Hacker News new | past | comments | ask | show | jobs | submit login

> What did they do wrong?

They wilfully contributed to the upkeep of a money laundering service. They should be thankful losing their GitHub account is the extent of the fallout, take it as a lesson that code can cause real harm, and act more judiciously in future when it comes to contributing labour to suspect projects.




There are so many other applications for Tornado Cash than “money laundering.” What if I don’t want my employer or friends to see what I do with my known wallet on a fully traceable public blockchain?

Privacy is not illegal.


You should be able to achieve this without also enabling terrorism, child pornography and extortion. Because of this Tornado Cash was never the right solution - it requires you to permit these things just in order to have privacy. In other words it is a bullshit technology and deserves to be replaced with something better. If blockchain in turn requires a solution like Tornado Cash in order to offer any privacy, mandatorily fused with the aforementioned radioactive side effects, then blockchain itself is a bullshit technology.

Just because you find a use for a technology doesn't make the technology good. Nuclear weapons are a highly effective alternative to insect repellent, but that does not justify the general purpose use of nuclear weapons for repelling insects.


The problem with this line of reasoning is that any general purpose technology can be used for all those evil things. Hell, should we sanction the Linux kernel project, because all of those nasty people use it?


If Linux were a focal point for enabling North Korea and Iran to develop nuclear weapons, then yes, sanction the hell out of it. But sanctioning Linux would have such dramatically negative societal effects that it would outweigh any benefit - the same is not true of a mixer. Mixers in my view have absolutely no legitimate use, their exclusive purpose is the enablement of deviant behaviour in one form or another free of societal accountability, and it'd be a red flag for me just to know someone used one regardless of knowing why they used it.

It's like saying the local brothel can't be shut down because the building could potentially be used to teach the word of the lord while the employees aren't otherwise busy. The exclusive purpose of the brothel's existence is enabling trafficking and sex work, and the benefit of any potential imaginary supplementary uses are grossly outweighed by the benefit to society of closing it down.


I agree, I feel this is a bad line of argumentation. If we take it a little further it's clear that the human brain can be used for extortion, money laundering and cybercrime - and therefore it should also be placed in the same sanctionable category as all the nasty people use it.


I love how you blew through my reply from 15 minutes earlier clarifying the obvious concept of the balance of societal benefit to post a me too comment. Do better


Well, no matter what other applications for Tornado Cash may exist, since yesterday it is illegal to interact with Tornado Cash or assist them in any way for anyone within reach of USA jurisdiction. That's it.

Privacy as such is not illegal, but that does not mean that government may not prohibit certain specific ways of achieving privacy.


Yes what you are saying is true and it is our right and duty to protest that decision. When will they sanction something you do like and need like Signal or cryptography? Are they aware of all the bad that comes about via http? Or cash?


Well, the big legal limitation for these sanctions is that they apply only 'across borders' as OFAC can only sanction foreign entities (e.g. in this case asserting that TornadoCash-as-organization/project is controlled by North Korea), prohibiting U.S. citizens and companies from dealing with or assisting that foreign entity.


> OFAC can only sanction foreign entities

There are a variety of sanctions mechanisms. Tornado didn’t have to be controlled by North Korea (it isn’t), just used by them to fall afoul of U.S. law.


Turns out privacy now is illegal in the US of A.


This is breathless but misleading. With recent conservative judicial decisions the notion of general privacy is on the ropes, but KYC has always precluded financial privacy at any scale other than unstructured cash transactions, and you're still supposed to report those in your taxes. This is in line with the treatment of other entities that fail to maintain KYC compliance.

The state has the power to levy taxes and prevent transactions with entities that it considers harmful (OFAC is effectively this); this is the state taking steps to do so, while GitHub is deciding that people who are attempting to evade those laws are outside the risk profile of "who we want to provide services to".


Everyone is free to use cash if they want to make a transaction that isn't "permanently" recorded in a distributed digital database.

I hear the US government actually supports this method.


What’s the largest cash transaction you think you could make that isn’t recorded?


When it comes to financial transactions, KYC laws mean that privacy is, in fact, illegal.


Third party doctrine is nothing new and was a direct result of money transfer becoming easier (not sending gold bars around that could be seized). https://en.wikipedia.org/wiki/United_States_v._Miller_%28197....

Cryptocurrency enthusiasts like to think that just because their transactions are done inefficiently on a blockchain, banking laws don't apply to them. Of course they apply. The only difference is their transactions are more expensive.


Privacy is not illegal.

Operating an illegal money transmitter that demonstrates no capability/intent to actively filter OFAC specified sanction targets, however, is.


No, there are no other real applications for these mixers. The only reason you even need to do that on a public blockchain is because the design of them is so bad that there's no other practical way to have privacy without enabling large amounts of criminal activity. If you really care about privacy, and you don't like criminals, then just don't use any blockchains or cryptocurrency.


This is not the level of comment quality I would expect on HN. You can do better.


Sorry but I try to avoid dumping huge amounts of information on people in every comment, that often doesn't go down well either if you can imagine. If you want more I'll elaborate. There is no possible way you can deploy this service anywhere while effectively complying with AML laws. It isn't going to work. But it's also the only real effective way you can obscure the source of transactions on a blockchain that's forced to be public. There's no reason transactions need to be forced public in the first place, other than how blockchain designers insisted it was a fundamental design parameter, when you probably agree that it isn't and that some transactions should be private by default. The simple solution is to avoid all blockchains and cryptocurrency altogether. Yes, they are that bad. I wish it wasn't true and I could say something good about them, but I just can't after watching 13 years of bad things happen.

And no, things like monero and zcash aren't a working solution to this problem either, that's a whole different discussion though.


I mean, if you really think about it distributed public transaction ledgers were really primarily beneficial to those looking to actually understand more about where/how money flows. It's the classic problem of Networks. If there is enough information to ensure that something gets to one endpoint, and not others, that de facto becomes a tracking lever for surveillance and signal analysis. It's part of the package. There is no escaping it. As it giveth, so to does it take away.

Things like the Bank Secrecy Act are only there to guarantee a level of secrecy/protection from other customers. Law enforcement, government, and third party service providers are not counted there realistically. If you want financial privacy, you keep your own books. By that same token though, you don't get to act surprised when the authorities come a knocking with a warrant to crack open your books when they find out you made a poor decision of people to work/transact with.


Why is Monero not a solution either? As far as I know, it is not public which seems to be what you complain about, right?

Surely you accept that illegal trade happens through cash and even through banks, so you will agree that there is some level at which you cannot ban an entire system.


There's a solution for that: use a regular bank account denominated in a fiat currency. Your payments will clear in a reasonable amount of time, with minimal fees, and will be private to all but the spooks[0], who don't really give a fuck about you.

[0] FBI/CIA/etc




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: