PriFi Under Attack: Why The Tornado Cash Case Of Alexey Pertsev Is So Important
Alexey, Tornado Cash Developer, is already more than 150 days jailed and will remain in custody until at least February 20, 2023.
Today, a bit more than five months ago, the Tornado Cash developer Alexey Pertsev was arrested by the Dutch FIOD (Fiscal Information and Investigation Service). This event occurred just a few days after Tornado Cash was sanctioned by the U.S. Treasury Department, which is probably not a coincidence.
In retrospect, this event will represent an important milestone in the encroachment of regulators and governments alike.
SBF in House Arrest While Alexey Sits in Jail
Alexey’s requests regarding bail got consistently denied, differently to other, fraudulent, actors in this industry such as Sam Bankman-Fried, who defrauded investors and customers to the tune of $8 Billion but is currently just under house arrest, facing his trial in the U.S. In comparison to such a fraud, the treatment by authorities of Alexey for publishing a piece of code that enabled users of Tornado Cash to obfuscate the traces of ETH transactions is clearly disproportionate.
For the Crypto-Industry and the PriFi sector in particular, this is a very important case and we can only hope that it will get resolved. As of today, Alexey is already more than 150 days jailed and will remain in custody until at least February 20, 2023.
The battle for decentralized applications in the financial sector and the battle for privacy have finally begun. It is important that the masses finally realize that this is not about fighting suspected crime, but about the fact that every person has a fundamental right to preserve their privacy.
What is Tornado Cash?
Tornado Cash is one of the better known PriFi (private finance) solutions, decentralized and non-custodial, as it should be. In its essence, it is a cryptocurrency mixer, in this case for Ethereum (ETH).
It uses smart contracts and zK-proofs in order to facilitate ETH deposits before creating withdrawals to multiple other addresses which are made from the liquidity pools of this protocol. This way, the original sender remains anonymous.
A lot of people are using it to break the on-chain links that are created automatically, as ETH is pseudonymous but not anonymous. Wallets and their transactions are publicly visible and can be traced back from anyone, anytime.
This can, of course, be used for legit or illicit purposes. One great example of a legit use case of Tornado Cash was delivered by Vitalik Buterin, who used Tornado Cash to donate money to Ukraine:
Service providers like Chainalysis, which offers blockchain tracking for the private sector but also for government agencies like the IRS, can collect significant data and also discover the identity behind a pseudonymous wallet.
A fact that is still conveniently ignored by most users; also, Tornado Cash was not known among the majority of cryptocurrency holders.
More people finally took notice of its existence when the Office of Foreign Assets Control of the U.S. Department of the Treasury blacklisted Tornado Cash on August 8, 2022; since then, it is illegal for US citizens as well as residents to use the service.
The Treasury Department accused Tornado Cash of money laundering to the tune of more than $7 Billion and Alexey Pertsev, together with his colleagues Roman Storm and Roman Semenov, unexpectedly felt the consequences of this.
What Were The Arrest Charges, If Any? Prosecutors acting in bad faith?
And this is where it gets tricky. To my knowledge, there are no real charges against Alexey Pertsev, just accusations. He and his team developed an open source protocol; they did not launder any funds.
In a statement from November 2022 to Coindesk, he said: “To me, it's more like they don't have to explain anything, they're just doing me a favour [...] It doesn’t look like I’m here by any law.”
Or, as Roman Semenov was asking publicly after his GitHub account was scrubbed: “Is writing open source code illegal now?’
One of the main narratives in this case that was created and directly picked up by mass media is that, apparently, Tornado Cash has been used by a hacker group called ‘Lazarus’ which has its origins in North Korea.
Allegedly, Lazarus laundered around $450 Million (or more; various estimates are floating around) through Tornado Cash, which obviously is a good kicker for the US government and other regulators to go crazy about it, with the media as a happy helping hand.
It also did not help Alexey’s case that analysts from Kharon claimed that he has ties to Russian espionage because he worked for a company that was tied to the Russian FSB by the US government; one can just imagine how many companies like this are existing, are all (former) employees guilty of espionage?
