What more could Tornado Cash developer Alexey Pertsev have done?
The future of financial privacy is on trial
Oh, hey! Feel that? There’s been a change in the air. It’s tough to say which way the winds are blowing. But the world is certainly glitchier today than it was yesterday.
In this issue:
Why Alexey Pertsev’s trial feels stuck in the past
ODDS/ENDS
How Vitalik Buterin made a small AI safety nonprofit very rich
Farcaster is headed toward unicorn status
A new Ethereum Layer 2 built for “autonomous worlds”
Alexey Pertsev’s trial is about the future of financial privacy. The prosecution seems stuck in the past.
The most high-profile criminal case in cryptocurrency history came to a close last week, as Sam Bankman-Fried was sentenced to 25 years in prison for defrauding FTX’s customers.
Around the same time, the most important criminal case for the future of cryptocurrency technology—and possibly for all of financial privacy—was underway in The Netherlands.
Standing trial was Alexey Pertsev, one of the developers of Ethereum-based privacy application Tornado Cash. He’s accused of laundering $1.2 billion worth of illicit crypto-cash.
Fundamentally a set of blockchain-based computer programs, called smart contracts, Tornado Cash is like a robot bank that lets users deposit cryptocurrency and later withdraw it to a different blockchain address that has no link to any of the prior transactions. Though pseudonymous, cryptocurrency transactions are by nature public and traceable. Tornado Cash uses advanced cryptography to make a user’s money as private as physical cash.
Pertsev’s defenders, which include not just Ethereum and cryptocurrency advocates but digital civil liberties groups including the Electronic Frontier Foundation, are watching Pertsev’s case with frustration and anxiety. They see his arrest and detention as unjust, and believe it stems from a misunderstanding of how blockchains work. In their view, Pertsev simply helped create a new tool; it’s not his fault that people used it to launder money. Just as there are legitimate uses of physical cash—one of the world’s most popular tools for laundering money—there are legitimate reasons someone might use private cryptocurrency.
According to accounts from courtroom observers, the prosecutor argued that Pertsev and his co-developers ran Tornado Cash like a business, and benefitted from illicit use of the smart contracts. Prosecutors in the US made a similar argument in their indictments last year of two other Tornado Cash developers, Roman Storm and Roman Semenov. The Dutch prosecutor, who is seeking a 64-month prison sentence, also argued that Pertsev knew that Tornado Cash was being used to break the law and didn’t do enough to stop it.
But anyone who knew Tornado Cash existed also had to know criminals would use it—just like everyone knows criminals use paper bills—and nothing about its core technology has been secret. Tornado Cash is an open source project that enacted every software change in broad daylight—including the May 2020 update in which the developers “smashed their keys,” as CoinDesk put it at the time, relinquishing their power to make further updates and effectively making the Tornado Cash contracts unstoppable.
Given how blockchains work, whether Pertsev knew Tornado Cash had become a tool for criminals doesn’t have much relevance. A better question is: What could he have done about it?
The answer may hint at the future of financial privacy and legal compliance—especially if a small group of devoted blockchain privacy advocates can open the minds of skeptical policymakers.
“What would you have me do?”
The two-day hearing last week came more than two years after Pertsev and his fellow developers found themselves at the center of an international criminal investigation. In March of 2022, hackers alleged to be part of the North Korean state-sponsored Lazarus Group stole $625 million worth of cryptocurrency from the blockchain underlying the popular video game Axie Infinity. Then they started depositing the stolen money into Tornado Cash.
In August of that year, the US Department of Treasury imposed sanctions on Tornado Cash, calling it a threat to national security. Days later, Dutch authorities arrested Pertsev, who remained in jail until April of last year, when the court ruled that he could await his trial under house arrest.
Leading up to the trial, some observers wondered whether the prosecutor, Martine Boerlage, would reveal evidence that somehow directly linked Pertsev to money laundering. She did not, instead making a more general case that Pertsev didn’t do enough to stop criminal activity that he knew was occurring via Tornado Cash.
Courtroom observers noted that the judges seemed to struggle with basic technical concepts related to blockchains. It probably didn’t help that the hearing’s proceedings had to be translated from Dutch into Russian, Pertsev’s native language (Pertsev moved from Russia to The Netherlands with his wife in 2021). According to Bitcoin developer and author Sjors Provoost, who was in the courtroom, Pertsev at times resorted to English to explain technical concepts related to smart contracts because, as he explained, he thinks about those concepts in English and struggles to translate them into Russian.
