Bankless - The Death of Crypto Privacy? with Jake Chervinsky
Episode Date: August 24, 2022On today's State of the Nation, it's time to bring back the crypto legal mind of Jake Chervinsky. With the recent OFAC sanctions against Tornado Cash and the cascading chilling effect, our digital rig...hts are under attack. Have we seen the death of crypto privacy? What can we do to help advocate for digital justice? As always, Jake brings a thoughtful and measured approach to these crucial topics. ------ Chainlink | Register for SmartCon 2022 with promo code “BANKLESS” https://bankless.cc/smartcon ------ SUBSCRIBE TO NEWSLETTER: https://newsletter.banklesshq.com/ ️ SUBSCRIBE TO PODCAST: http://podcast.banklesshq.com/ ------ BANKLESS SPONSOR TOOLS: LENS | ACCESS CODE: VITALIK https://bankless.cc/Lens ROCKET POOL | ETH STAKING https://bankless.cc/RocketPool ️ ARBITRUM | SCALING ETHEREUM https://bankless.cc/Arbitrum BRAVE | THE BROWSER NATIVE WALLET https://bankless.cc/Brave JUNO | BRIDGE FIAT TO LAYER 2 https://bankless.cc/Juno ️ ZKSYNC | THE LAYER 2 SCALING ENDGAME https://bankless.cc/zkSync ----- Resources: Jake Chervisnky: https://twitter.com/jchervinsky Set Alex Free: https://setalexfree.nl/ ----- Not financial or tax advice. This channel is strictly educational and is not investment advice or a solicitation to buy or sell any assets or to make any financial decisions. This video is not tax advice. Talk to your accountant. Do your own research. Disclosure. From time-to-time I may add links in this newsletter to products I use. I may receive commission if you make a purchase through one of these links. Additionally, the Bankless writers hold crypto assets. See our investment disclosures here: https://newsletter.banklesshq.com/p/bankless-disclosures
Transcript
Discussion (0)
Hey, Bankless Nation, welcome to another episode of State of the Nation. We've got a meaty subject to dig into today with a crypto legal mind. Jake Trevinsky. Our question, the top of mind question I think for crypto is, we've seen the death of crypto privacy. Recent OFAC sanctions against tornado cash. We'll get into that. The arrest of an open source developer. We'll talk about what that means. Is code speech? A lot of questions that we've had over the last couple of weeks.
in crypto and at bankless. And what we really wanted to do was bring Jake into the episode,
who is a legal mind and can give us some legal commentary on these things. Of course, he'll be
first to disclaim that none of this is legal advice and will allow him to do that. But he is one
of our favorite crypto lawyers and thinks about these things deeply and has a great sense of
where things are going. David, what else are we in store for in this episode?
We've had these conversations both on the weekly roll-up and an actual other podcasts, and other podcasts have done this as well,
as talk about Tornado Cash and the future of crypto privacy.
And we're not going to begin at the very beginning because that conversation has definitely been had.
I think we really want to fast forward and see how this plays out and see where this all goes when we kind of go to this logical conclusion.
And there's lessons from history to pull from.
And I think that's really where we want to start is we can actually go back before the advent of cryptocurrency and go back to cryptography and take a leaf out of the lessons of history and kind of extrapolate from there.
Like if we won these battles before, can we win them again?
And overall, there's also just the general landscape of regulation in crypto.
Like what is the Congress?
What's the state of Congress and the White House and Capitol Hill and the state of crypto regulation there?
And so we will get into all of these subjects and more with Jake Chrivensky.
Hey, I got to let you know as we get in, our friends and sponsors at SmartCon.
This is a conference put on by the folks at ChainLink.
It's a fantastic conference.
Usually this thing is virtual.
Now it's conference season.
And they're doing it in person this year in New York City on the 28th and 29th.
David, I'm going to scroll down.
Look at these attendees, man.
Eric Schmidt, former CEO of Google.
Sergei from Chainlink, Belagi.
We've got SBF, Ed Felton, Stani, Kane.
It's almost looks like a list of previous bankless podcast guests, David.
What other information do you want to share about ChainLink and where can folks find out more?
Yeah, ChainLink SmartCon.
They do this every single year.
It used to be all virtual, but this is the first conference that is in real life happening in New York.
And so if you are a regular attendee, congratulations.
You get to go and be in person for the first time.
And also, if you use code bankless, you can get a hefty discount off of your ticket for
to SmartCon 2020.
Another perk of listening to Bankless Guys.
Go click that link in the show notes for more info on that.
David, I'm going to start with the question.
I always ask in these episodes, what is the state of the nation today, my friend?
The state of the nation, Ryan, is lawyering up.
We are lawyering up right now.
And so this is the state of crypto in this present moment,
is we have some legal fights ahead of us.
And so we are going to, we're consulting with our lawyers,
although Jake Trevinsky is not your lawyer, nor is he ours.
But he's still a lawyer.
And so we are going to talk to Jake as the resident lawyer of crypto Twitter and what we need to do to move forward in this industry.
Okay, who knows legal could be a public good?
But we are hitting the gym today and lawyering up and getting ready for this privacy battle ahead of us.
Guys, we're going to get right into the episode with Jake Chervinsky.
But before we do, we want to thank the sponsors that made this episode possible.
Lens Protocol is an open source tech stack for building decentralized social media applications.
It is the new era for social media.
We all have toxic relationships with our Web 2 apps.
We want to break up with them, but we can't.
These applications own our digital lives and all the relationships that we've made.
We need to break through to a new paradigm of social networking applications that we control,
rather than them controlling us.
Lens isn't a social media app.
It's a protocol to let 1,000 Web 3 social apps bloom.
Lens is a permissionless and transparent social graph that is owned by the user.
In crypto, we say not your keys, not your crypto, and on Lens, we say not your keys, not your profile.
With Lens, your followers go with you to whatever social media application.
you want to use. And instead of being trapped by an algorithm chosen by that app, Lens lets you choose
the way you want to experience your social media. Lens is the last social media handle that you'll
ever need to create. So in order to get started, there is a secret code word in the show notes.
Enter that code word in the Google Form linked, and you'll be well on your way to entering the world
of Web3 social. Rocket Pool is your decentralized Ethereum staking protocol. You can stake your
eth in Rocket Pool and get our ETH in return, allowing you to stake your eth and use it in DFi
at the same time. You can get first.
on your ETH by staking it with Rocket Pool, but you can get even more by running a node.
Rocket Pool is the only staking provider that allows anyone to permissionlessly join their network
of validating Ethereum nodes. Setting up your Rocket Pool node is easier than running a node solo,
and you only need 16 ETH to get started. You get an extra 15% staking commission on the pooled
that uses your node to stake. You also get RPL token rewards on top. So if you're bullish
estaking, you can boost your yield by adding your node to the decentralized Rocket Pool network,
which currently has over 1,000 independent node operators.
It's yield farming, but with Ethereum notes.
You can get started at rocket pool.net,
and you can also join the Rocket Pool community in their Discord.
You can find me hanging out there sometimes in the chat,
so I'll see you there.
Arbitrum is an Ethereum layer two scaling solution
that is going to completely change how we use DFI and NFTs.
Some of the coolest new NFT collections have chosen Arbitrum as their home,
while DFI protocols continue to see increased liquidity and usage.
You can now bridge straight into Arbitrum
for more than 10 different exchanges,
including finance, FTX, Kowby, and Cryptododon.
Once on Arbitrum, you'll enjoy fast transactions with cheap fees, allowing you to explore new frontiers of the crypto universe.
New to Arbitrum, for a limited time, you can get Arbitrum NFTs designed by the famous artist Ratwell and Sugoy for joining the Arbitrum Odyssey.
The Odyssey is an eight-week-long event, where you can play on-chain activities and receive a free NFT as a reward.
Find out more by visiting the Discord at discord.g.g.orgorg.
You can also bridge your assets to Arbitrum at bridge.arbitrum.io and access all of Arbitrum's apps at portal.
in order to experience defy and NFTs, the way it was always meant to be fast, cheap, secure,
and fiction-free.
Hey, guys, welcome back.
Oh, digging into the subject is crypto privacy dead.
We have Jake Trevinsky on.
To help us answer that question, Jake is crypto-Twitter's favorite lawyer.
I think he's bankless's favorite lawyer maybe, although we're credible.
Don't be too many favorites.
We don't have too many favorites.
Every lawyer we have on bankless is our favorite, but Jake's our most favorite.
He's the head of policy at the Blockchain Association, where he's,
and many other legal minds are actually working to defend crypto against unjust laws and policies.
This is the legal layer of our fight. He's been on bankless many times, of course.
