Why sanctions didn’t stop Russia's Garantex from using stablecoins

Stablecoins, a new type of financial institution, are unique in two ways. First, they use decentralized databases like Ethereum and Tron to run their platforms. Secondly, and more important for the purposes of this article, they grant access to almost anyone, no questions asked. 

I'm going to illustrate this openness by showing how Garantex, a sanctioned Russian exchange that laundered ransomware and darknet payments, has enjoyed almost continual access to financial services offered by stablecoin platforms like Tether and USDC throughout its six year existence, despite a well-known reputation as a bad actor. 

Last month, law enforcement seizures combined with an indictment and arrest of Garantex's operators appear to have finally severed Garantex's stablecoin connection... or not. Evidence shows that Garantex simply rebranded and slipped right back onto stablecoin platforms.  

Stablecoins' no-vetting model is a stark departure from the finance industry's default due diligence model, adhered to by banks (such as Wells Fargo) and fintechs (such as PayPal). We all know the drill—provide two pieces of ID to open a payments account. Requirements for businesses will probably be more onerous. Anyone on a sanctions list will be left at the door. Banks and fintechs must identify who they let on their platforms because the law requires it.

By contrast, to access the Tether or USDC platforms, the two leading U.S. dollar stablecoins, no ID is required. Anyone can start using stablecoin payments services without having to pass through a due diligence process. Sanctioned customers won't get kicked off, as Garantex's long-uninterrupted access shows. Regulators seem to tolerate this arrangement—so far, no stablecoin operators have faced penalties for money laundering or sanctions evasion.

A quick history of the Tether-Garantex nexus

Garantex became notorious early on for its role in laundering ransomware payments. Russian ransomware gangs hacked Western firms, extorted them for bitcoin ransoms, and cashed out at Moscow-based exchanges like Garantex. Garantex also became a popular venue for laundering darknet-related proceeds, particularly Hydra, once the largest darknet market. Reports allege that the exchange's shareholders have Kremlin links and that terror groups Hezbollah and Quds Force have used it.

Founded in 2019, Garantex was connected to Tether's platform by August 2020. We know this because an archived version of Garantex's website from that month show trading and payment services being offered using Tether's token, USDT.

Archived Garantex.org trading page from March 2024 with USDT-to-ruble, Dai-ruble, and USDC-ruble markets [link]

This connection to Tether allowed Garantex's customers to transfer their Tether balances to Garantex's Tether wallet, in the same way that a shopper might use their U.S. dollar account at PayPal to make payments to a business with a PayPal account. This allowed Garantex's users to trade U.S. dollars (in the form of Tether) on its platform for bitcoins or ether, two volatile cryptocurrencies, and vice versa. The Tether linkage also meant that Garantex could offer a market for trading ruble-USD.

By April 2022, Garantex's bad behaviour had caught up to it: the exchange was sanctioned by the U.S. Treasury's Office of Foreign Asset Control (OFAC). U.S. individual and entities were now prohibited from doing business with Garantex. Out of fear of being penalized, most non-Russian financial institutions would have quickly severed ties with it. Yet Tether, based in the British Virgin Islands at the time, permitted its relationship with Garantex to continue without interruption. Archived copies of Garantex's trading page from mid-2022 and 2023 show that Tether-denominated services were still being offered.

The Wall Street Journal reported in 2023 that around 80% of the exchange’s trading involved Tether, despite sanctions being in place. The net amounts were not small. According to Bloomberg, an alleged $20 billion worth of Tether had been transacted via Garantex post-sanctions. A 2024 Wall Street Journal report revealed that sanctions-evading middlemen used Tether to "break up the connection" between buyers like Kalashnikov and sellers in Hong Kong, with Garantex serving as their venue for acquiring Tether balances. 

Finally, analysis from Elliptic, a blockchain analytics firm, alleges that Garantex offered USDT trading services to North Korean hacking group Lazarus in June 2023. This transaction flow is illustrated below:

The Garantex/Tether nexus in 2023: Elliptic alleges that North Korean hackers stole ether from Atomic Wallet, converted it to Tether using a decentralized exchange 1inch, and then sent Tether to Garantex to trade for bitcoin. (Click to enlarge.) Source: Twitter, Elliptic

Tether's excuse for not off-boarding sanctioned entities such as Garantex? A supposed lack of government clarity. 

