Unchained - DEX in the City: How Privacy in Crypto Makes Everyone's Finances More Secure - Ep. 982
Episode Date: December 18, 2025The SEC this week held a roundtable on financial surveillance and privacy in another sign of the major shift in the regulator's approach to crypto. In this DEX in the City episode, Espresso co-founde...r Jill Gunter joins hosts Jessi Brooks and Katherine Kirkpatrick Bos to unpack the major talking points and takeaways from the roundtable. And more importantly, what it signals about the SEC’s approach to crypto and privacy. With legacy financial institutions coming onchain, like JPMorgan and DTTC, they discuss how crypto can actually help prevent data breaches and have a better product for users and companies alike. Interestingly, Jill recounts how she lost $30,000 in an exploit involving crypto mixer Railgun and why she didn’t even try to hide it from regulators at the roundtable. Plus, was Do Kwon's sentence excessive? Well, according to Jessi, it’s a complicated question, but she unpacks what people misunderstood about the judge’s decision. Hosts: Jessi Brooks, General Counsel at Ribbit Capital Katherine Kirkpatrick Bos, General Counsel at StarkWare Guest: Jill Gunter, Co-founder and Chief Strategy Officer at Espresso Systems Links: Unchained: Why the Privacy Coins Mania Is Much More Than Price Action Do Kwon Sentenced to 15 Years in Prison Jessi's and Katherine's paper on programmable risk management Timestamps: 🚀 00:00 Introduction ⚡️ 3:23 How SEC privacy roundtable marks a sea change in the regulatory approach to crypto 💡 12:39 Why privacy is also important for legacy institutions moving onchain 📍 17:31 How projects and institutions can be compliant while collecting less data 🤧 24:57 Jill recounts being the victim of a hack and seeing the hackers use a privacy protocol ❕️ 30:36 Why Jill says the hack did not change her perspective on crypto privacy 😎 33:30 How far the crypto industry has come since Tornado Cash ⚔️ 35:54 The debate over proof of innocence ⚖️ 42:09 What everyone misunderstood about Do Kwon's sentence 💫 52:24 Shoutout to Save the Children for their innovative Bitcoin initiative Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
We can still meet compliance goals, but with less data collection.
And I think that that is, like, if I could just tattoo one thing onto the brains of policymakers and regulators, it is that sentence.
If your privacy theory can't explain how a vulnerable person would get help, restitution, or protection,
then it's not a privacy theory for humans. It's one for ideology.
So I think we're all kind of trying to find our way back to that place where they see.
starting point for privacy as privacy is okay.
He should see some of these tweets where he's like pretty much anyone who disagreed with him
and said like, terror is falling apart. He was like, you're poor or something like that.
Hi, all and welcome to Dex in the City where the wallets are cold and the takes are hot.
First, we have Jesse, Web3 prosecutor turned Web3 protector at Ribbett Capital.
Hi, Rilin.
And V is out today, skiing. We're very jealous. We have FOMO. We told her to have a
an operas ski drink for us. But today we are so thrilled to have Jill from espresso with us on the show.
Hi, Jill. Great to be here. And I'm your host, Catherine, KK, fluent in tradfai and conversant in deep tech over
at Starkware. So before we get going, remember, we're lawyers, or at least Jesse and I are lawyers,
but we're not your lawyers. So nothing you hear on ducks in the city is legal or financial advice.
and it doesn't create an attorney-client relationship.
For the fine print as usual, check Unchained Crypto.com.
Jill, we are so happy to have you here.
And matching with me.
Amazing.
We didn't even coordinate that.
You're both wearing, like, for our listeners,
you're both wearing very sophisticated sleep,
like kind of toky sweaters.
It's very cold outside.
We also both have money framed in the back.
That's true.
Money art.
Because that's all fiaties.
That's going to be good for soon.
I love it.
Money art.
I'm going to make a penny picture.
So Jill, give us a minute and give us an overview.
Tell us about yourself and about espresso because I'm not going to do it justice.
Jill is a boss, guys.
That's how I'm going to put out here.
Awesome.
Well, thank you so much for having me.
Yeah, my name is Jill.
I've worked in the industry for 10 years now.
What are we still doing, guys?
But here we are.
The future of finance is almost here.
It's coming.
For the last five years, I've been working on a project called Espresso Systems.
We've built many different tools and infrastructure products that we think are going to be a part of that journey to bring mainstream finance on chain.
The main thing that we've built is a blockchain designed for high customizable.
So we support roll-ups primarily and super fast transaction finality time.
So we confirmed transactions in two seconds, and we're targeting sub-second next year.
In the past, we've also developed privacy products.
So we developed a product called Cape a couple of years ago, piloted it with a bunch of
specifically Sablecoin issuers and other asset issuers at the time.
And privacy has always been one of my big kind of passions in this space.
So thrilled to be on.
How convenient.
How convenient.
Yeah.
We're so pumped to have you.
And what you guys have been building at espresso is just incredibly impressive.
And I think that everyone should learn more about it.
And Jill, I know you've had like long podcasts where you've talked in depth about what it does.
And I highly recommend people listen to that.
But what we're here for today is to focus on privacy.
And two of the best are here to talk about it because they both got together yesterday to talk about privacy on a panel together.
and left me behind. So can you guys tell our listeners what you were doing yesterday and just a little
about how it impacts our conversation today? We had a party without you, Jesse. No, never, never.
