Happy Thursday! We are once again asking you to consider what “pro crypto” actually means.

Trump’s government is prosecuting important crypto cases in much the same way as the Biden administration did

Donald Trump has promised to make the US the “crypto capital of the world,” and there’s been plenty of activity that would appear to be evidence that he’s following through. He has, for example, staffed the executive branch with outwardly “pro-crypto” individuals, from Treasury Secretary Scott Bessent to Paul Atkins, the new head of the Securities and Exchange Commission. His party, which controls both houses of Congress, has crafted legislation that would largely benefit the industry. And of course, he is the proud owner of a Trump-branded memecoin and stablecoin.

And yet, the most extreme legal threats that crypto endured during the Biden years—which many people in the industry argued were reasons to support Trump in last year’s election—remain as strong as ever.

The most prominent example of this is the case of Tornado Cash, the Ethereum-based privacy tool. Advocates had hoped the administration would dramatically change course on Tornado Cash, and in particular that the Department of Justice would drop its prosecution of Roman Storm, one of its developers. That hope was reinforced when Trump’s deputy attorney general, Todd Blanche, distributed a memo in April asserting that the Trump DOJ would discontinue its predecessor’s “reckless strategy of regulation by prosecution,” echoing a frequent critique of the Biden administration by advocates of cryptocurrency technology.

Nevertheless, last month, the US attorney for the Southern District of New York (SDNY) revealed in a letter to the judge overseeing the case that it still plans to pursue nearly every charge against Storm.

Taken together with some subtle legal maneuvers by the Treasury Department when it removed the Tornado Cash software from its sanctions list in March, it does not appear that the new administration has imminent plans to quell the fear of prosecution that’s haunted many crypto developers for nearly three years.

A small victory

The SDNY’s letter did contain one concession, small in the context of the Storm case, but significant in the broader legal conflict. Namely, it informed the judge that federal prosecutors will back off from one portion of the charge that Storm operated an “unlicensed money transmitting business.”

Storm and another developer, Roman Semenov, were indicted in 2023. The indictment alleged that North Korean hackers used Tornado Cash to launder hundreds of millions of dollars in crypto they stole from a video game called Axie Infinity. It charged Storm and Semenov with conspiracy to launder money, conspiracy to violate sanctions against North Korea, and conspiracy to operate an unlicensed money transmitter. Storm was arrested in August 2023 and is scheduled to face trial in July. Semenov remains at large.

The unlicensed money transmitter charge is the one that has riled the crypto policy community the most. It’s also made many in the industry feel betrayed by the government.

Money transmitting businesses are required by a US law called the Bank Secrecy Act (BSA) to register with the Treasury’s Financial Crimes Enforcement Network (FinCEN). In 2019, FinCEN published guidance that was widely interpreted as saying that in order for someone to qualify as a money transmitter, they had to take “total independent control” of user funds.

The Tornado Cash smart contracts work without anyone other than the users ever taking control of their money. The 2019 FinCEN guidance implied, therefore, that Tornado Cash didn’t need to register.

But in a brief to the court last spring, the DOJ prosecutors argued the contrary: you can be a money transmitter even if you don’t take control of user funds. Then the judge in the case shocked the crypto policy community by agreeing with the DOJ.

This created an obvious “rule of law problem,” according to Peter Van Valkenburgh, executive director of the policy research and advocacy group Coin Center. “To me, no one should ever be charged with failure to get a license from a regulator who said they didn’t need a license in the first place,” he said at Project Glitch’s DC Privacy Summit last October.

Now, the DOJ seems to have changed its mind. Last month, it announced it would no longer argue that Storm broke the law by failing to register with FinCEN. On one hand, this is “huge news,” according to Van Valkenburgh. On the other hand, it’s the only aspect of the indictment that the government has decided to back off from following Blanche’s memo. Although the DOJ concedes that there was no need to register, it still alleges that Storm operated an unlicensed money transmitting business. The prosecutors cite separate language in the law to argue that it was still unlicensed money transmission—even if they didn’t have to get a license—because the transactions in question “involve(d) the transportation or transmission of funds” that Storm allegedly knew to be of criminal origin.