Of course not. However, in the current geopolitical environment, it does the trick. His wife, Xenia Malik, had to go to the press, to which she said:
“Alexey has never been associated with the FSB of the Russian Federation and similar organisations,” Malik told CoinDesk. “We moved to the Netherlands in the hope of a quiet, stable and free life, which is unimaginable in military Russia.”
What Are The Goals Of The Parties In Play Here?
One can assume that an example should be made here, a clear warning to all other developers in this industry that they should think twice about what kind of open source applications they make public.
It is all about outbound effects. Even if Alexey will be free again, maybe even compensated for the unfair treatment without trial, the damage is already done. His life will never be as it was before this incident, and the instilled fear in the developer community will certainly remain.
For many developers in this space, this event came rather as a surprise.
DarkFi (an anonymous L1 based on zero-knowledge, multi-party computation and homomorphic encryption) developer Parazyd told me:
“Honestly it was quite surprising to see this happen, but I can't say I haven't seen it coming (not specifically for Alexey). I used to live in the Netherlands for quite a while, and it was becoming evident that the state is just becoming a US colony when it comes to the legal system, and therefore the US influence is large there. I think more and more people and projects will begin getting attention from prosecutors and regulators - which puts everyone in a tough position.”
To my question regarding how he sees the impact in general on the developer community, his answer is clear: there will be a slowdown, probably exactly what the forces in power had in mind:
“[...] such actions drive people away from developing privacy projects because of fear indoctrinated by regulators and the narrative being put out there. It feels like a very big slowdown in terms of practical development of privacy tech, because people do not push the limits due to the possibility of getting prosecuted.”
The full scope of the impact remains to be seen. But I personally fear that if (non-crypto) people hear about ‘DeFi’ now, a lot of them will be reminded of exactly this story: ‘The bad hacker dev that helped North Korea launder money’, ‘A criminal that deserved what he got’.
It is up to us as one community to work on his rehabilitation, which is one of the main reasons I wrote this article that you are reading right now.
How Tornado Cash’s Service Continues
It took a few months before it became clear that Tornado Cash will be able to continue its operation. The Tornado Cash community member under the alias ‘gozzy’ created a proposal in which he said he will take the responsibility of maintaining and developing the protocol in the year to come.
As he is facing a high risk to also get problems with U.S. regulatory bodies, he demanded quite a high salary, $240,000 per year. The proposal was passed after three days, getting 80% support. Directly, the next day, he started to update Tornado Cash and published a roadmap.
The question is now how long he will be able to avoid the same scrutiny which brought Alexey into custody. However, it shows that the people in charge can not just ban a decentralized solution if there are people replacing others.
Why We Have To Fight Back
Besides the obvious problem of the lack of privacy in ordinary cryptocurrencies and blockchain ecosystems, there are several developments in the 'real world' that need to be mentioned here in order to show the extreme importance of having private solutions:
CBDCs: CBDC is short for Central Bank Digital Currency and represents the digital form of FIAT money that is used in one particular nation or region. It is issued by the country’s central bank just as regular FIAT currencies are.
Central banks and regulators see in CBDCs their answer to cryptocurrencies, which are threatening their power monopoly. When it comes to the development of cashless societies, and thus societies threatened by increasing surveillance, CBDCs are playing a major role.
Digital IDs: A 'digital ID' is basically an extension of our physical identification documents such as national ID, passport, driver's license, etc. - With this digital ID, it should be 'easier' in the future to prove one's identity.
Social Scores: With China, under the communist rule of the CCP, as the best example, social scores enable governments to reward or to punish their citizens based on behaviour. If you, for example, pay your bills late, have debts, have to pay fines for parking your car incorrectly, commit other misdemeanours, or express opinions online that are not in-line with the (gov.)-given narrative, your social score will be lowered, leading to disadvantages in your daily life.
Each of these aspects in isolation already make clear that we need to brace ourselves for a dystopian future. Combining them, however, paints an even darker picture. It is about time that both users and developers see where this train is going and that it is better to switch tracks sooner rather than later.
Privacy: From Niche Phenomenon To Mainstream
In the past months, we have already been able to observe some more public discussions on social media regarding privacy-enhanced and decentralized solutions.