So yes, this was amazing. And I just want to point out something really cool. Okay. So this was the sixth
SEC roundtable, I believe. The SEC started holding these roundtables on topics, the SEC Crypto Task Force.
So there's been one on defy, tokenization, etc. And it's absolutely.
fantastic. It shows their kind of transparency, their engagement. They did, one of the members of the
task force did tell me that this was a very well attended or well watched panel, which shows how much
kind of talk and focus there is around privacy. But one of the coolest aspects of it is that the
first half of the roundtable was builders, like talking about privacy tools, demonstrating privacy
tools. And shout out to Jill for not only being on the builder half, but being the only woman
representing the female woman. We're going to do sorority snaps for that one. Whoa. Whoa. Yeah. And then the
second half of the panel was a policy focus conversation. So kind of these tools exist. We just saw some of them.
Where do we go from here? So let's kick things off, Jill. Like tell us more about your take on kind of from the
builder perspective, your takeaways and your thoughts on the first half one.
Okay.
I mean, well, I just have so many thoughts on this.
It's so wild for any of us in the space, maybe especially as a builder in the United States,
who's been working in crypto again for a decade to be walking through the front doors of the SEC
to give a presentation.
So I actually, I had the privilege of going in and doing another one of these roundtables back
in June. And I remember I panged my co-founders and my teammates at my company saying,
okay, guys, I'm going to be off these two days in June. I'm applying to D.C. I'm going to be going
into the SEC. And some of my colleagues were like, you're going into the SEC, you know, kind of like.
To you need a lawyer. Like have we, yeah, have we been subpoenaed? Because that was the vibe for,
I want to emphasize actually not just the Biden administration, the pre-
Trump administration, you know, for the better part of a decade. And I think that it is so awesome
that the SEC is engaging with industry in this way. Everyone I met there yesterday, even the staffers
who'd been around sort of through all of these different paradigms at the SEC were just so open-minded
and curious and positive about us coming in to present. And that was just, that was just a great
feeling. So that was the first thing I wanted to acknowledge. It was fantastic. And just to paint a
picture for people, if you haven't been to the Securities and Exchange Commission headquarters in
Washington, it's right next to the beautiful and, you know, very, very kind of fancy old school
union station. And then you see this like kind of intimidating gray, very angular,
modern architecture is fascinating. And a scary building. Like, it gives fancy jail to me a little
It gives like, yeah, dystopian science fiction.
Yes.
Or like the good guys are holding to, you know, testify in front of the galactic Congress.
A hundred percent.
So you go in, you know, you go through security.
But I can't, I really want to echo Jill sentiment.
Like every member of the task force that I've interacted with has been lovely.
They're smart.
They're intellectually curious.
They want to do right by the industry.
But they also want to do right by American investors, which, frankly,
that's one of the reasons why the SEC has changed its tone. They understand that innovation in the
United States is good for the market itself. So this degree of engagement is a dream. And I think
that's the first step. It's the baby step to seeing real progress on the regulatory and legislative.
I just, sorry, I just can't believe that the SEC had a panel on privacy. I mean, like, I was in the
government almost five years ago prosecuting crypto cases and stuff involving a lot of,
And part of the reason I left is because I didn't feel like the government understood the value of crypto and spoke about it in a very anti-privacy way. And to me, and in my nature, like, I think privacy is incredibly important. And also it's perfectly aligned with national security, which were the cases I were working on. So to see a shift in just like five-ish years to an actual panel to talk about privacy and the importance of it. I mean, I was blown away by,
what you guys were saying and also by the fact that it was just happening. Yeah, 100%. And I was going to say,
Catherine, there's been this kind of meme in crypto, at least in the United States for a long time,
of like, oh, thanks to the SEC for protecting me from this life-changing air drop that I could have gotten,
right? Like, thanks a lot, guys, for protecting me from this. Protecting me from this money.
Because there's been so many ways in which, you know, under the auspices of consumer protection,
U.S. people have not been able to engage in crypto.
And obviously, not all of that's changing.
Like, I don't know.
I'm not like a diehard libertarian who thinks that we should get rid of all consumer
protection.
I actually think it's very important.
But I do think that this is kind of a sea change moment to reset some of the standards
and paradigm.
So, yeah, completely agree that it's a huge deal that it was even happening.
And kind of interesting timing.
I don't know.
Did you both see the New York Times article?
Of the weekend.
No comment.
It's just...
It was this article that came out over the weekend.
Basically, to me, okay, never actually said this with the headline, all of it,
it made it sound to the average reader, I think, like the SEC has changed its tune on
crypto and is inviting all of these crypto people to Washington and dropped all of these
cases against crypto companies because Trump is somehow personally benefiting from it.
And if you read carefully, of course, throughout the article, they keep saying like, to be
clear, we found no evidence of this. Like, we're just asking the question. And I'm just like,
oh, you guys, this is, come on. No. And also, I think it just, it negates all the work that
people like us and our listeners are doing in the crypto space. Because
you can have an argument about conflict of interest and whether the current administration and
politicians should be involved in crypto and whether what they're doing is hurting the industry.
And that is a conversation we can have for sure.
But that is very different than smart people like you guys going in and teaching about privacy
and defending the human right to it.
And the fact that it's conflated just like puts us against a entire institution that we don't
need to be against.
