Molly White's Citation Needed - Issue 46 – Checkmate, crypto
Episode Date: December 15, 2023Cheating chess-players, cursed mansions, and more defi centralization. Originally published on December 15, 2023....
Transcript
Discussion (0)
I'm Molly White, and you're listening to the audio feed of the citation-needed newsletter.
You can see the text version of the newsletter online at newsletter.mollywhite.net.
Issue 46. Checkmate, crypto.
Cheating chess players, cursed mansions, and more defy centralization.
This issue was originally published on December 15, 2023.
In the Courts
The Lawsuit from the Essendix.
SEC against finances U.S. arm is the one outstanding complaint against the exchange after the
remainder were settled as a part of an agreement announced by the Department of Justice in November.
Not long after that announcement, the SEC filed a notice of supplemental authority in their case,
attaching the two plea agreements with the DOJ and the consent order from the Financial Crimes Enforcement
Network, or FinCEN. If you're curious about what's in those filings, state
Anyway, this process is a way for the SEC to alert the court to new relevant decisions that were filed after the SEC lawsuit.
Binance, of course, does not want the court considering the SEC case to take their DOJ and Treasury settlements,
in which both Binance and CZ admit to serious wrongdoing into consideration.
Finance, meanwhile, is still trying to get the SEC case dismissed.
A long-running criminal trial in Austria took a dramatic turn when the main defendant, who had been arguing his innocence, despite seemingly admitting to some portions of the crime earlier on, suddenly gave up.
Quote, I've run out of steam, I've finished driving, I plead guilty in full, and ask for a lenient and speedy sentence, he told the judge.
When asked by the judge what exactly he was pleading guilty to, the defendant replied, I don't know anything about criminal law.
law. Based on my descriptions, Ms. Prosecutor, what would you say? He ultimately admitted that the
ex-W cryptocurrency investment fund had been a scam from the beginning, intended to enrich him and his
seven accused co-conspirators at the expense of his investors. At least 40,000 victims were
defrauded of more than 17.6 million euros, or around $19.3 million, although his ex-girlfriend
testified that the scammers had actually profited somewhere between 80 and 100 million euros,
or around $88 to $110 million.
Remember the guy who Googled things like Defy Hacks prosecution and how to prove malicious intent
and how to stop federal government from seizing assets after exploiting Kremma finance
for almost $9 million in July 2022?
It's in issue 33 if you don't.
Turns out he was also behind the $3.5 million attack on Nirvana finance that followed only a couple of weeks later.
He's now admitted to both and pleaded guilty to a computer fraud charge.
He will forfeit more than $12.3 million and pay $5 million in restitution, and he faces up to five years in prison.
The co-founder of Bitslato, who was charged by the Department of Justice with quite a flourish in January,
has pleaded guilty to money laundering charges.
Bitslotto reportedly was a key conduit for ransomware proceeds
and processed $700 million related to the Russian Hydra darknet market.
The co-founder, Anatoly Lidgottomov will shut down Bitslato,
release any claim on the $23 million or so in crypto that's been seized,
and face a prison sentence of up to five years.
He's currently hanging out at the MDC Brooklyn,
the correctional facility also currently home to Sam Bankmanfried.
Speaking of Sam Bankmanfried, Tiffany Fong somehow tracked down Bankman Fried's former cellmate,
former mafia enforcer Gene Borrello, and interviewed him.
According to Borrello, Bankman Fried is residing in a unit for high-profile defendants,
which has helped him to avoid inmates who might try to extort him for the cash they believe
he might still have stashed away.
Borrello also said that Bankmanfried genuinely didn't seem to believe he was going to be found guilty
and that he was also convinced that at worst he would get 20 years in prison.
An assumption his unit mates tried to convince him was ill-informed.
He will be in prison for the rest of his life, predicted Borrello.
We'll find out for sure in March unless sentencing is delayed.
What is it with Stanford Law Professors?
The guy who helped lead Bankman Fried's legal defense did a whole thing.
whole interview with Bloomberg, which seems ethically questionable.
David Mills said, he may be at the very top of the list as the worst person I've ever seen
do a cross-examination.
He also told Bloomberg he believed Bankman Freed's whoopsie Daisy and a dumb boy who lost track
of $8 billion story.
Quote, I think he is innocent because he didn't form the intent to do anything wrong.
Despite a nice quote by Bankman Fried's parents about Mills, Mills says, I don't know that our
friendship will survive this, presumably referring to the trial, but maybe also to his choice to
ditch any appeal attempts and instead spill to journalists about the, quote, unwinnable trial of
the, quote, most hated man on earth besides Donald Trump.
