Stop Attacking DeFi Founders for Complying With the Tornado Cash Sanction
It is perfectly reasonable, and possibly preferable, for Ethereum blockchain-based apps to block users with exposure to Tornado Cash, following the sanction of that anonymizing service last week. The alternative would likely open large parts of the Ethereum network to criminal liability. And that would include founding teams who are building the nascent, alternative economy of decentralized finance (DeFi),
That is not to condone the Treasury Department's action against Tornado Cash, which is based on the idea that Tornado Cash was used to launder $7 billion worth of digital assets since it was founded in 2019. As many legal experts and industry representatives have said, preventing all Americans from using a privacy-preserving technology is overly broad and potentially unconstitutional.
Tornado Cash is an open-source cryptocurrency "mixer" that allows people to shield their transaction history on the Ethereum blockchain. It's permissionless, meaning anyone can interact with it, and immutable, meaning its code, having already been deployed, cannot be altered.
Crucially, in crypto, there's a distinction between a protocol and the service that most users will interact with. These access routes are called "front-ends" and are essentially sites or widgets deployed on the web that interact with an unchangeable smart contract on a blockchain.
This distinction has been spotlighted in recent days, as the crypto industry begins to reckon with the magnitude of the Tornado ban. Projects, in attempting to comply with sanctions law by erecting walls and surveillance around their front-ends, are being criticized for supposedly undermining the core tenets of DeFi.
The decentralization debate
It's all part of a long-simmering debate about what aspects of "decentralization" can be sacrificed for the sake of network growth and long-term viability. Moreover, it shows the strategic differences between those who would work within the constraints of the law and those building around it.
Last week, several prominent DeFi projects including decentralized exchange dYdX and the Aave platform confirmed they have begun to prevent use of their own front-ends by crypto wallets that are in any way tied to Tornado Cash. Other companies, like NFT (non-fungible token) marketplace OpenSea, have likely started doing that, too, but haven't confirmed it publicly.
This comes after crypto compliance software providers such as Chainalysis or Elliptic pinpointed a "sudden influx" of flagged accounts, according to dYdX. At this time, it's unknown to what extent authorities will enforce the sanction, which is broad enough to affect any address – whether receiver or sender – daisy chained to Tornado.
While only a fraction of a percent of wallets have a direct link to Tornado Cash, almost half the entire Ethereum network is only "two hops" away from an address that received funds from Tornado. ElBarto_Crypto, an anonymous researcher for data shop Block119, called this the "six degrees of Tornado Cash."
"Everyone flaming DeFi companies for using compliance tools should host the Uniswap front-end on their domain with no blocking," dYdX founder Antonio Juliano tweeted this past weekend. He meant that ironically as a way to get people to think about the risks associated with running a non-compliant website, but the same sentiment has been offered as a genuine solution.
Bootlickers?
The phrase "bootlicker" has been thrown around to describe the decisions of Uniswap, Aave and others here. And to some extent, the anger is justifiable. At a fundamental level, these applications are breaking the fungibility of ETH – creating two parallel economies of "compliant" and gray market tokens that can be used only in certain places – to mitigate their own potential liability.
DeFi is meant to be an alternative to the traditional economic system, offering many of the same (and few new) financial services without middlemen. Without permissionless access, crypto risks simply recreating the old way with more convoluted steps. It's reasonable to ask what separates DeFi from the banks if all its on-ramps start to report and censor transactions.
There's another way of seeing the situation, however, and that begins with decreasing the importance given to front-ends. Most users interact only with Uniswap.io and not the command line – that is precisely the issue. DeFi users shouldn't rely on protocol founders to build user interfaces, considering the other risks they are assuming.
Decrypt Editor-in-Chief Daniel Roberts referred to this situation as a "litmus test" for those who are truly committed to DeFi. But it seems like a false distinction, hung up on rhetoric, that is asking developers to run head-first into legal trouble. All while Ethereum doesn't need websites to run.
As prominent crypto personality/investor Eric Wall put it: "Let them censor. let them be compliant. Let them continue to operate in the open, in a way that the govs can't say they've done anything wrong." He added: "It is OUR job to make sure there are alternative backups to access the back ends. That's something that's easy to do, requires little coordination and doesn't need cooperation from Aave."
I don't know what it would take to build a massive redundancy of "decentralized" front-ends, but I suspect it's slightly unrealistic. But so are the very ends of DeFi. And I suspect truly disintermediating financial giants and the government from an economy would take a "community."
The risk of hosting easy access points to DeFi services should be split between interested parties. That would bolster the "social decentralization" of the ecosystem, assuming that everything technically works as promised.
'New age'
This process has the potential to slow adoption of crypto. Instead of having a website that you can access by searching for a protocol's name, you might need to "torrent" a service or use a similarly named (and thus, at face value, kind of sketchy) version of an app. There would likely be "link-rot" if people cannot maintain their websites, and you may have to do a little research to find out what sites are being updated and can still be trusted.
Last week, Rune Christtensen, founder of MakerDAO, the issuer of the dai stablecoin, said the U.S. sanction will likely usher in a "new age" of DeFi. Whereas the pre-sanction period emphasized user acquisition and protocol growth, the new period would recenter decentralization as a primary goal. What this means is still in process, though Christensen suggested that Maker could de-peg its stablecoin from the U.S. dollar, which represents a wild departure from its existing project.
Likewise, protocol developers across the board should redouble their efforts to make their systems resilient against hostile attacks. The key is to maintain a functioning back end that can always be accessed, while also complying with the law.
Protocols should still offer a version of a front-end, but be totally transparent about what data they collect and their terms of use. It's likely that assuming the Tornado Cash sanction is unsuccessfully challenged, crypto surveillance-ware will become more effective and less burdensome.
Part of the recent backlash stems from the sheer number of people who were denied access to applications they were used to using, although they don't think of themselves as a sanctions evader or money launderer. Gabriel Shapiro, a crypto lawyer, said the current grade of financial compliance software used by crypto companies and DeFi projects are "blunt weapons."
These systems, built by companies like Chainalysis, filter for any connection to Tornado without concern for why or how that connection was made. And certainly, there are legitimate reasons for using a transaction anonymizer.
Still here
Before last week's sanction, Tornado's developers took steps to limit who could use the web-facing service they built. Some criticized the move for abandoning the project's raison d'etat and increasing surveillance of the network.
Others recognized it as a way to move toward compliance following a high-profile crypto hack that was laundered through Tornado. While that direction ultimately didn't work out for them, it doesn't change that Tornado is still up and running.
What's equally remarkable is that the Tornado DAO is still attempting to manage the project. This past weekend, it voted unanimously to add signatories for the project's $22 million treasury in an attempt to make the project more resilient in case of arrests. It did so despite the project's Discord and GitHub being taken down.
Front-ends can be monitored, taken down, hacked or blacklisted without affecting what lays behind.
– D.K.