Confused? You’re not alone. “It honestly doesn’t make sense,” Van Valkenburgh said this week during a panel I moderated at PGP* for Crypto, a monthly gathering of crypto policy insiders in Washington, DC. “If you are going to find them guilty of unlicensed money transmission, but there was no one that was requiring them to license—how insane is that?”

The DOJ has since made the same argument in a separate criminal case against Keonne Rodriguez and William Lonergan Hill, developers of a Bitcoin privacy tool called Samourai Wallet, dropping the charge that they failed to get a license but continuing with the charge of conspiracy to operate an unlicensed money transmitting business. This case recently spotlighted the discrepancy between FinCEN and the DOJ’s views on what constitutes a money transmitter. The defense team publicized a summary of a phone call between federal prosecutors and two FinCEN employees, in which the FinCEN representatives argued that since Samourai doesn’t take control of user funds, that would “strongly suggest” that it isn’t a money transmitter.

The continuation of these charges has dashed hopes that Blanche’s memo would mark a radical change of course for the DOJ. Amanda Tuminelli, executive director and chief legal officer at the DeFi Education Fund, a policy advocacy group in DC, said during the PGP* for Crypto panel that parts of the memo were positive for the industry. “I think the spirit of the memo was a good one,” she said. But in the high-stakes conflict over what constitutes a money transmitting business, “it did not solve anything.”

Tuminelli argued that Congress should amend the criminal code to “close the window for this to ever be misinterpreted again” by clarifying that the language in the criminal statute does not apply to software developers who don’t take control or custody over customer funds.

The North Korea factor

There’s also the matter of the sanctions the Treasury Department’s Office of Foreign Assets Control (OFAC) slapped on Tornado Cash in 2022. Coin Center and others brought lawsuits against OFAC, arguing that it did not have the authority to sanction decentralized software. Then, last November, the industry landed a legal haymaker against the government in one of those cases. The Fifth Circuit Court of Appeals ruled that OFAC did not have the authority to sanction Tornado Cash’s “immutable” smart contracts, since these contracts are not “property.” In March, the Treasury took the smart contracts off the sanctions list.

But some important signals suggest the government isn’t ready to give in on this issue.

To begin with, the Treasury did not frame the action as a concession of error, as Michael Mosier, co-founder of the law firm Arktouros, and a former official at OFAC as well as director of FinCEN points out. Instead, the agency said it had “exercised our own discretion to remove the economic sanctions.” That’s an “extremely calibrated response” to the Fifth Circuit’s decision, Mosier noted during a recent talk in DC. The agency may be preparing additional moves.

A second important signal is in how the government treated the sanctioned Tornado Cash developer Roman Semenov, who is a citizen of Russia.

Some backstory: OFAC originally sanctioned the Tornado Cash software under an executive order issued by President Barack Obama in 2015 that was targeted at cybercrime. In November of 2022, OFAC re-did the sanctions, adding a second designation under a separate Obama-era executive order, this one aimed at making it harder for North Korea to finance its nuclear weapons program. In August 2023, OFAC added developer Roman Semenov to the sanctions list under both executive orders.

When OFAC removed the cybercrime and North Korea-related sanctions for Tornado Cash in March, it left Semenov on the list of entities sanctioned under the North Korea executive order.

“There are much broader enforcement authorities for the North Korea program,” compared with the more generic cybersecurity order, Mosier explained. That means the government would have an easier time defending this sort of action in court. Mosier suggested that the Treasury was sending a message in the way it removed Semenov’s cyber designation but left him on the North Korea-related sanctions list. “By removing the cyber tag and leaving on the DPRK tag, it caused his designation to be republished publicly in the same press release (announcing) that they were de-listing the (Tornado Cash) addresses,” he said. “That is a strong signal that shows to Congress, and to developers around the world: ‘We’re not leaving this space.’”