And Jake, I know you're going to ask. So I want you to be able to do the disclaimer up front
because you are definitely not our lawyer. Anyone who is listening to this, Jake is not your lawyer.
What do you want to disclaim before we get into the episode?
Well, you covered it pretty well. And thanks for having me,
It's always great to talk to you guys, although usually it's, you know, under less than optimal circumstances that we get together.
No, hey, look, that's what I'm here for.
And it's, like, it's an honor to be considered, you know, in the conversation, you know, first among equals of the lawyers who come on here.
So I appreciate that.
No, but I mean, I guess the quick disclaimer, as you said, is I am a lawyer, but I don't represent you guys or anyone else who's listening.
So we may discuss some legal issues, but nothing that I say is intended as legal advice.
And if anybody out there has concerns about what they should be doing in order to comply with the law,
then they should find our own lawyer to give them personalized advice.
So that's all there is there.
Well, you know we're a little bit scared or something bad has happened, as he said, Jake, because you're on the episode.
And David, I know you've got the details to maybe speed run, but we are talking, of course, about OFAC sanctions, tornado cash.
Could you just speed run what's happened recently?
And we could do maybe a recap with Jake real quick for folks who've missed it.
Yeah, and like I said in the intro, this topic has been around the content sphere for a while now.
And so we're going to speed run through some of the beginning stuff and get through some of the further along parts of this conversation.
And so Jake, I just want to kind of highlight some of the high-level themes of this whole entire episode and just make sure that we're on the same page about what the big questions are.
So the first one and obvious is tornado cash is now banned for U.S. citizens, which really brings up the question,
does the rights of OFAC to prevent North Korea from accessing money come before the rights of individuals to access privacy tools?
Are OFAC rights superior to individual rights?
I think that's the one big question that we have.
And also, you know, along with that question is, why should we lose our rights so that OFAC can sanction bad actors?
I think that's one big theme.
Another big theme is that this whole incident is unique because tornado catch is not an entity or a person.
It's a smart contract, which begs the question, is it even legal to ban a smart contract?
So that's one big theme as well.
Alex Pertsov, the tornado catch developer, was arrested in the Netherlands.
Is it now illegal to write open source software?
Is open source code illegal now if it's used by nefarious actors?
That's another big theme.
And then perhaps the last one is, now the industry is really taking a look at what else is risk in DFI?
Like what else is under perhaps the, under the crosshairs of other regulatory agencies and at risk of censorship?
Is this just the beginning?
And if so, where does this end?
So these are the big themes that I see.
I'm wondering if there's any others that are floating around in your brain or anything you want to double tap on.
No, look, I mean, those are the big questions, not just of the day, but I think the big questions of crypto in general, right, as sort of a movement.
I think, you know, in a way, this is a perennial question.
How do we balance the interests of national security against the individual rights of citizens?
And it's a hard question, and it's one that we've struggled with long before crypto came up.
And it's one that I think we'll be battling for a long time.
I think the only other thing that we should maybe touch on in addition to, I think, those sort of philosophical concepts, is what do we actually do, right?
As a community, as a group of builders, as advocates, how can we try to advance the interests of civil rights and the rights of U.S. persons to use these permissionless technologies in a way that isn't going to get us in even more trouble.
with policymakers who frankly don't always agree with us about how we rank the priorities when we deal with these issues.
So I think the list you gave is exactly the right set of topics for us to be thinking and talking about.
Jay, can I ask you just base level question?
Like, were you surprised by this course of events?
Like, because I know you're thinking about all sorts of intersections between law and crypto.
And then suddenly we've got smart contracts on the OFAC sanction list.
did this surprise you?
Yes, it did, actually.
And I say that fully realizing that that might mean I wasn't doing my job as well as I should have.
Because, look, as you said, I'm the head of policy for the Blockchain Association.
My job is to represent the interests of our members, which cover the full range of the crypto industry here in the U.S.,
with respect to what is coming down the pipe from government.
And the issue of privacy is one that we talk about and think about all the time, because
one of the issues that government tends to have with crypto is the perception that it can be
used for illicit activity more easily than the traditional financial system or traditional financial
instruments like cash. So we spend a lot of time thinking and talking about this illicit finance
issue and how we can get policymakers to understand that the benefits of crypto outweigh those risks.
And so OFAC is one of the agencies, one of the departments within the Treasury Department,
that we think about a whole lot, and sanctions is something that's on our radar.
Nonetheless, I would tell you that I did not imagine that OFAC would sanction a piece of
software as opposed to sanctioning persons or entities or their property.
I knew that, and all of us have sort of known that tornado cash has been a concern for,
you know, anti-money laundering regulators and for law enforcement, right?
folks have identified the use of tornado cash by the Lazarus group, which is the hacking group
affiliated with North Korea for a long time. So we knew that this was sort of an issue that
government was looking at. But the idea that they would go after the software itself was a
huge surprise to me. And I think left a lot of people who work on these issues all day, every
day, pretty surprised. One thing that strikes me is I sort of thought that we were okay with privacy,
the blockchains in the US because we've had Zcash for like ever, right?
And I thought, okay, the first action we might see against OFAC or treasury or
anyone in government might be the delisting of assets like Zcash asset, the Zcasset
asset from centralized exchanges.
We haven't seen any of that yet.
Zcash has been, you know, fully private blockchain that's been in production working
for a while.
So this was not on my radar.
either, Jake. And I'm wondering if you think it just rose in importance is because, like,
well, North Korea wasn't using Zcash in order to do some illicit transactions, do some kind of
money laundering and cover their tracks. But they were using Tornado. So that's when government
picks its head up and says, oh, this thing, like this thing cannot be allowed to exist. And then they
went through the process of sanctioning smart contracts. What do you think? I think a few things.
I mean, first of all, it's a really good point.
Tornado Cash is one tool that allows people to get privacy in the crypto ecosystem.
It's not the only one by far, and it's not the first one, right?
We've had other privacy technologies for much longer than Tornado Cash, which launched in 2019.
I think here's maybe one way to understand this, and I'll preface this by saying it's hard to sort of psychoanalyze
policymakers from a distance.
so I always hesitate to sort of read their minds.
So I am speculating a little bit here.
But I think, first of all, Manero, more so than anything else,
Manero and also Zcash, but other privacy preserving technologies,
have been on the minds of regulators for a long time.
They haven't taken such aggressive action against any of them
as they have here with tornado cash by literally making it illegal
for U.S. persons to use the technology.
But they have, at least reportedly, put pressure
on centralized exchanges to delist assets like Minero, to limit the ability of people to access
those assets. For example, the Department of Justice put out a framework related to cryptocurrency
investigation and prosecution maybe one or two years ago, and they talked about what they call
AEC's anonymity-enhancing cryptocurrencies. And basically what they said to exchanges in that
public guidance was you should think very hard before you list any of these AECs because it may be
impossible for you to comply with your legal obligations if you have these things, you know,
these assets listed. So it was kind of a light but very clear and not so subtle message to
exchanges that we do not like this technology that provides privacy to, you know, to any people
who can get access to those assets. The thing is with Tornado Cash,
I wonder, and this is where I'm going to speculate a little bit, I wonder if OFAC was really trying to signal a consequential shift in policy that privacy technology is not allowed, or if there's some other explanation for why this happened. One of them is what you mentioned. North Korea was using this tool quite a lot. Not the majority of use, right? All of the stats that we have about the use of tornado cash, say North Korea accounted at least recently for maybe 30,
30 to 40% of volume through tornado cash.
That's a lot, but it's still a minority of total volume, right?
The majority of volume in tornado cash was legitimate.
Nonetheless, that's a lot of illicit use.
And I think that puts tornado cash just as a factual matter in a different category from
something like Zcash where you don't see that type of abuse by bad actors.
The other thing is, and this is sort of inside baseball in DC, but typically when you have a
pronouncement of a big policy shift, it comes from the people who are really in charge of making
policy, right? In this case, we would expect it to come from perhaps the director of OFAC or the
deputy director, you know, someone who's really working on this within OFAC. Instead, the announcement
was made by political appointees by Brian Nelson, who is the Undersecretary for Terrorism
and Financial Intelligence in the Treasury Department. That's a position that is nominated
and appointed by the president.
And then also by Secretary Blinken,
who's the Secretary of State,
not even related to the Treasury Department
that made the decision.
And I think what this signals is,
this might have been more of a political decision
than it was an attack on crypto, right?
It may be that someone on the National Security Committee
and the Biden administration said,
hey, we need to signal that we are tough on North Korea,
what options are legally available to us?
And they were presented with a menu of potential options,
And one of them was sanctioned tornado cash.
And in sort of a hasty manner, that was the solution that was picked.
So I know I'm going on and on here, but I think the point is we don't know yet what the
government's view on privacy preserving technologies broadly are.
