Aggressive US moves to block cryptocurrency mixing services employed by North Korean state-sponsored hackers are sparking howls of opposition in the country. The crypto community argues that Washington is going too far, preventing legitimate users from protecting their privacy and stifling software developers.
On Monday, the US Treasury banned Americans from dealing with the crypto mixer Tornado.cash, an Ether
Under pressure from US and UN sanctions, the Democratic People’s Republic of Korea has turned to crypto hacking to fund illegal “weapons of mass destruction (WMD) and ballistic missile” programs, according to a statement from the Treasury. Ari Redbord, head of legal and government affairs at TRM Labs, described the Ronin Bridge hack as a watershed moment that shifted the Treasury’s perception of crypto hacks from financial crimes to national security concerns.
“North Korea was really one of the first to use cryptocurrency to launder money,” Redbord said. “I think they realized very quickly that hacking or attacking cryptocurrency companies was really a way to steal money at internet speeds.”
Tornado.cash penalties are notable due to the large volume of legitimate and illegitimate transactions processed through the service. A bona fide use would be someone who wishes to spend cryptocurrency without allowing the recipient to view the full on-chain transaction history associated with their wallet address.
The sanctions prohibit any U.S. person from transacting with Tornado.cash or any of the wallet addresses added to the Treasury’s Specially Designated Nationals and Blocked Persons list. The sanctions against Tornado.cash and Blender.io are the first cases where the Treasury has targeted an open source and decentralized tool rather than individuals or entities.
“It really blurs the line between being a developer who is just writing code and being a regulated money transmitter,” says Justin Ehrenhofer, vice president of operations at wallet developer Monero.
In response to the latest sanctions, Circle, the organization behind USDC
Although the sanctions do not extend to banning the operations of non-US entities in other countries, they cut them off from the US financial system, which is often a devastating blow. In the case of Tornado.cash, the website is already down and, at the time of writing, approximately 28,700 ETH has been withdrawn from the 100 ETH Tornado pool since the sanctions announcement, according to TRM’s analysis.
The Tornado.cash action may indicate that similar action will be taken against products such as Privacy Coins. The two most important are Monero and Zcash
“It certainly brings us closer to government action against specific tools, as far as sanctions go, so I would say it’s definitely a step back, it’s scarier than before,” Ehrenhofer said.
In a widely publicized speech about the sanctions, Peter Van Valkenburgh, research director at the cryptocurrency policy think tank Coin Center, argued that the Treasury was hampering free speech for software developers. He noted that some Tornado.cash contributors had their accounts on Github, a hosting service for software development, shut down. While this may be a business move on the Github account, he described it as having a “chilling effect” on free speech.
“Whether by design or not, the end result has been that cryptographers and developers have been afraid to contribute to privacy projects, because it’s not a good idea for what you’re working on to be shared under a such a negative day,” Ehrenhofer said.
One possible solution to the tension between individual users’ desire for privacy and governments’ responsibility to limit national security threats is to integrate anti-money laundering and sanctions screening tools into products such as cryptocurrency mixers. Companies such as TRM Labs and Chainalysis already offer free sanctions screening tools that help developers comply with sanctions. However, this plan only works if developers continue to build privacy-focused platforms.
“If you’re the lead developer working on a project that got sanctioned, imagine explaining it to your bank,” Ehrenhofer said. “No, I didn’t do anything wrong. I was never charged with a crime, but what I did was sanctioned by the US government.