For as much as Trump loves crypto, it appears there are flavors of it that his administration disfavors just as much as the Biden administration did. —Mike Orcutt

Share

HEADLINE WATCHER

Big banks explore venturing into crypto world together with joint stablecoin. Initial discussions have involved Early Warning Services, the operator of Zelle, and the real-time payment network Clearing House, according to the Wall Street Journal. The newspaper calls it “the latest sign that mainstream and crypto finance are inching closer together.”

DOGE aims to pool federal data, putting personal information at risk. Here’s the lede from the Washington Post: “The US DOGE Service is racing to build a single centralized database with vast troves of personal information about millions of US citizens and residents, a campaign that often violates or disregards core privacy and security protections meant to keep such information save, government workers say.” If you believe those anonymous government workers, this is pretty much the very thing that crypto folks have been warning about for years.

US spy agencies are getting a one-stop shop to buy your most sensitive personal data. According to The Intercept, the Office of the Director of National Intelligence is “working on a system to centralize and ‘streamline’ the use of commercially available information, like location data derived from mobile ads, by American spy agencies.”

CFPB quietly kills rule to shield Americans from data brokers. The rule, proposed in December by former Consumer Financial Protection Bureau director Rohit Chopra, would have put limits on the kinds of information that US data brokers can sell. The agency now says the rule is no longer “necessary or appropriate”, Wired reports.

ICE taps into nationwide AI-enabled network, data shows. US Immigration and Customs Enforcement has been getting “side-door access” to a license plate-scanning tool via local and state police around the country. Anonymous researchers flagged the “massive trove of lookup data” reflecting “immigration-related” searches, according to 404 Media.

Coinbase reveals 69,461 users affected in December 2024 data heist. Coinbase revealed last month that some of its offshore customer service representatives sold personal data about the exchange’s users to cybercriminals, who then demanded a $20 million ransom from Coinbase in return for the stolen information. The Block highlighted a court filing stating the specific number of users whose personal information the criminals obtained.

Pump.fun hits back at report that claimed 98% of memecoins on the platform are fraudulent. That’s the (updated headline) from Coindesk, which cites a report from Solidus Labs claiming that almost all memecoins launched on the token creation platform have been either scams or pump-and-dump schemes. Of the seven million tokens created since Pump.fun’s inception in January 2024, only 97,000 still have at least $1,000 backing, the report added. The controversial memecoin launcher also hit the headlines earlier in May after the San Francisco Standard tracked down 22-year-old crypto founder Jeffry Yu, the creator of crypto token Zebero and CCO of a company called Blorm, finding him alive and well days after Yu had appeared to take his own life on a Pump.fun livestream. On-chain data analyzed by Bubblemaps showed accounts linked to Yu moved up to $1.4 million in cryptocurrency after his supposed death. A memecoin with the ticker $LLJEFFY was also launched in his honor before he was found.

MEV bots are clogging blockchains faster than networks can scale, says Flashbots. Bots programmed to exploit opportunities to generate profit via so-called MEV (maximal extractable value) are making everything slower and more expensive for real users, according to a new report. In case you aren’t familiar, MEV is a blockchain phenomenon that allows validators to profit by ordering transactions in prescribed ways. The Block surfaced a new report on the topic from Flashbots. The bots are profiting, but “it’s wasteful for the network, burdening nodes and users,” the authors wrote.

AI is getting more powerful, but its hallucinations are getting worse. So-called reasoning systems, the latest and most powerful large language models, are better at math but “their handle on facts has gotten shakier,” according to The New York Times. Even researchers at the forefront of experimentally determining how exactly these models work are stumped as to why this is happening.

Follow us on Twitter and Bluesky—or get corporate with us on LinkedIn.