And there's some weird things about the fact that tornado cash gets sanctioned here
and not any other technologies that signify, you know, maybe this slope isn't quite as
slippery as we think.
Maybe privacy isn't totally dead.
this is just sort of a one-off situation that we need to figure out how to address.
That's definitely some of the conclusions that I've been thinking about, that it's obvious that
there are other privacy tools out there, as you said, that are untouched in this present moment.
And there's no real coincidence that it was tornado cash and North Korea.
North Korea really seemed to be having a centerpiece.
Tornado cash, it's definitely used for like petty money laundering too.
But that really wasn't a centerpiece of this whole.
whole story. That wasn't really, didn't really come up in any of the verbiage used by OFAC or any of the
surrounding political spheres unless I'm missing something. And now there's this conversation of
Monero, which if you're telling me that like the previously regulators went over to exchanges and it was
like, yo, yo, yo, be careful about listing Minero. Tells me that they're actually pretty technically
adept in understanding Minero and that level of privacy and what it means to, at least loosely what
it means to have base layer privacy.
But they didn't ban Manero based off of its usage.
They banned Manero or didn't ban Manero.
They, I don't know what you would call it.
They communicated suggesting restraint of using Manero from these exchanges
based off of the technical properties of Manero rather than who is actually using these things.
Now there's, and this goes back to something that Ryan and I have said about just like the concept of privacy,
is that privacy is actually better suited as an application rather than a layer one chain.
Because that's, and that has actually, I think, shown up in this particular case where you combine the liquidity of ether or the liquidity of USDC inside of Ethereum with the application of tornado cash, which instantiates privacy into those assets.
And all of a sudden you have a really strong use case that North Korea latched on to.
And so that makes me think that really the battleground for privacy,
is actually going to exist in the actual app layer where you combine the highly liquid assets in
D-Fi, D-D-U-S-C-E-C-Ether with very strong cryptography that you would find in Tornado Cash.
But I also want to bring up this conversation of like Aztec as a layer two.
As-Tec, another privacy tool on Ethereum that has just as strong as security properties and privacy
properties as Tornado Cash, if not better, but not used by Tornado Cash.
And so I'm wondering, Jake, just like, what you're thinking about, like, the peripheral application services that are adding privacy that aren't another layer one blockchain, something that gives you privacy on any asset that exists on Ethereum that isn't like another layer one blockchain like Minero, like that's not being used by North Korea.
Like, how at risk do these players seem to you?
It's a great question and it's a great point.
I mean, the short answer is, I don't know.
And I think one of the big challenges of this decision about tornado cash is it raises this question of, at what point is OFAC going to decide that a neutral tool is being used too much by the bad guys that nobody gets to use it anymore, right?
We need to sort of understand where the line is.
I mean, like I said, tornado cash was about 30 to 40 percent, according to the numbers we have used by North Korea.
that's still a minority.
What if it was 25%, what if it was 20%, right?
At what point does North Korea get to decide,
hey, if we use something too much,
then nobody in the United States is going to get to use it anymore.
I don't think we want to empower one of our largest foreign adversaries
with the ability to shut down any technology in the U.S.
just by deciding to use it a lot, right?
What if they decide that they want to use Aztec a whole lot?
Does that mean that even though, you know,
no legitimate uses of Aztec have,
changed, right? There's still people who are using it for all of the good reasons why we want
privacy. Does the fact that North Korea is using it mean that it has to get banned? I think that's
not a world that we can live in. Just one other point, though, I think it's important to note,
to your point about government having a pretty good sort of sophisticated understanding of the
technology, that I think that they do understand quite well, that they cannot shut down
Ethereum and they cannot shut down the tornado cash smart contracts. So I think people who are
coming out and saying, look at these stupid policymakers, they don't understand that this decentralized
technology is out of their reach. I don't think that's what they're thinking. I think what they're
thinking is, although we can't shut these systems down, what we can do is limit access to them,
thereby limiting how effectively they can be used to launder money or carry out, you know,
illicit financial activity. And I think in the tornado cash,
context, given how tornado cash works, in theory, limiting U.S. persons from using tornado
cash will limit the anonymity set, which means it will be easier for the government to identify
bad actors who are using it, right? The fewer legitimate uses there are for tornado cash,
the more effectively they think that they will be able to identify the bad actors. So it's not
totally crazy that they would have made this decision. It's just that it, in my mind, anyway,
violate sort of the core tenets of what we are trying to build in crypto, which is a permissionless,
open, inclusive financial system that anyone can use, right, a neutral tool like any other.
And just to drill down on that, Tornado Cash and Tornado Cash users achieve privacy by pooling
themselves altogether. And so if you take out all of the legitimate actors out of the pool,
you only have nefarious illicit actors left in the pool. And so it doesn't really matter
if you put your ether through tornado cash,
if the only people putting their ether through tornado cash
are like North Korea drug runners and like tax evaders,
like sweet, you're just commingling all of your ether or die or whatever
with all the other illegal people of the world.
And so this just like much easier to trace down these transactions
when everyone going through these things is illegal.
But it still begs the question is like, sweet,
now we don't have any privacy tools as like good, honest people of the world.
And I'm wondering, like, this, the outcome of privacy and crypto, I don't think there's any way around this.
As in, if we have privacy and crypto, we are by definition commingling honest users who just want their basic freedoms and privacy with money launderers, drug runners in North Korea.
Like, I don't really think there's any alternative outcome.
So naturally, this must end up in the courts, right?
If that is a premise of an argument is like, yes, in order to have privacy, you're putting honest people right next to North Korea.
The only way that we really have clarity on this is if we actually like make that explicit and also win that outcome that we're allowed to do this in the courts.
Would you agree with that, Jake?
I think that's right.
I guess two points on that.
One is I think there is a false belief that using tornado cash is commingling your assets with the assets of bad actors.
That's not technically true.
And I think as a legal matter, this is a really important and significant distinction, right?
If we view the pool as having many participants all counterparties of each other, then indeed,
it's not unreasonable to say it is illegal for you, David, to put your assets in tornado cash
because you are transacting with a North Korean entity.
The North Korean entity is sanctioned.
It's illegal for you to transact with that party.
If that party is your counterparty in the pool, then, sure, the U.S. government has a legal justification for banning access to the pool.
That's not really how tornado cash works.
And in fact, this is an issue that crosses many different types of defy protocols that use pools, whether it's an AMM in a decentralized exchange protocol or a pool in something like compound or AVEA, a borrowing protocol.
I think it is factually incorrect to say that all users of this pool are counterparties of each other.
When you supply assets to tornado cash, you withdraw your own assets.
You are not actually mixing your assets with anybody else.
The fact that there are other users creates an anonymity set, but it does not mean that you are transacting with a sanction party.
And I think as a legal matter, that's a really important distinction, maybe a bit of a sort of wonky one.
But I wanted to at least say that.
So my 10 ether going into tornado cash,
is the same 10 ether that I withdraw,
as in that the buckets of water do not get poured into the same bucket?
Exactly.
You are not getting North Korean ether,
and the North Koreans are not getting your ether.
That is fundamentally, technologically,
not how something like Tornado Cash works.
And I think that's pretty important.
And I forget what the second thing I was going to say.
So I'll let you know if I remember that.
But yeah, so what's important is this is similar to how Zcash works too, right?
the more kind of users of Zcash, the stronger the pool for anonymity, right?
It's not, you know, this is a central premise of some of these zero knowledge privacy solutions.
And so back to what David was saying is like if OFAC doesn't want U.S. citizens to go use tornado,
which, by the way, was like a fantastic tool for protecting your privacy on chain.
I don't know of any other tool that allows us to do that.
So my question to Treasury is, cool, what do you want us to use then?
What should we use?
What's legal to use instead, Treasury?
Are you saying we are not as American citizens entitled to privacy of our transactions on chain?
Is that what you're saying?
Because it sure feels like that if you start banning the only practical privacy tools that we could actually use.
Yeah.
And that reminds me of what I was going to say before.
and exactly to that point, do we have to end up in court over this issue?
Is there some reasonable, I want to say compromise,
but really what I mean is common ground that we can find with policymakers
who have these concerns about national security
and bad actors abusing the crypto ecosystem
that will still preserve our privacy without us having to run to court?
And I think the answer to that question is maybe, I'm not sure yet,
But I think we have to explore those options.
So let me say a couple of words about David's question,
does this end up in court so that we can protect our privacy?
I think the answer is probably yes, ultimately.
And here's why.
We've always struggled, at least in the last 50 years,
since the Bank Secrecy Act was adopted in the 1970s.
And we've talked about the Bank Secrecy Act on prior podcasts,
so I'll skip sort of the background about that.
