Epicenter - Learn about Crypto, Blockchain, Ethereum, Bitcoin and Distributed Technologies - Why is the SEC Concerned about Privacy now?
Episode Date: November 23, 2025At DevConnect 2025, Sebastian and Friederike speak with Peter Van Valkenburgh about the rapidly evolving battle for digital rights. Peter challenges the industry's comfort with transparency, arguing t...hat "transparency will destroy neutrality." He uses the history of SWIFT to illustrate how a once-neutral messaging system was captured by geopolitical interests because it wasn't "technically blind" to the data it processed. He argues that for blockchains to survive as global settlement layers, they must be "actually blind" to transactions, making neutrality a technical reality rather than a policy choice.The conversation turns to the aggressive legal tactics currently deployed against developers. Peter highlights the Pereira Bueno case, where prosecutors charged MEV searchers with wire fraud for being "dishonest validators" a concept Peter argues completely undermines the game-theoretic security of permissionless networks. He also breaks down the mixed bag of Tornado Cash litigation. While the sanctions against the protocol were successfully challenged and invalidated for Americans, the criminal conviction of developer Roman Storm for "unlicensed money transmission" sets a terrifying precedent for anyone publishing open-source code.On a constructive note, Peter introduces Coin Center's "John Hancock Project," which advocates for replacing the current, ineffective KYC/AML regime (which seizes less than 1% of illicit funds) with a system based on privacy-preserving attestations and self-sovereign risk scores. Finally, Peter shares surprising optimism regarding the US Securities and Exchange Commission (SEC). He notes that under the influence of Commissioners Hester Peirce and Paul Atkins, the agency has shifted from an aggressive adversary to a potential ally, openly discussing the benefits of full asset tokenization and the constitutional necessity of financial privacy.Topics00:00 The Telegram vs. Signal security rant05:15 The "Transparency Paradox": Why transparent Layer 1s cannot remain neutral in the long run10:40 The SWIFT Analogy: How a neutral messaging layer became a politicized settlement enforcer15:50 The Pereira Bueno Case: Why labeling MEV strategies as "wire fraud" threatens all validators23:10 L2 Sequencing Risks: Centralization and the need for "dumb pipes" 28:30 The Failure of KYC: Why 99.8% of illicit funds are missed and the cost of mass surveillance35:00 The "John Hancock Project": Using ZK-proofs and attestations to replace identity surveillance42:15 Tornado Cash Update: Sanctions invalidated vs. the dangerous precedent of Roman Storm’s conviction49:00 The SEC's 180: Hester Peirce, Paul Atkins, and the push for tokenized equitiesLinks mentioned in the episode: Gnosis: https://gnosis.io/ Coin Center: https://www.coincenter.orgEpicenter - All Episodes: https://epicenter.tv/Report: Tear Down This Walled Garden: https://www.coincenter.org/tear-down-this-walled-garden/ Pereira Bueno Amicus Brief: https://www.coincenter.org/amicus-brief-mev-wire-fraud/ Peter on X: https://x.com/valkenburghSebastian on X: https://x.com/seb3point0Friederike on X: https://x.com/tw_tter Sponsors:Gnosis: Gnosis has been building core decentralized infrastructure for the Ethereum ecosystem since 2015. With the launch of Gnosis Pay last year, we introduced the world's first Decentralized Payment Network. Start leveraging its power today at http://gnosis.io
Transcript
Discussion (0)
Coin Center's main day-to-day work, our number one mission priority,
is always to defend the developers of open blockchain networks
from inappropriate regulations or unjust prosecutions.
I think it's becoming more and more self-evident that a transparent layer one
is not a neutral layer one, not in the long run.
Ultimately, transparency will destroy neutrality.
And this is not me saying that we should be building things that enable money long.
It's me saying, no, we should build global neutral communications networks for things like underlying settlement.
This was true of Swift in the 80s. It was neutral.
If we're going to build a better system, we should be building more like Swift used to be and less like what Swift's becoming,
where it's just a fully mediated underlying settlement ledger, even for messages for settling transactions, let alone transactions themselves.
We're here at DevConnect, and today we're speaking with Peter, live, and in color.
this is it's nice to see you here
I should have worn a more expressive outfit
Yeah I think we're all a little bit drop
But I think it's like kind of like the background makes up for it
So it's a little for everyone who's listening to this
It's a little trippy
But it's trippy and kind of
Trippy AI's flop
Yeah
There's probably AI
There's some text in there that's definitely
Yeah
Chat Chappuete's idea of words
How has
Buenos Aires treated you so far.
It's been great. I think one of the, and it's become
sort of widely discussed, one of the
interesting things about DevCon this year or
DevConnect or whatever, the big Ethereum conference
this year is that privacy is actually being discussed
more fully. And, you know, Coin Center,
my organization has been trying to focus
people's attention on the need for financial privacy
and the need to protect the builders of financial privacy
for over 11 years now.
and sometimes there's periods in that history where you're like,
hey, like Zcash or things like that.
And sometimes there's periods where it's like,
okay, everything's going to be done with stable coins on chain
and we'll have full transparency into all transactions.
And that's what we'll tell law enforcement
why they don't have to worry about the technology
because it's a pen opticon.
And now we're kind of swinging back to like, oh, well, actually,
maybe that would be bad.
Not just for the criminals.
We want it to be bad for the criminals,
but actually bad for all legitimate uses of the technology as well,
because who wants to use a global financial system
where every time you buy a can of Coke, a billboard pops up with your name.
It's like, Peter just bought a can of Coke, everyone.
It's bad.
This episode is brought you by NOSIS, building the open Internet one block at a time.
NOSIS was founded in 2015,
and it's grown from one of Ethereum's earliest projects
into a powerful ecosystem for open user-owned finance.
NOSIS is also the team behind products that had become core to my business,
that are so many others like Safe and Cow Swap.
At the center is NOSIS chain.
It's a low fee layer one with zero downtime in seven years
and is secured by over 300,000 validators.
It's the foundation for real world financial applications
like NOSIS pay and Circles.
All this is governed by NOSISDAO,
a community run organization
where anyone with a GNO token can vote on updates,
fund new projects,
and even run a validator from home.
So if you're building in Web 3,
or you're just curious about what financial freedom can look like.
Start exploring atnosis.io.
How much of that do you think the interest in privacy is driven by market movements?
Or is it like the demand for privacy that's driving markets or is it driving privacy?
Like, you know, yeah, it's probably it's probably the markets driving privacy.
