The Breakdown - Tornado Cash Sanctions: The Most Significant Crypto Overreach by the US Government Yet?
Episode Date: August 13, 2022This episode is sponsored by Nexo.io, Chainalysis, FTX US and NEAR. On this edition of the “Weekly Recap,” NLW reflects on the July inflation data as well as the U.S. Treasury Department’s... sanctions on Tornado Cash. - Nexo is a security-first platform where you can buy, exchange and borrow against your crypto. The company safeguards your crypto by relying on five key fundamentals including real-time auditing and insurance on custodial assets. Learn more at nexo.io. - Chainalysis is the blockchain data platform. We provide data, software, services and research to government agencies, exchanges, financial institutions and insurance and cybersecurity companies. Our data powers investigation, compliance and market intelligence software that has been used to solve some of the world’s most high-profile criminal cases. For more information, visit www.chainalysis.com. - FTX US is the safe, regulated way to buy Bitcoin, ETH, SOL and other digital assets. Trade crypto with up to 85% lower fees than top competitors and trade ETH and SOL NFTs with no gas fees and subsidized gas on withdrawals. Sign up at FTX.US today. - NEAR is a simple, revolutionary Web3 platform for decentralized apps, created by developers for developers. More than 700 projects are now building on NEAR’s fast, secure and infinitely scalable protocol, from DeFi apps to play-and-earn games, NFT marketplaces and more. Start your developer journey now by visiting NEAR at near.org. - I.D.E.A.S. 2022 by CoinDesk facilitates capital flow and market growth by connecting the digital economy with traditional finance through the presenter’s mainstage, capital allocation meeting rooms and sponsor expo floor. Use code BREAKDOWN20 for 20% off the General Pass. Learn more and register: coindesk.com/ideas - “The Breakdown” is written, produced by and features Nathaniel Whittemore, aka NLW, with today’s editing by Eleanor Pahl and research by Scott Hill. Jared Schwartz is our executive producer and our theme music is “Countdown” by Neon Beach. The music you heard today behind our sponsors is “The Now” by Aaron Sprinkle. Image credit: z_wei/Getty Images, modified by CoinDesk. Join the discussion at discord.gg/VrKRrfKCz8.
Transcript
Discussion (0)
Welcome back to The Breakdown with me, NLW.
It's a daily podcast on macro, Bitcoin, and the big picture power shifts remaking our world.
The Breakdown is sponsored by nexus.com, and FTCS, and produced and distributed by CoinDesk.
What's going on, guys? It is Saturday, August 13th, and that means it's time for the weekly recap.
One note before we dive in, there are two ways to listen to the Breakdown podcast.
You can find this on the CoinDesk podcast.
network, alongside a number of other great shows, which comes out every afternoon.
Alternatively, if you just want to hear the breakdown, you can find the breakdown-only feed as
well, which comes out just a few hours later in the evening.
Wherever you're listening, I so appreciate if you would take the time to leave a rating
or review, it makes a huge difference in new people finding the show.
Also, a disclosure as always.
In addition to them being a sponsor of the show, I also work with FTX.
And finally, this week, I am very excited to welcome NEAR as an additional sponsor.
NIR is a revolutionary yet simple Web3 platform for building decentralized apps.
Designed by developers for developers, over 700 projects are now building on NIR's fast,
secure, and scalable protocol.
Whether you're a crypto-native launching defy apps, NFT marketplaces, and play and earn
games, or looking to migrate your project from Web 2, NIR makes it easy to build Web3
for the masses.
NIR offers developers a variety of tools, resources, and support for building apps, empowering
communities, and creating a more fair, inclusive, and equitable future.
Start your Web3 developer journey now by visiting near at near.org.
So, this was a hugely significant week, guys, and I think in some ways the best way to think about it is a preview of the fall.
Now, one disclosure before I get into that, like I said yesterday, I'm actually traveling right now, so I recorded this a few days in advance.
So if some crazy thing happened on Thursday or Friday, you'll know why it wasn't in the show.
But from a macro perspective, easily the most significant event was the CPI print.
This week, we got July's inflation numbers.
and they actually surprised to the downside.
Economists had expected 8.7%,
headline year-over-year inflation,
and instead we got 8.5%.
Month over month,
headline inflation was 0%
and core inflation was a much less
than expected 0.3%.
Now, of course, what matters
is not just the number but the trend.