We've struggled with this question of warrantless,
surveillance, right? How much will we allow the government to intrude on our privacy for the purpose
of detecting and prosecuting bad actors? And in the digital era, the pendulum has swung very far
in favor of government surveillance and against individual privacy. And the problem there is,
the idea of privacy is we should have the right of financial privacy, even though bad actors
will also have that right. This is sort of like a core fundamental part of our Fourth Amendment right to
privacy, right? The Constitution basically says the government cannot search your persons, houses,
papers, and effects without a warrant. And that's true for bad guys too, right? The government
can't just come barging into your house without justifying that search, even if you might be
doing something illicit, right? The right to privacy matters more than the right of the government
to surveil everything that we do to catch every single person who might be violating some law.
And I think that crypto has presented a really stark challenge for us,
because on the one hand, we are now dealing with a disintermediated financial system.
This is very different from how anti-money laundering and counterterrorist financing laws have worked in the past.
They typically deputize intermediaries in the financial system, right?
Banks and money transmitters and other institutions that are processing transactions for us
and forces them to surveil us on behalf of the government.
It deputizes intermediaries.
Here we're building a disintermediated financial system.
There are no intermediaries to play that role.
That's a huge challenge to the way that these anti-money laundering or counterterrorist financing laws work.
On the other hand, however, government has been pretty comfortable with crypto for the last 10 years because the blockchains are public and they can surveil transactions anyway.
They don't need an intermediary within the crypto ecosystem to do that surveillance.
They use the intermediaries at the edges, the Fiat on ramps and off ramps to KYC, right, to identify all of the participants in the ecosystem.
And then using a forensics firm like Chainalysis or TRM labs, they can trace all of the,
transactions as they move through the crypto ecosystem. So even though it's disintermediated,
they're not really losing anything. Tornado Cash changes all of that. These privacy-preserving
technologies fundamentally challenge the ability of government to continue with this warrantless
surveillance program that they've come to be very comfortable with and that they want to continue.
And that, I think, is where we may end up having to go to court to fight this battle, to say,
even though you've enjoyed the ability to surveil everyone's transactions for the last roughly 50 years,
that's just not going to happen anymore.
And we need to come up with new ways to do law enforcement, right, to detect and prosecute the bad guys who make no mistake.
We want to be detected and prosecuted and punished, right?
We're not supporters of the North Korean dictator here.
It's a brutal regime.
They are our foreign adversaries for good reason.
We want to undermine and work against them, but we can't be sacrificing our privacy, you know, just in the name of doing that.
That's a warrantless search is a great name for that.
If we don't have privacy on the base layer of blockchain, that's essentially what we're subjected to.
And I guess what's interesting about this is the U.S. and other governments have had the ability to do the enforcement through intermediaries to date through crypto exchanges.
Even something like Zcash or Monero.
What's interesting about Ethereum is it is an economy and a financial system unto itself.
So what I find interesting, as David was describing earlier,
of North Korean shuttling money to tornado cash is they didn't go through an exchange first
and buy their EF in order to, like, shuttle it through tornado cas.
That was actually like funds procured through a hack,
likely the Ronan side chain or like other multi-million dollar hacks.
So it completely ratted around and bypassed the sense.
centralized intermediaries. And I wonder if USGov and Treasury is just like, oh, shit, wow, they could do this?
I thought we were comfortable with our posture on crypto. And now they're realizing that,
well, can be like the centralized intermediaries can be completely bypassed. And so they are just spinning some stuff out as a result and seeing where their power lies.
Something like that could have happened. Yeah, I totally agree. I think, I guess two things. One is,
Ronan is exactly the right event to point to as, I think, a major contributing factor,
not just in this decision to sanctioned tornado cash, but in a political, if not a foreign policy shift
in how the U.S. government views crypto.
North Korea is a rogue nation state, right?
It's one that everyone in the world is quite concerned about.
And in terms of U.S. foreign policy, there are really three countries that the foreign policy
establishment in DC is most concerned about, maybe four, that's Russia, Iran, China, and North Korea,
right? So there is a lot of thought given in DC to how do we address the threat from North Korea,
specifically the threat of them developing a nuclear program, right? No one is sure whether Kim Jong-un
is crazy enough to use a nuclear weapon if he feels like it's necessary in order to stay in control
of that regime. And typically the way that North Korea has been prevented from developing nuclear
weapons is, number one, by trying to prevent other countries from giving them aid. This is a big
problem with China right now, which has taken sort of a supportive view toward North Korea.
But secondly, by cutting off their sources of funding. And this gets back to the purpose of sanctions
in the first place. The purpose of sanctions is to deprive a foreign adversary or some other
foreign actor who's doing something the U.S. government doesn't like from having access to the
U.S. economy and to the extent possible from having access to the global economy to starve them
for money. And the Ronen hack was a very material amount of funding for North Korea. There's no way around that.
Hundreds of thousands, sorry, hundreds of millions of dollars we're talking about. I think it was
$640 million. $640 million. And this is like, so putting on your national defense, national security
cap. You're like, we had choked North Korea off of the global economy. And now, because
Defi was sloppy with one hack, suddenly they've got $640 million to go fund weapons against,
you know, the U.S. and its allies. Exactly. And that's the second point I was going to make,
which is all roads lead back to defy, right? We love Defy. We see all of the amazing benefits and
features of it. We see how it's a revolutionary upgrade on
an analog financial system, what the government sees is this is financial infrastructure that
North Korea can use. And it was somewhat hypothetical until something like the Ronan hack.
And if you add up the Ronan hack with others that the Lazarus group pulled off, I think they made
over a billion dollars in one year. That's like 10 times more than they had made in the year previous
from all illicit financial activity that they were doing in all contexts around the world.
So this is material, and I think it's important to recognize that just to understand where the Treasury Department is coming from when they sanction something like Tornado Cash.
It's not necessarily an attack on software developers' free speech rights or on our financial privacy rights.
It might be, and we have to take that threat very seriously, but we also have to understand what the sort of well-meaning, valid motivations are behind that decision as well.
And yet we have an open source developer who is also
been arrested as a result of all of this, which is kind of some mixed signaling, Jake.
It's either mixed or entirely confused and unintentional.
And I think, look, this to me is the most terrifying part of this whole story.
The sanctions are a decision made with at least some thought.
And I think it was the wrong decision.
and I think we will have an opportunity to educate the Treasury Department about that.
But at least there's some explanation for why they would have thought this was the right thing to do.
I cannot, for my life, imagine why Dutch police decided to arrest a software developer
for the supposed crime of writing code.
And I guess just to get a little bit of background,
one of the three main developers behind Tornado Cash,
I think maybe three days or so after the sanctions came down from the U.S.,
was arrested in Amsterdam.
and has now been held in detention, as in behind bars, for, I want to say, 10 days and has not
been charged.
And what Dutch police said at the time of the arrest was that he was involved in concealing
criminal financial flows, that he was engaged in facilitating money laundering.
But they did not make any factual allegation whatsoever other than he was a developer who
wrote some code, and the code happened to be used by bad.
actors, perhaps without his knowledge and without his intent. And that to me is completely unacceptable.
It's unacceptable in any country, but especially in a Western democracy that purports to respect
civil rights. We cannot go around arresting software developers for exercising their right to free
speech, which is what writing code is. So we're still waiting to find out what the details are
there. But my heart goes out to the developer who is still being held.
behind bars, even though he hasn't been told exactly what he did wrong as we speak here today.
What's the connection between OFAC having its ruling and banning tornado cash and then three
days later having this person be arrested in the Netherlands? Is there any chance that
there's a relationship here between the Netherlands and the United States? Or like, how are these
things connected? It's a great question. I don't know, but I'll give you my best guess. I think
it's too coincidental to say that there's no relationship at all, right? There's got to be some
connection there. I think the connection could be as simple as, and this is my guess as to what's
really going on here. The Treasury Department decided to sanction tornado cash largely as a result
of political pressure to be tough on North Korea. They did not communicate anything about that
decision to their foreign partners in other departments around the world that were focusing on
similar issues. The Dutch police are known for being particularly aggressive. They took the wrong
message from the sanctions, which they only read about publicly, and they thought, well, we've got
one of these bad guys here in our jurisdiction. Let's put him in handcuffs and lock him up,
which is a horrible thing to think happened. But the reason I think that's what happened is
because typically, if there is intergovernmental coordination, which often there is for actions
like this, right? All the governments sort of get together, the U.S. and their allies, and make a
joint decision about going after some bad actor, some terrorist group or some, you know, type of
weapon or something like that, and they all act together. That is not what happened here. The other
developers behind Tornado Cash have not been arrested. They were not personally included in the sanctions,
which is very important. If the Treasury Department thought the developers behind Tornado Cash
were bad guys, their names would have been.
been listed in the sanctions along with the tornado cache website and all the addresses and the
smart contract that got listed there. That did not happen. So I'm guessing that there was not
intergovernmental coordination that the Dutch police essentially went rogue and took a too aggressive
stance. I think where that leaves us, and this is the last thing I'll say, but I think is sort of the
the most frightening aspect of all of this, where that leaves us is Dutch police sort of being on
their own with this arrest. They probably do not have the support of the U.S. government or other
allies. And so either they need to admit that they should not have made this arrest and they need
to release this developer, which would be very shameful for them, rightly so, because the decision
that they made to arrest him is shameful. But it's not often that governments are willing to sort of
admit that they've done something this wrong, this fast, or secondly, they have to charge him with some
crime, which means they would have to charge him with the crime of writing code, which again,
is a pretty shameful thing to do. So I think that Dutch authorities are stuck in a pretty
tough situation. The only other thing, sorry, just one more point here is we don't know,
and it's just worth saying this, we don't know if there was some other illicit activity going on
that explains this arrest. It is at least possible, although I've seen nothing to support this,
it's at least possible that this developer was doing more than just writing code.