Suzu, one half of the duo behind the collapsed Three Arrow's Capital Hedge Fund, faced questioning
from Singaporean lawyers working to liquidate the fund and locate assets that may have been
squirled away. Creditors are owed around $3.3 billion. Zoo is stuck in jail after ignoring a court
order and trying to flee the country, although he's set to be released pretty soon. Montenegro's
going to be holding on to Doe Kwan a little bit longer, with the court extending his custody by two
months as the country's justice minister decides whether Kwan will be extradited to the United
States or South Korea. The rumor is he'll be coming to the U.S. to be tried here, but that's
hasn't been formally announced and likely won't be until Kwan's last-ditch appeal of the extradition
decision has been decided. In bankruptcies. Gemini is now estimating that customers of its
earn program could see as little as around 60% of their money back. This estimate is based on a new
reorganization plan by Genesis, which was Gemini's partner in this Earn program, and which has been
the target of fiery public letters and court filings from the Winklevoss twins.
ever since it became clear that their company wouldn't be getting the money back.
However, some have noted that 60% might actually be overestimating things,
because the payments are dollar-denominated and calculated based on Bitcoin prices
at the time of Genesis' bankruptcy petition when it was around half of today's price.
Needless to say, Gemini creditors are not thrilled,
and many have urged other creditors to vote no on the proposal.
Quote, you stole our money, give it all.
all back every single dollar, wrote one Twitter user in response to the Gemini announcement.
Over at FTX's bankruptcy, the judge is trying to push things along as things have gotten
mired in a dispute between FTX and the IRS. The IRS says that the company owes $24 billion
in unpaid taxes, making them the company's largest creditor by far. The FTX estate has argued
that the IRS is massively overestimating the amount owed by FTX,
which the IRS had originally set at $43 billion.
Quote, there is simply no basis to support the IRS's meritless claims
that the debtors owe tax in an amount that is orders of magnitude greater
than any income the debtors ever earned
and that would effectively prevent most of FTX's creditors,
themselves victims of fraud,
from obtaining any meaningful recovery, they wrote in a final.
At a recent hearing, Judge John Dorsey seemed to agree with the FTCS debtors that the IRS can't just throw out a number without any justification, and scheduled a hearing for early next year to determine how much FTCS actually owes so things can get moving again.
In government.
Hamas continues to have Congresspeople really worried about cryptocurrency.
Senators Mark Warner, a Democrat from Virginia, Mike Rounds, a Republican from South Dakota,
Jack Reed, a Democrat from Rhode Island, and Mitt Romney, a Republican from Utah, have put forward
a bill in the Senate called the Terrorist Financing Prevention Act of 2023.
It would seek to broaden current sanctions on organizations that facilitate financial
transactions with terrorist groups.
Under the new bill, current sanctions, which are mostly focused on Hezbollah, would be expanded
to include groups like Hamas.
It includes language that would allow the restrictions to extend to,
primary money laundering concerns, even if they don't involve U.S. bank accounts, a strategy
explicitly aimed at broadening FinCEN's authority to crack down on cryptocurrency firms.
Another senator, Elizabeth Warren, a Democrat from Massachusetts, has recruited a whole slew of
others to back her Digital Asset Anti-Money Laundering Act, which is also focused on illicit
cryptocurrency use cases, including terrorist financing and ransomware.
According to the senators backing the bill, it would simply close loopholes in existing regulations
and require cryptocurrency platforms to abide by the same anti-money laundering rules that banks follow.
Among other things, the bill aims to extend the Bank Secrecy Act,
the law enshrining anti-money laundering programs among financial institutions,
to apply to more of the crypto world.
Although it already applies to some entities, as the Binance Consent Order for
from FinCEN recently illustrated, Warren and Company are hoping to broaden it to cover groups
including crypto miners and validators, something that I don't think would be desirable or practical.
You probably won't be surprised to hear that much of the cryptocurrency industry agrees with me
on this particular point, and some, such as lobbyist group Coin Center, have argued that it
would actually be unconstitutional. This particular claim seems to me to be based on the idea
that the Bank's Secrecy Act, as it currently exists, is unconstitutional.
In fairness, this is not an opinion unique to crypto lobbyists, but it is also one that was
addressed by the Supreme Court in 1974.
Anyway, given the gridlock in Congress around crypto, I'm not holding my breath for any new
crypto legislation, good or bad, anytime soon.