Because, you know, as much as I would like to, as an advocate, as a lawyer, as a person who stands up for,
like what we should, like normatively what we should have, you can be like, build privacy and people
are like, why would I build something no one's going to use? And like, the thing that infuriates me
more than anything else at all of these conferences, I meet all these great people. And usually
they're like, oh, how can we stay in touch after we leave this conference? And they're like,
do you have telegram? And I say to them, why would I use telegram? Like, the strange, half-baked,
not encrypted for group chats and vaguely encrypted for individual chats platform where they rolled their
own hash functions. Like, that's a disaster. Like, we've had Signal for decades now. What's wrong
with you? Why aren't you using Signal? Yeah. And it's because people don't take their privacy
seriously. Ordinary consumers don't take their privacy seriously, especially people who are like
new to crypto or new to blockchains that we all want to onboard now. Like, they have no idea.
Yeah. And rightfully so, they're time constrained. They're not sophisticated. But the thing that
bugs me is that sophisticated people, people have been coming to DevCon for multiple years. People
in the Ethereum community, you're like, let's just give all our information to the Russian Secret Service,
which has compromised this app, and the French intelligence services as well, right?
I mean, like, that's just odd. Why wouldn't we use Signal? Anyway, I mean, I think there's a
good reason why people didn't use Signal up until recently and maybe...
It's bad for creating a boiler room because the group chat function is complicated.
Well, the group chat function is complicated, but also up until just a couple years ago,
you had to give your phone number. That's true.
And the UI around that was not great.
I think that gave Telegram the opportunity to really, like, create a huge...
You found a more forgivable argument.
Yeah.
But also, Uly, isn't that great.
The group chat at UI was bad.
So, like, people who wanted to, like, pass insider information about what thing they're
going to pump next, like, we're like, let's be on Telegram because we can have a good
group chat.
Yeah.
I don't know.
So, yeah, I think it's market-driven because not because consumers are demanding it, but
because the new potential consumers of, like, typical consumers, the new potential
consumers of blockchains are institutions. And institutions take their shit seriously because if you're
JP Morgan or you're a proprietary trading firm or whoever, you're like, you're not interested in just
hemorrhaging all of your information to the public blockchain because that's not how the
traditional financial system ever worked. You have trade secrets. You have practices that you don't want
revealed. And that's not because they're nefarious. That's just because how businesses always run.
So we have a more serious sort of institutional potential user for this tech, and I think they demand privacy.
So I think that's real.
I think the other thing that's driving the privacy conversation is also, this is maybe more my biased view, because I come from Washington, D.C., and I see the evolution of these things from a legal standpoint.
the, I think is becoming more and more self-evident that a transparent layer one is not a neutral layer one, not in the long run.
Ultimately, transparency will destroy neutrality because if you're validating on this chain and you see all this activity, at what point is someone going to run up to you and say, you're kind of culpable for that activity?
Like, maybe you didn't directly promote it, but you facilitated it.
you hated it, you abetted it.
Like if you see a multi-sig,
if you see a money laundering transaction,
multi-sig, money laundering,
and you validate that as part of a larger block.
What's your long-term argument for you're not being complicit?
Especially if you could have used chain analysis as a validator
to identify these things, and you didn't.
That's called willful blindness in the United States,
and it's not a defense to culpability for criminal.
law, actual blindness is.
And so this is the difference.
People say, like, well, how will they ever allow Zcash to be a thing or something with
baselayer privacy or Aztec built on top of Ethereum?
My answer is, like, that's the only thing they will allow.
Because actual blindness is a defense to crime.
Like, if you had literally no knowledge of some criminal act that you facilitated,
you didn't actually facilitate a criminal act, not with intent to facilitate.
And you can't be held culpable.
and you shouldn't be held culpable.
And so that's the only way to actually have credibly neutral systems
is to have systems that are actually blinded
the underlying transactions in the block.
I said in my talk the other day,
if you really want dumb pipes,
you need the pipes to be actually blind
to the shit that flows through them.
Because otherwise it's not a dumb pipe.
Yeah.
I feel like there's a lot to unpack here.
So kind of like I think we should distinguish
between kind of absolute privacy and relative privacy.
Right.
So kind of like people, people,
kind of regular consumers don't want absolute,
don't want, don't want, don't need absolute privacy.
So kind of like, or they don't think they need this.
So kind of like they have no issue with telegram reading their stuff or their bank
knowing, kind of like where their money goes.
They don't want everyone to know it.
So they kind of need relative privacy.
And I think kind of like that's also something that kind of plays into this a lot.
I really feel your discussion,
discussion point on
protocol level
blindness because
we recently did a thing
on nosus chain.
I don't know whether you follow the
balancer hack.
A little bit. A little bit. So basically
there was a hacker. He was
clearly malicious.
He
stole 128 million across
many chains, almost
10 million of which were on noses chain.
And there were
there were some attempts to kind of freeze some of it
with the freezable stable coins
and then he concentrated on main net
and kind of sold positions for eth
so kind of it gave us a little bit of time
to kind of think what do we do here
because clearly this is someone who is stolen
actual people's money
kind of like it was stable stable pools
it wasn't kind of like some sort of degen
sort of thing and it was also a pretty blue chip protocol
so it was a balancer v2 stable pool
So what we ended up doing is first we kind of asked a bridge governors to kind of reduce liquidity so that the hacker wouldn't be able to bridge off noses chain easily.
And then we try to get validators on board for a soft fork, meaning kind of, and I mean just to kind of clarify a hard focus where kind of like we changed the state kind of like some time in the past.
in a soft focus basically where everyone agrees to not process certain transactions.
So kind of like you don't include them in your block, but you also don't attest to them.
And I think not including things in your block, this is something that kind of has been done before and is currently done on Ethereum.
But kind of saying, I'm not going to attest to this if it's in there.
This is a line that so far hasn't been crossed until now.
So until now our noses chain, I'm not proud of this, but kind of like it made us and kind of it made us appreciate that
like while we still have this power,
it's probably the arguably the right thing to do,
but we still want to get to a place
where we do not have this power anymore.
Yeah, I mean, so one thing I think about a lot lately
is the Swift Interbank Settlement.
So that's the Society for Worldwide Interbank Telecommunications.
How is that what that means?
Something like that.
Okay.
Yeah, I just learned that.
I was started in Belgium in the 19th,
70s and the central bankers at the time didn't even know what the heck all this computer nonsense was.
And so they didn't, they were, they were like given an option to have a seat at the table
amongst the, the banks that were developing this under bank settlement tool.
And they were like, ah, we don't know.
Like computers, that's not what banking's about.
And Swift ends up becoming the most, like, single most important cross, cross-border settlement
messaging network.
They're not doing the settlement themselves.
They're a messaging network.
Sounds familiar to a lot of stuff in space.
In the world, they settle 100.
$150 trillion in transactions, or they don't settle, they message them so that banks can settle them every year, $150 trillion.
And up until 2012, Swift was credibly neutral.
If you think about the early days of Swift as a messaging network, it's all plain text transactions between their member banks.