The numbers were widely seen
as confirmation of the peak inflation thesis,
which of course feeds into the peak
hawkishness from the Fed thesis.
This is what had been rallying stocks
going back to the last FOMC meeting. Effectively, if the market believes that peak inflation
and peak Fed tightening are behind us, then everything from here on out gets a bit more rosy.
In the wake of the print, Bloomberg declared Wall Street defies CPI skeptics with risk-on rally.
Quote, traders went risk on Wednesday, with the S&P 500 set for its highest since May.
A surge in the NASDAQ-100 drove the tech-heavy gauge nearly 20% above its June bottom.
The CBOE volatility index slumped below 20, a level last seen in April.
The greenbacks slid the most since the onset of the pandemic.
Funny enough, by our technical definitions, this means that NASDAQ is basically back in a bull market.
Now, another funny thing about this is that Wall Street could actually be creating more
future problems for itself by being too bullish.
In other words, Wall Street getting overly bullish and pouring money back into stocks could have
ripple effects.
First, it could signal to the Fed that they need to keep tightening because expectations of a
pivot are too high.
Second, it could halt a general tightening of conditions that is slowing down the real economy.
This is radically oversimplifying, but if stock prices rocket back in the other direction,
layoffs and other types of real economy activity that lag market prices might halt,
meaning that the Fed's tightening can't actually work its way all the way through,
meaning that the Fed feels like it has to keep its foot on the break for longer.
The Fed certainly is messaging that there is more tightening to come.
Again from Bloomberg,
officials have said that they want to see months of evidence that prices are cooling,
especially in the core gauge.
The U.S. Central Bank will probably continue raising rates into next year
to bring down unacceptably high inflation.
Chicago Fed President Charles Evans noted.
His Minneapolis counterpart, Neil Kashkari, said,
quote, the idea that we're going to start cutting rates early next year,
when inflation is very likely going to be well in excess of our target,
I just think it's unrealistic.
One observation that I had watching all of this on Wednesday
is the incredibly increased politicization of the debate.
If you were a Democrat, you were talking about 0% inflation,
i.e. the month-over-month number.
If you were a Republican, you were talking about 8.4.
This, I think, is a preview of the ratcheting up of the politics of this discussion leading
into the midterms in November. Still, in crypto, this macro event was not the biggest event,
not by a long shot. That honor goes to the Treasury Department sanctioning of Tornado cash.
Tornado Cash is a mixing service that obfuscates transactions in such a way as to preserve
more transactional privacy. On Monday, Treasury's Office of Foreign Assets Control or OFAC sanctioned Tornado,
claiming that it has been used to launder more than $7 billion worth of virtual currency since it launched.
OFAC is particularly concerned with $455 million that was stolen by the Lazarus Group, which is a North Korean state-sponsored hacking group.
In the wake of the sanctioned Secretary of State Anthony Blinken wrote,
we will continue to aggressively pursue actions against currency mixers laundering virtual currency for criminals.
Today, U.S. Treasury sanctioned virtual currency mixer Tornado Cash, which is a U.S. sanctioned DPRK-State-sponsored hacking group,
used by the DPRK to launder money.
Now, when the crypto industry pointed out to Secretary Blinken
that even his Treasury Department was not actually seemingly accusing Tornado Cash
of being a hacking group itself,
that tweet was deleted and replaced by one that said that Tornado Cash
had been used to launder money for a U.S. sanctioned DPRK-State-sponsored cyber hacking group.
Still, the quote-unquote mistake was fairly revealing.
The immediate response from the crypto industry was that this was overreach
and represented something fundamentally new.
This was much the point of CoinCenter's response.
They pointed out that in the past, these sort of sanctions have been used to identify specific
people involved in illicit activities.
Crypto addresses that have been sanctioned are connected to individuals, but ultimately
the addresses are incidental. What matters is the people behind them.
This, on the other hand, is an attack on a type of technology, which by its nature is neutral.
In a follow-up speech, Peter Van Valkenberg from CoinCenter expanded on some of these themes.
Quote, banning software publication is banning speech.
banning otherwise legal transactions made to maintain one's own privacy and engage in anonymous speech for political purposes is also unconstitutional under the money of speech doctrines.
Even laws that unreasonably chill speech are constitutionally suspect and can be challenged even before enforcement.
End quote.
Now shortly after the announcement of the sanctions, the code repositories for the project were deleted from GitHub and Tornado Cash co-founder Roman Seminoff was suspended alongside two other contributors.