A major point of contention in the case is the extent to which the Tornado Cash developers had a profit motive that benefited from the illicit activity. While it’s true that the smart contracts are public and don’t require permission to use, the Tornado Cash developers built and maintained a website that simplified the experience. They also set up a so-called decentralized autonomous organization (DAO) to govern the project, and created a tradeable cryptocurrency, called TORN, that DAO members could use to vote. They even went so far as to set up a company, PepperSec, through which they paid developers.
“Tornado Cash is more than just smart contracts,” Boerlage argued, according to DLNews. “It was run like a company.”
“The judges asked plenty of questions about the different smart contract and UI components, who could make changes, and how that changed over time as a result of burning the keys and adding a DAO—and how they morally felt about all that,” observed Provoost. They asked why 30% of the TORN supply went to the privacy tool’s five main developers. “If it was a community effort, why were some members treated specially?” he tweeted, paraphrasing.
Prosecutors in the US have also argued that since the Tornado Cash developers may have financially benefited from illicit activity on Tornado Cash, they deliberately allowed it to occur.
At one point in Pertsev’s trial, the prosecutor argued that Pertsev did not seem concerned about the Axie Infinity hack at the time it happened. The evidence was that he responded “lol” in a group chat with the other developers after he learned that the heist had been undetected for nearly a week. “Did you find this funny?” one of the judges asked him, according to Ameen Soleimani, a prominent Ethereum developer and privacy advocate who was also in the courtroom. Soleimani said the judges asked Pertsev if this meant he did not take the situation “seriously.”
Pertsev said he had a habit of using the term to express surprise. But he also had an honest question for the questioners, recounted Soleimani: “What would taking it seriously mean?” Pertsev asked. “What would you have me do?”
“The devs couldn’t have stopped anything”
A few weeks before the trial, Soleimani shared his own answer to this question during a solemn main stage talk at ETH Denver: “The devs couldn’t have stopped anything.” he said.
Soleimani spearheaded the creation of Moloch DAO, a decentralized autonomous organization that supplied early funding for Tornado Cash’s development in 2019. More recently, he helped found an organization called Justice DAO to support the legal defense of Pertsev and Storm, who will face trial in the US in September. (Semenov remains at large.)
The smart contracts underlying the core Tornado Cash privacy tool are “immutable,” Soleimani said in Denver. “What that means is that it will continue to operate as programmed until the heat death or the universe, or the end of the Ethereum blockchain—whichever one comes first,” he said.
A chart displayed on a screen behind him helped make the case.
The drop from around 250,000 ETH to around 130,000 ETH came after the US government sanctioned Tornado Cash. Since then, however, it has gradually grown back to around 150,000 (a bit over $500,000,000 worth at today’s prices).
As Soleimani pointed out, the sanctions didn’t stop people from using Tornado Cash. Nor did taking down the website or arresting developers. “The smart contract can be accessed from any UI or command line interface,” he said
From the outside looking in, this appears to have been a point of confusion for both the prosecutor and the judges in Alexey Pertsev’s trial.
“Separating equilibrium”
In fact, the Tornado Cash developers did do something to address the potential for criminal use. A feature of the website called the “compliance tool,” allowed users to generate a cryptographic proof that a certain deposit belonged to them. If pressed by law enforcement, they could present the proof, and law enforcement could then investigate the source of the money themselves.
In the courtroom, the Dutch prosecutor dismissed this measure as “flauwekul” which translates to “bullshit,” noted Provoost. They argued the compliance tool was “just a way to deflect responsibility to others,” he paraphrased, and that the developers should have given themselves access to that information.
Perhaps the prosecutor has not grappled with the unique privacy dilemma presented by decentralized protocols like Tornado Cash. On one hand, decentralized privacy tools are being used by criminals. On the other hand, the privacy that such tools provide might be desirable for legitimate reasons, wrote Matthias Nadler and Fabian Schär, authors of a paper focused on Tornado Cash and published last year by the Federal Reserve Bank of St. Louis. “For example, it may serve as an insurance against excessive centralization of power and contribute toward the resilience of a democratic system.” Requiring users to reveal their identity, the way traditional banks do via so- called know-your-customer (KYC) measures, would defeat the purpose.
In that vein, Nadler and Schär argued, blockchains represent a genuinely novel challenge for regulators and call for a new approach. “An optimal solution will likely lie somewhere between perfect privacy and perfect observability.”
“Ideally, the infrastructure would generate a separating equilibrium between honest and dishonest actors and allow the honest ones to remain partially private,” they continued. And they proposed “a relatively straightforward way” to find such an equilibrium—an approach that sounds like how the Tornado Cash compliance tool worked: “If Alice’s funds come from a legitimate source,” they wrote, “she can easily share cryptographic proof that links her deposit to her withdrawal address.”