Their member banks, it's a permission set.
But they are credibly neutral in a way because they don't have the computational ability at that point in history or really the wherewithal to accumulate.
all the messages on their proprietary network and really know who's sending what to who and unwind
it all. Like, it's just not something that's feasible. By the time we get to the 90s, the 2000s, of course
it's totally feasible. They know everything that happens on their network. And if they continue to claim
to be just a messaging provider neutral, and that finally breaks down when the U.S. government and the
EU Parliament and others say, like, you need to stop relaying messages to Iranian banks who are, you know,
facilitating the Iranian government's nuclear program. We have sanctioned them. Until then, Swift said,
we are not an obligated entity for purposes of U.S. or EU sanctions because we are not actually
involved in the underlying economics of the transaction. We are just a messaging provider.
No.
And there's a good reason for that. You want a messaging provider to be globally neutral. Otherwise,
we won't have a like throughput in the global economy. Every transaction will end up mediated
and a whole council will have to decide whether to let it through and the whole thing collapses.
And you fast forward to the Russian invasion of Ukraine, and Swift removes the Russian banks from Swift.
And that was in 2022, so we're not long beyond that.
To me, there's this slow-moving crisis where Swift is going to become a fully mediated, fully obligated global settlement tool for messaging for settlements.
And it just won't have the throughput and viability that a truly neutral.
tool would have. It's going to collapse. This is one thing that makes me actually very bullish about
open blockchain networks is because we're going to have to find alternative tools that don't
become political footballs in geopolitics if we're going to have actual free and open global markets.
But I think that to Felica's example about Nosis, there's a distinction between coordination
within a group of participants in a blockchain network and coercion. And in the case of Swift,
Swift is being coerced.
Yeah.
But any individual validator can be coerced, right?
And I mean, so kind of the thing is,
Nosis is 300,000 validators, right?
I mean, not as many individual entities,
but kind of like, we still had to make the case to them
that this is the right thing to do.
And kind of like, they had to press the button themselves
to kind of upgrade their node or not upgrade their node.
And kind of like in the end, most of them decided to upgrade their notes.
So kind of the soft fook went through.
But kind of like, if you,
have a three-letter agency kind of calling you up and saying,
Sebastian, you're processing some really dodgy transactions here.
This is the dynamically updated list of things you shouldn't be processing.
And please make sure you subscribe to this and it informs your validator at any given time.
That's a totally different situation, right?
Right.
I mean, I think that's true.
but I think that we need to make sure that our systems are resistant to coercion so that, yeah,
and maybe privacy fixes this, but like where-
Humans are not resistant to coercion.
Sure.
And the original project of Satoshi and the project of Vitalik in the larger Ethereum community
is not necessarily to ensure that validators are incapable of all malfeasance,
but that there are so many validators that even if some are like regularly censoring or blocking,
either because they've been coerced
or because they are themselves
not interested in a free and open blockchain,
there will be some minority participants
on the network like located in far-flung areas of the world
who will continue to put things in the blockchain, right?
But I think...
It's no longer true.
As long as kind of like you have this attestation thing, right?
Because then you kind of need a two-third majority
kind of like to attest to this.
So kind of like not only do you need a block builder
who knows this,
but you also need kind of like to lock out
and have two-thirds of the...
testers kind of be on the on the non three data agency and I'm just learning about this here at
dev connect but this proposal fossil which would um be a theorem improvement proposal where in block builders
would have to sort of be mandatory it'd be required to include the transactions that are validated by like
a committee of some 16 or something like that and there'd be minority members in that committee who might
be the people likely to put in transactions that aren't wanted by the majority of the staking power
on the network? Like, this is interesting because it's like, oh, let's rebuild censorship
resistance in a world where we're starting to lose it because we don't have those far-flung
validators on chain. This is actually very bad from a regulatory standpoint if you don't get
this with privacy because now an American staking individual or company is going, if they want
to build valid blocks, is going to be forced to include transactions in the block that might
that might violate, say, OFAC sanctions law. And I don't know what their defense is going to be.
If it's a plaintext transaction that clearly actually can be read by law enforcement or anyone
with chain analysis or blockchain analysis tools that shows North Korea using the Ethereum
blockchain, you had to put it in your block, they come to you as a validator and say,
why did you put this sanction transaction in a block? And you say, well, the Ethereum protocol
demands that I do it. And then they say, well, you don't have to be on the Ethereum protocol, right?
You violated sanctions law. But I think kind of like, I think there's an interesting
distinction here because kind of like
the kind of like
putting
not putting certain transactions
in blocks.
This is currently the status quo.
I mean this is and it's been for years
but kind of not attesting to them
this is new.
This is new.
Okay.
Right?
So it's that hasn't been done before.
Clearly it can be done.
But yeah.
And I think I mean
I think it'll happen
and you go is kind of like it just drives
home kind of like how we need to
improve systems.
such that you have no way of knowing what you're validating.
You'd be actually blind, not willfully blind and not, and certainly not just like eagerly looking
and being like, yeah, sure, I'll get that one and then wait for the knock on the door.
The case that Coin Center has recently worked on that really brought this into focus for me
just before DevConnect here is actually the Pereira Bueno case.
The Pereira Bueno brothers are the guys who found the exploit in the MEVeebo.
Boost software and then sandwich attacked sandwich attackers.
That was hilarious.
It was hilarious.
What's kind of not hilarious and rather terrifying is that you could have imagined that the
victims, victims, because they also just lost in cutthrow competition, they didn't actually
like get, I don't think they're criminal victims, but the victims of that exploit, they could
have brought a civil case maybe and said like, you misused the MEV boost software in a way that
that hurt us, we want to reclaim our $20 million.
That didn't happen.
That would have been bad enough.
What actually happened is prosecutors in the 7 District of New York,
federal criminal prosecutors brought a wire fraud case against the brothers,
saying your behavior on the Ethereum blockchain as a validator is fraudulent,
is wire fraud because you were not.
And this is a quote from the jury instructions that they actually asked the judge to provide
at the last moment in the case a couple weeks ago
because you were not an honest validator.
But this is absurd because kind of like
the entire point of MEP boost
is that kind of like you extract from
unwitting users
of kind of whatever defy protocol.
Yes.
Like let the robbers rob in peace.
Yes. Well, and not even let the robbers robin piece.
It's just like you wouldn't go to a marketplace
that is known for having established
rules of commercial conduct that are effectively
like if you rely as bitter you win.
It doesn't matter if you made people think you were going to bid lower earlier or bid higher
earlier.
Like if this is a market where the expectations of all the participants is that people will
profit maximize up to the bare rules of the protocol, then there is no fraud or misrepresentation.
Everyone knows that in the world of minor extractable value, people are going to compete
to extract as much maximum extractable value as much as they can get out of the protocol.