And like it makes us very defensive.
So I really appreciated.
that a lot of the panel wasn't about that defensiveness,
because it's very easy to go that way.
You know, KKKK, you would talk about, like,
the history of these panels and Jill, you've been on one before,
but like, what is, can you explain, like, what's the purpose of them?
Like, are they tailored to a specific guideline?
Like, did you get a sense of, like, what might come of this?
It's a great question, Jesse, because I've been asked that a lot.
Like, what are the takeaways?
What are the changes as a result of this panel?
And also to give people some inside baseball here,
people can actually apply to be on these roundtables and or they're invited to be on the roundtable.
So a lot of the participants end up there because they have engaged with the crypto asset task force or they've published thought leadership or the commission is aware that their products align with the educational goal of this roundtable, for example.
There's no specific action item or deliverable that come from these roundtables.
And I don't think anyone should expect that.
This is all a process of education and engagement and starting a conversation, particularly vis-a-vis privacy, which is not straightforward.
Like, there's not like an easy fix that you can turn on and off.
Privacy is an acceptable thing to regulators.
That was actually a big conversation point in the policy focus piece about how, like, what can we do to ensure that people can engage with privacy tools without immediate.
garnering suspicion and builders can build them safely. But the other point that was made that is
spot on, well, I should say this because I made this point not to do my own part, is that everyone's
been obsessed with Sable's tokenization and payments, right? So now we're seeing huge activity from legacy
market participants in, for example, tokenized equities. All of this is moving on chain. What does that
mean? Well, it means we need some form of privacy or secrecy or shielded transactions to mitigate
market manipulation, to ensure that we still have free market competitive strategy. Like, there's a
whole host of use cases for privacy, economic use cases that are unlocked by the growth in tokenization.
This, to me, was one of the biggest kind of subtexts or themes of the day yesterday. I think is that, you know, we have
all of these applications that we in industry feel are basically there. They're ready for prime time.
And, you know, even TradFi and, you know, kind of legacy market participants are seeing this as well.
And privacy is perhaps the most relevant, actually, to those parties. And so it was kind of this
interesting mix of, you know, you had like Zucco Wilcox, the founder of Zecash there. You had folks,
who really kind of espoused the like true cypherpunk vision of crypto.
And then you also had a lot of the same people actually espousing this version of privacy
that's like very corporate friendly and actually look like banks, you know,
just in order to manage their own proprietary strategies.
And banks and asset managers need privacy as well.
And it's interesting to see kind of the marriage of those two things.
And also the ways in which I think strategically, even those who are really in it for like the civil liberties or the ciphered punk values are kind of pragmatic at this point in 2025 saying, okay, well, we can Trojan horse those values in through, you know, privacy products built for corporates.
It's a great point.
It was really interesting is the policy panel, half the policy panel was ex-regulators.
And I would say the least cypher punk was Carol House, who's an ex-regulator.
But she kept agreeing with the Representative Jay Stanley from the American Civil Liberties Union, which was quite interesting.
And some of it was he was approaching this pragmatically.
There was a lot of respectful disagreement on the policy panel.
But I did think that they did a very good job of kind of bringing the spectrum of beliefs here in terms of, okay, no, this should be entirely permissionless tooling.
free, if bad guys use it too bad, to the other spectrum of, no, we should build a holistic
risk management compliance infra on top of the tools. And a lot of the topics that were raised
in the paper, Jesse and I published a couple months ago, were discussed, meaning the existence
of these cryptography-based tools and what they can do for privacy, good and bad. I think the fact that
there was so much agreement is somewhat surprising, but also to me, like, not that surprising because
we live in such a cyber world right now. And privacy and national security are like pretty much
bedfellows that need to work in conjunction together. Because like every major national security
failure involving data in the last decade has come from too much visibility. Not too little. You can
think about the OPM hack with my data along with 21 million other federal employees like PII was taken.
you can think about like the Strava incident which like I am shocked how few people talk about that but that's on the private side where fitness trackers revealed the layout of U.S.
I think about that every day.
How I basis.
Yeah.
Soldiers are not leaking the information.
The lack of privacy protections like really impacted our national security.
So for me like the fact that there was a grievance sort of shows that it's not just a philosophical debate but rather an understanding that too much visibility is what can create a tax services.
I swear if I had tinfoil around, I'd put on my tinfoil hat right now.
But like, the more you learn about this, the creepier it is.
And that was also a topic of yesterday.
It was really interesting.
Like we talked about the economic drivers for privacy.
We talked about privacy as a right.
Those are not surprising.
But the other things we talked about, frankly, is the epidemic of data breaches in the United States and how to mitigate that using cryptography-based tools.
There was a lot of discussion around that.
There was a lot of discussion about digital identity.
And there was a lot of discussion about the Bank Secrecy Act and any money laundering.
Yeah, no, 100%.
And I think this was this was a point that got driven home by basically every single speaker, more or less,
is that with the tools that we have through cryptography generally, but then also through
bringing assets and identity and things like this on chain and using crypto tools, we can still
meet compliance goals, but with less data collection. And I think that that is, like, if I could just
tattoo one thing onto the brains of policymakers and regulators, it is that sentence. We can still
meet compliance goals with less data collection. Because I think that that is, you know, it's so
easy when you say the word privacy to have, like, all of this baggage around it. Forget privacy for a second.