Maybe he was aware that North Korea was laundering money through tornado cash.
Maybe he provided them material assistance.
Maybe he was paid for that.
Maybe something else was going on totally unrelated.
We just don't know.
But it's a problem that we don't know, right?
And it's a problem that the Dutch authorities' explanation in their press release
doesn't say anything about that.
So that's sort of where we sit today.
And the secondary effect of this, Jake, of course, it goes without saying,
though, maybe we can talk about this after the break a bit more, is that there's a massive
chilling effect that this has on the industry. And what I'm showing, I don't want to show all this,
what I'm showing is a website for Alex Perzep. This is the developer in question. I think one
thing that we can do as a crypto community, as the bankless nation, is get loud about this.
And so Dutch authorities need to tell us what the charges are. You can't just
arrest and open source developers developing privacy as a public good and not tell us what the
charges are okay that is not allowed there are protests going on for Alex we'll include a website in the
show notes where you can get involved signing petitions uh joining telegram groups to coordinate and uh
also giving to some organizations that are paying for the legal defense of Alex uh should he
actually be charged with something so we've got to get loud if we don't want this sort of action to
continue. David, I know we've got a lot more to cover. Do you want to tease this out for us
what we're going to do once we get back from the sponsors? Yeah, there's a... Hey, David, you're muted,
though. Yeah, we're going to go down memory lane and back into the 90s because there's a lot of
parallels here with this story, but also an important difference. We have been here before,
not as the industry of cryptocurrency, but as the industry of cryptography. We've gone toe to
with the government over privacy tools.
So we're going to do a quick trip down memory lane and kind of go through some of the
court cases that have set precedence.
And then we're going to ask Jake, how is it the same?
How is it different?
And we're going to go through that story right after we get through some of these
fantastic sponsors that make the show possible.
Juno is bringing crypto-friendly banking straight into your tracking account.
With Juno, you can send money from your Juno checking account straight onto a layer two,
like Polygon, Optimism, Arbitrum, and they have ZK Sync and Starknet support on their way.
You can skip the ACH wait times, you can skip all the gas fees, and go straight from your checking account to an Ethereum layer 2 in seconds.
Inside Juno, you can buy and sell crypto with $0 fees, and your Juno checking account comes with a metal master card that gives you up to 5% cashback on your spending.
Juno is also giving you $10 cash back on your first crypto deposit and $100 when you set up a direct deposit.
This ad just writes itself, so go sign up at juno.finance slash bankless.
ZK Sync is an Ethereum Layer 2 network that is pushing the frontier of high performance.
blockchains that don't compromise on security or decentralization. ZKSink has combined the power
of zero knowledge roll-ups in the Ethereum virtual machine, enabling developers to build the greatest
web three projects possible, ones we haven't even seen yet. Crypto needs its killer applications
to onboard the world, but crypto-killer apps need ZKSink as a platform to build on first. It's generally
accepted that zero-knowledge roll-ups are the conclusion of crypto blockchain scaling technology,
and ZKSink is leading the charge into the final frontier of crypto economics. So if you're a developer
who wants to build your app on a future-proof foundation, which gives your users the best
UX possible, check out ZKSink's website at ZKSink.I.O. And yes, there's also going to be a token,
so give them a follow on Twitter 2 at ZKSink. The Brave browser is the user-first browser for the
Web3 internet, with over 60 million monthly active users. And inside the Brave browser, you'll find
the Brave wallet, the secure, multi-trained crypto wallet built right into the browser. Web3 is freedom
from Big Tech and Wall Street, more control and better privacy, but there's a weak point in
Web3, your crypto wallet.
And most crypto wallets are browser extensions, which can easily be spoofed.
But the Brave wallet is different.
No extensions are required, which gives Brave browser an extra level of security versus other
wallets.
Brave wallet is your secure passport for the possibilities of Web3 and supports multiple
chains, including Ethereum and Solana.
You can even buy crypto directly inside the wallet with RAMP.
And of course, you can store, send, and swap your crypto assets, manage your NFTs,
and connect to other wallets and defy apps.
So whether you're new to crypto or you're a seasoned pro, it's time to ditch those risky
extensions and it's time to switch to the brave wallet. Download brave at brave.com
slash bankless and click the wallet icon to get started. And we are back with crypto-twitters' favorite
lawyer, Jake Schrovinsky. Jake, I want to go through some what we call the Crypto Wars. And
this isn't the Crypto Wars as cryptocurrency. This is the Crypto Wars of Cryptography.
And there's a lot of parallels to court cases and legal precedents that has happened in the past.
And I want to start in 1991, one year before I was born, where Senator Joe Biden proposed Bill 266,
which allowed the government access to plain text contents of voice data and other communications
when appropriately authorized by law, which basically meant that the government would be able to spy
on all communications available at will through the internet and all other telecommunications
channels.
By the way, David, did you say Joe Biden?
Senator Joe Biden?
Senator Joe Biden, yes.
Interesting.
Interesting.
Right.
Meanwhile, Phil Zimmerman, this individual named Phil Zimmerman was building RSA encryption,
an encryption algorithm for messages and voice.
files. And this RSA algorithm was considered military grade encryption. And Phil Zimmerman, who
was trying to release this, was meant to democratize access to strong cryptography and make the
ability to communicate privately available to everyone. He called this program PGP, which shows for
pretty good privacy, a name inspired by a little-known grocery store called Ralph's Pretty Good
Grocery. Within a week, because of the internet, people started using it around the world, and
within a month, thousands had already downloaded it. It was soon used by Burmese freedom fighters
and had even spread into Eastern Europe where one person replied to Zimmerman, if a dictatorship
takes over Russia, your PGP is widespread from the Baltic to the far east now and will help
democratic people if necessary. Let's move forward into 1993, where PGP fell into the sites of
the U.S. government. After having attention drawn to Zimmerman through RSA's intellectual property
dispute, regulators initiated a criminal investigation onto the violation of the Arms Export Control Act.
During this time in history, cryptography was regulated under munitions. It was a weapon, and so it was
regulated under this Arms Export Control Act, and you cannot export cryptography. And Zimmerman was
charged with exporting cryptography outside of the United States. So Zimmerman was given a court date,
and the EFF, the same EFF, the Electronic Frontier Foundation, that is coming up to save tornado
cash and fight for the same purposes now, and also the public rallied behind Zimmerman.
And in response, Zimmerman printed copies of PGP source code onto a hardback book cover
as a political stunt, books being protected by the First Amendment and under free speech,
even though cryptography was not.
Now we have cryptography on a book, which is now regulated by the First Amendment.
So we have this juxtaposition between regulated cryptography and fee speech.
But, however, Zimmerman's case versus the government did not look good.
He had public support, but he unquestionably had violated the Munitions Act.
But then came a little bit of an overreach by government, which was the clipper chip,
which was a manufacturing standard that encrypted data, but also simultaneously gave the United States a backdoor
to allow the government to access all communications.
So it was like, yes, you can have your encryption, but we get to have a back door, says the government.
That would be like a government version of tornado cash that has a back door for the U.S.
And the public just erupted against this.
And three major court cases came later.
1994, Karn v. the United States, which set the precedent that written cryptography in a book is not subject to the Minutians Act.
So that's not illegal to do that.
1995, Bernstein v. the United States.
Bernstein's case that proved that cryptography was to be protected under the First Amendment under free speech.
So even more broad and free than just not being under the Munitions Act.