And that might be not desirable, but we intend to fix that.
using technology, not layering a whole system of duties and honor that would then be enforced
by criminal prosecutors on top of all validators, because if that's what happened, we'd be in a
very bad situation. And there's specific claims in that prosecution because they did equivocate
according to the Ethereum Consensus Rules. They presented two, you know, blocks that can't be
reconciled with each other simultaneously, for which they got slashed. And so in a highly technical,
going all the way back to Satoshi's white paper, what is an honest, unhonest chain,
they did something that is not honest validation. They equivocated. But this is not dishonest,
dishonest commercial conduct in the wire fraud sentence where they made a representation to someone
that someone relied on in a fiduciary or contractual relationship. And then they were able to
profit from that. And so this notion that like honest validation and dishonest validation being
something that you could actually criminally prosecute, just further indicates that we're going to have a
huge problem with transparent ledgers, wherein the government's going to see validator behavior
and figure out all kinds of ways to get jurisdiction over it, including when they're being
self-interested in a way that maybe some people in the community don't want them to be self-interested,
but everyone knows that they're self-interested. And it's just, it's not going to work.
So we filed an emergency amicus brief in this case, because that jury instruction was something
the defense flag, and we've been in touch with the defense, and they were like,
we can't have the jury decide that they committed wire fraud because they were a
dishonest validator. That doesn't make sense. And so we wrote an emergency brief,
basically explaining the history of that term honest validation within these networks,
and how the Ethereum blockchain and the community at large has an expected penalty,
is a slashing fine or a slashing fee, for exactly that behavior. And that's carefully
calibrated to be actually quite modest, just to prevent constant.
equivocation on chain.
And to think that you'd have now a slashing penalty for that behavior and possibly like
multiple years in jail from a felony criminal charge completely unseats the,
the calibrated norms and established rules within the protocol.
And it just would make Ethereum not work.
Yeah.
Yeah.
This is a lot, but fascinating me lately.
Yeah, I mean, it's, yeah, I, yeah, it kind of, it breaks kind of like this closed system game
theory of kind of of of of the protocol itself.
Yep.
What kind of what struck me while you were talking.
I mean obviously kind of like we have this entire situation way worse on a way
bigger silver platter with L2s right kind of like and kind of like the multi-sig
L2s where kind of like you you can you can upgrade from hopefully a multi-sick and not
a single address I mean this is there's also some of the EOA whatever whatever whatever but
kind of like and where you can where you typically have a single sequence or a very small set of
sequences. So basically, in effect, the entire chain is built by a single entity.
How do you think we'll see that play out in a choose first or do you think they'll go for the base layer?
I think no, no, that's going to be a very appetizing target.
Yeah.
Because you'll have an identifiable criminal defendant.
They have very clear control over a lot of relevant aspects of the transaction flow,
if we're talking about some illicit transaction in the bundle that they sequenced.
And they're probably well-moneyed defendants, too,
so you could extract large penalties from them because they're all like these companies
that raise tons of money to build L2s, right?
So it's a very dangerous state of affairs.
And I mean, I've said for a long time,
that we need truly decentralized sequencing on L2s, and there's efforts to build that.
I do feel like some of those efforts got maybe stymied or put on the back burner when,
you know, like American politics changed and everyone was like, oh, the SEC's maybe not
going to care as much anymore, which is not necessarily true, by the way, but also still not
the right way to build because you should be building decentralization for decentralization's
sake, not just because you're afraid of a well's notice from the SEC.
see. And then the other thing I would say is like I'm much more for obvious like this was not a
would not be surprised to anyone right now. I'm much more of a fan of like the let's find ways to
to have fully private blind sequencers like an Aztec type model so that you know,
even if we have a certain amount of centralization with the sequencer, they are not they are not like
looking into what they're actually sequencing in a way that would make them responsible for
mediating disputes, whether that's filtering out, you know, transactions that might be related to money laundering,
or whether it's just like favoring their own transactions on chain or any number of other things for which they could be held culpable.
And this is not me saying that like we should be building things that enable money laundering.
It's me saying, no, we should build global neutral communications networks for things like underlying settlement,
because that's the only way we're going to have a global economy that actually functions at the scale and efficiency that we want the global economy to function.
This was true of Swift in the 80s.
It was neutral.
They were just moving money for Iran all the time.
And that was a necessary cost of having a liquid and free and open global economy.
And you say that, like, this is ultimately going to be good for human freedom because
totalitarian regimes will suffer in that world, even if they get occasionally the benefit of the underlying transaction rails because they're free and open.
You lock them down.
You actually empower totalitarians.
And so, like, if we're going to build a better system, we should be building more like Swift used to be,
and less like what Swift's becoming,
where it's just a fully mediated
underlying settlement ledger
even for messages for settling transactions,
let alone transactions themselves, you know?
I'd love to talk about KYC, AML, and compliance
as it relates to privacy.
I have a hunch that a lot of the reasons why we have so many,
let me put this another way.
Yeah.
The compliance cost to companies, to funds,
not even just in crypto, just broadly.
Oh, the individuals, yeah.
is absolutely massive.
Yes.
I don't know that there are any real estimations of what this costs to the economy,
but I'm sure it's in the tens or perhaps hundreds of billions of dollars.
Yeah, I think a reliable estimate was some firms in the U.S. spending upwards of 20 billion,
just individually, and that the total cost was something like 300.
Yeah.
I mean, there's some number.
There's a guy named Robert Pole, who's a big, a very good critic of,
anti-money laundering. We've also published a report recently, so I hope I'm not misstating any of these.
I'm sometimes bad with decimal points, but I think we're actually on target here. We published a report
called Tear Down This Walt Garden. It's a coin center report. It was authored by myself and he and Myers,
and the first half of it, or maybe the first quarter, just lays out how expensive AMLKYC is.
And that would actually be fine if it had bang for buck. But there's also good, there's actually
more reliable estimates as to like how much illicit finance is actually deterred and how many how much
illicit money is actually frozen or blocked in the economy. These are estimates from they're not
estimates from weird crypto libertarian orgs. It's the United Nations and the financial action
task force. Their estimate of the amount of illicit funds actually seized within the global
economy thanks to AMLKYC is sub 1%. In fact, it's about 0.2%.
of all illicit funds.
And this is coming from the FATF,
the very organization that is implementing or pushing to implement.
The Financial Action Task Force.
Yes, they have a stock take that actually basically puts that number up and the UN as well.
So these systems, now, a counter argument to that is, okay, yeah,
the seizure and blockage rate is actually extraordinarily low compared to how much illicit money is out there.
But the deterrence is what makes it work.
When a criminal goes to use one of these tools, they go, oh, no, I have to put in my mother's maiden name.
They're going to catch me now, you know, and I'm making this counterargument sound too weak, maybe.