When Tornado Cash was sanctioned in 2022, for instance, the company said that it would "hold firm" and not comply because the U.S. Treasury had "not indicated" whether stablecoin issuers were required to ban sanctioned entities from using what Tether refers to as "secondary market addresses." Translating, Tether was saying that if bad actors wanted to use Tether's platform to transact with other Tether users (i.e. in the "secondary market"), it would let them do so. Tether's only obligation, the company believed, was to stop sanctioned users from asking Tether itself to directly cash them out of the platform into U.S. dollars (i.e. the "primary market").

This is quite the statement. Imagine if PayPal allowed everyone—including sanctioned actors—to open an account without ID and send funds freely within its system, only intervening when bad actors asked PayPal to cash them out into regular dollars. That was Tether's stance. Or if Wells Fargo let sanctioned actors make payments with other Wells Fargo customers, but only stopped them from withdrawing at ATM. Banks and fintechs can't get away with such a bare bones compliance strategy; they must do due diligence on all their users. But Tether seemed to believe that a different set of rules applied to it.

In December 2023, Tether reversed course. It would now initiate a new "voluntary" policy of freezing out all OFAC-listed actors using its platform, not just "primary market" sanctioned users seeking direct cash-outs. This brought Tether into what it described as "alignment" with the U.S. Treasury. Soon after, Tether froze three wallets linked by OFAC in 2022 to Garantex.

However, this action was largely symbolic. By the time Tether froze those wallets, Garantex had already abandoned them and opened new ones, thus allowing the exchange to maintain access to Tether's platform. Tether's no-vetting model permitted this pivot. Archived versions of Garantex's trading page show that it continued offering Tether services throughout 2024 and early 2025.

The U.S. Department of Justice recently confirmed Garantex's tactic of replacing wallets in its March 2025 indictment of the exchange's operators. It alleges that Garantex frequently cycled through new Tether wallet addresses—sometimes on a daily basis—to evade detection by U.S.-based crypto exchanges like Coinbase and Kraken, which are legally required to block customer payments made to sanctioned entities.

That the relationship between Tether and Garantex continued even after Tether's supposed 180 degree turn to "align" itself with the U.S. government is backed up by several reports from blockchain analytics firm Chainalysis. The first, published in August 2024, found that a large purchaser of Russian drones used Garantex to process more than $100 million in Tether transactions. The second describes how Russian disinformation campaigners received $200,000 worth of Tether balances in 2023 and 2024, much of it directly from Garantex. In a March 2024 podcast, Chainalysis executives allege that "a majority" of activity on Garantex continued to be in stablecoins.

After years of regular access to Tether's stablecoin platform, a rupture finally occurred earlier this month when Tether froze $23 million worth of Garantex's USDT balances at the request of law enforcement authorities. The move came in conjunction with a seizure by law enforcement of Garantex's website and servers. 

Garantex's website was seized in March 2025 by a collection of law enforcement agencies.

In a press release, Tether claimed that its actions against Garantex illustrated its ability to "track transactions and freeze USDt." But if Tether was so good at tracking its users, why did it connect a sanctioned party like Garantex in the first place, and continue to service it for over four years? Something doesn't add up.

Not just Tether: other stablecoins offered Garantex access, too

Tether doesn't appear to have been the only stablecoin platform to provide Garantex with access to its platform. MakerDAO (recently rebranded as Sky) and Circle Internet may have done so, too.

Circle, based in Boston, manages the second-largest stablecoin, USDC. When OFAC put Garantex on its sanctions list in April 2022, Circle was quick to freeze one of the designated addresses. It did no hold any USDC balances. However, like Tether, Circle's no-vetting policy means that it doesn't do due diligence on users (sanctioned or not) who open new wallets, hold USDC in those wallets, and use them to make payments within the USDC system. Circle only checks the ID of users who ask it to cash them out. Thus, it would have been a cinch for Garantex to dodge Circle's initial freeze: just open up a new access point to the USDC platform. Which is exactly what appears to have happened.

