They only had to block accounts that contributed after establishing the sanction. It's not clear that they limited themselves to those. It would in fact seem to be hard to contribute in the limited time range between establishing the sanction and removing the project.
There is also the collateral damage of removing unrelated projects that happened to be owned by these people.
Couldn't github preserve such projects while putting them in some ownerless state?
> only had to block accounts that contributed after establishing the sanction
The people who built Tornado Cash are already in trouble. The crime--facilitating money laundering--has already been committed. OFAC is an enforcement office. Its lists are more like wanted posters than rules.
GitHub is cutting ties with people likely to be charged with federal crimes. If some of them are going to continue contributing to the project, GitHub doesn't want to be the conduit through which it is done. This is all standard sanctions compliance.
Did the people who built blockchains with built-in mandatory mixing (Monero) or optional completely obscured transaction inputs (ZCash) also facilitate money laundering? If not, what is the crucial difference?
Am I myself in trouble for having (co-)designed a mixing service [1]?
> Did the people who built blockchains with built-in mandatory mixing (Monero) or optional completely obscured transaction inputs (ZCash) also facilitate money laundering? If not, what is the crucial difference?
Probably not? Tornado Cash provided one service: mixing. (In AML parlance, layering.) We know it was used to launder the proceeds of crimes. The developers knew that too, and they kept working on it. Semenov styled himself as a co-founder and the group advertised open positions on its website. All that looks much more like an enterprise knowingly facilitating laundering than a developer publishing interesting code.
ZCash and Monero look like cash. Tornado (and every mixer I’ve seen) looks like a layering service. Those aren’t illegal per se. But you’re at risk if a criminal uses it. (You’re in deeper shit if it becomes known a criminal used it and you do nothing about it.)
According to the company developing it, there is no evidence of "substantive use of Zcash for money laundering, terrorism financing or trade in illicit goods and services."
So I guess what made Tornado Cash criminal, is that there was evidence of such...
>Did the people who built blockchains with built-in mandatory mixing (Monero) or optional completely obscured transaction inputs (ZCash) also facilitate money laundering?
Yes
>Am I myself in trouble for having (co-)designed a mixing service [1]?
Why aren’t these banks put on the sanction list where it’s a crime to do business with them? Because the vast majority of what they do is not money laundering and when they are discovered money laundering, they generally stop. And when they don’t, they are added to this list: https://www.treasury.gov/ofac/downloads/sdnlist.txt
Whereas Tornado Cash is a service that is known to enable huge amounts of money laundering, and nothing was done to stop it.
What could be done to stop it? It's just a contract run on the blockchain. I suppose they could limit throughput, but not much else?!
Similarly, what could the Monero or ZCash developers do to stop money laundering on their blockchains? Here, not even throughput can be limited since amounts of transactions are completely hidden.
Well, there's a lot of obvious strategies that money processors in similar positions employ. They could confirm the identity of their users so that known criminals can be filtered and blocked. They could manually audit large transactions and require documentation demonstrating that they're legitimate. I understand why they don't want to do things like this, but I'm just not sympathetic; it sounds to me like a group of bankers in 2012 announcing their strong ideological commitments that LIBOR manipulation is good and they should be allowed to continue doing it.
The fact that you seem to be so brain-boggled about this is... it's just that a lot of very smart people have been warning for years that crypto-currencies are going to run into trouble. That the things they were building were simply parallel (with new names DAO etc) to the global financial system and that previous system has all kinds of controls and regulations that crypto lacked. That if crypto didn't get their shit straight there were going to be some very serious people showing up on their doorsteps.
But crypto-bros will be crypto-bros, wether they are the minnows hoping against hope that they can somehow move from greater fools to slightly less foolish or the sharks grifting all the minnows for every penny they have.. just kept living in denial or .. selling denial in the case of the sharks.. and now here we are.
It turns out that when you ask the global financial systems what they call a service that does what a mixer does, they reply 'a money laundering operation operating in plain sight'.
Dunno. If you learn your product is being used to commit crimes and can’t figure out how to counter it, you should stop building it. (Or at least pause and call a lawyer.)
I mean probably not, but given what has come to pass, if I were you, I’d be looking for an actual, reputable lawyer in this area to ask, not some randoms on the Internet.
> GitHub is cutting ties with people likely to be charged with federal crimes.
This is a far different standard. If we're talking about banning people because they seem like they might get charged with something, that's just a blacklist.
> If some of them are going to continue contributing to the project, GitHub doesn't want to be the conduit through which it is done.
That's why you delete the repositories. These are not sanctioned persons, this is a sanctioned project.
They only had to block accounts that contributed after establishing the sanction. It's not clear that they limited themselves to those. It would in fact seem to be hard to contribute in the limited time range between establishing the sanction and removing the project.
There is also the collateral damage of removing unrelated projects that happened to be owned by these people. Couldn't github preserve such projects while putting them in some ownerless state?