There probably is some deterrence, especially for, like, low sophistication criminals.
There's no deterrence for high sophistication criminals.
In fact, the very fact that financial institutions have been collecting all of these documents
and keeping them in insecure facilities means they constantly get hacked,
and you can buy on the black market any number of, like, identity credentials that you can use to open bogus accounts
if you're a sophisticated criminal.
So sophisticated criminals,
I don't think,
are effectively deterred at all by the system.
If anything, they might be empowered in a way
because they know they can find readily available
fake documents that have been hacked from an institution
that was obligated under law to collect
all of them in the first place from their users.
So that system is not working.
And that's the point that we make in the first quarter of this paper.
The rest of this paper is,
okay, we're not just here to be mean to financial crime authorities.
We all need to recognize that there's a different
efficiency here, and we all do want to stop terrorism and terrorist usage of financial networks as
best as we can without destroying the global economy, of course. So what can we do better?
This approach clearly isn't working. Not working. It's not working for law enforcement. It's not
working for ordinary persons whose privacy is invalidated. Oh, I would also add, whenever people
factor the costs of KYC, they factor the costs to financial institutions. You rarely ever see anyone
actually measure the costs of, say, the global identity theft losses from people whose privacy
has been compromised, or just the psychic losses of knowing that your privacy is fully compromised,
which would be hard to monetize or account for, but are real, like if you believe in a right
to privacy. Setting all that aside, we can do better. And a lot of the technology that's been
pioneered in this space, zero knowledge proofs, multi-party compute, verifiable credentials,
is actually like exactly what you need to sort of brew up in order to build a system that works
better. And we're seeing some of these as like early proofs of concept prototypes like in the
in the in the Aztec token sale that's happening right now. I think you can use their own.
You can use, yeah, their own and game passport. DK passport, which means you create a proof that you
your passport, you are in possession of a passport, at least in this moment, that says you're an
American and this is your name. And then they can cross check that against the sanctions list
and things like that. These are still not enough though. And this is the paper the paper we're
writing says, look, isn't this cool? These are already here. But what we really
need is global, composable user-sovereign digital identity, wherein I know I have a passport,
what I can create zero knowledge proofs of that. I have a bank account. They will allow me to
attest to my balance. I have a Gmail account that's had this message history for the last 11 years,
and I can actually make an attestation to that effect. And I can compose these myself into a
risk score that might be recognized by some particular authority as being credibly not a criminal
or credibly of a low risk. And there's some important features there. It should be multi-factor.
It should be attribute-based. Maybe they don't learn my identity when I provide them this risk score.
They just learned that I had the ability to construct this risk score out of credentials that I
myself possessed. And it should be far better, I think, than just, you know, oh, you want to
open account, send us a scanned version of your passport, which is a garbage version of actually
putting deterrence in. So I think you can build deterrence into these systems, but you should be
building them with as much as possible attribute proofs from zero knowledge proofs rather than
identity proofs. Like, this is everything about me. And they need to be modular so that we can
like assemble the right series of credentials that would be difficult for a bad actor to fake,
but actually quite easy for a normal person who's just a good person to accumulate.
But, I mean, I have to be conspiratorial here, but my feeling is that there is, there will be,
and probably is a lot of resistance to these systems because of the amount of control and information
that financial institutions, indeed governments, are able to collect from the blanket capture of
everyone's financial data, companies, financial data, documents, etc.
And then, of course, all the service providers and businesses that sort of live off of this model.
I guess what I wanted to get to here, what do you think within United States Congress and policymakers is the appetite for moving towards the world where we have more ZK attestation-based KYCE and AML compliance rules?
Because, you know, coming from Europe, I feel like the consensus view in Europe is that we should just,
collect everyone's information and know what everyone's up to all the time. I don't know if that's the same in the
U.S. And in fact, at the end of the U.S. policy that will dictate what the FATF does in the future.
That's usually what happens. Usually the U.S. says to FADF, this should be the global policy,
implement it, and bullies the world into doing it, and then actually often doesn't implement it for its own citizens
because they're a constitutional right concerns. So it's a bad, I call it policy laundry, actually.
Like, we'd love to impose these on ordinary Americans, but we can't, so we'll go to Brussels and we'll tell people.
to do it globally, then we'll come back to the U.S. and be like, see, it's now the global standard.
And then Americans will be like, actually, you can't, you can't do that with our country.
Anyway, that's a digression. So to answer your question directly, like, what's the appetite?
And you framed it very well in, like, maybe it's not conspiratorial, but maybe the reason
people really like AMLKYC is not actually deterring criminals. It's mass surveillance.
And there may be some truth to that. I think that the less.
conspiratorial reason why there isn't the appetite we would hope is simply that if you're a regulated
financial institution today, what incentive do you have to stick your neck out and try alternative
modes of anti-money laundering compliance? Like, are you really going to be the bank that talks to your
probably, like, mid-level bank examiner and says, this year we decided to stop doing KYC, and instead
we're relying on these risk scores, which are actually amalgams of much more credible information.
about the likelihood of criminal behavior from our users,
but we don't know their names anymore.
No one is going to do that,
and no bank compliance department is going to support their chief innovation officer
going to Treasury and being like, hey, let's do this, right?
Like, there's no money in it for them.
There's no reason for them to do it.
It's just downside risk.
And so it's a collective action problem at the end of the day.
We might be able to get to a better world
where financial institutions and technologists could build these tools
that actually make a bigger dentists.
in illicit finance while still protecting our privacy, but who's going to be the first to do it?
Government's not going to design that system. They don't have the technical competency,
and it's really maybe not their place to even develop the technical competency. The private sector,
as far as any individual bank, is not going to lead by sticking their neck out because there's
no incentive for that. This is why we think there's this opportunity in our space, in the more
novel fintech and blockchain space, for a group to get together and say, like, actually, we can do a lot
better, share these ideas with regulators, regulators who are genuinely interested in deterring illicit
finance, whose day job is watching terrorist financing and just knowing that there needs to be a way to
stop it. We're more concerned with that than they are with mass surveillance, like knowing whether
Peter is buying the wrong books today. Domestic terrorism might kind of conflate some of these things
together, and maybe that gets questionable, but in a free society, we wouldn't want to collect surveillance
data on what books people are reading. So we take.
these ideas and we socialize them with those regulators. And ideally, and this is CoinCenter's goal
for work over the next few years, actually, we're doing it under a internal project we call
the John Hancock project, because it's the most famous signature on the Declaration of Independence.