On March 30, 2022, Garantex used its Twitter/X account to announce that it was offering USDC-denominated services. Beginning at some point in the first half of 2022, close to the time that the U.S. Treasury's sanctions were announced, Garantex began to list USDC on its trading page (see screenshot at top). The exchange's trading page continued to advertise USDC-denominated financial services through 2023, 2024, and 2025 until its website was seized last month. 

Tether, Circle's competitor, proceeded to freeze $23 million worth of USDT on behalf of law enforcement authorities, as already outlined. However, respected blockchain sleuth ZachXBT says that Circle did not itself interdict Garantex's access to the USDC payments platform, alleging that "a few Garantex addresses" holding USDC had not been blacklisted.

MakerDAO is a geography-free financial institution that maintains and governs the Dai stablecoin, pegged to the U.S. dollar. Archived screenshots show that Garantex added Dai to its trading list by September 2020, not long after the exchange had enabled Tether connectivity. According to blockchain analytics firm Elliptic, Russian ransomware group Conti has used Garantex to get Dai-denominated financial services. Garantex is able to access the Dai platform because MakerDAO uses the same no-vetting model as Tether. In fact, MakerDAO takes an even more hands-off approach than the other stablecoin platforms: it didn't seize any of the original 2022 addresses emphasized by OFAC. That's because Dai was designed without freezing functionality.

Not vetting users is lucrative

Providing financial services to a sanctioned Garantex would have been profitable for Tether and competing stablecoin platforms managed by Circle and MakerDAO. 

All stablecoins hold assets—typically treasury bills and other short term assets—to "back" the U.S. dollar tokens they have issued. They get to keep all the interest these assets generate for themselves rather than paying it to customers like Garantex. If we assume an average interest rate of 5% and that Garantex maintained a consistent $23 million in Tether balances over the 34 months from April 2022 (when it was sanctioned) to March 2025 (when it was finally frozen out), Tether could have earned approximately $3.2 million in interest courtesy of its relationship. 

Not only does their no-vetting model mean that stablecoin platforms get to earn ongoing income from bad actors like Garantex, this model also seems... not illegal? Stablecoin legal teams have signed off on the setup, both those in the U.S. and overseas. Government licensing bodies like the New York Department of Financial Services don't seem to care that licensed stablecoins don't ask for ID, or at least they turn a blind eye. (Perhaps these government agencies are simply unaware?) Nor has the U.S. Department of Justice indicted a single stablecoin platform for money laundering, sanctions violations, or failing to have a compliance program, despite it being eleven years now since Tether's no-vetting model first appeared. The model seem to have legal chops. Or not?

Banks and fintechs are no doubt looking on jealously at the no-vetting model. Had either PayPal or Wells Fargo allowed Garantex to get access to their payments services, the punishment would have been a large fine or even criminal charges. Sanctions violations are a strict liability offence, meaning that U.S. financial institutions can be held liable even if they only accidentally engage in sanctioned transactions. But more than a decade without punishment suggests stablecoins may be exempt.

This hands-off approach benefits stablecoins not only on the revenue side (i.e they can earn ongoing revenues from sanctioned actors). It also reduces their costs: they can hire far fewer sanctions and anti-money laundering compliance staff than an equivalent bank or fintech platform. Tether earned $13 billion in last year with just 100 or so employees. That's more profits than Citigroup, the U.S.'s fourth largest bank with 229,000 employees, a gap due in no small part to Tether's no-vetting access model. 

The coming financial migration?

Zooming out from Garantex's stablecoin experience, what is the bigger picture? 

I suspect that a great financial migration is likely upon us. Financial institutions can now seemingly provide services to the Garantex's of the world as long as the deliver them on a new type of substrate: decentralized databases. If so, banks and fintechs will very quickly shift their existing services over from centralized databases to decentralized ones in order to take advantage of their superior revenue opportunities and drastically lower compliance costs. 

This impending shift isn't from an inferior technology to a superior one, but from an older rule-bound technology to a rule-free one. PayPal recently launching its own stablecoin is evidence that this migration is afoot.

