortunately
lost the trial and was convicted for essentially similar allegations. And I'm not a Dutch lawyer,
so I won't even try to explain what Dutch law was. But I do remember reading the reports and the court's
opinion, which sort of sounded like the worst imaginable version of what we're talking about now,
that Pertheth was liable for, and it wasn't even about North Korea so much as it was other
hackers and cybercriminals, was, you know, liable for helping them wander money
just because he had been involved in designing this protocol. And the way the opinion read was
sort of like privacy itself is a crime. And the only reason you would want privacy is in order
to do something criminal.
So the fact that he knew he was building a privacy preserving protocol means he was doing
this with some criminal intent.
Now, here's the good thing, as I understand it, about Dutch law.
Perzav has an appeal.
And unlike in the United States, where an appeal challenges a ruling on a very specific
narrow issue, in the Netherlands, an appeal is an entirely new trial.
And since the original trial, Pertsov has gotten new counts.
and the industry has also realized how serious this is. And there's a lot more support from
those in the industry to try to help him get a better result on the appeal. So I'm not sure
exactly what the date is, but that is coming up pretty soon. And we should be watching what
happens in the Netherlands as well. Another related one, Preston Van Loon versus, I believe it's
the U.S. Treasury maybe, but correct me if I'm wrong here. Now, this is from the other side of it.
So we're not talking about tornado cash developers. I believe we're talking about someone, a user like
us. And we happen to know Preston, he's in crypto circles. He's a core dev. But I believe this is from a
user's perspective for tornado cash, though you maybe describe the details and what the progress is
with that case and how it relates here. Yeah, sure. So, you know, what we've been talking about so
far is the government's attempt to attack privacy preserving protocols by charging individual
software developers with some type of crime. The case you're talking about Van Loon has to do with a
totally separate way the government is coming after privacy, which is through sanctions.
And you may remember the first time that we started hearing about government skepticism of
Tornado Cash was not a prosecution of the developers. It was a decision to sanction the protocol
itself and to say that he was unlawful for any person in the United States to use the Tornado Cash
protocol. So that is an infringement, at least in my perspective, of our rights to use that
software. And the challenge that Preston Van Loon and also is co-plaintiffs, and also David, who is a
plaintiff in a very similar case in Florida, the argument basically is the government does not have
the authority to sanction an inanimate piece of software, right? And not to get too deep into the
weeds of AIPA and the sanctions laws, but essentially the type of sanctions that OFAC, the Office of
foreign assets control at the Treasury Department, which enforces the sanctions laws used in order
to go after tornado cash, requires them to prove that what they are sanctioning is a person
or the property of a person. And what the government said was, tornado cash is an entity that can
be treated as a person. And the protocol is the property of that entity, tornado cash. And the
plaintiff's argument basically is there is no such thing as an entity called tornado cash.
You can look at various people who are involved in the protocol,
offerers of front and interfaces, holders of torn governance tokens, etc.
But they are not an entity that is offering a service that can be sanctioned.
And the protocol itself is a set of immutable smart contracts.
It is literally by definition not the property of anyone because nobody can control it.
And therefore, OFAC lacks authority.
in order to sanction tornado cash as a protocol.
And here's, let me give you a bright spot
because this is actually a really positive thing.
There was, unfortunately, a bad decision
in the district court in that case in Texas.
I'd heard about this.
Valoon lost, and the court basically said,
this is national security,
and the government kind of gets to do whatever it wants,
and sure, if they say tornado cash is an entity,
then fine, sanctions are a day.
There's a lot of that going around.
I got it.
Yeah, it's, you know, not the rule of law,
That's the rule of vibes, basically.
I'm not doing justice to the opinion.
It was obviously a reasoned opinion
written by a district judge.
There was an appeal to the Fifth Circuit,
and there was an oral argument in the appeal
maybe a few weeks ago,
and the government got roasted
by the panel of circuit judges.
It sounded very much like the circuit judges
did not believe the government's argument,
did not believe that tornado cash was a sanctionable entity,
did not believe that an immutable smart contract
was property.