The goal is to see if we can actually get regulatory buy-in once we present, like, truly robust
and viable alternatives to KYC that are privacy preserving. And by regulator buy-in, I don't mean
like a strong like, yes, if you build this, it will be 100% compliant. I simply mean a credible
statement from the administration, from Treasury, or maybe from the SEC, if they're starting to
talk about tokenizing equities or things like that, that we are open to doing pilot programs for
regulated financial institutions to do alternative customer onboarding, where a risk score is maybe
preferable to a full, full identity documentation. Because I think if you've got that signal from
regulators, that starts to break the collective action problem, wherein who wants to be the first
stick their head up with a new system for deterring illicit finance when everyone seems to be
fine with the bad system that's working today and there's no incentive or money for you to build
a better system, right?
Well, I'm, I kind of, I really commend you for this. I think it's, it's a terrific initiative.
Are you worried about the fact that most people just don't care? Because it seems like,
It seems like in principle, kind of like this will be kind of like a political fight.
And kind of if you look at how much people willingly devourge of themselves,
how much they use extractive services, despite the fact that they are feature equivalent privacy preserving ones,
do you think it's kind of like a culture or battle that kind of we have to win first?
So if we were just talking about changing consumer behavior, yeah, this would be fairly hopeless.
But I'm talking about something.
Okay, let's wrap it off.
I'm talking about something far more narrow, which is all down.
Today, even if you have a consumer who cares deeply about their privacy, when they go to open an account at a regulated financial institution, they have to submit something very specific.
They have to, in most cases, it will be a photo of your passport.
and your face right now,
and that will be stored in a, probably in an unencrypted database
at some point in the flow of data.
And that's just bad, right?
It's really bad.
And so just that is all a regulatory function.
That's not consumer behavior being, you know,
not conscientious enough about your own online safety.
That's literally just a rule that is an interpretation of the Bank Secrecy Act in the U.S.
that says institutions need to collect this information for their companies,
customer due diligence. And that rule could be changed if you had people who cared not in the
consumer base, but just in the regulatory and compliance areas. And I think I think there are more
people that care now, just from my meetings with people in Treasury and the SEC over the last five
years, there is a growing awareness of how bad the current AML efficacy is. And, you know,
it's kind of like finding fun common ground with people. I hate it because
it's the system that destroys my privacy
and I have certain civil libertarian
ideological underpinnings.
You hate it.
Not necessarily for exactly the same reason.
You might believe in certain rights to privacy and freedom.
But you hate it because it's not even stopping criminals anymore.
It's in fact stopping disenfranchised people,
poorer people, people who are easily dissuaded
from using financial services when you put up barriers to them.
And it's not dissuading, you know, hardened criminals
who can easily amass a whole dossier of fake passports
or passports that are not their own, right?
Yeah.
I mean, I think there's sort of two parts to this.
I mean, there is the consumer part.
I feel like it's probably fintech apps
that would implement this sort of risk-based KYC using attestations.
I could see like a Revolut doing this, right, for consumers.
but it gets so much more complicated for companies.
I mean, we run a small fund and the cost of compliance
and the amount of compliance work we have to do is just like,
I don't even want to imagine like a fund twice or three times their size
or like a company like Nosis.
The amount of compliance work goes into just day-to-day operations
and the cost that has to the company.
And if you extrapolate that to the entire economy,
it's a huge number.
You float some numbers earlier.
And I think it gets much harder then because it's not just, you know, your passport and what your salary is.
You know, it's the entire organizational structure, you know, all of your UBOs.
And I mean, you know, well, so much of it is still human driven today, which is wild.
And part of the reason the system doesn't work well, like if you had more composable proofs that are difficult to, that are difficult to forge, and you had some ability probably from a third party, like a watched order,
an dog organization or even the government to recalibrate when one particular aspect of a proof,
say like your, say a particular financial institution gets hacked and they were one of the ones
making attestations about like past bank transaction history for civil prevention, just proof of human
or maybe that they'd KYC these people, then you need to be able to on the fly devalue that
as a bundle of a risk score. Maybe it doesn't go to zero within the risk score, but suddenly that,
which was providing some robustness to this risk score, gets unweighted.
to down to like half of what it was before
because we think it's compromised
and we don't think all the identity data they have is bad
and all the anti-stitches they make it bad,
but it should definitely be lower
in the ultimate cumulative calculation of risk.
And like that's what you want.
You want a system that's got the ability
to observe threats and rapidly recalibrate,
sometimes referred to as an UDA loop.
It's like observe.
I don't know. I don't know what it stands for.
It's in like military, it's like a fighter pilots.
They're supposed to like survey their,
and then make decisions based on new information and rapidly iterate.
That's what you want in an environment with revolving threats, right?
But that's not what we have right now.
Right now we have people who actually manually look at passports still and like,
when you go to the airport, all the security theory is like, yeah, it looks like you.
It's like you have facial tracking now.
Like, why are you still doing this?
I don't know.
Anyway.
How much?
I think this is kind of like part of the equation, kind of like making sure that actual bad guys
are more easily
catchable, right?
But I think kind of like you can also see it
from the other side
of you actually owning your identity
because kind of like if you look at
the way how we use identity services,
mostly you are renting.
If I kind of like log in with Google
kind of like, what do I have?
I mean, they have all my stuff.
They have my data. They know who I am.
And kind of like,
I am beholden to them that they don't offboard me.
And same for all other kind of.
There's kind of like in Web 2.
There's nothing that's truly yours.
It's kind of like you are the renter for everything.
And it's a huge power imbalance kind of like
and kind of puts every single person at an enormous disadvantage.
And if you could just say, this is your self-sovereign identity.
And you can kind of, you can, you can use this to validate your identity in whichever way you choose against whatever.
You don't need, you don't need someone else kind of stand up for you and say, yeah, this is really Peter.
Yeah.
I think, I think this, it's super powerful.
I've started saying that, like, when you are you online, you have a different name.
Like, going back to, like, the feudal medieval period, like, where your name was, like, Peter Blacksmith, because you were the Blacksmith, right?
when you're online, you're Peter
Instagram
or your Narajex.com
like you're not yourself.
You're a vassal of a feudal lord.
That's a problem.
This has long been discussed in cryptocircles
as being part of the problem.
And a big,
a big,
the goal is,
the end goal is to be
self-sovereign over your identity,
over your persona online.
And this does factor into things like KYC.
Because the simplest way
to do better KYC would
to have one big corporation that collects all of this information and generates a risk score.
That is far more computationally efficient than trying to do it using disparate credentials,
multi-party compute, and maybe some like anchoring on open blockchains,
which require proof of stake or proof of work or any number of other inefficient non-parallizable
processes. It would be much better if it was just one company.
But then, of course, we all understand why it shouldn't be one company,
because this is not just one company that collects all the passports.
Now it collects your entire trail of breadcrumbs
that you leave across your entire life
that you want to amass into a viable proof.