And then finally, in 1996, Junker versus the United States, leveraging the recent cases of Karns and Burr,
seen, Junger's case would emerge victorious in 1999 to conclude how software would be protected
by the First Amendment. And later that year of October 12th, Bill Clinton signed the Executive
Order 13-026, which removed cryptography from the munitions list and placed it on a lightly
controlled schedule. The export of cryptography was no longer prohibited. And through this order,
Zimmerman's case would be also dismissed because the consequence of exporting no longer carried
any weight. So that was the history. And these court cases stand to this day, and these are the
precedents that we stand on. But this was about cryptography, Jake, not about cryptocurrency. And so
my question to you is, is this the same or is this different? And are we going to have to do this
all over again? Understanding that this is the history that this industry stands on, how does this
go forward from here? Jake, can you just before, I just want to say, David, that was incredible,
dude. Can you get this guy a job as a paralegal or something? Because that was like,
I am straight impressed by that.
I did some homework before this.
Well done.
Co-host David Hoffman.
Back to you, Jay.
Extremely well done.
We are hiring for spring legal interns
of the Blackin Association, David.
I would love to have you join.
Very well done.
You mean, to answer your question, it's the same,
and it's different, right?
I'll tell you sort of which pieces are which.
It's the same in that code is speech, right?
End of story.
Code is speech, and speech is protected
by the First Amendment.
And all of the precedents that you just explained from the 1990s, from the original crypto wars,
all of those are still good law, right?
All of that precedent stands.
And so if push comes to shove and we have to go to court today or next year to argue
Codda's speech, I will feel very good about that argument.
There's no question about that, right?
The First Amendment protects our right to express ourselves publicly.
It's an essential right to have a functioning democracy.
It's tied up with the right to freedom of the press and freedom to dissent, right, to petition the government for a redress of grievances, as the First Amendment says.
We have to be able to express ourselves and engage in public debate over the issues that matter to us in order to have a functioning democracy.
And we can express ourselves, this is the law, in any way we want to, not just through words.
We can express ourselves through body language, through symbols, through languages of.
other than English, including programming languages.
And if you guys have ever worked closely
with software engineers or developers,
you know that when they write code,
they are expressing themselves, right?
There is an artistic element to this.
They have ideas about how the world should be.
And instead of expressing those ideas in English
or in a blog post, they're doing it
in a different language in code.
That is absolutely First Amendment protected activity.
Here's where it might be, though,
a little bit different in the crypto
context. First of all, we are talking about value, not information. And the law, not the Constitution,
but federal law, sanctions law, the same law that authorized OFAC to designate Tornado Cash for the
SDN list, the specially designated nationals list, that law has an exception called the Berman
Amendment, which applies to communication of information. This is why you have sanctioned parties
on Twitter, right? This is why it's not a violation of sanctions law for Twitter to allow Iranians
or, you know, Russians or whoever else who are sanctioned to participate on social media
because there's an exception for information. We don't have that exception for transactions in
value or for sales of goods and services. So there's some lesser protection in statute
for cryptocurrencies than there are for just general encryption, which protects our ability,
to convey information to each other.
So that's one difference.
Another difference is the law protects speech,
but it does not say that government cannot regulate speech at all.
What it says is government must meet certain requirements
in order to regulate speech.
First of all, there are some types of speech
that are not protected, like fighting words,
or famously the example of yelling fire in a crowd,
theater, right? Something that's going to create imminent danger for others or obscenities,
child pornography, things like this, are not protected by the First Amendment. Then you have
types of speech that are protected less than others. So commercial speech, for example,
has less protection than non-commercial speech. And the government can still regulate those types
of speech, provided that they have a compelling interest or an important interest,
and they tailor those regulations to the specific type of speech that they're trying to limit or restrict.
And, you know, the body of First Amendment case law defining when the government can regulate speech is very vast.
You know, there are obviously law school courses that are taught on this issue and people who dedicate their entire lives, their whole professional careers to analyzing it.
So there's much more than we can cover just in a minute here.
But it's important to know that just because something is speech does not mean the government cannot regulate it at all.
There's also a very important distinction, and you'll find this in some of the cases that you mentioned, David.
Junger is one of them.
There's another case Corley, which is very important, which distinguishes between code as speech.
In other words, the writing of code in a way that expresses ideas versus the use of that code to carry out some type of activity.
And what courts say basically is, when code is expressing ideas, it's protected by the First Amendment, but when it is,
only being used as a functional piece of technology, it is conduct, not speech, and therefore it is
not protected. And the question for us is, when is a piece of software, a smart contract or
protocol, when is it speech and when is it conduct? And I think one way to think about that is,
if you're a software developer and you write code and you publish it, you just put it on a website,
you make it available to download, you put it on GitHub, that is First Amendment protected
speech. But then as soon as it's deployed on a blockchain and someone is using it, not to convey
ideas to other people, but rather to convey instructions to a computer or to a machine,
right, to the Ethereum virtual machine, while in that case, maybe it's not speech, maybe it's
conduct, and courts would say this is not protected. So these are pretty sticky issues,
and I definitely think, you know, in the context of processing transactions quite different from just
the 1990s question about encrypting messages or, you know, conveying information.
All of these things, Jake, is, you know, it does feel very much like we are in, like,
1990, though, right?
In terms of like it feels like the court systems, at least in the U.S., and probably
internationally, need to go through the process through court cases and precedents to actually
clarify what the lines are and what in the U.S.
because the U.S., the Constitution allows U.S. citizens to do and what it doesn't.
I mean, do you think that there is a case for OFAC to stand on in Treasury to say,
hey, this is constitutionally valid sanctioning smart contract addresses and prohibiting
American's use of tornado for privacy services, or do you think that is at the base
unconstitutional, either in the First Amendment, for First Amendment reasons,
fourth amendment reasons or other reasons?
So my opinion is that it is unlawful for OFAC to sanction a smart contract address.
I'm not sure that it's unconstitutional.
I think it probably is.
I think that there are very serious first, fourth and fifth amendment,
their fifth amendment due process rights that we haven't discussed.
You know, those issues, I think all come into play here.
I think maybe more importantly, it's a violation.
of the statute, AEPA, the International Emergency Economic Powers Act, which is sort of the
the fountain of all sanctions authority comes from AEPA. I think it violates AEPA. I think it also
likely violates the cyber-related sanctions program, which is one of the executive orders
that was issued in, I think by President Bush, number 43 in the 2000s. And I do think that it
may be that this is an issue we have to take to court.
I'm sure that OFAC has a legal analysis, which is privileged, buried somewhere deep in the Treasury Department,
explaining their theory for why this is a lawful and permissible use of their sanctions power.
I would love to know what is in that memo and what their argument is.
It's not clear to me what their justification is.
And, you know, the Defy Education Fund, where I'm a board member, has been doing great work on this.
They submitted a FOIA request, Freedom of Information Act request.
seeking more information from Treasury about what justification they have for this.
My guess is they will not respond to that FOIA request.
They are not required to because of an exemption having to do with national security,
so I doubt we'll get an answer to that question.
But I think this is a key issue, right?
We need to know how Treasury understands the interplay between the right of individuals
to privacy and free speech and due process as compared to their ability to prohibit
all U.S. persons from using technology.
But so help me understand the process here. Is there any downside for a treasury to do something like this?
Even if they have some legal analysis buried somewhere in the treasury archives, right?
It's like, you know, potentially that analysis comes out and says, hey, this is kind of like legally dubious anyway.
But is there any downside for treasury to just, you know, blanket smart contract ban?
I mean, if they're wrong, do they have to pay a penalty?
Or do they just go, they brought to court, court decides, and they just go, oh, I'm sorry, we won't do it again?
I don't know that how much skin in the game there is for treasury.
Is it just egg on their face if they're wrong?
Or do they not really pay any cost?
Individually, they basically don't pay any cost at all.
I suppose there's maybe a reputational risk, like you said, egg on their face, right?
They look stupid for having done something that was illegal and then having a judge say that
they shouldn't have done it.
I don't think that's a very significant concern at this point.
And the reason I say that is because, and this is sort of just a macro point about how things are in Washington, D.C. right now, Congress doesn't function very effectively, right? Congress doesn't pass a lot of legislation. And what that has led to is the administrative state, right, the federal agencies, pushing their authority to its limits just to get anything done in D.C. And they understand that they may push their authority beyond its limits and they may lose in court. But their view is kind of like,
Well, we got away with the sanctions for some number of years.
We had the impact we wanted to have.
And if in five years, of court says we shouldn't have done that, well, so be it.
We're not really going to pay a price for that.
The individuals at the Treasury Department, and this is true broadly in government, have something
called qualified immunity.
They are never held personally liable for their actions if carried out under color of law
as part of their government job.
There are some exceptions to that.
But broadly speaking, no one in the Treasury Department has personal skin in the game for making a decision like this.
