Yoiks ! Yet Another Innovative Screwup in Nakamotoland

Every now and again, it’s fun to glance at the latest screwups.  Well, it’s fun because I don’t have any stake in these projects.  Probably not so fun for average Nakamotoans, who have zillions at risk.

This month we learn of an outstanding innovation hack of Tornado Cash.  This is a system specifically designed to obfuscate the transfers of tokens, to defeat “censorship”.  Tornado Cash is famous for being sanctioned by the US for violating US export controls, and its developers have the unfortunate distinction of actually being prosecuted for creating the software.  (Aiding the development of WMDs is taken very, very seriously in some quarters.)

Tornado continues to break new ground.  This month Tornado’s governance system was taken over by hackers [1].  Ooops.

The system is operated by a decentralized autonomous organization (DAO), which manages proposals and voting, i.e., governance.  As with many of these algorithmic governance schemes, people buy voting shares, paying other tokens into a pool in exchange for governance tokens.  The results of votes determines when new or modified Ethereum “smart” contracts are approved.  It’s all highly automated and pretty well obfuscated, by design.

Apparently, the hack managed to accumulate enough tokens to vote in a modification that—and this is a good one, for sure—gave the hackers control of all the votes!  Naturally, this is difficult to undo, because the hackers can just vote down any patch.

This hack doesn’t directly affect transactions or the mixing operations that hide user’s funds.  It just cripples the ability to maintain and change the software.

The other thing it does is let the hackers convert their governance tokens back into other assets (e.g., Ethereum or Bitcoin)—which they did, sucking out stored assets held by the DAO.  Furthermore, they minted a million new tokens (i.e., votes), which they can use to control the decision making and / or cash in for other assets.

This latter part is a side-effect of the way DAOs do “democracy”, in which “buying votes” isn’t a metaphor, it is simply the way voting works. 

If I was using Tornado Cash, I’d be pretty freaked out by such a breach. But overall, Nakamotoans seem to be taking this rather calmly. I guess it’s like, “They only control the steering wheel.  The accelerator and brake still work, so everything will be fine.”

---

But, wait!

The hackers have put into process a change that will undo the hack [2]!

And since the hackers control the voting, there is a good chance that it will be approved and implemented!

What??? Huh?

Now I’m really confused. Was this all just a stunt? Did they do something we don’t know about while they had control? Did someone make a mint trading these tokens?  Did they set up some hack or big jackpot in the future? 

And, of course, one kind of wonders whether the “undo” is enough to make Tornado trustworthy?  Is the hack going to happen again?  Is the “undo” really restoring the previous state, or is it leaving behind a coocoo’s egg? 

---

I have no clue who might have done this hack.  Assuming this is not just joyriders having some fun, one wonders whether someone wants to further interfere with the money laundering, tax evasion, and sanctions busting that are Tornado Cash’s primary purposes.  There are any number of someone’s who might be so motivated.

This may become and interesting real world experiment.  Will the “legitimate” users really be able to retake control of the DAO?  Will they be able disable the DAO, and create a new one if needed?  If not, how will Tornado Cash operate with a very untrusted governance system?  Can it keep going?  Or will it become so crazy that even Nakamotoans won’t use it?

Any way you slice it, Tornado Cash is surely in the running for recognition by the CyptoTulip of the Year committee!

---

1. Shaurya Malwa (2023) Attacker Takes Over Tornado Cash DAO With Vote Fraud, Token Slumps 40%. Coindesk,  https://www.coindesk.com/tech/2023/05/21/attacker-takes-over-tornado-cash-dao-with-vote-fraud-token-slumps-40/
2. Sam Reynolds (2023) Tornado Cash’s TORN Token Up 10% as Attacker Submits Proposal to Undo Attack. Coindesk,  https://www.coindesk.com/markets/2023/05/22/tornado-cashs-torn-token-up-10-as-attacker-submits-proposal-to-undo-attack/

Cryptocurrency Thursday

Ethereum Wrestling With The Censorship Demon

This fall, Ethereum reached a widely noted milestone, in which 51% of it’s transactions passed through nodes that comply with US OFAC regulations.

Specifically, this means that many processing nodes refuse to handle transactions involving Tornado Cash, which is banned for violating US sanctions.  Tornado Cash transactions are still on the blockchain, but they are treated as second class citizens.