The argument many stablecoins advocates make to justify the replacement of full due diligence with a no-vetting access model is one based on financial inclusion. Consumers and legal businesses in places such as Turkey or Latin America, which suffer from high inflation, may want to hold digital dollars but don't necessarily have access to U.S. dollar accounts provided by local banks, perhaps because they don't qualify or lack trust in the domestic banking system. An open access model without vetting solves their problem.      

What about the American voting public? Do they agree with this migration? The last few decades have been characterized by a policy whereby the government requires financial institutions to screen out dangerous actors like Garantex in order to protect the public. Forced to the fringes of the financial system, criminals encounter extra operating dangers and costs. The effort to sneak back in serves as an additional choke point to catch them. To boot, the additional complexity created by bank due diligence serves to dissuade many would-be criminals from engaging in crime. Is the public ready to let the Garantexes back in by default? I'm not so sure it is.

Tether is available at Grinex, a Garantex reboot. [link]

Garantex's stablecoin story didn't end with last month's seizures and indictment. According to blockchain analytics firm Global Ledger, the exchange has been renamed Grinex and continues to operate. Tether services are already available on this new look-alike exchange, as the screenshot above reveals. Global Ledger says that $29.6 million worth of Tether have already been moved to Grinex as of March 14, 2025. 

This is the reality of an open-access, no-vetting financial system: bad actors slip in, eventually get cut off, and re-enter minutes later—an endless game of whack-a-mole that seems, for now at least, to be tolerated. It will only get larger as more financial institutions, eager to cut costs, gravitate to it.

Tornado Cash un-OFAC'ed

The next chapter in the Tornado Cash saga just dropped. Last week a court ruled last that Tornado Cash, a bot that can be used for obfuscating crypto, is safe from being sanctioned.

I first wrote about Tornado Cash in 2021, before its legal troubles began, warning of the risks ahead. I've been tracking Tornado's legal saga since then. (See here | here | here ). The saga serves as a bellwether for how financial services hosted on blockchains are to be sliced and diced under existing laws, in particular the crucial anti-money laundering statutes and sanctions laws. More generally it foreshadows how autonomous techno-beings, many of which don't yet exist, are to be treated by the law.

In the newest chapter of the saga, a court ruled that America's sanctions authority, the U.S. Treasury's Office of Foreign Assets Control (OFAC), does not have the authority to sanction a certain type of smart contract, or string of autonomous code, that undergirds Tornado Cash: its so-called immutable contracts.

Recall that in August 2022, OFAC sanctioned Tornado Cash, which accepts traceable crypto from users and returns it in untraceable format. Tornado had been used by the sanctioned North Korean hacker group Lazarus to obfuscate its financial tracks. OFAC listed Tornado Cash's website tornado.cash along with 53 Ethereum addresses.

The sanctions were relatively effective. Americans could no longer use the bot without risking fines or imprisonment. Those who had funds deposited in Tornado had to ask OFAC for special permission to withdraw them. In the months after the sanctions were announced, usage of the privacy bot plunged and the amount of crypto deposited fell by over half.
 
After two different sets of plaintiffs challenged OFAC's actions in court, the appeals court in one of the cases returned a verdict last week. An immutable smart contract is "unownable, uncontrollable, and unchangeable—even by its creators," and therefore it doesn't qualify as property. Because OFAC's sanctioning power is limited to that which is property, it follows that OFAC cannot sanction immutable smart contracts.

This not-property ruling only applies to twenty immutable Tornado Cash contracts that were on OFAC's sanctions list. Tornado's mutable contracts, those that can be controlled and changed, remain property—and thus can stay on the list of sanctioned contracts. Unless OFAC wins on appeal, it will presumably have to unsanction those twenty immutable contracts.

Now, it's possible that as long as the remaining sanctioned mutable contracts are crucial to the functioning of the Tornado Cash bot, the revised sanctions blacklist will still have an effect. And if OFAC adds other key mutable Tornado Cash smart contracts to its list (say like the contracts allowing governance, which for some reason were not originally sanctioned), American users will continue to steer clear of Tornado Cash, the bot's anonymizing capacities remaining lower than otherwise, thus diminishing its ability to serve North Korean interests. 

But if not, what can OFAC do? 

