In an unprecedented court case, Alex Pertsev, a key developer of an Ethereum-based privacy tool called Tornado Cash was sentenced today to over five years in prison as a result of his work on the project. The sentence handed down was the maximum requested by the prosecutors, and marks the first conviction of a developer who built a decentralized privacy tool for cryptocurrencies.
The ruling itself, translated from Dutch to English, is a disturbing and insightful view into the mind of the Dutch government and many governments across the world today.
Tornado Cash refresher
For those new to Tornado Cash as a tool, it is a decentralized, smart-contract-based privacy tool for Ethereum. It allows users to generate a Tornado Cash-specific private key (called a "secret note"), deposit their funds to the smart contract using this private key, and then withdraw their funds at any future time using this private key. Upon withdrawal, all links between past and future history are broken using a Zcash-like privacy protocol.
The most important details to note:
- The Tornado Cash devs removed their ability to edit the smart contract long before indictment
- The Tornado Cash devs never had custody over any user funds
- The Tornado Cash devs did not directly profit off of the smart contract's usage
- Most usage came through the official web UI, created and run by the Tornado Cash devs (including Alex Pertsev)
- The Tornado Cash smart contract has continued to function despite sanctions and indictments thanks to its decentralized nature
For those who are just hearing about this case now, please read our previous post on the original indictment for more info on Tornado Cash and the case at hand:
Seth For Privacy
Breaking down the ruling
For the purposes of this post, we'll dive into the court's ruling itself to better understand the perspective of the Dutch government and come to grips with their view of open-source, decentralized privacy tools like Tornado Cash.
The court acknowledges Tornado Cash is unstoppable
Due to the nature of how this system works, it is virtually impossible to make user interface inaccessible. This fact, combined with the use of smart contracts, makes it virtually impossible to take Tornado Cash offline. - p. 8-9
One of the key aspects of the defense in this case and Roman Storm's is that they are entirely unable to prevent illicit usage of Tornado Cash, no matter what precautions they implement due to Tornado Cash's decentralized nature. The court fully acknowledges this (which is important) but that doesn't change their view as we'll get to later.
Custody is not required for money laundering
That Tornado Cash did not at any time have power of disposal over the cryptocurrency derived from crime in carrying out these concealment or concealment money laundering acts does not alter this fact.
Indeed, the performance of these money laundering acts does not require the existence of power of disposal over the laundered items. - p. 10
The matter of custody has long been the key factor for understanding if a tool is or is not liable for money laundering through their tool (and thus responsible for implementing KYC/KYT measures into their app). Between the recent DoJ response in the case against another Tornado Cash developer, Roman Storm, and this court ruling, it's clear that governments across the world have shifted the goal posts for money laundering.
This shifting of the goal posts now has to make you wonder – where exactly does the line get drawn? Is any cryptocurrency wallet that is used for illicit activity now liable? Where does it end?
Criminals using your code makes you a criminal
When these acts are performed with respect to felony-derived Ether, it is actually Tornado Cash that gives effect to the concealment or concealment money laundering act. Therefore, in the court's opinion, Tornado Cash cannot be viewed as merely a tool for the user. - p. 10
One of the most shocking segments of the ruling happens when the court makes it clear that if an illicit user is using your open-source, decentralized tool to gain privacy for themselves, their criminal liability is fully transferred onto you. Your tool is not merely a tool, it is as if you personally concealed the source of funds for them even if you had no ability to stop their usage.
Building decentralized, unstoppable tools makes you liable in perpetuity
In other words [the Tornado Cash founders] are the inventors, creators and implementers of Tornado Cash. As such, they are also responsible for the (consequences of the) operation of this tool. The autonomous, immutable and unstoppable nature of the smart contracts does not work in this context as a disulpatory factor. After all, this is not a fortuitous circumstance. These properties are the result of conscious choices made by the designers. Tornado Cash works as it was conceived. In the court's opinion, the defendant can therefore be classified as a perpetrator of the money laundering acts carried out by Tornado Cash. - p. 11
In a crazy, absurd twist, the Dutch court rules that the conscious choice of the Tornado Cash founders to create an unstoppable, decentralized tool means that they should be held liable for it's usage despite also acknowledging their inability to prevent illicit usage. This brings to the foreground so many questions its hard to know where to start.
For instance, if the developers working on Tor know they're building an unstoppable, decentralized privacy network, are they then held liable for any criminal activity perpetrated on the Tor network? If a Bitcoin core developer helps to improve Bitcoin as a decentralized, unstoppable form of money and it is used for illicit purposes, does that make them liable?
Tornado Cash functions as it was designed by them and in terms of its operation is entirely their responsibility. - p. 13
Everyone should be shocked by the gravity of these quotes and their implications.