It is estimated that if about 2/3 of validaters comply with sanctions, Tornado Cash will effectively be ousted.

This apparently effective US government action has provoked a great deal of hand wringing and fiery rhetoric about “censorship” and Nakamotoan values.   As Sam Kessler notes, there has been considerable difference of opinion between the “core community”—Nakamotoan fundamentalists—and “new folks”—interested in conventional finance [1]. The former absolutely will not tolerate this regulation, the latter consider it normal and probably essential.

The 51% milestone presumably indicates that a lot of the new “validators” are coming out of conventional finance, or are organized in the US.  These folks are already regulated, and, in fact, benefit from regulation.

On the other hand, as Kessler suggests, the vast majority of users—most of who are not paying to run validators—do not want regulation, and use Ethereum in part to avoid regualtions.

This split may matter, because the only conflict resolution method available in Nakamotland is forking.  In this case, the fork would create an OFAC compliant Ethereum and an OFAC non-compliant Ethereum. 

What could that possibly mean?

I’m pretty sure this would not be “two versions of the chain: one regulated, one not.” (per Kessler), but rather two there would soon be two competing systems.  And I predict that it won’t be possible to support two branches for very long.

The question is, if and when this happens, who will win? Which branch will be the “official” Ethereum? 

We know what the US government will say, but what about Vitalek and friends?  What about the users and the big money say?

The non-compliant branch might have more users initially.  But the Ethereums’s PoS depends on stakes and validators, and there is a lot of money that wants or needs to be OFAC compliant.  So, it isn’t clear whether bodies or dollars will matter more.

---

This fork may be inevitable.  Forking away from problems is the way Nakamotoland does things.

But I have to think it will not work the way the fundamentalists hope.  Aside from the inconvenience of dealing with two different Ethereums, the two chains will formalize compliance in a way that is extremely convenient for the US government.  If you use the OFAC compliant branch, it’s fine.  Otherwise, you are non-compliant and we treat you as sanctions busters.

I’ll also note that Ethereum just spent years branching to PoS.  Just how much time and effort are available for this OFAC compliance fork?  I mean, if it takes a year or more, it may not actually matter by the time it’s done.

We’ll stay tuned.

This story certainly puts Ethereum in the running for CryptoTulip of the Year!

---

1. Sam Kessler (2022) Will Censorship Fork Ethereum? Coindesk,  https://www.coindesk.com/tech/2022/10/19/will-censorship-fork-ethereum/

Cryptocurrency Thursday

As A Matter of Fact, Cryptocurrency Can be “Censored”-But What’s the Right Way?

One of the fundamental tenets of Nakamotoism, is the belief that “like the internet, cryptocurrency cannot be censored”.  In real life, Nakamotans have discovered that, even if blockchains are very hard to monkey with, pretty much every other part of the system can be regulated.  In particular, if you ever want to convert between cryptocurrency and real world assets, “the man” can interfere.

It is also true that, while Bitcoin was intended to be a perfect medium for money laundering, Nakamoto’s design falls short for this use.  For starters, transactions are public, which is kind of not what you want.  And the blockchain uses the Internet, which is (a) public and (b) definitely regulated. 

Consequently, a whole industry has sprung up to add technology to basic Nakamotoan cryptocurrency, tech that aims to create the kind of untraceable transactions that make money laundering safe and easy. A leading technique is a ‘mixer’, basically a large pool of cryptocurrency that lets you put in tokens and then take out different tokens.  This is a digital recreation of the simplest form of money laundering.

This technology works pretty well.  By early this year, for example, the Tornado Cash system had grown to process hundreds of millions of dollars worth of crypto, severing the source of where the assets came from the destination.  These transfers included the proceeds from a number of massive heists from crypto services, notoriously including big payouts to North Korean hackers, circumventing UN and US sanctions.

“The Man” had to stop this!  (It’s literally the man’s job to stop things like this.) 

So, this summer the US just plain sanctioned the Tornado Cash system.  This was an unprecedented move in many ways, and has led to a lot of gnashing of teeth. 

First of all, a decentralized Nakamotoan system has no legal existence in any jurisdiction, so there was noone to arrest.  However, any bank, company, or person who uses Tornado Cash can be arrested or fined or shutdown.  So crypto businesses were faced with a legal requirement to make sure that none of their customers use Tornado Cash—or else.