Sanction users, not code

I've already done a bit of digging on this question. In response to the sanctions, I wrote an article in late 2022 entitled: How to stop illegal activity on Tornado Cash (without using sanctions) The gist was to explore alternative tools for countering illicit activity on Tornado rather than the blunt tool of sanctioning its actual smart contracts. What I suggested was to apply pressure to the users of the smart contracts. "Rather than punishing code, penalize the people who use the code."

The logic goes like this. Any user who deposits crypto to Tornado Cash, even someone with clean crypto, is providing North Korea with prohibited financial services, the Tornado bot being the means by which the two sides are connecting as counterparties. Whether intentional or not, a user's deposits broaden the anonymity set of Tornado Cash, or its ability to obfuscate larger amounts of illicit funds sourced from sanctioned counterparties like Lazarus.

Think of it as sanctioned North Korean users passing on sanctions taint to all other Tornado Cash users by virtue of everyone interacting via the same bot, Tornado Cash. This taint spreads to those who deposited their crypto (clean or dirty) to Tornado at the same time as Lazarus and/or those who have continued to deposit to it in light of the known fact that the North Korean group regularly deposits stolen funds to the platform.

OFAC issues a public alert stating that any foreigner can and will be sanctioned if their funds interact with North Korean funds on Tornado Cash. In response, some foreign users will risk being designated and continue to engage with Tornado. Many will not. As for U.S. users, OFAC can threaten them with potential civil monetary penalties if they aid North Korea using Tornado as their a tool. A $10,000 fine for interacting with sanctioned North Korean actors via the Tornado Cash bot will probably discourage most usage.

Another core set of Tornado Cash users who OFAC has legal leverage over are the relayers—real life individuals who provide an extra layer of privacy to Tornado Cash users. (I explain here why relayers are necessary for full privacy). OFAC can threaten foreign relayers with sanctions and U.S.-based relayers with civil monetary penalties.

Pressuring these various groups of users won't stop Tornado Cash code from functioning, but it will certainly constrain the activity it facilitates, and thus make it harder for North Korea to anonymize its funds. And it is consistent with the court's not-property ruling because users, not contracts, are being targeted.

I'm not saying that OFAC will follow this playbook, or that it should, but it certainly is an option. There is another route, though, and that is to go to Congress and ask for the ability to put sanctions on immutable entities. 

More broadly, Tornado Cash may just be the first in an emerging population of unownable and uncontrollable techno-beings—bots, machines, drones, androids, AI agents,  automatons, and golems—that operate independently of human control, many of which will end up doing very dangerous things. Society may want the legal ability to protect its members from these immutable contraptions, including by sanctioning them.

For instance, imagine the following scenario...

A Russian AI-guided assassin bot

If a Russian assassin is regularly poisoning people (including U.S. citizens) for criticizing Putin, OFAC can sanction that assassin, thus preventing any American entity from dealing with him and blocking all of his accounts, his car, and his interests in various companies. That might not stop the assassin, but it'll make his job more difficult. In doing so, OFAC is simply fulfilling its mandate to use its sanctioning powers to protect Americans.

Say the assassin creates an artificial intelligence and imbues it with all of his assassin's lore, providing it with an artificial body and then throwing away the keys, rendering the robot immutable. The court's recent not-property ruling suggests that while OFAC can ably defend Americans from the flesh and blood assassin, it cannot protect them from the assassin's immutable killing robot—even though the robot performs the precise same killing function as the living assassin using the exact same techniques.

This is obviously an incongruity, one that seems like it should be fixed. Or is there a specific reason why we should provide legal safe harbor to all unownable and uncontrollable techno-beings? Feel free to explain in the comments.

In any case, OFAC's efforts to apply its national security mandate to Tornado Cash are probably not over. Let's see how it responds. Some sort of resolution is important because we are still in the early stages of being inundated with self-guided autonomous agents.

Memecoins are the point

Cypherpunks wanted to change the world. We ended up with memecoins.

Our story begins with some very smart and idealistic developers, known as cypherpunks, creating a new technology know as a blockchain. Blockchains are databases, but decentralized. Advertised as being "censorship-proof," they reduce the possibility of users being subjugated to third-party interference.