It's like it's really that that I think is going to be the driver of a lot of this adoption.
And I said this yesterday, I'll say it again today.
I think that this dynamic, again, the fact that we can still do risk monitoring in real time,
we can still have the levels of transparency that we want and need that we've grown to love about blockchains.
But while encrypting and obfuscating things about assets and identity and having selective disclosure,
Like, these are some of the most compelling reasons to bring digital assets on chain.
Like, okay, yes, like, we're, you know, we're helping to drop down clearing and settlement costs for, like, creating a global marketplace instead of fragmented one.
Like, all of those great things about blockchain are true, too.
But I think what you get in terms of this supercharged privacy, risk auditing identity tools are really, like, that is.
the main reason. Yeah, because it allows us to like move past this false tradeoff between privacy
and regulation because we should be able to design systems that where confidentiality and
accountability like reinforce each other. And like we have the technology to do it. And so like,
you're making my heart very full with what you're saying because like privacy and risk management
should not be fighting each other. And like maybe in the past they had to before we had the tech that
we had now. Like, I don't want to speak to that. But what's so exciting about right now, and I think
part of the reason why we all like the space so much is that programmable risk management can be
the mechanism that lets both privacy regulation and, you know, compliance exist together.
One of the points that I made loud and clear on the panel, Jesse, was a point that was grossly
misinterpreted with our paper. It's like our paper, we run through all the tools or a lot of the tools
that exist today that can be implemented for programmable risk management. But the point that I was making
is these tools exist.
We're not saying that regulators should mandate the implementation across the board.
Like there's a spectrum of privacy solutions.
There's a spectrum of privacy protocols with different needs.
So however.
Just back up, though, for a second, Catherine.
And can you just like lay the groundwork for your paper?
Because probably a lot of your listeners know about it, but some might not.
So, yeah.
Yeah, we'll link it in the show notes.
It is a dry academic paper.
Actually, it's really fantastic and fun to read.
I started reading it yesterday.
I think it's very sexy.
Thank you.
It was just you and I was going.
We were going for sexy.
We were going for sexy.
Yeah.
Sexy.
It's a very sexy academic paper.
But no, we'll link it in the show notes.
Look, so it, I think we mentioned this on the first episode.
But the whole point of it was we wanted legislators and regulators to be aware of the existence
of these fantastic cryptography-based tools.
tools, obviously ZK proofs are close to my heart. Starcware is the OG of ZK Proofs. Like the Starkware
co-founders co-founded ZK Starks and Starks. The Starkware CEO, Ellie, is a co-founding scientist of Zcash.
So that's our baby, right? So I was driven with the understanding of that tooling. And Jesse and I put
our heads together and created this paper that runs through the existence of these tools,
how they're used, how they can be used. And my favorite part of the paper is,
is in the appendix, there's actually a chart that lists out the tools. So the dream is builders that want to build D5 protocols. Like they have different goals. Some just want to build D5 for Tradfite. That's fine. We shouldn't shame them for that. Like there's a place for them in the community. So the dream is they're looking at the paper. They're looking through the appendix. And they're just making sure that they've considered whether the tools should be appropriate. That all being said, we were also quite clear in the paper that we are not.
mandating that any of these tools should be required.
There is a fear in the community that regulators give an awareness of the tools are going to say,
oh, well, this exists.
You got to have it.
You got to have it.
No, I don't think that's going to happen.
I think we're not giving regulators and legislators enough credit.
Also, like, it's about the users having choice, too.
You know, it's like builders build.
They disclose what systems they're using or not.
And then users get to say, I want to protect my money with this much.
I want to protect my money a little bit less, but take on more risk.
Like, why is that so scary?
I'm not really sure.
And to, like, just get back to the user side of this, if I could turn this a little spicy, if that's okay.
Like, you guys were amazing on the panel.
This is nothing against any of you.
But I do think one thing that was missing.
And it could be because it was at the SEC, not like the treasury, for example, was just like the human aspect of it.
Except, Jill, when you spoke about what happened to you, to be honest.
But, you know, I think that we need to reframe the conversation a little bit.
Maybe in bigger conversations, maybe not at the SEC when it's about markets more.
But like to being about privacy that protects people, not just principles.
Because my conversation sometimes around crypto privacy right now is that too often it turns into like an ideological purity test.
And I think we saw this with our paper coming out because then it's just about principles and not people.
because to me, like, it needs to all be reframed from an abstract concept to like something like a public interest framework.
Because if your privacy theory can't explain how a vulnerable person would get help, restitution, or protection, then it's not a privacy theory for humans.
It's one for ideology. And privacy maximalism sometimes misses the flip side of like the harm comes from the state, but it can also come from each other.
And sometimes the thing that's protecting you is like the ability to go to court.
to trace assets to prove your harm.
And like, Jill, like, I'm so happy that you've had a foundation to be able to come out there
and speak what happened to you.
Like, I've been hacked too.
But there are hundreds of thousands of people who have never been able to have a voice.
Can't get anyone on the phone to help them.
Can't get any recourse.
And so, like, when there's no privacy, people get hurt.
But if there's no accountability, people also get hurt.
So we need to figure out a way to, like, balance the two.
And in my mind, obviously, programable risk management.
is one way to consider doing that.
But there's obviously potentially other options out there.
But at the end of the day, like, privacy needs to understand people and that the fact that we need to be shielded most of the time, but discoverable in times of harm for the purpose of justice.
Jill, Jill, tell us more because for those who missed the panel, tell us more about what you shared yesterday with the caveat or it's not even a caveat.
Guys, Jill is really sophisticated in crypto.
Like, she's maybe the most.
I mean, whenever you're at Treadby Comptus, there's always that guy standing in the corner and he's like, I bought Bitcoin in 2014. And it's like, well, you're clearly still needing to work. So you obviously didn't hodel it. So you should probably stop bragging about this. Like, Jill is that person, but she's not going around bragging about it. So Jill, please tell us more.
Okay. So yeah, for those who are not extremely online and did not see my viral Twitter thread about this the other day, last week, literally, I'm not kidding you. I sat down at my desk to work on a draft of my remarks to give at this SEC privacy roundtable. And I happen to open my rabbi wallet, like my browser wallet. And I had moved a bunch of things around the day.
prior to prepare to do an angel investment out of my Rhabi wallet. I don't usually keep that much
in terms of funds in my just like browser hot wallet. You're like Ravi or your Metamask or what
have you. But I've moved a bunch of money in. I have to confess, I sold my Monad AirDrop. I sold a few
other things to like be able to fund this angel investment. Okay. And I opened my wallet and I'm like,
hmm, that's funny. The wallet user interface is not showing me all.
of these funds that I put in here yesterday. But, you know, these user interfaces kind of sunk.
So I wasn't that surprised. And I was like, let me just go into EtherScan and make sure it's all
still there. And it wasn't. And at this point, okay, you two will appreciate this in particular.
I'm a mom. I have a two-year-old. I'm chronically sleep deprived. At this point, I was thinking,
like did I accidentally sit here?
Did I like send it to like my like one of my other, you know, hardware wallets or like,
did I send it to a sex?
Like did I forget that I sent it?
I would have done something like that.
Did I like bridge it into like the wrong conrad?
Like that was honestly, I was like, was this a mom brain thing?
No.
But moms have superpowers.
I shouldn't use the word mom brain.
But like for me specifically in that moment, that's what I was talking.
Anyway, I'll cut a very long story short.
I traced it through EtherScan because Ethereum is public, so you can do that.
And then I saw the deposit of this 30K worth of stable coins into, well, it'd been turned into Ethereum at this point, into Railgun, which is a privacy product that, like, I've never used before, but like I know about and I respect it.
I also know it's used in a lot of black hat activity.
And I just saw that.
Black hat equals bad hackers, guys.
Yes, black hat is bad.
White hat is good.
I just saw that deposit into rail gun.
And my stomach just sank because like that's the smoking gun.
Unfortunately, you know, all of the other movements of the funds, I could kind of be like,
did I like accidentally like give permission to like, you know, some decks to be able to do this?
as soon as you see it going to a privacy protocol, like, that's not an accident.
That's the bad guys, taking your money.
And it was just a real moment of empathy for me as someone who's built these products,
who's been in the space a long time, who's been a huge privacy advocate from like a civil
liberty's perspective.
But in that moment when you're the victim, you don't look at this until like, huh,
that's like a really cool tool of human freedom.
I'm so glad that this exists.
Are you kidding me? And of course, I want to say, of course, you know, the real fault here lies with, firstly, the smart contract that had a vulnerability disclosed in it that was not deprecated and taken down that actually allowed this have to happen. You know, secondly, self-sovereignty is just costly. Like, you've got to be careful out there. I probably shouldn't have had that much money just chilling in a hot wallet even overnight. So, you know,
stay safe folks go into your wallets go to revoke.cash like there's all of these great public goods
that exist like be able to monitor um you know your wallet's permissions and things like this
but also it does just suck to look at it and be like this is okay this is the practical use case
and adoption for a lot of the activity that goes on in privacy protocols but to your point jesse
i think it's so important i actually had people kind of discouraging me from sharing
the SEC round table. I was like, do you think that we're like going to like as an industry,
do you think that we're going to make progress by not acknowledging that black hats use these
protocols? Like absolutely not. Like this is such a well-known thing. We have to acknowledge it and acknowledge
that we can build privacy tools that do have safeguards built in. You know, if I had caught it,
the rail gun deposit within a couple of hours, it actually railgun would have been able
to stop it. And Railgun does have these types of safeguards built in. They have like a proof of innocence
thing. They have like a time delay on deposits. I think that they have like KYT. So like some TRM or
chain alice thing set up. But this just missed, you know, all of the safeguards. So yeah. I'm so sorry
that happened to you. You know, you have been working in privacy so long. Did it actually shift your
thinking? Because how I'm thinking about it is like it really grinds,
my gears when people say like
I mean I don't want bad things to happen in
this space but you know
but I believe in privacy or but
but what a lot because like I don't think we need to
make between those things and it ignores the
victims in that first clause
of the sentence and so
I don't want everybody to have to get
hacked to understand the importance
of having some sort of risk management tools
and I think yes self-sovereignty
is scary be careful out there and like
I want Jill you to come on and like give us
cybersecurity training at some point. But like it the whole point of this being built is that we should be
able to have self sovereignty and security. And so like I sort of wonder like how you think this
changed your thinking and whether there's any way to sort of leverage that to people that
haven't been through it to understand that balance that might be required. By the way, Jill,
before you answer, I'm just going to say I'm going to introduce a new segment called what grinds
Jesse's gears. Yes. It's great throwback.
For those who you want, you used to run a podcast called what grinds figures.
One of the OG female hosted crypto podcasts, I may say.
Honestly, it didn't really change ultimately my perspective on like what needs to exist and how we need to approach these things.
Even to the extreme, I would say that I do think that there's value in having some privacy tools that,
are aligned with that kind of like cyphobunk set of values that, you know,
are more on the permissionless end of the spectrum.
Because I've also seen it pretty much firsthand, uh,
from doing research and having friends even in places like Venezuela or Iran or at
times Lebanon or Hong calling during the protests there,
etc. Where I've seen, okay, privacy can be a tool of human freedom. Again, in that moment of the
hack seeing railgun there, I did not feel that way. But like I do think it is very valuable to have
these kinds of censorship resistant, again, like cypunk aligned privacy tools. But I do think that
I think that there just needs to be a spectrum of these things. And, you know, I think that
the more that we can have tools that do support high levels of accountability and responsibility
and do have, for lack of better word, controls on them for more mainstream usage,
I think that that is better for the space as a whole.
Like, I mean, a few years ago, I have to say, I think we've come a really long way from tornado cash being sanctioned by OFAC,
which happened two years ago.
I think it was like 2022.
Yeah.
Three years.
22.
Yeah, it was almost four years ago.
Stop.
Take that back.
Retract that.
Right.
Almost four years ago.
You know, we basically only had like tornado cash and then I guess, you know,
kind of the natively private blockchains like Zcash and Monaro.
Zcash had, of course, some safeguards built in.
Tornado cash did also a beauties, but.
I don't know if they were kind of mandatory to use or just not used.
They weren't used with OFAC inquiries.
I don't know that for a fact, but that's my assumption.
Yeah.
But I do think that there has been this kind of new generation of privacy builders who've been really,
really thoughtful about how to implement things like proof of innocence, either in depositing
into a private domain or withdrawing from the private domain.
implementing, again, like KYT to be able to know, okay, is a transaction being deposited in from a
suspicious address? Maybe we need to put a pause on that. Having these long deposit wait times and
withdrawal times. And, you know, it's all tradeoff, right? Because it makes the user experience
way more of a headache. But it does also create these safeguards where, you know, even from
business perspective. I don't think you're ever going to get businesses to build these things
or do things like out of the goodness of their heart. But from a business perspective, it actually
just made sense in the wake of tornado cash being sanctioned to explore these different
modalities. And I'm very glad that we're moving, it seems, out of the paradigm that we lived in
for the last four years where, you know, things can happen like tornado cash getting sanctioned, which
I think we all agree and Coin Center kind of led the charge on this should not have actually
happened even from legal perspective. But I do think that one positive out of all of that,
one silver lining has been the innovation that's been spurred in creating tools that do balance
those protections of users as well. Well, a couple points on that too. It's funny because I think
a lot of crypto has a very visceral reaction to things like proof of innocence. So like this is
another thing that was discussed on the panel is we've lost the thread here and you know
Americans should never need proof of innocence like the presumption should be innocent so that was an
interesting kind of rights oriented conversation and the other interesting point about tornado
cash for everyone who isn't aware if you're not a crypto person you know the the infamous mixer
which you know a mixer basically makes it difficult to trace the source of the funds um
And similar to samurai wallet, both of which have had criminal implications for the developers.
The interesting thing about those is that Commissioner Purse herself has been supportive of mixers.
And she said so in the opening remarks to the roundtable.
What was really fantastic is Chair Atkin spoke, Commissioner Mark Uaida spoke, and Commissioner Perce all spoke in kicking off the roundtable.
And they were all pretty much aligned with, look.
individual people should be able to use these tools without arousing suspicion.
And it goes to the kind of presumption of innocence, presumption of good.
So I think we're all kind of trying to find our way back to that place where the starting
point for privacy is privacy is okay.
And then when there are red flags or issues or, well, that actually raises a separate
conversation of, well, what is guilt?
Like, is there a conviction?
But that's the issue and that's the spectrum of debate that we have with kind of the various stakeholders here.
And one interesting then kind of offshoot of this debate that I hear a lot amongst developers that wasn't really touched upon yesterday.
Because it's just sort of like another level of depth on this is a lot of these privacy tools.
If you use them, you are contributing to a shielded pool effectively.
And so by virtue of using a tool like railgun, I'll just pick on them for a second.
But this is true of many different products by using them.
So even if I'm using them for sort of like totally kosher, fine, licit purposes, if others then,
if North Korea then deposits into that same product, North Korea is being shielded by my assets by virtue of me using.
that product. And so I mean, you two can probably talk about and theorize and maybe even answer
for me what this means from a legal perspective for the users of railgun who are using it for
okay purposes, but then are providing that privacy to the likes of, say, North Korea. But, you know,
I think that there's just so many fascinating, but also kind of hairy and scary dynamics that
arise with the design of these products that that's really tricky to sift through, whether it's
for regulators or enforcement or the average end user. I really like your framing, Jill, of like how
much stuff has changed over the past few years because I do think this panel for me and for many was
like a real step forward from this whole like privacy maximalism, cyberpunk only. Because, you know,
as someone that, you know, thinks about the people side of this a lot because the work I used to do, like, privacy was essential for every domestic violence victim that I interacted with and like trying to figure out how to get them cash that they could use in a way to have a hotel where they were safe from their abuser is essential to privacy. And like, in the same way, sometimes too much privacy can hurt victim. So like, I think it's like walking into a room and being able to address the audience with the needs and prince.
and convictions that they have on the privacy topic. And the crypto industry, I'm sometimes hard on
us, but like, I think they're doing a really good job sort of reframing it and talking about it as, like,
a holistic need for people in different ways. I love that, Jesse. And I was about to say we don't
have enough time for you to spit all the alpha that you have on illicit finance. But we are going to
have an illicit finance episode at some point where we kind of digest some of the liability and the concern
and the fear in crypto and what is facilitation. I want to move on to one other tiny topic we have at the
end and also our crypto good news. But before I get there, I wanted to spit a particular piece of
alpha here. FYI, every roundtable has a break in the middle. And to date, there has, this was,
Jesse before we started filming was like, what surprised you at the round table? And I don't think
she was prepared for my answer, which was I was really excited for ice cream bars at the break.
because I believe there's been ice cream bars at every break.
That's what we had in June.
Thank you.
Washington was 25 degrees or something like that,
like some crazy Chicago level cold yesterday.
And so there were not ice cream bars.
There were donuts and cookies at the break.
And the best part is they were all laid out on this like piece of parchment.
I'm pulling up the photo I took right now so I can get this right.
And in front of the donuts, there was this big sign that said,
don't not take financial privacy for granted.
So I just, well, that's the name of our episode today.
Thank you.
Excellent.
We have our episode title.
So the commission, the task force, in addition to being lovely and smart, has a sense of humor.
I so appreciated that.
I also ate both a donut and a cookie before my panel.
So if I was acting a little hyper, now you all know the inside baseball there.
But that was-
And you passed out from your food coma after.
Yeah, then I passed out.
Yeah.
I passed out on the plane.
But that was kind of amazing.
we also had a pizza dinner before the panel kick or pizza lunch hosted by the SEC before he
came up so I ate like a small child yesterday is what we all did you all good I had multiple donuts
I can pass I love it okay so this is what's fueling your hosts for today yeah we we only have a few
minutes left so I wanted to pivot to Jesse real quick because it would be remiss not so much on the
privacy piece but to not talk about something that I think Jesse and I are uniquely suited to
opine on briefly is the Doquan sentence. Jesse, tell us more about that. Sure. There's been a lot of
conversation about the sentence and whether there was too much, too little. And essentially what
happened is Doquan pled guilty to two counts. Oh, and remind us, remind our listeners who
Doquan is. Doquan ran Terraform and it was an algorithmic stable coin that depeged. And there were
lots of allegations and lots of evidence that during its depegging, he made a lot of fraudulent
statements both publicly on podcasts, on Twitter and internally that represented that it wasn't
depagging and lots and lots of people have lost their money. Some people think it's hundreds
of thousands of people. There's almost 17,000 victims that are part of the bankruptcy case,
which is still going on right now. And 300-ish victims wrote in for that.
the sentencing. So essentially what happened is he pled guilty to conspiracy to defraud and wire fraud.
Okay. And those were two of the counts of the indictment that was brought in the New York federal court.
And so essentially after he pled guilty, they sent a sent a sentencing hearing where the judge sentenced him to 15 years.
And there's been a lot of conversation. Is that too much, too little? And I think it's worth sort of giving a foundation of how sentencing works. And like that
might help guide whether it's too much, too little, or at least sort of educate on the
process. So what happens is when you plead guilty or you're found guilty at trial, you have
that actually happen. And the judge doesn't in federal court sentence you right then. Instead,
they set a sentencing hearing, usually like eight weeks out, depending on how complex the
cases. During that period of time, the defense collects information of support in support of the
defendant, if there's any of that, which there was here, as well as submits a sentencing memorandum
that says, we think he should have blah. And the prosecution does the same with victims. The victims
sometimes speak at the sentencing hearing as well, but they essentially say, based on the evidence and
these facts, we think he should be sentenced to blah. In this case, the defense asked for five years,
and the prosecution asked for 12 years. What the judge did was sentence above what the prosecution
recommended, which is not unheard of that has happened in many cases, but it's somewhat rare. And in such a high
profile case, like a judge usually explains why he did that. So although it was higher than what the
prosecution had asked for, it's actually lower than what the maximum was. So let me just talk about
this for a little bit because it's sort of important. So essentially, when you plead guilty, you're pleading to
charges that are listed as criminals, criminal statutes by Congress. So Congress will say fraud is a crime
and the maximum you can get for it is blank. Okay. And that is legally what you can do. And that's when
people say, you know, here he had a maximum of 25 years. That is different than the sentencing
guidelines because before the mid-1980s, it used to be that judges just couldn't go above the statutory
maximum, but they could do whatever. But the problem with that is like some judges would give 25 and some
would give two years for the same crime. So what the Supreme Court and the federal government decided
to do was create federal sentencing guidelines. And what this says is, hey, judge, look at the
statutory maximum and then look at these different factors in this very complicated manual. It's like
hundreds and hundreds of pages to help you determine what to sentence somebody to. And it's not
mandatory, but if a judge goes above or below the guidelines, then they have to explain it or they
can be overturned. Yeah, but that's, I want to double click on that point really quick, Jesse,
because I think it's important and it's the source of the confusion with the sentencing a lot.
