It's written in the definition of the sanction given by the Department of the Treasury [0], i.e. at the level of US federal law, of which Microsoft must follow as a US company.
> Sanctions Implications
> These prohibitions include the making of any contribution or provision of funds, goods, or services by, to, or for the benefit of any blocked person and the receipt of any contribution or provision of funds, goods, or services from any such person.
> US federal law, of which Microsoft must follow as a US company.
One interesting and under-appreciated fact about OFAC: they take an, ahem, expansive view of where US law applies.
CSE TransTel was a company based in Singapore who was sanctioned in 2017[0]. They had a bank account with a Singapore bank. TransTel did business with Iran, in violation of US sanctions. But neither the company nor the bank were in the US; how did OFAC make that fly?
Because TransTel did transactions with a US dollar account, OFAC argued the settlements of that account caused banks inside the US to incidentally violate sanctions. Essentially the presence of US dollars created a nexus and allowed OFAC to enforce US sanctions against what would appear to be an entirely foreign entity.
Is this the first time the US has sanctioned a cryptographic protocol? The quote you pulled specifically refers to "blocked person" but in this case they are not sanctioning a person - they are sanctioning a mathematical protocol that happens to have a popular open source implementation.
Tornado Cash is a protocol. It targets EVM, and has been deployed on Ethereum, Optimism, Avalanche, Polygon and other networks. It happens to be open source, the code was mirrored on GitHub for research and contributions.
They are setting a precedent that any forks or similar implementations of this protocol will also be sanctioned.
A comparison would be sanctioning the Matrix protocol because it facilitates end-to-end encrypted communication for terrorists.
If the matrix project was run by terrorists then your comparison would be accurate. It is not however. Tornado Cash however is run by a group with the express purpose of money laundering which is a crime. This difference is important and is why they are now sanctioned and Matrix is not.
WTF are you talking about? I know them personally and have made my own various contributions to Tornado over the years. They're a group of people who think public blockchains put people at risk of privacy violations, so they built tools to help people transact on blockchains in a way more similar to cash.
It's basically an HTTPS layer. You roll up some set denomination of ETH or whatever into a zero knowledge note, which can then be treated like cash. Anyone who has the private key can generate a request to send the note somewhere else, and there's nothing linking the creator of the note to the spender of the note.
Never once has it been marketed towards criminals, or have any of the team made any indication that it was build for criminal purposes. It appears it was actually in heavy use for three years or so before Lazarus apparently used it for the first time, which is why the sanctions were slapped on it. Fuck Lazarus, but also the idea that anything tech they use becomes illegal is insanity.
If we want to talk about important differences, then you need to understand the difference between money-laundering and privacy.
In short, if you are not concealing the source of your funds to conceal a crime being committed, you are not guilty of money-laundering. It's that simple. KYC laws apply to banks and corporations, not individuals and not protocols and not code.
Privacy is not against the law, and neither is deploying a privacy tool that happens to be used by criminals. The comparison to matrix is surprisingly apt here. I have no doubt that criminal activity is facilitated by matrix, but the idea that they are responsible for that is ridiculous.
If you are mixing your money with known criminals so that they can hide their money then you are money laundering even if you have other legitimate reasons for hiding your own money. The creative fiction that you can't know you are mixing it with known criminals is just that. A fiction. It has been known for a long time now that these mixers are used by known criminals. Continuing to use and contribute to that means you are knowingly helping to launder their money.
Those aren't remotely equivalent, given that mixers mix up their inputs to obscure their outputs. By using E2EE yourself, you are not actively giving cover in the same way.
E2EE and onion routing protocols use similar cryptography to "mix" and "obscure" inputs and outputs. It is very much the same approach, just that we don't call it "message laundering" because we as society have come to appreciate private communication.
I would tell you to just look at the Tornado Cash code yourself to verify this, but alas...
E2EE generally doesn't obscure who is talking to who AFAICT.
Onion routing does, sure.