Cypherpunks have always wanted their tamper-proof databases to flourish, go mainstream, and improve regular people's lives. A video from 2015 pans out from an interconnected power plant, grocery store, hospital and airplane before loftily declaring that Ethereum, one of today's largest blockchains, will be "the secure backbone for everything from e-commerce to the internet of things."

Some of you may remember another famous video from the mid-2010s, in which a young Vitalik Buterin, co-creator of Ethereum, challenged viewers: "What will you build on top of Ethereum?"

The world has responded. Forget interconnected power plants and grocery stores. The most popular thing being built on top of blockchains are memecoins. 

A memecoin is a pure gamble. These valueless tokens, typically created anonymously, usually have a mascot, or meme, loosely associated with them, some well-known examples being dogecoin, pepe, HarryPotterObamaSonic10Inu, gigachad and dogwifhat. A memecoin provides no dividends and leads to no productive activity. Its price depends entirely on subsequent players emerging to repurchase it at a higher price. The result is a hyper-volatile pyramid betting game.

via Twitter

Memecoins don't quite jive with the cypherpunk dream of creating a fairer system, one in which everything, including all of high-finance—and by that I mean banking, payments, insurance, and investments—has migrated over to blockchain nirvana. A memecoin is the epitome of low-finance. It belongs in the same gutter as some of the grimiest members of the financial world: lotteries, slots, chain letters, raffles, HYIPs, and other zero-sum games.

Cypherpunks and their fellow travelers are offended by memecoins. They want their blockchains to be used for more noble reasons:

• it’s sucking the energy out of crypto [link]
• it is a complete bastardisation. a total mockery, a clown show [link]
  
• things have hit an all-new bottom with 2024: racist, sexist, and other shitheaded memecoins which are merely a vehicle to transfer wealth from the many to the most obnoxious people on the planet [link]
  
• besides undermining the long-term vision of crypto that has kept so many of us in the space, memecoins aren't very technically interesting [link]

Buterin, too, gripes that "even the non-racist memecoins often seem to just go up and down in price and contribute nothing of value in their wake." Trying to find a silver-lining, he implores memecoin makers to donate a portion of their supply to charity, sort of like how raffles are used to fund good works. 

Cypherpunk's frustration with memecoins understandable. But I don't think the cypherpunks should be complaining. Guys, what exactly did you think your zero-rules financial substrates were going to be used for?! Memecoins are the point.

Memecoins as the fundamental unit of blockchains

People have a natural predilection to gamble, but gambling has a bad wrap and so many gambling games have been declared illegal. Memecoins are a great example of this, their presence being prohibited on society's official financial venues including its stock exchanges and commodity markets, as well as its casinos and online betting sites.

Up in Canada, which has historically been a haven for scummy finance, the closest you can get to floating a memecoin is by taking the junior gold route. Start by incorporating a gold exploration company, buy the rights to some worthless property in an isolated region of northern Canada, list the company on a junior stock exchange, promote your sham as the next big gold mine, and sell out to the latecomers. You're basically created a memecoin; a token based on nothing. 

But this is an arduous way to run a memecoin. You still need to disguise yourself as a regular firm, publish audited financial statements, and hire a board of directors, plus you'll have to provide your real name, which means potential lawsuits or criminal charges. A pure memecoin, say like dogwifhat, which isn't burdened by any of these costly real-world obligations, would never get permission to be listed, even on Canada's shadiest junior stock exchange.

Enter blockchains, which are inherently anarchic. Blockchains allow folks to deploy illegal and unregulated betting games without the authorities being able to step in and say: "Hey, you can't do that." With mainstream exchanges and casinos being closed off to them, it's no wonder that memecoins have come to dominate the new medium.

If your blockchain doesn't experience a constant stream of memecoin issuance, it's effectively dead. Hordes of crazy gamblers buying and the selling meaningless, non-productive coins is a sign of a flourishing and fertile censorship-resistant financial medium. Sleezy promoters competing to draw attention to their favorite memecoin on social media isn't "sucking the energy" out of crypto; it's the whole point of crypto.

Source: Twitter

As for the cypherpunk idealists complaining about memecoins, they need to accept the fact that blockchains will probably never become the "backbone of everything." Instead, blockchains will continue to serve as a major hub for grimy low-finance; stuff like memecoins and ponzis that can't make the jump to official venues. Many of these low-finance services will be illegal or shady or distasteful, because those are precisely the things that need protection from third-party interference. (And to be fair, certain banned low-finance services can be quite useful.) If you're going to hock censorship-resistance to the world, don't grumble about who shows up at the table.

Memecoins have sometimes been described as a potential gateway drug or Trojan horse for broader adoption of blockchains. "Once they try dogwifhat, they won't be able to resist my quadratic voting project." But that's just wishful thinking. Serious and "respectable" high-finance services, say like insurance and banking—the stuff we all need for day-to-day life—are by necessity legal and thus welcome on mainstream habitats, and so these services and their users need never gravitate to the same rule-free substratum that memecoins have.

What will you build on top of blockchains? Memecoins. Memecoins are the fundamental financial unit of crypto.

---

P.S. I must be running out of material because I wrote an early version of this post back in 2018 for Breakermag

"I didn't launder the cash, your honor. The robot did."

Crypto enthusiasts protest the trial of Alexey Pertsev

As the multiple Tornado Cash legal cases wend their way through courts in the Netherlands and the U.S., we continue to learn how society's money laundering laws will be applied to some of the more unique financial entities being created on the new technological medium of blockchains.

Last month Alexey Pertsev, a co-creator and co-administrator of privacy platform Tornado Cash, was found guilty of money laundering by a Dutch court. (The full decision translated into English is here). Meanwhile, Roman Storm and Roman Semenov, Pertsev's colleagues, are under indictment in the U.S. for engaging in money laundering, among other charges. Separately, Tornado Cash continues to be sanctioned by the U.S. Treasury.

In general, I think a guilty verdict is the right decision. It would have been dangerous to find Pertsev innocent, since to do so would have given all sorts of hardened money launderers – the mob, drug lords, and terrorist networks – the perfect techno-legal loophole for avoiding future money laundering charge. Shifts in the underlying technology used for disguising dirty money should not be enough to turn a crime into a non-crime.

Before I get into my reasoning, here's some context for people who are new to the issue of Tornado Cash.

Tornado Cash was introduced by Pertsev, Storm, and Semenov in 2019 as a means for crypto users to enjoy privacy, but it wasn't long before thieves and hackers began to regularly deposit large amounts of stolen crypto into the utility to be obfuscated. This was plain as day to anyone who was watching. Blockchains are radically transparent (that's why privacy tools like Tornado are needed) which meant that everyone could watch in real-time as criminal trails converged on Tornado Cash. 

Court cases in both the U.S. and the Netherlands reveal that Pertsev and his colleagues were well-aware that illicit activity passing through Tornado, yet they continued to work on the utility anyways. This is important because possessing a "knowing" state-of-mind is a key ingredient to being found guilty of money laundering. If he had had no idea that the money being disguised was dirty, Pertsev could not have been charged in the first place.

Criminals were not the only users of Tornado. Licit actors who wanted privacy also deposited funds into the entity, including Ethereum co-creator Vitalik Buterin. But the presence of good transactions amongst the bad ones doesn't dilute the seriousness of the alleged crime. All it takes to trigger a money laundering charge is a few dirty transactions. "C'mon! 82% of the money was licit!" is no alibi.

Tornado Cash is by no means the crypto economy's first privacy platform. The original generation of privacy tools, so called "mixers" or "tumblers," began to emerge in the early 2010s with the likes of ChipMixer, Helix, Bitcoin Fog, Sinbad, and Blender. Anyone who required anonymity could send their bitcoins to the platform owner, who would proceed to commingle, or "mix," all incoming bitcoins in a single address under their control, thus rendering them untraceable. After some time had passed, the platform owner manually re-sent the now obfuscated bitcoins to their original sender, less a fee.

Like Tornado Cash, the first generation of privacy utilities was used by both criminals and regular folks seeking privacy. None of these original mixers have had happy endings. The owners of Bitcoin Fog and Helix, Roman Sterlingov and Larry Harmon, were both found guilty of money laundering and are currently serving jail sentences. Minh Nguyen, the administrator of ChipMixer, has been indicted for money laundering and is on the FBI's most wanted cyber list. Blender and Sinbad have both been sanctioned by the U.S. government.