Knowledge that your tool could be used for illicit means counts as intent
...it was foreseeable from the beginning that Ether derived from crime would be deposited in Tornado Cash, due to the concealment effect of Tornado Cash. - p. 14
This just in! Bad guys can use good tools for bad things! What doesn't shock any logical person seems to shock the Dutch government, as they are somehow able to find intent to commit money laundering in the mere fact that building a tool like Tornado Cash could potentially be used in the future for money laundering. If developers didn't build any tools that could potentially be used for illicit purposes, we wouldn't have:
- Smart phones
- Internet browsers
- Forums
- Chat apps
- Video games (yes, people use in-game chat for illicit purposes)
The list could be endless, but it's an insane proposition to consider any tool built with the ability to be used for evil as the developer intending the tool to be used for illicit purposes.
The foreseeability and knowledge of the widespread misuse of Tornado Cash did not prevent the defendant from developing Tornado Cash and offering it to the public without limitation (e.g., by incorporating compliance measures). On the contrary, defendant continued to design and roll out Tornado Cash despite that foreseeability and knowledge, with virtually every follow-up step reinforcing the concealment and anonymity of its users. - p. 15
Improving privacy tools implicates you
Securing the user's anonymity and concealing the transaction history have remained central. - p. 16
In the court's intermediate conclusion, they make sure to hammer home the point that Alex continued to improve the privacy protocol of Tornado Cash up until the day he was arrested.
Of course they don't mention that the overwhelming majority of Tornado Cash's usage was licit (~93% by the US Department of Treasury's measure, ~84% by the Dutch court's measure) and that Alex could have been building to protect those user's privacy.
Implementing all possible compliance measures doesn't matter
While at first glance the implementation of the [system] does indeed appear to be a form of a KYT control through which Tornado Cash aims to prevent abuse, in reality the implementation has little effect... Circumvention of the [system] is easy by not connecting to Tornado Cash's UI with a sanctioned address, but by doing so through one or more intermediate addresses. On top of that, the source code of the UI is public, so third parties can use it and easily modify it so that the check by the [system] does not occur. - p. 17
One thing that is often forgotten in this case is that the Tornado Cash founders did actually implement two compliance tools. One tool allowed users to voluntarily reveal the source of funds to a third-party, while the other tool altered the web UI to prevent deposits from known-illicit Ethereum accounts. The latter is the strongest possible compliance that the Tornado Cash devs could have implemented, as they had no ability to add compliance to the smart contract themselves.
Does that (already acknowledged and admitted) distinction matter to the Dutch court? No, because it was able to be circumvented by technically-savvy users. But these same tech-savvy users could easily circumvent the UI entirely and make direct RPC calls, making any possible compliance tool useless.
Everyone must build in compliance measures, not just those legally obligated to comply
However, the court held that the question of whether or not Tornado Cash was a financial institution subject to compliance regulations was immaterial. What is important is whether the defendant and his associates complied with the law. Complying with compliance regulations is helpful in preventing violations of the law, but not being subject to compliance regulations does not relieve anyone of the obligation to comply with the law. No one may engage in money laundering conduct that has been criminalized. Defendant's team violated this rule. - p. 18
Even though Alex and the other founders of Tornado Cash sought legal guidance and (rightly) determined that Tornado Cash was not subject to FinCEN guidance (and thus required to implement KYC/AML/KYT measures) the Dutch court still says they had an obligation to comply. Why? Because Tornado Cash was partially used for illicit purposes it retroactively required compliance.
Even if you're not subject to FinCEN/FATF guidance, the Dutch court says you should comply harder anyways.
Conclusion
In a complete victory for the Dutch government, Alex Pertsev was given the longest possible sentence, despite his complete inability to prevent illicit usage on Tornado Cash. In doing so, the Dutch court system has set a heinous precedent, declaring that any developer of a decentralized, unstoppable protocol or tool should be held responsible and criminally liable for all of its usage in perpetuity. This verdict could have wide-reaching implications, as much of the privacy landscape relies on decentralized, unstoppable tools or protocols like the Tor network, Bitcoin, Monero, SimpleX, and many others.
I urge those of you reading this to consider the implications of this conviction and do everything you can to encourage, sustain, and defend open-source developers working on privacy tools. We are officially in the "then they fight you" stage.
Lastly, we at Freedom.Tech continue to stand with Alex despite this conviction. #FreeAlex.
Join the Conversation
If this post has sparked an idea or motivated you to get involved, there is no better next step than to join the conversation here at freedom.tech! Subscribers can jump straight into the comments below, or you can join our community SimpleX group:
Seth For Privacy
If you have feedback for this post, have something you'd like to write about on freedom.tech, or simply want to get in touch, you can find all of our contact info here:
Seth For Privacy