He tweeted,
my GitHub account was just suspended. Is writing an open source code illegal now?
In an emailed statement to Bloomberg, GitHub said that trade laws require them to, quote,
restrict users and customers identified as specially designated nationals, SDNs, or other denied or blocked parties,
or that may be using GitHub on behalf of blocked parties. We examine government sanctions
thoroughly to be certain that users and customers are not impacted beyond what is required by law.
However, the obvious issue here is that Seminoff is not on the SDN list. Only the tornado cash smart
contract addresses are. Adding a person to the STN has a very, very high bar, so is Seminoff now to be
considered on the list or not? Is providing him specifically with any goods or services a violation
of sanctions? Or is it specifically the code that's being sanctioned? Deleting code from GitHub
opens a couple of really concerning issues. Under current case law set during the fight over
PGP encrypted communication tools in the 90s, code is considered speech and American citizens
are constitutionally entitled to write or execute whichever code they choose. Now, the obvious
retort to that is that Microsoft who owns GitHub is a private company and can do whatever they want.
However, in this case, GitHub responded that they are specifically doing this to comply with
sanctions, i.e. a government instruction which they read is requiring them to delete repositories.
Van Valkenberg discussed this as well. Quote, several developers who have worked on software
associated with the Tornado Cash Protocol have had their GitHub accounts shut down. Now, if that's a
business decision of GitHub, so the First Amendment isn't necessarily relevant. But I don't think
that's just a pure business decision of GitHub. I think basically we're looking right at the
chilling effect of an unconstitutional restriction on speech and the collateral consequences,
which is that people stop publishing interesting ideas. Matthew Green, a cryptography professor
at Johns Hopkins who has been involved in various crypto privacy projects, writes,
using sanction power to take code off of public source code distribution sites feels like a
pretty blatant attack on the First Amendment. Also a pretty stupid attack. It's literally a decentralized
version control system. 30 years of hard legal work to establishes.
First Amendment protections around software distribution blown up in a day by GitHub and Microsoft.
In times like these, security of your assets should be your number one priority. If you want to
offset risk as much as possible and still stay in crypto, you need a trusted partner by your side.
Nexo is a security first company that manages risk by relying on mechanisms such as over-collateralization,
real-time auditing, and insurance on custodial assets. Learn more about Nexo's reliable business model,
and start your crypto journey at nexo.io.
That's nexo.io.
Eager to make more informed decisions around crypto,
chainelysis is here to help.
Chainalysis demystifies cryptocurrency
by providing industry-leading compliance,
market intelligence, and investigations support
for all crypto assets.
For organizations like Gemini,
crypto.com, and BlockFi.
Gain unparalleled visibility
and maximize your resources.
potential with the leading blockchain data platform by visiting us now at chainalysis.com
slash coin desk. The breakdown is sponsored by FTXUS. FtXUS is the safe, regulated way to buy
and sell Bitcoin and other digital assets with up to 85% lower fees than competitors.
There are no fixed minimum fees, no ACH transaction fees, and no withdrawal fees.
One of the largest exchanges in the U.S. FTXUS is also the only leading exchange that supports
both Ethereum and Solana NFTs. When you trade NFTs on FTX, you pay no gas fees.
Download the FTX app today and use referral code breakdown to support the show.
An additional dimension of this sanctions compliance comes around wrapped Bitcoin and Bitco.
Boteid Aguana writes, WBT is issued by BitGo. Its entities are in South Dakota and New York.
They must obey OFAC sanctions or face million-dollar fines in jail time for their execs.
We therefore expect them to suspend redemptions of the tainted WBT, rendered
those tokens worthless. Liquidity providers will likely end up as bagholders for blocked WBTC and
stablecoin assets if they do not pull liquidity from decks immediately. What does this mean for
Ethereum miners and stakers who are U.S. persons? There's no legal precedent we're aware of and we're not
lawyers, but it doesn't look good. It seems possible that breach of OFAC sanctions would occur if a
minor or validator produces or validates, an Ethereum block which contains a transaction,
including one of the Ethereum addresses on the SDN list. However, how it'll be enforced is unclear.
Bantig from Yerne made the point more crisply. There are 225 wrapped Bitcoin in Tornado Cash. WBT
is custodied by BitGo. WBT token doesn't have any freeze or seize functionality. This means
Bitcoin can't comply and goes to jail. Another company that has more of an ability to comply to the
chagrin of sum is Circle, the issuer of USC. On Tuesday, Circle CEO Jeremy Aller wrote this thread.