And so we're all waiting with baited breath, but hoping that we get a good ruling from the Fifth Circuit on this issue.
What would it mean if the government could just sanction code,
sanction like GitHub repose, I suppose, or just like sanction, like, Ethereum addresses that are connected to smart contracts?
I mean, the effect of it with Tornado Cash is that it's illegal to interact.
If you have an Ethereum address in a wallet and you interact with that Tornado Cash, it's on the OECDisc,
fact sanction list. So you are in violation. So don't do this at home, kids. That's the current
status. But beyond Tornado Cash, where does this precedent kind of leave us? I mean, to me, it's a
totalitarian nightmare. I mean, basically what you're saying is whatever the government doesn't like,
they come up with a reason why no one gets to use it. And again, you don't have to be on, you know,
the left or the right of the political spectrum to imagine how this could play out. You could have
a government that says providers of health care services for women are engaged in criminal
activity using software. So we are going to sanction health care databases that allow those
types of clinics to track how they are providing health care services for women. Or you could have
the government say, we think that firearms dealers are engaged in criminal activity. So we are
going to sanction the software that they are using on websites to display firearms that they have
for sale or something like this. It really is, when I say a totalitarian nightmare, it's at the end
of the rule of law and the beginning of the rule of whatever the person in power happens to
think at that time. Right. Okay. And even if you just constrain this precedent to just smart
contract code, right, anybody for whatever reason, could suddenly add a defy smart contract to the
OFAC sanction list.
And that just makes it de facto illegal for the U.S. to use it.
So your most beloved, you know, DFI protocols, say a uniswap is just picking on U-Swap
because it's so large.
I mean, suddenly one day, that smart contract, one version of uniswap, maybe the non-AML KYC
versions of uniswap that have been present, you know, like since its inception, that gets
added to an OFAC sanction list at the whim of somebody in this dark, mysterious, you know,
like Washington, D.C. apparatus.
Then it's just illegal.
Right. And what you would hope is there will be some guardrails around when they make those decisions. And indeed, they couldn't just pick a piece of software and say, this is illegal now. They would have to make sure that they are not making a decision that is arbitrary and capricious. A term that we talked about a whole lot in crypto, right? And we talked about this a little bit in the context of tornado cash as well. You know, why is tornado cash, quote unquote, bad enough that it is, you know, on the table for sanctions? And this raises questions. And this raises questions.
about, well, how much illicit activity is enough illicit activity that the Treasury Department
gets to sanction it?
Is it 50 percent?
Is it 30 percent?
Is it 10 percent?
How do we know if those numbers are right?
How much illicit financial activity is going through a decentralized exchange protocol
or a lending protocol?
It's not zero because it's never zero.
Look at the traditional financial system.
It's certainly not zero going through all those banks.
That's the point.
That's the point.
If you were to sanction the banking system, there's, like, I'm not a matter.
massive amount of, you know, money laundering and sanctioned violations that goes on in the
traditional banking system. You don't see these types of actions. You don't because the government
has enough authority over those banks and other financial institutions to feel comfortable that
they can, number one, surveil transactions and number two, censor transactions. And for that matter,
number three, exclude unfavored people, right? Disreputable people or people who they believe. And
shouldn't be allowed to get access to the financial system from accessing those financial institutions.
They don't have those things. Well, at least they don't have two of the three. They have transparency
on public blockchains. They can see what transactions are happening as long as there's no privacy,
but they don't have censorship and they don't have the ability to exclude people from getting access.
If you take away that first piece of it, surveillance as well, that's when they say we are no longer
comfortable with this technology. We're going to use every tool that we have.
available to us to go after it, whether it is prosecuting individual software developers or sanctioning
code or passing new rules like the Treasury Department has tried to do in order to expand their
authority so that they can stop people from launching permissionless protocols in the future.
I think everything that we've described, Jake, you and I have talked about this before,
you've been on Vegas, talked about this, this whole class of problems around, you know, control,
not necessary, non-custodial versus custodial, privacy, surveillance, all of these things.