Keep in mind that, generally speaking, cryptocurrency is still mostly useless as a payment method. After the Lazarus Group scored its $625 million in crypto, it needed to cash out somewhere. Tornado Cash allowed them to withdraw money with no links to the heist. But to the degree that Lazarus succeeded in turning that crypto into traditional cash, it did so via businesses that serve as crypto-to-fiat “offramps.”
In The Netherlands, Pertsev’s attorney Keith Cheng argued that it should be the responsibility of crypto exchanges to stop bad actors from using their offramps. “If crypto comes from Tornado Cash, then they can see it immediately and they have an automatic system to flag that,” he told DLNews.
Ideally, wrote Nadler and Schär, financial intermediaries like banks and exchanges would only do business with users of Tornado Cash (or a similar tool) who could provide cryptographic proof that their deposits were not illicit funds. The “bad-acting version of Alice,” whom they named Malice, would not be able to provide such proof.
Reason for techno-optimism—but too late for Alexey
Soleimani isn’t only a vocal advocate for the Tornado Cash developers. He’s also joined efforts to build real systems that implement and extend Nadler and Schär’s original proposal.
Last September, Soleimani, Nadler, Schär, Ethereum co-creator Vitalik Buterin, and Jacob Illum of the blockchain analytics company Chainalysis published a technical paper describing a concept called Privacy Pools. It boils down to giving users the ability to cryptographically prove, without revealing any other information about themselves, that their money did not “originate from unlawful sources,” like a known crypto exchange hack, and/or that those funds did originate from legal sources, like legitimate banks. Somewhat ironically, the capability relies on the same flavor of cryptography—called zero-knowledge cryptography—that makes Tornado Cash work.
There are many ways the general approach could be used to isolate and deter the criminal use of privacy tools like Tornado Cash. Soleimani and other developers have built a prototype Privacy Pools system on an Ethereum testing network. Now he is advising a company called 0xbow, which is aiming to take the larger idea to market.
After Soleimani’s talk in Denver, he joined a panel discussion with 0xbow cofounder Zak Cole. 0xbow is the first provider of “association sets”—pools of deposits that have been vetted to ensure they don’t include any addresses linked to sanctioned entities, hackers, and other known “bad guys,” Cole said. A user of a privacy tool like Tornado Cash could cryptographically prove their deposit came from an association set vetted by an entity like 0xbow.
The approach has limitations. For example, it’s hard to know how long it will take after a crime is committed for a given blockchain address to be linked to that crime. Imagine an illegal weapons dealer acquires crypto, but the physical goods change hands without much linking the weapons to the on-chain transaction. Given the relative lack of evidence in that scenario, it could take a while for law enforcement to identify those addresses as tainted.
Soleimani said he’s given talks on the Privacy Pools concept to regulators around the world, in which he has emphasized how this sort of cryptography opens the door to innovation in compliance. “You can’t go into a bank today and withdraw from the bank and publicly prove that you are not the (source of the) illicit deposits that went into the bank.”
“We didn’t even really know this stuff was possible,” he continued. “It was only after the Tornado Cash sanctions that we tried to figure out this problem of how do we publicly dissociate from these illicit funds.” Since it’s possible, there’s reason to think developing open-source privacy tools like Tornado Cash doesn’t have to open developers up to the risk that they could one day be hauled into court and tried as international criminals.
That doesn’t help Alexey Pertsev, though.
“This trial is so fucked up,” Soleimani tweeted from the courtroom after noting that judges, in their questioning, suggested that Pertsev should have implemented a traditional KYC system. One of them apparently asked if it is possible to deploy a smart contract but not make the code public.
Soleimani answered that one for his Twitter followers: “Yes, of course it’s possible, but it’s a massive security risk for everyone involved.” Again, this would defeat the purpose of the project. “What if the devs were secretly hiding a bug and waiting to exploit it?” he said. “If the code isn’t public, there can’t be any independent security reviews.”
Arguments that a decentralized privacy application should have introduced KYC, and suggestions that it should not have been open source, imply a misunderstanding of the nature of the tool. Unwittingly or not, they also imply that the only thing Pertsev could’ve realistically done to prevent money laundering is to not create Tornado Cash in the first place. Will the court decide that building a tool like Tornado Cash is a crime?
We’re likely to find out soon—the judges in The Netherlands are slated to deliver their verdict in May. A conviction would surely chill the development of new Tornado Cash-like software tools. The fear of legal repercussions could dampen the cautious optimism that Soleimani and others have about novel compliance tools.