Just because the prosecution recommends a certain period of time, the judge does not have to align
with those recommendations because a lot was made of the fact that Doe Kwan got 15 when the
prosecution recommended 12. Totally. That's just a starting point for the judge, effectively.
The only thing the judge really has to do is stay under the statutory maximum.
What the guidelines here suggested or said he could do was nothing to life in prison.
And the reason why it was so high was because these sentencing guidelines look at the two crimes he pled to.
And then they might reduce if you pled guilty.
They might reduce if you're a cooperator.
They might reduce if you weren't the main person, which wasn't the case here.
but it adds a lot for the amount that was stolen and the number of victims.
And here he had like way above the maximum.
So he could have without the max like statutory maximum under the guidelines,
he couldn't got life in prison.
That's how like a Bernie Madoff got a life in prison, right?
And or the Enron or World Combat.
Here there was $40 billion lost and lots and lots of victims.
And so the judge pretty much looked at statutory maximum said,
I can't go above 25.
I don't think 12 is enough.
probation also sort of said 12 and sometimes the prosecution and probation agree and instead the judge says you should have 15 because you don't seem remorseful and you continue to commit fraud by lying to people and like you should see some of these tweets where he's like pretty much anyone who disagreed with him and said like you know terror is falling apart he was like you're poor or something like that so it was just like the amount of evidence um was not
great against him and the fact that he tried to escape and there was evidence that he was trying
to run away from this. So I guess like my takeaway is like the sentencing guidelines and how
sentencing happens is really complicated. So you can't just look at what the, you know,
statute says and you can't just look at what the defense and prosecution says. You have to really
understand the guidelines and listen to what the judge's decision is and then sort of come up with
your conclusions on whether it's too much. And I also recommend that people,
listen to some of the victims' testimonials here.
Because, like, there was talk about suicide.
They were talking about losing the whole life savings.
Like, whenever victims come forward, judges usually respond to that.
Because for many people, sentencing is the only time that victims get a voice.
That was great, Jill, or Jesse, I was going to say, Jill, as the token non-lawyer on this
pod that speaks English and probably the smartest person on this pod, no offense, Jesse, you
are also brilliant.
It was waste like that makes sense to you.
That's why I dressed like her.
Yeah.
Yeah.
Did Jesse translate okay?
Yeah.
No, I was going to plug inner city press for like us normies.
I don't even know like what the business model or like this is as far as I can tell,
it's this guy who attends all of these court cases primarily in New York City that have to do with finance,
et cetera, et cetera.
And he like live tweets them.
And it's very accessible.
And dare I say sometimes entertaining and sometimes actually heartbreaking, like follow along.
And he did this with the SBF case and he did this, um, with Doquan.
And, uh, yeah, for us, for us normies to follow along and be able to see kind of how the whole thing went down.
That's a really great resource.
Um, no, but that, that totally answered for me, Jesse.
like to me as a layperson as a non-lawyer like you look at the fact that the judge went over
what the prosecution was recommending and you're like savage that's wild you're like did like
do kwan like miscalculate this when he pled guilty but it makes a ton of sense that you know
there's this kind of wide range and then it it is kind of a judgment call based on all of these
factors that you mentioned um i mean the
Wild thing to me, too, is that you brought up all of the kind of like direct collateral damage of what Doquan did.
But that then kicked off the whole of 2020, like, this whole unwindable, the leverage in the crypto system and the FTX collapse and just honestly.
You're right. That was the beginning of the end of 2022.
None of us wanted to relive that.
Nope. I think the sentencing made us. You know, it was interesting.
because it's not common, obviously, to go above,
but you can tell in the judge's comments that there were a lot of thoughts
that he had about crypto and the crypto industry and sort of like
the cult following of Doe that he said Doe took advantage of
that really contributed to why he went above what the prosecution offered,
which it's sort of interesting for a judge to give that much personal
in tape on how he thinks about it.
100%.
It was fascinating.
This stuff is complicated.
You know, as our listeners know, Jesse was a long-time federal prosecutor.
I was a longtime partner in private practice doing white collar defense.
These are not like entry-level concepts.
So we'll revisit this as we run into crypto-criminal drama, which hopefully we'll have more.
No, but no more.
We're going to have programmable risk management.
Yeah, yeah.
I want to wind us down.
really briefly before we wind us down. I want to do two things. Thank you so much, Jill,
who again is a true boss. Please come back, Jill. Spit some serious outlaw on the SEC roundtable.
It was such an honor to be on a roundtable with Jill. And then very briefly, our weekly
crypto piece of good news. This is actually so cool guys. I don't know if you read about this.
I wanted to give a shout out to save the children, which introduced a Bitcoin fund,
which the cool part about this, it's actually unlike a lot of crypto.
charitable donations that are converted to fiat instantly.
This fund is specifically designed to hold Bitcoin for multiple years.
And the other amazing thing is they can test operational usages via the Bitcoin fund.
So like very like connect with certain pilots and could later be used in domestic emergencies like hurricanes and wildfires
to move value to families even faster.
So shout out to save the children for being really innovative.
really innovative when it comes to crypto charity.
And just a reminder to everybody,
you too can donate your crypto to really valuable organizations.
So that's it for today.
Thanks again to Jill for joining us,
and we will see you next week.