This is sort of the final boss of crypto getting through its regulatory pass.
There are some mini bosses that we also have been fighting and speaking of arbitrary and capricious.
Let's talk about Mr. Arbitrary and Capricious over there.
We got a touch on the SEC really quick, a lot swirling there.
Not as critical, I would say, is the other issue that we talked about.
I just have full confidence that we're ultimately going to be able to defeat the arbitrary and capricious leadership at the SEC.
Maybe that happens soon, hopefully, or maybe that takes some time to play out.
We had Graywall, who is, I believe, a prosecutor at the SEC.
He is now leaving, given marching orders under mysterious circumstances.
I don't know if you have reflections on that.
We have the SEC trying to appeal its ripple case.
Why are they trying, I know why they're trying to do that, but like, give it up already, guys.
We have Coinbase versus SEC.
What are some of the highlights that you would kind of mention on our boss fight with the SEC?
Yeah.
Well, and first I'll say I totally agree with your framing that the big boss, the ultimate boss in the end, is this challenge to state authority over the financial system.
Financial markets regulation is, you know, obviously very important as well.
But I think we spend so much more time talking about the SEC and the CFTC and so little time talking about DOJ and Treasury.
that I think it's great that we've had that conversation.
But yeah, what's the latest with our friends at the SEC?
So Gerbier Graywall was the director of the enforcement division.
So he's sort of the one who was in charge, much more so than Chair Gensler, on a day-to-day basis, of the SEC's campaign of harassment and regulation by enforcement.
The chief attack dog, wasn't he?
I mean, really, you know, in the end, it's the director of the enforcement division who's making these decisions about which cases to bring.
So I think, you know, he gets credit, we'll say, euphemistically, for what the SEC has done the last few years.
He announced, or at least the SEC announced just recently, that he will be stepping down.
They only gave nine days of notice before he stepped down, and there is no replacement in line for taking over.
It's going to be, you know, an acting deputy is going to be in charge now.
That's a little bit weird, I have to say.
not usual for that to happen. We could try to read some, you know, fun things into it and say that
it's, you know, a sign that we're winning the battle. I would love to think that's true. I think the
reality probably is it's a political decision. I'm guessing that he wanted to leave his post before
the election. You know, after the election, if he left, it may look like he was either being
fired or being forced out. He probably was hoping that there would be a replacement. And I'm imagining,
again speculating, it'd be very hard to find a lawyer who wants that job right now.
Doesn't seem like a very fun position to be in.
So maybe they just couldn't find someone and he decided, you know, he had waited long enough
and he wanted to get out of there.
But it is actually nice to see, frankly, the beginning of turnover in leadership at the SEC
from the folks who have been persecuting the industry for so long.
It's not to say we're going to see an immediate change in SEC policy, but it is just a nice
reminder that Chair Gensler and his crew are not here forever and we will be here longer than
them. So we just have to outlast them. I think that's a really important thing to keep in mind.
Do you have any takes on the timeline here? Do you think the election changes this if it goes
one way or the other? You know, Trump said he would fire Gary Gensler. Like he explicitly said
that. I don't know if you have takes on that, it just seems from a, if Trump wins, and it's a
coin flip at this point at the time of recording, if Trump
wins, Gary Gensler's time has got to be numbered in days, I would think, or maybe this is all
bluster. I'm not sure your take on that. And then if Kamala Harris wins, what's, you know,
does Gary have a future in that administration? Yeah. Well, I think it's very unpredictable.
I'll give you my best speculation and what the conventional wisdom is. And the conventional wisdom is
that a president Trump would essentially immediately solve the financial markets regulatory issues
by putting Republicans in charge of the SEC and the CFTC who would take a much more reasonable view on crypto regulation.
And, you know, whether that's Hester Perth's taking over his chair, although I think she maybe doesn't want that job as much as we would all love her to have it, or Commissioner Ueda or someone else, I do think that a Trump administration would very likely and very quickly solve a lot of the issues that we have over at the SEC.
although, you know, I'm one to be skeptical of campaign promises no matter where they're coming from.