Over in the CFTC, commissioners have voted to publish an apparently FTX-inspired rule to the
public comment stage, which is a step along the way towards enacting it.
The proposed rule would require derivatives clearing organizations to segregate customer
funds from their own.
Elsewhere in crypto.
My favorite thing about Bitcoin's Ordinals project, which are NFTs on the Bitcoin blockchain
essentially, is that it makes some of the Bitcoin developers steaming mad.
It's been almost a year since Ordinals were first introduced, and although they haven't matched
the mainstream hype extremes of the NFT mania a few years back, they haven't gone away either.
Recently, the Bitcoin network has gotten so congested thanks to the data-heavy ordinales transactions
that the pool of unconfirmed transactions has grown, and with it, transaction fees,
which are today averaging around $14.23 per transaction.
Some bitcoins think ordinals are great.
Some have adopted a live-and-let-live approach, and some think they're horrible.
Luke Dascher is a member of the latter camp and naturally is frothing mad again.
C.SU 20 for the first time this happened.
He's reiterated his position that ordnals are spamming the blockchain and are exploiting a vulnerability
in Bitcoin and argue that these types of transactions need to be filtered out by miners
to protect the network.
This is an argument that you think might be tough to square for a guy who is also ideologically
behind Bitcoin for its censorship resistance.
but he seems to have no issue with it.
He has also, somehow, managed to argue that his code to allow Bitcoin miners to opt not to mine
these transactions is not censorship, while code that rejects peers using this code is.
Someone, widely assumed to be Dascher, also submitted the so-called bug that allows ordinals
to exist to the U.S. government's national vulnerability database, which records known software
vulnerabilities. Tattling to the government to try to get your way in an argument about a software project
supposedly outside the government's control makes for pretty delicious irony.
I guess if you're an NBA star looking to buy a mansion, you should check first that the
previous tenant wasn't the so-called Crypto King, who still owes victims around $40 million.
Shea Gilgis Alexander of the Oklahoma City Thunder purchased an 8.4 million.
dollar lakefront mansion in Ontario, but days after moving in, answered the door to an angry
investor looking for Aidan Plotersky. When they called the police, officers told them that they had
received previous break-in reports at that address. A person in the private security field also told
them that a victim of Plotersky's fraud had threatened to burn the house down in the past.
Giltes Alexander ultimately was able to unwind his purchase of the home and recoup mortgage and
insurance payments after a court found that the seller made a fraudulent misrepresentation by not
disclosing that Gilgis Alexander could face, quote, objectively reasonable danger generated by
the repeated and ongoing visits to the property by angry creditors.
And given that one of the fraud victims previously kidnapped and beat Plotersky, this really
doesn't seem like an unfounded fear.
As for the Crypto King, who is in the middle of this $40 million bankruptcy proceeding, well,
he's only been enraging, said angry creditors further, by posting photos on social media
showing him driving luxury vehicles, spending $150,000 on Legos, live-streaming himself gambling
online for hours at a time, and traveling internationally.
The Web 3 is going just great recap.
There were 17 entries between December 4 and December 14, averaging 1.5 entries per day.
$1.429 billion was added to the grift counter.
Ledger reminds us how centralized defy is.
A decentralized finance, where one compromised library causes frantic warnings of,
quote, do not interact with any decentralized apps until further notice.
Far from avoiding centralized points of failure,
defy projects so widely use the Ledger Connector library to implement
the wallet connection portions of their projects, that an exploit caused the whole defy space to come
to a screeching halt.
It's a little early to talk about losses, but an early estimate of $610,000 was actually a bit
lower than I expected for such a major vulnerability, perhaps because it was noticed fairly
quickly, in part helped by the attacker's code, which contained helpful variable names
like trainer pop-up.
This was hardly the first incident to expose the centralization of defy.
For an oldie, check out my post titled The Oasis Counterhack and the Centralization of Defi.
Still, some crypto folks seem to grapple with the issues this incident exposed.
One tweeted, put another way, we are seriously fucked if one dev can click on a fishing link
and compromise almost every meaningful app's front end in the ecosystem.
Read that sentence again and again until we internally.
how absurd and unacceptable this is.
Others, however, suggested that it should be up to users to audit every project they used,
including their dependency management practices.
The Future of Finance.
Ledger later published a post-mortem of the exploit, blaming it on a, quote,
former Ledger employee who fell victim to a fishing attack that gained access to their NPMJS account,
which then allowed an attacker to publish a malicious version of the library.