Quite a few people are digging more into Monero, for example; others have started to use decentralized exchanges more often. What is important is that each community member aims to educate others in order to wake them up, a view that I share with Parazyd:
To my question of whether this event will attract more users and developers to private finance solutions, he replied:
“Privacy projects are surely going to be used a lot more, and that's a good thing. I can see that there are a lot of people and communities in Monero who understand the problems and are willing to help people out in educating them. This is what I feel everyone should strive for and make privacy accessible and to actually show people the benefits by giving them examples. So with more usage of such things, the anonymity set will increase, which in turn will benefit all users.
[...]
Like any other, the IT bubble will burst eventually, and a lot of people [developers] will move on. Then we'll be left with the people that are actually doing this for a valid reason, rather than getting rich and running away at the first sign of trouble.”
What the future holds for us in this regard remains to be seen!
What We Are Building At Navcoin
At Navcoin, we are focusing not just on offering ‘private cash’, but are also setting out to cover various other tangible use cases with our technology.
For example, we are working with technologies that will not only completely anonymize the Navcoin blockchain (check: Privacy-enhanced Proof-of-Stake), but also provide the same protection to pseudonymous blockchain ecosystems and their tokens.
For example we will be able to create a 'private version' of tokens on Ethereum, BSC, Solana and other non-private blockchains: a very exciting and important work that will potentially help many users and the cryptocurrency ecosystem as a whole.
Everyone in our team strongly believes in what we are doing. We are not driven by greed or the urge to make profits, but simply want to use the tools at hand to fight back against control, regulatory overreach, and censorship.
For us, privacy is a fundamental human right, and we are setting out to defend it!
Navcoin Developer ‘Aguycalledalex’ On The Tornado Cash Case And Its Implications
Q: Alex, as somebody who works on a privacy-focused blockchain, how did the news about Alexey's arrest impact you, if at all? Did you see it coming? Do you personally think more about the legal risks involved over the next few years?
A: ‘My first reaction to the news was rage, although I must admit it didn’t come as a surprise. States need to use coercion to defend their monopoly of power. Since money is one of the most powerful tools for mass control and repression, technologies that facilitate financial freedom are a threat to the successful execution of their power preservation strategies. I think it is not the first nor the last time we will see the use of punitive measures with this intention. It is unavoidable to think about the legal risks regarding my own position, although, at the same time, they also happen to be a strong reinforcement for one’s own beliefs and the motivation behind our fight for freedom.’
In your opinion, will this event finally lead to a higher awareness among market participants, the understanding that PriFi solutions are a necessity and not just a nice-to-have in the years to come?
‘I would say that these kinds of events are good to prove the robustness of distributed development teams and decentralized systems, where attacking or removing one important actor does not affect the progress of the underlying system but reinforces it instead, which at the same time, leads to an increasing level of awareness about the importance of privacy, but I fear not of the magnitude needed to see a major shift or to create a fundamental change in global consciousness. Sadly we might need to see cases with a more direct impact on the average person to see a real revolution. Sadly I have the feeling that outside of our still small circle, many see actions like Alexey’s arrest as something that does not affect them as they fail to think out of the box to realize the consequences.’
In the upcoming years, solutions like DarkFi, Navcoin, & others will hopefully lead the way to a better, more private, and decentralized future!
Conclusion
DeFi, privacy coins… all these are things that the old structures, especially governments and regulators, are terrified of. Their potential has been recognized and every effort is being made to turn DeFi into a corporate business, while they attempt to shut down PriFi completely.
We need to go back to the roots, to talented developers sitting in basements and not in spacious loft offices. Away from the VCs, the business angels, towards true crowdfunding and collaboration within a community. Away from centralization and pseudonymity to decentralized and private solutions.
Regulators, governments, traditional finance… they are not on our side and never have been, never will be. We have to create something of our own here or end up in an updated hamster wheel at the end of the day.
I really hope that Alexey gets out as soon as possible. I won’t stop monitoring this case and neither should you. If you are interested in helping directly, check out setalexfree.nl.
Never forget: The future is decentralized, and private!