So I think the proof always remains in the pudding.
President Harris, I think, is really quite unpredictable.
My view is that she has essentially decided affirmatively that she doesn't want to take a position on crypto, that it's not to her benefit.
You can see her running a campaign that is very focused on the middle class and populist messaging.
It is not to her political advantage to start talking about financial markets regulation.
It really wouldn't fit in with the platform that she's pursuing.
And I think what that means is she and her campaign have decided to just basically not engage on this issue.
I think, again, the conventional wisdom is, and this does make sense, that we should expect that a Harris administration would be more of the same from a Biden administration.
But honestly, that's not necessarily true.
and she has made a couple of statements here and there.
Most recently, at a speech at an economic club,
I think in Philadelphia,
where she talked about how she wanted to support blockchain technology
and remain dominant in that area.
That's sort of the minimum viable statement you could make
to not say, I'm going to keep trying to destroy this industry
to be worth all that much.
But I do think there's an opportunity either
that she would pick someone to run the SEC
who doesn't come from, let's call it, the far-left progressive Warren camp of the Democratic Party
and rather might come from a more moderate wing of the party that's not necessarily extraordinarily
permissive but does at least want to balance the interests of innovation and business in the United
States with the interest of consumer protection and investor protection.
So I think we could hold out hope for that.
we also could imagine an SEC chair who is selected totally irrespective of what they think about
crypto and we could just sort of get lucky and get somebody who has a different view on crypto.
I still think that crypto is idiosyncratic enough that, you know, folks aren't getting
selected for leadership roles because of what they think about crypto.
One thing that David and I have talked about is the ultimate tell for Kamala Harris will be,
because she's, you know, barely acknowledged crypto and when acknowledging it incredibly tepid
in any statements, but the biggest tell that we're looking at. I don't know if you agree with
this is who she surrounds herself with in the administration. So who her administrative picks are
is not just SEC, of course, but it's also some of the architects behind this other thing that we
don't have scope to talk about, but just like the Operation Choke Point, you know, the FDIC,
all of these other agencies kind of choking off the crypto industry from the banking system.
If she picks those, you know, if the folks responsible for that in her leadership roles in her White House, that does not bode well, at least from my perspective.
You think that's about right?
We should be watching who she surrounds herself with.
Or do you think all of these people might get a change of heart under a Kamala Harris administration?
Can that happen?
A change of heart.
I love phrasing it that way.
Look, there's a couple ways to look at this.
The first is personnel is policy.
And so if you're choosing personnel who have taken these types of positions before, that is an expression of what her policy is going to be.
And I think you're right. She's selected some folks who have been at the heart of some pretty damaging policy initiatives for the industry.
On the other hand, personnel follows what their boss tells them to do.
And I think we shouldn't underestimate the willingness of elected officials who are responsive to their constituencies to change their minds when they're
constituencies change their minds. And so I don't think the fact that she's picked folks who have
been sort of on the other side of this issue before means they have to stay on the other side of the
issue. It just means we have our work cut out for us, again, to build products that people want to
use and then to explain why those products are so important to the United States, to our economy,
and to our national security, to those elected officials in D.C. so that we can very incrementally
make progress. And that's what we've been doing in D.C. for years. And we're going to
to keep doing that no matter who's in charge of the government.
There's so many other case in the SEC, of course, we could talk about because, you know,
that director of enforcement was certainly busy. I think that's out of scope today. And actually,
I think, I don't know if you agree with me, Jake, but it sort of feels to me like the Gary
Gensler, SEC regulating crypto by enforcement reign. He's kind of peaked. Like, we are now pushing
back. We are now going to win. We're winning the court system. It's just like we've seen peak
fud from the SEC with respect to crypto. And I think we're going to continuously erode all of those
things and actually win this over. So we don't need to spend too much more time talking about it.
Maybe one other item I wanted to talk about before we wrap this up and close with some thoughts
here. You wrote a fantastic geo-fencing paper, which is kind of interesting. And if we connect all of
these cases of, you know, we've got the tornado cash case and that boss fight, and we've got the SEC court case.
We've got other things going on with the CFDC.
I mean, you are very busy, my friend, as a defy crypto lawyer.
Let's just say that.
Geofencing is how a lot of users experience it.
And so I go to a website for a particular air drop, let's say, or to interact with a
particular, you know, defy exchange or protocol.
And I'm hit if I have a VP or if I have, you know, an ISP resides in the U.S.
as a U.S. resident, I'm hit with a, sorry, you cannot access this page.
you cannot do the thing you were trying to do.
A list of banned countries, and it'll be like, you know, Iran, North Korea, and the United States of America, right?
Which is just like not kind of the club that I see myself as a U.S. citizen, you know, like belonging in.
But this has been incredibly frustrating for users, and it all stems from this lack of regulatory clarity.
I mean, if you're a project in the U.S. and you have some sort of token or you have some sort of exchange,
because we have no idea what the laws are, that we have.
we can't open it up to everybody.
So can you talk about geo-fencing just as a practice?
And I know at Varian, you give some advice to even some of the U.S.-based projects
or even outside of the U.S., what their practice should be with respect to geofencing.
Just in general, what have you learned on this topic?
For sure.
And like you said, at Varian, I spend a lot of my time working with founders of early-stage
crypto startups to figure out what is their legal and regulatory strategy going to be
with the help of their own counsel.
And we get a lot of questions about geo-fencing
because, like you said,
it's really hard often to figure out
how do we comply with whatever a U.S. regulation
says we have to do in order to launch a product or service,
or how do we change the product or service in a way
so that those compliance obligations don't apply?
And I would say in almost every case,
the goal is not to abandon the U.S. market.
Like you said, it's really frustrating,
has a U.S. person, you know, myself included,
There's some really cool new crypto thing.
I want to check it out.
And I get geo-fenced.
And what I noticed before deciding to write this paper, along with my Deputy General Counsel,
Dan Barabander, is that folks in the industry were making really bad decisions about geo-fencing.
You know, a lot of people were geofencing products and services that it wasn't clear why they needed to be geof-fense.
There was no reason why, as a U.S. user, I couldn't access that type of product or service.
And then some people who had products or services that were clearly not compliant with U.S. law and cannot be compliant with U.S. law.
For example, some margin leverage or derivatives protocols that, you know, frankly, the CFTC has absolute authority over that type of product.
And there's really just no way to register with them.
There's really no hope other than to geofense.
Those products are not getting geofense.
It's so sad, by the way.
Look, it is really sad.
But as a founder of a company, you have to make intelligence and risk-adjusted decisions.
And so what we wanted to do is help people understand, number one, when should I be geofencing?
You know, make sure people aren't geofensing products that they shouldn't be so they can take advantage of the U.S. market if there's no reason why they shouldn't.
And then, more importantly, if they should be geofensing, how do they do it the right way?
Because a lot of times you see a geofense, and then geofense is basically what is your IP address?
And that is the only part of the geofense.
And if you go to the CFTC and you say, I was blocking IP addresses, isn't that good enough?
They're going to say, no, that's not good enough.
You know, welcome to an enforcement action.
So it's really important to figure out how to geo-fense properly if you're going to do it.
And I would encourage anyone out there who's thinking about geo-fencing to take a look at our paper
and see some of the best practices and explanations that we give about how to try to do that effectively,
obviously, with the help of your own lawyer.
It's sad that we actually have to do that.
I'll say, and hopefully this is only temporary until we get some more regulation heading our way
and legislation heading our way that these geofences can be removed.
But I mean, some of these geofences, like to your point, they just seem so pointless and silly
because any defy user who's based in the U.S., and I can say this because I'm not the lawyer
on this show.
I mean, like, we all know how to use a VPN, okay?
So, I mean, like, you almost have to in this day and age.
And the enforcement actions aren't coming to individual users, of course.
Like, could you imagine if the SEC or CFTC came to individual users and said, no, sorry.