The US actually sanctioned the code itself, i.e., the Ethereum “smart contracts” that do the money laundering. This step is completely unprecedented and a troubling prospect, for sure.  Basically, this approach was done because open source software has no owner or controller to sanction. But the code itself has no agency, nor legal standing as an agent.  It’s a logically iffy move, that’s for sure.  Worse, if this is a precedent, then it would be possible to “sanction” any open source software that is put to illegal use. 

The Man also took the unprecedented step of arresting a key developer involved in maintaining the code of Tornado Cash.  This raised a massive storm in Nakamotoland.  You can’t hold coders responsible just because their code is used by bad people!

And so on.

The rhetoric has been heated but not enlightening.

This fall, JP Koning offered some actually useful comments [1].

He notes that, for better or worse, this brutal sledgehammer did work.  Banning law abiding US citizens (and arresting the key developer) dramatically reduced the flow of funds.  Presumably, the remaining users will be easier to track down.

(I might note that open source projects including crypto projects tend to have a very small set of key developers. Ie., the coders are a centralized point of failure, open source or not.)

The second thing is, as Koning says “it’s hard to deny that the authorities had to do something”.  The question is what would be a better approach?

His answer is to deploy measures that penalize users rather than code.  He recommends targeting “relayers, liquidity providers and the Ethereum-rich.” 

In Tornado Cash, “relayers” pay the Ethereum gas fees, essentially signing their ID on a critical part of a withdrawal (for a fee), thus hiding the real recipient.  Sanctioning or prosecuting the operators of these accounts would block transactions or strip away a key layer of anonymity.

Liquidity providers are self-explanatory.  A big part of the anonymity comes from passing through a large pool of tokens.  The larger the “anonymity set”, the harder it is to trace an individual transaction.  Sanctioning or prosecuting liquidity providers could reduce the pool, decreasing the amount of cover for the launderers.

And finally, people who have large holdings of Ethereum and interact with Tornado Cash, the “Ethereum-rich”, can be targeted for abetting illicit activities simply by trading with the laundering pool.

Now, I like these ideas.  Indeed, these kinds of sanctions should be used whenever they apply, not just for Tornado Cash. 

As to sanctioning the code, i.e., making Tornado Cash transactions illegal, I have less of an issue than many do.  (I’ve been in the software biz for a long time-I have little sympathy for the notion that programmers aren’t responsible for the code they create.)

But perhaps an additional way to go might be to treat them as restricted technology, requiring a license.  There are plenty of hazardous technologies that are restricted to licensed users and uses.  Think of Tornado Cash as a weapon of war or dangerous toxin.

This approach can let through genuinely harmless uses of technology by reputable parties, and outlaw unlicensed uses. For example, Linux would be available to any legitimate (identified) users, but, if need be could be banned for certain uses (e.g., in robotic smart bombs).

Technically, this would be pretty easy to do, especially if the software developers cooperate (e.g., by adding licensing to the software, protocols, and the usage agreements.)   If your open source software is not intended for certain uses, then why not put that in the license agreement and try to enforce it?

I note that open source software with legitimate use will have little problem with licensing because the users and uses are obvious and harmless.  And software that is specifically designed to defeat regulations will be illegal for most legitimate users.

Would this kind of licensing actually work?  Not perfectly, for sure.  All the rights management in the world—and there is a lot of rights management in this poor old world!—can’t stop digital piracy.  But it sure can slow it down.  And it can also provide simple and obvious grounds for penalties and prosecution.  Possession of unlicensed software can be proven, even if other behavior can be.

Can these mechanisms be abused, e.g., by authoritarian governments (however you define “authoritarian”?)  Sure.  But I personally don’t think that application level anonymity will actually defeat a technically deep adversary.  Anyone who controls the network hardware can defeat Tornado Cash. 

So let’s start putting terms in our open source license that says, “this software may not be used for illegal purposes”.

---

1. JP Koning (2022) How to Stop Illegal Activity on Tornado Cash (Without Using Sanctions). Coindesk,  https://www.coindesk.com/layer2/2022/09/29/how-to-deal-with-tornado-cash-without-using-sanctions/

Cryptocurrency Thursday