At least for me, this raised only more questions.
Namely, why did a former employee still have access to Ledger's release tooling?
Why was clicking a fishing link all it took to give a malicious actor full release access?
A $1.3 billion scam.
The hyperverse cryptocurrency scam has, by chain aliasis' estimates, brought in $1.3 billion
from a massive pool of victims, mainly in Australia.
The worst thing is, this is not the scammers' first rodeo.
In 2019, the Australian cryptocurrency exchange ACX halted withdrawals.
In late 2021, ACX's parent firm, Blockchain Global, entered liquidation with an estimated
$50 million in creditor claims.
The liquidator ultimately referred the firm's leaders, Sam Lee, Ryan
Shoe and Alan Guo to the Australian Securities and Investments Commission, having himself had trouble
tracking them down, but ASIC never took any action. So there was nothing stopping Lee and Shoe from starting
a new scheme, this time in the form of a pyramid-style crypto investment scheme that promised huge
returns. Some individual investors put in tens or hundreds of thousands of dollars, and in some
cases, it was their life savings. Hyperverse's website went offline in mid-20203, but the two are still
involved with schemes, including Stable Dow and We Are All Satoshi. In September 2023, the California
Department of Financial Protection and Innovation described both in cease and desist letters as, quote,
fraudulent pyramid and Ponzi schemes. Checkmate, blockchain. After raising $12 million from
various crypto-focused venture firms, Immortal Game has finally realized that, quote,
by offering large amounts of cash with no limit barrier to entry, we encouraged heavy cheating
on the platform.
Well, sheesh, who could have predicted that?
They announced that they would be transitioning from a blockchain chess company to just a chess
company, ending support for their checkmate token and halting development on ongoing play-to-earn
and NFT projects.
They did somewhat ironically say that they were open to using Web3 technology for anti-cheat measures.
Everything else. Safe Moon has filed for bankruptcy.
CoinList reached a $1.2 million settlement with OFAC over Russian sanction violations.
Money launders were charged over an $80 million crypto-romance scam.
A crypto-scammer suddenly pleaded guilty in the trial surrounding the EXW fraud.
Gryfter-in-chief Donald Trump is hawking new NFTs with his mugshot on them.
Fraudsters have stolen more than $25 million in a so-called AI-powered crypto-ponzie scheme.
The OKX decks suffered a $2.7 million hack.
Q-coin was fined $22 million in New York.
Yurn Finance accidentally swapped its entire IPY Curve version 2 Treasury and asked nicely for
the money back. The uranium finance hacker has been cashing out in Magic the Gathering Cards.
Doquan reportedly is going to be extradited to the United States. The A-Euro stable coin isn't,
and Noster assets got clogged up. In the news, several people reached out to me to let me know
that my work had been cited on the Behind the Bastards podcast about Sam Bankman-Fried. Super cool.
They cited my newsletter post about the discussion of FTX's codebase during the trial.
The podcast episode is titled Part 2, The Last Sam Bankman-Fried episodes.
Coin Telegraph wanted to know what I thought were some of the top signals of the 2021 Cryptomania.
The moments where, looking back, it is clear the bubble was way overinflated.
I pointed to celebrity shilling, like the incredibly awkward conversation about
board apes between Jimmy Fallon and Paris Hilton, and the cringy attempts by big brands to adopt
the crypto lingo.
Worth a read.
404 Media has a great story about right to repair, or lack thereof, and a Polish train that was
remotely disabled after its operator had an independent service provider perform regular
maintenance on it.
The train operator found some hackers to re-enable their train, and now the train company is
threatening to sue them, claiming the train could be unsafe. This is titled Polish hackers repaired
trains the manufacturer artificially bricked. Now the train company is threatening them. It's paywalled,
but it's worth a read if you have access. If you're fresh out of ideas for what not to get
your Luddite friend for the holidays, Brian Merchant has you covered with the worst tech of 2023,
an anti-gift guide, published in the LA Times.
He polled some great folks in the critical tech world, and they came up with some good ideas,
although somehow blockchains didn't make the list.
Perhaps that was more of a 2022 anti-gift.
That's all for now, folks.
Until next time, this has been Molly White.
Thanks for listening to this issue of the citation-needed newsletter.
To learn how to support my work, visit mollywhite.net slash support.
If you would like to read the text versions of these episodes, sign up to receive the newsletter in your email, or support my work on a recurring basis, go to newsletter.mollywhite.net.