You were, you were, like Gary Gensler has not gone that far, though I wouldn't put it past them if you give them another few years.
So a lot of people just use a defy with a VPN.
And it's a pain that we have to do that.
But, I mean, I guess that's the current state of where we are and the lack of regulatory clarity.
Well, I'm not going to comment on that any further than to check up the paper.
including the section that we wrote on VPN blocking
and how to think about doing that if you need to.
Let's just zoom out and close this up, Jake.
So first of all, thank you again for being with us.
And we'll see how this Roman Storm tornado cash case goes.
That's on December 2nd for everyone paying attention at home.
And bankless is going to be doing some coverage, of course,
as that's ongoing.
Just zooming out.
How are we doing overall?
Are we winning or are we losing?
I'm not entirely sure how to,
to assess this. Ask me any given day and I might feel one direction or another. But if you zoom out,
you look at 2024 and the progress that we've made and all the work that's still to come,
how would you assess it? Are we winning or losing? We're winning. I'm going to say that in a
full-throated way. I think we're winning. I think of this as a war with many different fronts.
And if you think about the various issues we've talked about, you know, the financial markets regulatory
issue on one front, you know, the SEC and the CFTC and others. The illicit finance and national
security issue, another front. The banking and prudential regulatory issues, like you said,
choke point, which we didn't have time to get into, maybe some other day, right, another
front. At any given time, we're making progress, pushing forward in one front, maybe losing grounds
in another. I think exactly as you said, we're doing an extraordinary job of fighting back
against the SEC and the CFTC, I honestly feel pretty good about where we are with those issues.
I think we've got pathways to do business in the United States, even though the SEC doesn't
want us to because we are right on the law and they are wrong and we have the courts to back us up.
I think on these illicit finance issues, this is sort of the big boss.
And I think that the industry is just now starting to understand.
And hopefully we'll better understand having listened to this conversation, that we're losing ground there.
that we are at a point where law enforcement and the intelligence community and the national
security apparatus are perceiving the technology that we are building as a threat to their authority,
even though that is not how we intend it, even though we want them to be able to do their jobs and go after the bad guys and win these types of geopolitical fights,
they are not that happy with technology that they can't control.
And we need to think a lot harder about what legal arguments, what policy arguments, and also, frankly,
what types of technical arguments, right, types of technical projects we can build to get more
of an advantage on that front. So I think we're winning. I think we can do it. I think it will take
all of us working together. And as always, Ryan, you know, thrilled to talk to you about this and
hope that folks will come away with a better understanding of how important this issue is.
You know, the only set of actors that crypto is bad for is totalitarians. And so from that
perspective, hopefully the United States, batting on, you found it on principles of freedom,
freedom comes to realize this and starts exporting this to the world. I guess just lastly, Jake,
what gives you optimism just in general about this fight? The founders, honestly, you know,
like I said, I spend a lot of my time working with mostly very young people who are very
passionate and very optimistic and are building the coolest stuff I have ever seen in my life.
And I really think when you think deeply about what this technology can empower, when you think
about what the internet is, how young it is, right? When I grew up, it was the very beginning of
the internet in the 90s, right? Look how far we've come in so short a time. But if you imagine the
internet, 100 years from now, 200 years from now, I just cannot envision that internet
existing only at the mercy of very large tech companies that have centralized control over
everything. We live in a digital world, as you guys always say, and I'll leave it to you to say
the direction that we're all going,
but the direction we're going
is for us to own digital assets
so that we can live real, full,
and fulfilling digital lives.
And I just don't think there's any way
that that's going to stop.
Let's talk about that direction as we close
and thank you, Jake, once again,
for joining us, some action items.
Donate to the Roman Storm case,
the link in your show notes to do that.
Also, Jake's geo-fencing paper
that we talked about will include it there.
But the direction we're headed in
is West, as always.
Crypto is risky.
you could lose what you put in, but this is the frontier.
It's not for everyone, but we're glad you're with us on the bankless journey.
Thanks a lot.