Negotiating with a Tornado: Networks and States after Tornado Cash
Tornado Cash. Regulation by Enforcement. The New Technical Limitations on State Power. A Post-Westphalian Framework for State-Network negotiation.
“Boy everyone in this country is running around yammering about their fucking rights. "I have a right, you have no right, we have a right. Folks I hate to spoil your fun, but... there's no such thing as rights. They're imaginary. We made 'em up.” - George Carlin
On August 10, Alexey Pertsev received a dubious distinction. After his arrest in Amsterdam, Alexey is the first DAO contributor arrested for writing code.
The DAO that Alexey was contributing to is called Tornado Cash.
Tornado is a well-known cryptocurrency mixer service. Mixers are – depending on who you ask – either: 1. a core tool for preserving privacy in on-chain transactions; or 2. the most effective automated money laundering service ever built.
The blockchain provides a fully public record of who is sending money to who. The “who” is usually a pseudonymous address. For people whose addresses are known – either publicly or by investigators– the blockchain publicly records every transaction.
It’s an authoritarian dream and a privacy advocate’s nightmare.
Tornado offers a solution to this problem. When you use the service, you send money into Tornado’s account. Tornado then mixes it with other people's money before distributing an amount to your target address. This "mixing" offers you transaction privacy.
Alexey’s arrest was actually the second piece of bad news for Tornado that week. The organization joined a list of entities sanctioned by the US government. Americans are forbidden from transacting with Tornado Cash’s software.
These two actions - an arrest and a sanction- are meaningfully different. One attacks people who create tools that can be abused. The other prevents people from using tools that can be abused. But they share an unfortunate characteristic: they are regulation by enforcement.
“Regulation by enforcement” is a term that gets bandied about in crypto circles. It describes when the government declines to proactively clarify rules. Instead, they choose to file legal actions against perceived offenders. If they win that court case, the culprit goes to jail and a new rule established. It’s a system that keeps legitimate developers frozen. It also offers a high-risk-high-reward regulatory arbitrage opportunity to shady actors.
Regulation by enforcement is a product of a regulatory system that cannot keep up with innovations in the technology sector. Gary Gensler, the chair of the SEC and a target of angst from much of the cryptoverse, wrote a piece in the WSJ last week arguing that the technology that is used in crypto is irrelevant. Powers given to the SEC (or other agencies) are the same no matter what technology is involved.
If it walks like a duck and talks like a duck, it is subject to Duck Regulatory Authorities.
I’m not indifferent to this argument. Letting regulatory agencies play "substitute government" feels better than nothing.
But a virtue of the legislative process is that policies tend to have gone through due consideration and endless debate. Executive department regulations have no such checks.
And that consideration is important because our duck-shaped blockchain entities are not, in fact, ducks. Their differentiated properties are important. They add nuance to the debate. For example:
How should the US respond to software like mixers or E2EE that proactively prevents law enforcement from doing its job (even with a warrant)?
Is freely published code subject to first amendment speech protections or can it be illegal for Americans to interact with code?
If these tools are illegal, who is ultimately legally responsible for their use. Is it the code’s creator, the blockchain validators who process transactions or the end user?
As you can see, crafting good policies for a complex, emerging space is easier said than done. But all good policies need to start with our values. So before we dive into policy tools, we need to explore the complex trade-off between privacy and security.
Should online transactions and information be totally private?
The consensus view of the cryptoverse is that transactions are, and of right, ought to be private. This follows from the defining philosophy of decentralization. Power inherently corrupts so institutions that have power will abuse it. Thus the only way to check corruption is to make it impossible for governments to track or sanction actors.
And this idea has merit!
We live in a world of creeping authoritarianism. Whether in dictatorships abroad or in Red State healthcare meddling, I'm sympathetic to citizens' need for privacy.
But our same privacy advocates can get a bit squeamish when you ask about the trade-offs this approach necessitates.
Law enforcement actions that depend on access to this information help to break-up terrorist networks, child pornography rings and organized crime.
Freedom, as the country songs go, isn’t free.
David Foster Wallace once provocatively asked about the First Amendment: “Are some things still worth dying for? Is the American idea one such thing? Are you up for a thought experiment? What if we chose to regard the 2,973 innocents killed in the atrocities of 9/11 not as victims but as democratic martyrs, “sacrifices on the altar of freedom”?”
Wallace’s point was that we, as a society, needed to be open-eyed about the benefits and costs of our freedom. It’s an uncomfortable idea that we can't have our cake and eat it, too. But it's an important one for having a politically mature discussion. Each society needs to navigate a choice on how much heinous crime they will tolerate to protect their freedom.
No snappy Ben Franklin quote about liberty and temporary security will solve this for us.
Historically, the US solved this through a system of checks-and-balances. Law enforcement could not immediately access or seize any person’s assets at will. To search or seize, they first had to show probable cause of a crime to a judge. The judge would then decide if they could move ahead.
But the last twenty years have dramatically changed this privacy landscape. It did so first, in favor of authorities, then decisively against them.
Privacy + Hyperstructure = Digital Sovereignty
In the 2000s and 2010s, technology changed the balance of power. First, it makes a far larger set of data available for investigators to search and seize. Second, it allows observation to happen remotely and secretly.
For a while it seemed that a surveillance state of some kind– whether state-run or corporate-run – was inevitable.
But new technology has again shifted the balance between the state and its citizens.
A few technologies, in particular, have changed the dynamics of this relationship.