Ethically I find that area very much a double-edged sword. It's great for privacy and people evading speech-hostile regimes, but it does also enable trading and propagation of CSAM etc. It's why I've never run a Tor or Freenet (does that still exist?) node, I don't want to support that stuff with my resources.
E2EE obscures everything, that is why it is called end-to-end. If Alice and Bob and John and Piper are all communicating with pseudonymous names in a Matrix room, you do not know who is talking to who or what they are talking about.
> E2EE obscures everything, that is why it is called end-to-end
No, it just encrypts between the ends, hence it being called "End to End Encryption". You're going beyond that if you're talking about hiding the fact that the origin and destination are talking to each other at all.
> If Alice and Bob and John and Piper are all communicating with pseudonymous names in a Matrix room, you do not know who is talking to who or what they are talking about.
Maybe so, but in other E2EE products the fact of communication is not obscured to someone who has access to the traffic. E2EE just means there isn't a server in the middle that decrypts everything before relaying, or any sort of master key they could use to do that with.
Matrix looks like a great system, but it's not the only E2EE product, nor does it define the term.
When I and a friend use E2EE between us neither of us are helping to hide a criminal's conversation regarding their criminal activity. The same can not be said about a mixer. They are not at all equivalent.
1. You are using and supporting the same protocol that they are also using. As the application grows and improves because more people are using and supporting it, the criminals are also being helped.
2. You are creating cover. The more people that use Tor and Matrix, the more secure it becomes for all users within the network.
If you and a criminal are both using the same Matrix server, neither you nor the host would know. Your plain text messages are going into the protocol, getting mixed and encrypted, and then spit out the other end.
You seem to be arguing as if this is an all or nothing proposition. Instead there are definite degrees of intent and interaction here. In the E2EE case the degree of interaction and intent is quite low. In the mixer case the degree is quite high. The line I believe should be drawn somewhere in the middle. But the Mixer case definitely is on the wrong side for me.
E2EE is all-or-nothing. You don't see Matrix adding a special case in the encryption technique to notify authorities if the phrase "nuclear" or "minor" appears in a message. The intent of E2EE and Tornado Cash is exactly the same: privacy. The line you draw here is arbitrary based on your own subjective view of the space.
Tornado cash is not run by terrorists. The express purpose of the tool is privacy, and that is what it is being used for.
The express purpose of an end to end encrypted chat protocol is to provide privacy. If users of it engage in criminal behavior that does not mean the express purpose of the protocol is also criminal.
You can still use the Tornado protocol for handling double-blind experiments in a lab without fear of being sanctioned.
You cannot launder money, though. This is forbidden regardless of which method you use (crypto, art, car washes, etc). These sanctions are saying "we consider this specific use of this specific algorithm to be illegal, so if you interact with it via these wallets you will be sanctioned too". But they are not saying "this algorithm is illegal".
Maybe, but you will need to prove to the courts that labs actually use that algorithm that way. I don't think any are doing that, though I'll admit to not knowing much about how double blind studies are run in the real world.
Even then, the algorithm and Tornado are not the same thing. It seems unlikely you can use Tornado itself for this purpose, even if the algorithm itself is useful.
I think if the algorithm were deployed alongside a processes for combating money laundering.
The press release specifically calls out a lack of efforts to block known bad actors and illegal funds from using their system:
> Despite public assurances otherwise, Tornado Cash has repeatedly failed to impose effective controls designed to stop it from laundering funds for malicious cyber actors on a regular basis and without basic measures to address its risks.
So you probably can provide a mixing service if you can find ways to reasonably limit money laundering on it. This would probably be antithetical to the decentralization principles built into Tornado, but might allow continued legal operations.
> Sanctions Implications
> These prohibitions include the making of any contribution or provision of funds, goods, or services by, to, or for the benefit of any blocked person and the receipt of any contribution or provision of funds, goods, or services from any such person.
[0]: https://home.treasury.gov/news/press-releases/jy0916