It should instead be the user using commonly available
transparent open source tools
and amazing new privacy preserving technologies
can amass these credentials
and voluntarily themselves generate
probably variously differently calibrated risk scores
that might be calibrated by third parties,
the third parties don't hold the underlying data.
The underlying data, all the attestations that the person wants to make with their credentials
are things that they control in a wallet that they have.
So very much like the alternative to Google sign-on being like sign-on with Medamask
or sign-on with some sort of like key pair that you control.
But that would need to be that there's a lot of building left to do there, obviously.
I mean, you say that that entity shouldn't exist, but kind of like if you look at what Google
plausibly knows about you, Peter, I mean, that that entity,
exists, right, and multiple of them
actually exist. I mean, they shouldn't
exist. I think this is, yeah.
But right now, they're not identified
in law as the agency that should be
doing anti-money laundering
verifications. They'd
probably be really good at it. They would be
excellent at it. Yeah, if you started, if you passed
a law that said banks don't need to do KYC anymore,
they just need to ask Google if somebody's evil or not.
And Google can't be evil.
So that would probably
be much more efficient as far as, like, stopping
a lot of money laundering and crime.
but it would also be a disaster from a civil liberty standpoint.
So ideally we need to identify in law something else
that could be equivalently superior to the existing AML regime
but doesn't hand all the power to one big tech corporation or big bank.
And the stuff in our space is the stuff that can build those systems,
though it will be a very difficult thing
because we're competing against much more efficient technology companies
that don't have the costs of civil liberties,
which are spreading data out, decentralization, strong encryption, things like that.
We've talked a lot about privacy and identity.
Yeah, it kind of just became the privacy identity.
I hope you don't mind.
No, I think it's a great discussion.
This is perfect.
Are those the things that you think kind of we need to pay the most attention to right now?
Or are there lesser publicized things where you think kind of like this is something that is currently overlooked that we absolutely
We need to get right.
I'm glad you asked the question because people who don't know CoinCenter might now be
mistaking me for like the Digital Identity Center.
And I'm like, no, that's an initiative that we're just beginning because we realize
there's appetite from regulators to try alternative AML methods that could better preserve
people's privacy.
CoinCentor's main day-to-day work, our number one mission priority, is always to defend
the developers of open blockchain networks from inappropriate regulations or unjust
prosecutions. And so this goes back to our earlier discussion about, say, the Pereira Bueno case where,
you know, you've got people who are validating on chain, obeying the rules of the protocol,
and yet the Southern District of New York wants to accuse them of being involved in wire fraud or
committing wire fraud. That's not a good legal precedent to set, and it's going to discourage
people from participating in these free and open networks as validators. The other big things,
the things that we were definitely discussing more, say, like last year, are the Tornado Cash
case. First, the sanctions of tornado cash, which a big win, actually, in U.S. policy was
Coin Center and others challenged the legality of those sanctions. And ultimately,
just this past spring, those core challenges, we won. And that means that the administration
delisted tornado cash. So Americans are now free to use tornado cash again. This is actually like
a very real thing. Wait, only Americans? Or? Well,
let me, yeah, let me be clear.
The sanctions only ever applied to Americans
that sanctions law says these are
foreign sanctioned entities. Americans
are not allowed to transact with them.
Foreign persons could have maybe
secondary liability, even
though they're not Americans for violations of sanctions
law, but that's less clear.
But Americans
were just banned from using tornado cash
after the sanctions came out. That was
unequivocal. But just the small
tangent here. Great thing to speak, does that mean that people
who had funds in tornado cash can
now take them out and, you know,
carefully.
Then in the Bynans and trade them back for a pick one or whatever?
Absolutely.
Really?
Under the law.
Under the law, there's the, the, the sanctions are now null, and it is as if they never existed.
Got it.
So you are not liable for sanctions violations if you now reclaim your property that was left in the tornado
cash pool.
You should be very careful doing it, and I'll just say this, because many of the user interfaces
to tornado cash, the underlying pools, are actually compromised now from what I understand.
because they kind of fell into disuse and people started setting up like front ends that
actually had back doors that would steal your, steal your funds instead of allowing you to take
them. So be careful if you are trying to reclaim property that was left in tornado cash from
a long time ago. But legally you're safe. But will you ever have a bank account again? Because
kind of like, even if kind of like you're, it's no longer on the sanctions list, will it still
be flagged? Will you be deplatformed from whatever traditional rates you have? Yeah. No.
I mean, not that I ever used tornado cash, but I know people who have.
I have used tornado cash.
I have used it liberally and for good reasons.
So kind of it's...
This is a tough one because what you all, what you need to do to address that is to socialize the fact that there is no legal risk to a financial institution in now accepting Ethereum that came from a tornado cash address, especially if you know the customer who's bringing it to you.
Like, you know that they're just an American who is like getting paid their salary on.
on Ethereum and wanted privacy over their salary, like one of our co-plates in our lawsuit.
But how can we socialize that amongst all the compliance departments of all the banks?
So if there's a stigma that's still attached, that's something else.
My point is that the law has changed.
It is now technically legal to reclaim those funds and to use them.
Maybe you should run them through railgun first before the take,
or somewhere else to take off the tornado cash funk on them.
They might get new funk from other privacy tools,
which goes back to our discussion about base layer neutrality.
like base layer neutrality.
Like no one's going to ultimately end up using these privacy tools
if there's still just islands of privacy within a larger transparent chain
because you'll always be like, you know, the scarlet letter
of having gone through this little privacy tool,
even if you're doing it for the right reasons.
Yeah.
And we can also watch in real time as bad people use these tools.
And that creates headline risk and it creates, you know,
risk to the whole technology.
So the sanctions are invalidated.
The other big thing that happened this year,
and it's not, it's bad news instead of good news,
is the developers of Tornado Cash, Roman Storm, specifically,
was found guilty of unlicensed money transmission in his court case in the Southern District of New York.
That is a very bad outcome.
It's maybe not the worst outcome for Roman Storm because he was also charged with money laundering and sanctions evasion,
but the jury couldn't reach a verdict there, so he could get re-prosecuted for that or may not,
but he was found guilty of unlicensed money transmission.
And this, CoinCenter has done tons of work on this, is just ridiculous because Tornado Cash never had control over user funds.
Certainly not the developers of Tornado Cash and also not the torn token holders. No one did.
They were in immutable pools on chain.
And Finsen, the regulator for who needs to register as a money services business in the U.S., who is doing money transmission at the federal level, has said, you're not doing money transmission unless you have total independent control over customer funds.
So you might ask, why is he then guilty in New York of unlicensed money transmission if the regulator said he wasn't ever doing money transmission?
And it's because the Southern District of New York has this sort of wild theory of criminal liability for unlicensed money transmission,
that transmission is something broader than what the regulator requires a license for, and they did it, and therefore we can charge them with this.