End-to-end encryption and mixers. Both E2E encryption and mixers are potent privacy technologies. They allow securing data from law enforcement even after they have a warrant.
Self-Custodial Digital Assets. Cryptocurrency holders can keep their wealth secure without needing to physically store it anywhere. Instead, as long as they have their secret key, they can access their currency. As a 64-character key is easier to hide than assets, self-custody protects against government seizure of assets.
Decentralized Transactions. Historically, any online transaction had to travel through a bank or payments network. This provided a powerful tool for law enforcement to prevent illegal transactions. But decentralized transactions allow individuals to transact online without any intermediary. There is no room for government sanction.
Hyperstructures - “Hyperstructures” are a concept introduced by Jacob Horne in an essay early this year. Hyperstructures are software “that can run (on a blockchain) for free and forever, without maintenance, interruption or intermediaries.” Once I publish a program to Ethereum it will continue to be available to run by anyone that can access Ethereum as long as a single Ethereum node exists. Contrast this with traditional software. If, in the past, the US Government wanted to take down a piece of money-laundering software they could tell Amazon Web Service to remove the offending software. They could also force the company running it to take it down, as long as they resided in the US. In the world of blockchain, that take-down would be impossible. There is no single actor that can remove the data. As long as a single Ethereum node operates, it will exist and be accessible. The lack of centralization fatally slows attempts to impose the government’s will on the network. It is, for example, why many enterprising Hong Kong residents uploaded content about the HK protests to the blockchain in 2021.
These point to the very real changes wrought by technology.
In the world of the 2000s, individual wealth, transactions and communications were subject to the state. The state could block transactions, seize wealth and otherwise isolate bad actors. Today, it retains the powers of physical coercion. But it lacks perfect reach over communications and transactions.
None of this is to suggest that we are now in a world of absolute privacy. The power of physical coercion is meaningful. After all, Alexey Pertsev is sitting in jail. And while that's regrettable, it's good that the state retains some power. The end-state here is not and should not be ultimate triumph of either absolute privacy or absolute state rule. We need sensible negotiated compromises.
But technology has shifted the balance of leverage in the negotiation between citizen and state.
After Westphalia
The Peace of Westphalia is the collective name for two treaties that ended the 30 Years War and the 80 Years War signed in 1648. They are known less for the specific peace, though, and more for the international system they helped define.
Westphalia was the first time that different states recognized each other’s legitimacy. They agreed to respect the others’ borders and internal affairs.
Inherent in this concept is the idea that a state is in control of what happens within its borders. Through its monopoly on violence, the state’s control of the physical world was absolute.
Indeed - this monopoly extended with various degrees of success into other human organizations. Companies were (usually) subject to the rules of their host state. Churches were also subject to the state – rendered unto Caesar, as the saying goes. And, in Western Countries, political movements and organizations were also subject to the laws of the State.
But crypto-space is different.
Twenty six years after its publication, A Declaration of the Independence of Cyberspace has lessons for us. Barlow's claim that the state had no jurisdiction in cyberspace because “its legal concepts of property, expression, identity, movement, and context do not apply to us. They are all based on matter, and there is no matter here” is finally nearing some degree of truth.
Cryptonetworks are not fully subject to the state. States can make their lives difficult, but they cannot outright control them. This confers a degree of sovereignty - self-autonomy- to networks like Ethereum.
Sovereignty, however, does not imply immunity.
Even in the Westphalian framework, one state is not free to act however it wishes if its consequences affect other states (as most do). Instead, sovereignty implies the right to be a legitimate participant in negotiation. It is the ability to not have your rights steamrolled by force.
What does a negotiation between a network (Ethereum) and a state (say, America) look like? What are the tools that America has for driving the network to behave responsibly?
America no longer has the tool of perfect coercion. It can no longer claim total sovereignty in digital space. It can, however, make life excessively difficult for Ethereans– not unlike what it has done to Russia or Iran to achieve political aims. And indeed, a good framework for the relationship between state and network is international relations.
What are the tools of that field, and how could we apply them here?
Tariffs - Tariffs are, simply put, a tax that is paid when moving goods, services or assets between two different sovereign markets. They have historically been used to protect strategic industries. The US might charge tariffs on Chinese steel in order to protect the American steel industry. But they are also used for political reasons. The US might raise tariffs on Russian imports because it hurts the Russian economy. The US could take similar actions with respect to the cryptoverse. If, for example, I want to “on-ramp” my US dollars by buying Ethereum, the US might charge me a tariff for moving USD to Ethereum. If Ethereum’s network is harboring bad actors, the government could raise this fee. They could also lower these tariffs as an incentive to comply with US policy goals.
Sanctioning Local Node Operators. It is, in fact, totally reasonable for the US government to tell companies that operate in the US how they must act. In the case of Tornado, this would result in major brands and major validators – like Coinbase, Kraken, or Bitcoin Suisse – refusing to process certain transactions. Doing so would create a lower supply of validators, driving up the cost to validate for non-compliant transactions. This functionally achieves the goal of sanctions – discouraging bad actors by raising the price of not cooperating.
Negotiated Treaties. The most important tool for relations between two separate sovereign powers is negotiation. In exchange for Ethereum's network agreeing to comply with certain US policies, the US might offer incentives and preferred policies. It does this with many developing nations.
The goal of any policy settlement between state and network is to help these two sovereign powers to achieve their policy goals. For the blockchain, that’s a more free set of transaction standards. For the state, that’s safety for its citizens. An ideal world is one that recognizes the balance between those interests.