So how do we drive this to the court system and actually court cases?
Like, what happens next to do what we did, as David described in the 1990s,
where we actually get court cases and decisions that are made clarifying what the real position of the U.S. is on this?
Yeah, great question.
So there's a couple things that we can do now and that we should think about.
One is learning the lessons from the Crypto Wars of the 1990s.
And part of the reason that we won the Crypto Wars was this litigation strategy, right?
These decisions that we got from courts saying that code is protected speech.
That's not the only reason that we won the Crypto Wars.
The other big reason is that the private sector said,
in order for us to build new products and services on the internet,
we have to use encryption.
This came down to e-commerce.
There was no way without encryption for people to buy and sell things online unless they were able to encrypt their personal identifying information, their credit card numbers or their social security numbers, right?
So there was, for industrial reasons, for economic reasons, a justification for why encryption should be accepted.
And that really got the government to back off of this issue.
And I think we need to learn that lesson here if companies want to use crypto and if that becomes an important element of the U.S.
economy, then maybe we don't have to go to court because the government is going to agree with us
that privacy matters more than just their concerns about national security. So that's part of this.
Another part of it is testing whether the slope is actually slippery, right? Not all slopes are
slippery. And it may be that Treasury is not, in fact, going to start sanctioning other protocols
and sanctioning Ethereum and causing validators not to build on blocks that have tornado cash transactions
and all of these sort of, you know, fever dream nightmare scenario concerns that we have.
Which has been a lot of the chatter recently, by the way, on crypto Twitter, right?
We just fast forwarded in a nightmare scenario, dystopia.
Totally.
And look, I understand that.
And, you know, many of us are a bit paranoid in crypto.
And I think that, you know, we come by that honestly.
We have good reason for it.
But it may be that that's not actually where this is going next.
And the reason I mention that is there is a downside for us in running to court and bringing these cases.
It's exactly what I just said before about the possibility that a court decides, that code is conduct, not speech.
And by going to court to challenge this decision, we actually end up with precedent that harms our perspective, right?
That sets bad case law, that reduces our civil rights and civil liberties.
And particularly in the national security context, courts tend to be very deferential to the government.
So even though we understand the benefits of tornado cash, a judge may think, well, this was just something North Korea was using for money laundering.
Why would I care about this?
And it's actually a set of facts that could end up in bad case law for us.
So we have to be really careful about running to court.
However, if at the end of the day, it turns out that we simply have a fundamental disagreement with U.S. policymakers about the importance of privacy, that their view essentially is cash is bad.
we wish there wasn't cash. If we could ban cash, we would because we do not want anyone
anywhere to transact privately. We want to surveil every single transaction in the entire world,
and we think the Constitution allows us to do that. We will take them to court and we will win.
So we have to play this out, I think, a little bit longer to see, you know, sort of the reality
on the ground. But I do fear that that is where this is ultimately heading in the next few years.
So this is a game of chess, and we have to choose our moves carefully and choose which cases we decide
to bring to court and fight very carefully as well as what you're telling us.
That's exactly right.
One thing I want to bring up before we close this out, Jake, is the conversation of the
overreaction of the crypto industry.
We had, as a result of OFAC, we had Circle Ban USEC from inside tornado cash.
And I don't really think anyone really considers that an overreaction.
I think that everyone kind of considers that like, yeah, that's pretty expected.
But then it kind of overflowed from there.
We had Microsoft, the owner of GitHub, take down the tornado cache repository, removing tornado cache's code from the internet, and also removing some tornado cache core devs.
So I want to ask you about that.
Was that an overreaction?
And then we'll also get into some other reactions, perhaps overreactions after that as well.
But let's start there.
Did GitHub really need to pull down the tornado cache repository?
So, you know, I don't want to give legal advice.
So I'll just, you know, drop my disclaimer back in there, right?
Don't do or not do anything because of what I say here.
My personal view is, no, I don't think that was required.
I do think that was an overreaction.
I can understand having been a compliance lawyer in my past and knowing a lot of compliance lawyers,
these are folks who are not comfortable with uncertainty.
So I can understand why the compliance department at Microsoft, for example, might have said,
we don't want anything to do with this.
There's no benefit to us in leaving this.
this repository up, let's just take it down and let's just ban these accounts. I think that's a
mistake. And I would hope that companies that have software developers as one of their key
constituencies would be a bit more aligned with the principles that those developers care about. So I think
that's quite disappointing. In terms of others who have, for example, blocked sanctioned addresses
from their front-end interfaces or, you know, in the case of Circle,
I don't think that any of that is an overreaction.
I think it's unfortunate, but you have to understand these are U.S. companies.
They are, you know, headquartered in the United States.
They're people who go to work in the U.S.
They're subject to U.S. jurisdiction.
And the message the Treasury Department is sending, and I, you know, I've had some
conversations with officials over there.
I won't, you know, divulge any specific details.
But the message that we're getting from Treasury is the industry needs to do more.
The industry should not be waiting for us to designate every single address that should be blocked.
The industry should not wait for it to be clearly illegal to do something in order for them to take action.
And, you know, I think that is a demand for overcompliance.
And I think to the credit of many folks in the industry, there's been a lot of resistance to that.
So you're already sort of pushing against this demand from the Treasury Department to do more than is illegally required.
But sanctions laws are very expansive.
And the fact of the matter is, if you're a U.S. person, it is illegal for you to transact with a sanctioned address.
It is also illegal for you to facilitate third parties transacting with those addresses.
And I think we just have to understand where there are companies that have control over these types of systems.
they're going to have to comply with sanctions laws.
There's nothing we can do about that.
And if you don't like it, then build more decentralized systems that can't be controlled,
which is really the message of the day, right?
Decentralize everything.
Jay, can you just like bottom line this, like underline this for us?
So if a U.S. citizen uses tornado cash right now, what are the penalties?
And recognizing that you're not a lawyer, but like in it just maybe a conservative reading
of what Treasury has just said.
Yeah.
If you do it intentionally,
in other words,
you didn't mistakenly hit the wrong button
or something like that
and transact with tornado cash by mistake,
if you intentionally transact with the tornado cash address,
which has been sanctioned,
it's a crime,
and it's punishable by fines and imprisonment.
And look, sanctions laws are quite weird.
And OFAC exercises a lot of prosecutorial discretion
So I do not think, again, not legal advice, but I do not think that a law-abiding U.S. citizen who mistakenly transacted with tornado cash after it was sanctioned is actually very likely to go to prison.
But this is a strict liability offense from on the civil side.
And if you do it intentionally, it is a crime as a matter of law.
And so, yes, that is the situation.
That's the bottom line.
It is illegal for U.S. persons to transact with tornado cash or to facilitate transactions involving Twitter.
Can I just get the gut feeling there as tornado cash is a privacy tool that I have used in the past, right?
Not in the future, by the way, not post-sinction.
U.S. Treasury, Janet Yellen, in case you're listening.
But in the past, it's a very useful tool to protect your privacy on chain.
What you just said is if I were to go use tornado cash tomorrow, I could be thrown in jail for that.
that feels authoritarian a. F.
Like, that is incredibly disturbing.
Just like, if you got into this point in the episode,
you've heard all of the precedent, all of the case,
but like, you just bottom line it like that.
And the fact that the developer,
one of the developers who actually created that privacy code
has now been in jail for the past 10 days.
And we don't know why.
Like, I understand why all of crypto,
why all of us, and I hope you listen or understand why we're talking about this so much,
is because it feels dystopian. It feels scary. It feels like I don't know where I'm living anymore.
Is this just like a clerical error mistake, Jake? Or is this like what our future is increasingly going to look like?
I don't know. It's worth being concerned about it. I'll put it that way. I don't, it wasn't a clerical error, that's for sure.
It may have been a mistake, like I was saying before.
This may not be a pronouncement of a U.S. policy that privacy is not allowed.
In fact, it can't be that because the Constitution is the law of the land and the Constitution
guarantees us privacy rights under the First Amendment and the Fourth Amendment and the Fifth Amendment.
Yes, the freedom of speech is also the freedom to speak anonymously.
There's a right to privacy in the First Amendment.
It's not just the Fourth Amendment.
a warrant requirement that gives us a right to privacy.
And it would be, again, a shame if a Western democracy,
if the country that is supposed to lead the free world,
the United States, on issues of human rights and civil liberties,
were to say, we don't believe in privacy anymore.
And I am confident in, if not the executive branch
and not the legislative branch, at least the judiciary, right,
the courts to enforce that right.
And like I said, it may be that someday before long we're in front of the United States Supreme Court arguing for an expansive interpretation of the right to privacy.
I will feel very good.
I will sleep very well at night making that argument.