Yesterday, U.S. Treasury designated for sanctions, ETH addresses associated with tornado cash. As a U.S.
regulated financial institutions subject to Bank Secrecy Act requirements, Circle together with
our partner Coinbase, restricted the movement of USDC funds in these sanctioned addresses.
It is likely that nearly all responsible registered virtual asset service providers also took
steps to block customers from transacting with these addresses or face charges of willfully
avoiding U.S. sanctions compliance obligations, which can bring up to 30 years in prison.
The regulatory intervention in this case crossed a major threshold in the history of the internet
and the history of open blockchain finance, with a major government obliging
parties to outright block or limit the functioning of open source software on the internet.
It raises extraordinary questions about privacy and security on the internet and the future
of public internet digital currency. We have noted the tensions between privacy and security as
a policy matter. Yesterday, this stopped being an abstraction. This is a critical moment for the
crypto industry to sharpen its focus on major policy issues tied to financial privacy.
Crypto and blockchain infrastructure heralds an open internet of value exchange and challenges
decades of old regulatory frameworks for everything from market structure, payment systems,
systems, custody, and settlement, risk management, and of course, fundamental privacy and security.
To date, policy efforts have focused primarily on issues of market supervision and stable coins,
alongside a global effort to continue to enhance AMLCTF controls for digital asset operators and
intermediaries. But the rapid growth of open-source self-running protocols is challenging
policymakers everywhere, and the result, unfortunately, will be more blunt force enforcement
actions if we don't take action now. In the next day, Circle will call on crypto industry leaders,
associations, and protocol developers to come together and help advance legal frameworks and policies
to safeguard user privacy and security while evolving financial integrity rules to deal with open source
protocols. This is a pillar in the fight to protect defy and the future of public internet digital
currency. It is not about anyone organization. It's about all that we collectively have built and
represent in the future we believe in. One of the big concerns coming out of all of this is just how much
USDC is wrapped up in defy. Regardless of what Jeremy and the team at Circle want,
they're in a position where they're a U.S. company forced to comply with these sort of regulations.
So what will that mean for the future of DeFi protocols that are run largely on USC?
Another area of concern with all of this is that there's a real lack of clarity about how
sanctions compliance is going to work in the context of individual addresses.
Basically, publicly known addresses can be sent crypto even if they don't want it or didn't
request it.
Does this put anyone with a publicly known address at risk of noncompliance with sanctions?
Within a day of this announcement, an anonymous user had sent a slew of tornado cash
transactions to high-profile Ethereum addresses, including Brian Armstrong, Jimmy Fallon, Puma,
Beeple, and an address that has been associated with Dave Chappelle. Some have seen it as a troll
of the celebrities, but I think it's quite clearly not. It's pointing out the ridiculousness of the
compliance of these sanctions in the first place. From CoinDesk, the gag effectively points out
the absurdity of such sanctions for users receiving funds from blacklisted addresses that they have
no power to decline. The open nature of crypto is designed to cut out intermediaries, unlike
the traditional financial sector that would use banks and other financial institutions to act as
gatekeepers against such transactions. So trying to sum this up, I think that there are two
biggests here. The first biggest is that this may be one of the biggest stretches of the existing
legal system that the U.S. government has tried with regard to crypto. That's Masari's Ryan Selkis's
argument. Responding to a person who had been de-platformed from OpenCee for having used tornado
Tornado Cash previously, Selkis retweeted and said, this is the chaos government overreach causes.
It's like we're trying to lose the lead the U.S. has in crypto.
The tornado cash address sanctions are one of the most egregious instances of overreach
since Bitcoin was invented.
And that's saying something.
The second biggest is that this is likely to prompt the biggest and most significant
discussion about what decentralization really means and why decentralization is needed
that the crypto industry has ever faced.
Yes, we talk about decentralization all the time, but in the face of this, the real stakes
are made clear, and people are going to be forced in a fairly significant way to figure out
what really matters to them when it comes to decentralization. As Clark Moody wrote,
decentralization doesn't matter until it does. Anyways, guys, it was clearly a big week and one that
probably heralds more of the battles to come in the months ahead. For now, I want to say thanks again
to my sponsors, nexus, nexo, and nere, and thanks to you guys for listening. Until tomorrow, be safe
and take care of each other. Peace.