The co-founder of Ethereum’s best-known coin mixing service says that privacy protocols are defending people’s rights to financial privacy.
Tornado Cash, a mixer that allows users to obfuscate their digital trail on the Ethereum blockchain, has been at the center of attention since it was revealed last week that hackers were using it to mix stolen ether from digital assets exchange Crypto.com.
In an interview with CoinDesk, co-founder, Roman Semenov said that the team has little control over what its users do with the protocol as it’s designed to be autonomous and outside of the control of developers.
“There is not much we can do in terms of helping investigations because the team doesn’t have much control over the protocol,” he told CoinDesk. “The Tornado Cash team mostly does research and publishes the code to GitHub. All the deployments, protocol changes, and important decisions are made by the community via Tornado Governance DAO and deployment ceremonies [an event when new code is pushed live].”
The way that the protocol is designed, decentralized and autonomous, much like financial DeFi protocols means that there’s nobody in charge. There’s no corporate office, executive team, or CEO where the buck stops. Semenov said that there’s no backend, and the user interface comes from an Ethereum Name Service domain — a service that represents Ethereum addresses as familiar-sounding domain names.
“The protocol was specifically designed this way to be unstoppable, because it wouldn’t make much sense if some third party [like developers] would have control over it. This would be the same as if someone had control over Bitcoin or Ethereum,” he told CoinDesk.
Is Tornado Cash part of a criminal conspiracy?
Tornado Cash isn’t the first service to offer users the ability to mix, or tumble, their crypto. These have been around since the beginning of blockchain technology, with development efforts increasing in parallel to the ubiquity of darknet markets like Silk Road or Alpha Bay.
Law enforcement is very familiar with mixers. Bill Callahan, a retired Drug Enforcement Agency agent and now director of government affairs at the Blockchain Intelligence Group, said to CoinDesk in a prior interview that he doesn’t think Tornado Cash is laundering money, equating it to running away from the police and trying to evade capture, but there would be grounds to investigate it as part of the scheme.
“If a mixer knows or maybe should have known, taken steps to know the source of the funds and the beneficial owner, and the funds are from an illicit source, they would be investigated as part of the money-laundering scheme. They could also be charged as an accessory to the crime in a criminal conspiracy,” he told CoinDesk.
In a previous statement to CoinDesk, the Financial Crimes Enforcement Network (FinCEN) said that mixers like Tornado Cash may fall under the definition of a money transmitter, and therefore have “obligations” set by the Bank Secrecy Act (BSA). But it hasn’t given any further guidance than that.
With the high profile takedown of darknet bitcoin mixing service Helix the then-U.S. Assistant Attorney General said that “[obscuring] virtual currency transactions in this way is a crime.”
However, Larry Dean Harmon, the service’s operator, pled guilty and the prosecution never had to prove its case, meaning there isn’t precedent that can say with certanty, “This is money laundering.”
For its part, Tornado Cash’s Semenov said that law enforcement hasn’t been in touch.
“Law enforcement usually knows that the developers don’t have any ability to assist with an investigation or change the protocol,” he told CoinDesk.
Instead, Semenov said that law enforcement would spend their time obtaining logs from infrastructure providers like Cloudflare or Infura, as these could be tied back to IP addresses. They would also likely look at any addresses linked to a centralized crypto exchange, where the wallet would have customer details linked to it via the know-your-customer (KYC) process.
“Law enforcement very rarely tries to contact us directly,” he said.
Privacy vs. security
Semenov downplayed any ideas that the protocol is a tool for criminals and said, rather, that it’s an important mechanism to protect the safety of crypto traders as the blockchain reveals everything for all to see.
“Since all their crypto portfolio is visible to the public, the holders of significant amounts of crypto are very vulnerable to becoming victims of kidnapping, torture, and blackmail,” Semenov told CoinDesk in an interview. “We think that it’s a very serious threat, and the privacy protocols are very important to ensure their personal safety. The banks don’t disclose your personal holdings to anyone who asks, and we think it should be the same way with crypto.”
Semenov said that the debate about the limits of digital privacy isn’t anything new. It’s always flared up any time new encryption technology has become available to retail users.
“In the ‘90s, the government claimed that no strong encryption should be available to people at all, arguing that it would help terrorism,” he said. “In the late 2000s, there was a similar fight over end-to-end encryption in messengers where people were defending their right to private communication.”
Now, in the 2010s and 2020’s, crypto is this latest frontier, and Semenov said that his efforts in defending people’s rights to financial privacy are the “continuation of the same story that started a long time ago.”
“Can you imagine the world where the cypherpunks conceded from the start and we wouldn’t even have HTTPS encryption of our web communications?”