In his closing remarks, Pertsev maintained that he is only a software developer, according to DLNews. “I never had the desire to help or tolerate criminals in any way, I have a different mindset,” he told the judges. “I hope you understand that.”
—Mike Orcutt
Please like, subscribe, and share Project Glitch with your friends!
ODDS/ENDS
Tornado Cash developer Roman Storm’s legal team filed a motion to dismiss a US criminal indictment. Building a decentralized privacy tool is not the same as laundering money, Storm’s lawyers argued, according to CoinDesk. Storm is currently scheduled to face trial in September.
Vitalik Buterin maybe by accident created one of the most powerful AI safety groups in the world. In 2021, the Ethereum co-creator received a gift of 50% of the supply of Shiba Inu coin, a Dogecoin imitator. That may all sound like child’s play, except that this equated to several billion dollars worth of cryptocurrency. Buterin then quickly donated lots of it to various advocacy groups, including one called the Future of Life Institute. According to Politico, when all was said and done Buterin added more than $600 million to the coffers of what had previously been a relatively little-known organization. “Its previously unreported war chest puts it on par with famous nonprofit powerhouses like the Brookings Institution and the American Civil Liberties Union Foundation,” Politico reports. Thus far the organization is best known for a widely publicized open letter, signed by Elon Musk, Steve Wozniak, and MIT economist Daron Acemoglu among others, that called for a “pause” on advanced AI research.
In light of Politico’s reporting, Buterin claimed on Twitter that at the time he thought the memecoin’s value “would surely drop 100x in a few days.” He said he felt he had to act fast, and was “expecting they would be able to cash out at most like $10-25m.” Perhaps it really is all a simulation.
The company behind Farcaster is raising money at a unicorn valuation from crypto VC Paradigm. That’s according to a report in Bloomberg, which revealed the new bounty for Merkle Manufactory, the software development shop founded by two former Coinbase execs. Farcaster has made waves in recent weeks with Warpcast, an app that has the look and feel of X but uses the Ethereum blockchain to keep track of accounts and identities. The app also has a buzzy feature called Frames, which lets users engage with interactive content, like games or quizzes, without leaving the app.
A mysterious attacker apparently infiltrated the development team behind Blast, an Ethereum Layer 2 network. Shortly after a gaming project called Munchables lost $62 million last month to the attacker in an apparent inside job, regarded on-chain investigator ZachXBT posted an intriguing finding: “Four different devs hired by the Muchables team and linked to the exploiter are likely all the same person,” he wrote on Twitter. The attacker had access to crucial smart contracts needed to transfer the funds. ZachXBT also seemed to suggest that the attacker is a North Korean hacker, though no one seems to have independently confirmed that to be true. Either way, somehow the Munchables team, with help from ZachXBT and the security firm PeckShield, convinced the rogue developer to return the funds—a weirdly common outcome in crypto.
Onchain gaming startup Lattice has deployed its own Ethereum Layer 2 network. Called Redstone, it is a so-called Optimistic Rollup similar to Coinbase’s Layer 2, Base, and the Optimism (OP) Mainnet. But it has been designed specifically to be a home for “autonomous worlds” and other applications built on MUD, a development framework Lattice created. The details are technical, but what makes Redstone different from other rollups built using the “OP stack” is the way it adds data to the main Ethereum blockchain. The novel approach to “data availability” is supposed to make it easier to run complicated smart contract applications, like games. “While MUD apps struggled to scale before, Redstone will enable those applications to go beyond what was previously possible,” the Lattice team said in an announcement. The network is available now for a “developer preview” period. It is scheduled to launch publicly next month, along with eight games.
Memes from crypto firms and “finfluencers” now need to be checked for compliance in the UK. Thanks to new financial promotions guidelines, your memecoin shilling group may now have oversight by the British ombudsman. The UK’s financial regulator, the Financial Conduct Authority (FCA) recently laid out what a compliant crypto promotion looks like. Apart from revealing how poor the FCA’s meme game is (see here), the document said that projects promoting their wares in “chatrooms such as Reddit and Telegram” would also be subject to its rules.
Telegram will let its users buy ads using Toncoins. That’s the native currency of The Open Network, the blockchain technology that Telegram developed before abandoning it as part of a settlement with the SEC. As CoinDesk explains, the TON token is issued not by Telegram, but by a separate group (though the Telegram logo is all over its website) called the TON Foundation. “Anyone can now promote their bot or channel—with budgets as low as a handful of Toncoins,” Telegram said in a release.
Follow us on Twitter or get corporate with us on LinkedIn—if you want.