So if that's what we have to do, then that's what we'll do.
One last area, Jake, before we go on and wrap this show up, and once again, thank you so much for all of your time.
I don't really think there's a lot of clarity here, but I'm going to go ahead and ask the question anyways.
conversations on crypto Twitter and in the crypto space quickly came to their logical conclusion as to will entities like Lido or Coinbase sensor transactions that go into the blockchain that are like OFAC noncompliant right so like if I go and if I go and touch tornado cash will my transaction even get into the blockchain and I'm wondering if there's has there been any conversation that you've been listening to or any like thoughts that you have about the actual central.
of the protocol level from entities like Coinbase or Lido.
Is this something that you could see OFAC actually bringing down the hammer on?
Like, if you are a block producer, you are not allowed to process OFAC-in-compliant blocks.
What are your thoughts on this angle?
The short answer is yes.
I do think that, you know, and I don't want to speak to any particular company, but like I said
before, if you're a U.S. person, in other words, you're a company.
incorporated in the United States, you're subject to sanctions laws. And the sanctions laws say,
don't transact with tornado cash. Don't facilitate transactions with tornado cash. I don't see why.
So it's a facilitation word that really makes this relevant, right?
Yeah, I think so, right? I mean, in a sense, miners and validators are facilitating transactions.
And if you look at the Bitcoin context, you know, look, this isn't the first time we've
seen addresses added to the sanctions list. In 2018, Bitcoin addresses were added to the sanctions
list, the expectation is a U.S. miner will not mine a block that includes a transaction with one of
those sanctioned addresses.
Has that happened in practice, though?
From what I've gathered, that actually hasn't been done.
Like, Bitcoin node infrastructure doesn't actually restrict those Bitcoin addresses on the OFAC
list.
So I don't want to speak to what anyone in particular is doing.
I think, you know, again, putting my lawyer hat on, if I had a client who was a U.S.
minor, I would be telling them it is a technical violation of sanctions laws to mine a block
that includes a transaction with a sanctioned address. Here's where I think there's an important
distinction. Is it also a violation of sanctions laws to mine a block that doesn't include that
transaction, but builds on a previous block that does have one of those transactions? And the widespread
industry standard view is that is not a violation of sanctions laws, right? You're not facilitating some
transaction in a past block just by building on top of that block. If that were to change,
if OFAC were to change its view on that, at least as far as I understand, its current view,
which is that that's permissible, that is a humongous problem. But here's the thing. And again,
not to give folks at Treasury too much credit, because I know that we all like to sort of,
you know, come up with conspiracy theories about how evil they are. But like, I don't think they're
trying to destroy crypto. I don't think that that's their view. I don't think they're trying to
take down Ethereum. So I think that,
that it's reasonable to assume, or at least to hope, and it's on us here in D.C. to, you know,
do the education and the advocacy to make sure it stays that way, that they will not take the view,
that you have to reorg the chain or else you're in violation of sanctions laws.
Jake, this has been incredibly helpful. And, you know, I'm curious because you're in D.C.
We don't really know, this is back to kind of the action items like for us. We don't really
know if what we're doing is successful. So here's bankless. We're making a lot of noise.
about this. I'm tweeting things, Jake. I do it. On the daily basis, I tweet things. We talk about it
on the show. We give where we can to political advocacy groups that are fighting for these rights.
Does Treasury see any of this? Does this have an impact? And could you give us a list of the things
from your vantage point that have the highest impact? Because as we've said here on bank lists,
we're less worried about the future of Ethereum, and we're more worried about the future of, in this case, the United States, the Western liberal democracy and restricting freedom of its citizens.
The events of the last few weeks have once again made me question what country I actually live in.
And I'm glad you reminded me of all of the constitutional rights I have because I kind of forget them when I see actions like this taken by OFAC and the right to privacy being restricted.
if I use this privacy protocol, I could get sent to prison.
Anyway, what are the most impactful ways we can actually change the tone and tenor of the conversation in the executive branch, legislative, and U.S. government writ large?
First of all, this has a huge impact.
And my message for the two of you, for the bankless boys, as you've come to be known on Twitter, is like, keep doing what you're doing.
This is hugely influential.
I will tell you, every time I've come on bankless, I've heard,
within the next week or two from high-ranking sometimes officials in government who have listened
to our episode and have internalized some of the concepts that we've discussed. And I'm guessing in the
next couple of weeks, I'm going to hear from folks at Treasury who have listened to this. So you guys are
having a real impact. This really matters. I think what else can we do? I think keep talking about
the positive use cases of technology like tornado cash. I think
the main issue specific to privacy that we need to address is the belief on the part of government
that there is no valid use case for technology like Tornado Cash. That is a perspective that they
have, no valid use case for a mixer. And I think that's absolutely wrong, but we need to elevate
the voices of people who are using these technologies for good. Whether that's your average, you know,
your average employee of a crypto company who's getting their salary in crypto,
and they don't want everyone in the world to know how they're spending their money,
so they want to use a privacy preserving technology,
to the dissidents or freedom fighters in other countries who are using this technology,
not because they are anarchists and think the U.S. government is evil,
but because, for example, they don't want Vladimir Putin to know what they're doing with their money
or Xi Jinping or Kim Jong-un or someone like that, right?
That's who this technology in large part is for.
We need to elevate those voices.
We need to tell those stories so that we can explain the human cost, not the theoretical
or philosophical cost, the real human cost of restricting access to these technologies.
And that, I think, is how we can change minds.
We can win hearts in the Treasury Department.
These are good people trying to do the right thing, trying to look out for the best interests
of the United States and all of us.
We need to help them to make good decisions.
So I think that's the best thing we can do.
Keep talking, keep writing, keep exercising your First Amendment rights.
I think one thing that's just worth saying is, as dystopian as this feels,
we still get to do this podcast and we still get to say we do not like what our government has done.
We think they are wrong.
We get to dissent.
And no one is going to put us in prison for that.
And we should be thankful for that right because there are a lot of places in the world,
including in North Korea, where if we did this, we would be.
arrested and that is what we have to fight against. I think that's what we're all here for.
Well said. Bankless Nation, you've heard it here. And if anyone from Treasury is listening,
of course, just a reminder that David and I have not transacted with tornado cash here lately.
Since OPEC, but we were users before. True. For legitimate reasons. For very legitimate reasons.
But you've given us a content challenge here, Jake, which I think is more emphasis on the positive
uses of privacy and a reminder to folks of why we need privacy and the freedoms and protections
that it brings to the average individual. Jake, last thing here for action items,
blockchain association, how can we support it? Also, you mentioned Defi Education Fund.
How can we support your work specifically in the crypto kind of advocacy work in D.C.?
Can you give us some ways to get involved here and support it financially?
Yeah, for sure. So for us at the
blockchain association were a trade association. We have members that again run the span of the entire
crypto industry in the U.S. If there are folks out there working in the industry, we'd love to talk to you
about joining the blockchain association. That's the best way that you can get involved directly
with our work. I think, you know, if you're looking for someone to donate money to, obviously,
we appreciate any support that you can give us. But just be aware, and Ryan, you were tweeting
about either a Gitcoin round or a way to sort of get money to support these advocacy efforts.
You know, thankfully, we have membership dues, so we, you know, have money that comes in from our
member companies. The Defy Education Fund doesn't. And they are doing some of the best work on this
issue. The director there, Miller White House Levine, is really a star in this space. And I would
recommend you guys have him on if you haven't to talk about what he's doing there. They do not have
members, they do not have more funding. They were funded by an initial grant from Uniswop
governance. And so they could really use your support. The same thing for Coin Center, the same
thing for the Electronic Frontier Foundation, fight for the future, and other organizations who are
doing this work. I think if you've got some dollars to put behind this effort, then look at them.
Guys, the last thing is, if you want to amplify those dollars, bankless is going to help create,
co-create with the community, kind of a care package of these crypto advocacy groups that's got to include
defy education fund coin center the eFF and others and there is a git coin grants matching round it's
going to be at least three million dollars that will be matched for your donation you guys if you've
used bitcoin the grants matching before you know how this works you give a dollar it's amplified by
like 20x or 50x so you've given 50 dollars towards these sort of organizations so give now or mark
your calendar september 7th that time window the next get coin grants matching is
opened up. Jake, I want to thank you again for going through these items with us today.
We'll bring you back the next time. The house is on fire, as we always do. Thank you so much for your help.
Looking forward to it. Pleasure, guys. Thanks. Take care. Bankless Nation, got to end with this.
As always, risk and disclaimers, ETH is risky. All of crypto is risky. So is DFI. You could lose what you
put in, but we are headed west. This is the frontier. It's not for everyone, but we're glad you're
with us on the bankless journey. Thanks a lot.