And what I think, what's really happening is it's hard to charge someone with money laundering and sanctions evasion because you have to prove criminal intent.
some specific intent to actually hide some specific bad funds.
And like, yes, North Korea used tornado cash,
but that was after they published the software.
And so what did they have intent to do?
They had intent to publish a privacy tool.
And then somebody used it for money laundering after.
That's not intent to launder money.
That's intent to publish a tool that people will use to do lots of things.
It's much easier to charge someone with unlicensed money transmission
because there's no intent requirement.
All you have to ask the jury is, were they doing money transmission?
and we will tell you jury that we legally define money transmission broadly.
And did they knowingly transport criminal funds while doing money transmission?
And I guess you could argue, like, they watched it as it happened, their software did it.
So it's a much lower bar.
There's no need to show the jury that they intended for this to happen or wanted this to happen or directly facilitated it happening.
You just say, did you have a license or not?
So it's saying that they watched their software.
were to do it and did nothing about it is like insane because like watch it's like having a gun store
and has someone buying the gun and then watching that guy mow down a crowd of people as he walks out
your store right right and and that's why we we would not usually subject people to a strict liability
regime for things that are not ongoing conduct we subject money transmitters to a strict liability
regime because they're always in control of the conduct on their platform and so maybe the
reasonable liability rule is if you're always in control you could always stop it so if anything
bad happens, you're automatically responsible. But that only makes sense in the context of a money
transmitter. If you're a software developer, having strict liability for all the things that people do
with your software for failure to license it is just going to make it impossible to publish software
because everyone knows most people will do good things with the software. Some people will do
bad things. If you're responsible for all the bad things people do with your software, you won't
publish software anymore. So it's, as I said, Roman could have had a worse outcome as far as like jail time
if they'd been convicted of money laundering and sanctions evasion,
but the fact that he was found guilty of unlicensed money transmission
is a very bad precedent for this space
because that charge could be brought against almost anyone in this space
because their theory of what is money transmission that requires a license
is any facilitation of the movement of tokens on chain,
which is something that like everybody who's involved with cryptocurrency
has done in some way.
And most of them, unless they're like Coinbase,
have not gotten a license to do it.
So this is a very bad precedent. It needs to be challenged at the appeal level. So we're hoping that Roman will appeal his guilty verdict.
CoinCenter is also supporting a civil litigant, Michael Llewellyn in Fort Worth, Texas,
who is a developer who wants to release a privacy preserving crowdfunding tool, he calls it Ferros,
and is willing to sue the Department of Justice for declarative judgment before he publishes that tool
to get clarity from a judge that publishing that tool without licensing with Vincent will not be a felony,
will not be unlicensed money transmission.
and CoinCenter is supporting his lawsuit.
So we have sort of multiple paths to address this particular threat, legal threat to the permission, the freedom to build these permissionless systems.
We also have a legislative effort.
There's a bill moving through Congress called the Blockchain Regulatory Certainty Act, which would create a safe harbor for non-custodial developers.
And I'm actually optimistic.
It already passed the House.
It might pass the Senate.
There's like a good chance we'll actually get a legislative solution to this problem as well.
This is the day-to-day work of CoinCenter.
and now we are increasingly interested in privacy preserving alternatives at KYC,
but most of our work is in the trenches, in the courts, in the legislature,
trying to protect developers from inappropriate liability for other people using the software to do bad things.
If you had to make a prediction, one thing that we don't yet see coming kind of like from the regulatory sphere for the next 12 months,
what would it be?
You know, this is actually an interesting one.
People might be expecting me to say like something scary and bad.
The thing that's surprised me most recently that I think a lot of people haven't groked yet
is that the SEC, which until recently was a very aggressive regulator in this space
interested in going after even people who were potentially good actors trying to do their best to comply,
the SEC has done a 180 and actually in a very good way.
Hester Purse, a commissioner there, and the new chairman,
Paul Atkins, they are
legitimate, they are, they are very
genuine when they say they want to tokenize everything,
which is actually like Paul Atkins gave a speech about this.
And they are also very genuine.
They talk about financial privacy.
Commissioner Hester Perth gave an amazing speech
in defense of financial privacy
where she said,
we should celebrate rather than attack
the availability of technologies
that will recreate transactions that are like
the transactions are for,
fathers understood when they wrote the Fourth Amendment, that if I pay you in some coins or some
dollars, there's no record of that transaction and there's no way to surveil that transaction
in a warrantless way. So between tokenizing everything and technologies for financial privacy are
important and should actually be celebrated rather than attack, the SEC sounds ready to do a lot of
proactive things in the space to enable the kind of global and open and fair and liberal financial
system that we want to build.
This open and liberal financial system and SEC in the same sentence is something that I had
on my bingo card.
And lots of people are now aware of this, but I think I still talk to people who are like,
should I go in and talk to Commissioner Purses about the very potentially important tool that
I'm building, or is that scary?
Should I find a way to say that we can still preserve the role of, say, transfer agents and
other intermediaries in the system because they're wary of.
going full tokenized.
And I'm like, not necessarily.
Like, everything's on the table, I think, there.
And like, there isn't necessarily right now
amongst the commissioners a desire to re-intermediate
when that re-intermediation of securities transactions
is inefficient and unnecessary.
So I think, like, just fully tokenized equities are on the table.
And I think private transactions are on the table.
Now, there is an interesting thing here
where obviously we're not going to have a world
where, you know, North Korea could steal a bunch of U.S. equities in tokenized form,
and they're not going to find a way to cancel those shares.
So we will still need tools for identity and compliance on these perhaps permissionless new securities ecosystems.
But that's, again, part of why I'm interested in finding, like, privacy, preserving alternatives
to the ineffective KYC regimes we have today so that we can find ways to, like,
figure out what the security issuers liability should be or obligation should be
vis-a-vis the wrong person getting a hold of the U.S. equities that they issued.
But there's ways to address that in a tokenized environment that aren't like just rebuild
a transfer agent who's a person who's just like got a list of names as shareholders and is like,
well, we can't send that to him, you know, like something better than them.
So tell people where we can learn more about Coin Center and support your work.
So I think it's a very important work.
Thanks, Sebastian.
So all of our work.
is publicly available at coincenter.org. This report that I mentioned on digital identity is one of
the more recent things we publish. And also, I think more people should take a look at that amicus brief
we filed in the Pereira Bueno case about MEV Boost. Whether you're interested in minor extractable
value or not, it is, it sort of helps tee up why there is this existential threat to neutrality
of the base layer, in part because of the transparency of the transactions on it and the
inevitability of regulators or prosecutors inferring legal duties on to validators and then
arresting them for failure to obey those duties. So that amicus is also up on our site right now.
Yeah. Super cool. Thank you for taking the time to speak with us. It was a pleasure. Yeah.