Source

By any legal standard, these bad endings were well-deserved. They may have been technological novelties, but ChipMixer, Helix, Bitcoin Fog, Sinbad, and Blender were very much text-book examples of money laundering. The owners of these entities knew that some of the transactions they were participating in involved proceeds derived from criminal sources, yet despite this knowledge they proceeded to disguise them anyways. The only thing new about Helix and the other first generation mixers was the medium they were disguising – bitcoin instead of cash or deposits.

And so professional mixers like Harmon and Nguyen join a long line of traditional money launderers – dirty bankers, drug cash couriers, crooked remittance shop owners, and hawala operators. The law shouldn't be fooled by technological novelty, and in the case of the first generation of mixers, it wasn't.

That these were textbook cases of money laundering isn't disputed by the crypto community. Crypto advocates are a vocal bunch, and while they have loudly voiced their complaints about the legal action taken against Tornado Cash, they have for the most part quietly accepted the punishments meted out to the first generation privacy platforms. A legal fundraiser to support the Tornado Cash accused, for instance, has raised hundreds of thousands of dollars; there have been no equivalent efforts to raise a legal defence for Harmon, Sterlingov, or Nguyen. Crypto lobbyists have gone to war for Tornado Cash by launching court appeals and filing amicus briefs in its support. But when it comes to defending the Bitcoin Fog or Helix operators, or challenging the government's sanctioning of Sinbad and Blender – crickets.

The Tornado Cash legal cases have been more controversial than those of the first generation mixers thanks to a technical innovation in Tornado's construction. Most of us would consider this to be a relatively obscure change, but crypto enthusiasts see it as a defining one.

Harmon and his counterparts controlled their platforms outright, taking possession of the dirty crypto before manually sending it back to criminals in disguised form. Not so Tornado Cash. When it was built, a layer of automation was inserted between Tornado Cash's users and Pertsev and his colleagues.

Instead of sending their crypto to wallets controlled by the trio, as users did with Helix, crypto was now deposited by users into a set of automated pools. These pools were not managed on an ongoing basis by Pertsev and his colleagues. Rather, they were built using fully automated code on the Ethereum blockchain. Originally co-created by Pertsev in 2019, this code was frozen in time by the designers in early 2020, at which point it could no longer be upgraded or changed by anyone, even Pertsev. To this day the pools continue to operate, even though the Tornado Cash creators are either jailed or under indictment.
 
Other parts of the Tornado Cash platform are not so set-in-stone and remained under the control of Pertsev and his colleagues throughout. This includes the main website by which users accessed the automated pools, which was regularly upgraded over time, as well as the relayer service. (A relayer is a way to guarantee the privacy of Tornado Cash users). Pertsev and his colleagues profited from their ongoing control over the website and relayers.

The lawyers for Pertsev, Storm, and Semenov have argued that this layer of automated code exonerates the trio of money laundering. After all, if they no longer control what the utility is doing, then how can they be said to be operating a money laundering enterprise? The lawyers also argue that as writers of code, Pertsev, Storm, and Semenov are protected by speech laws, much like an author who has written a book. It is the code-is-speech claim that has particularity riled up the crypto community.

I don't like the idea of someone being sent to jail, but I think it's a good thing that the Dutch court chose not to accept these arguments.

Using go-betweens is a time-tested criminal strategy for distancing oneself from the crime. In more conventional money laundering operations, this strategy might involve separating the leader of a cash laundering operation from the actual dirty cash with a layer of underlings. In the age of crypto, no need to use living human underlings; just insert a buffer of unliving code.  

But the law shouldn't be fooled by artificial distances between a launderer and dirty money, whether those intervening layers be living people or code.

Allowing a buffer of automated code to absolve folks like Pertsev of money laundering would make it much easier to be a professional money launderer. Bad actors like Harmon and Sterlingov who have already been deemed by the courts to be criminals would suddenly have the perfect techno-legal loophole at their disposal if they decide to reengage in crypto laundering once their jail terms are up. Instead of manually running their operations as before, Harmon an Sterlingov could insert a mute layer of automated code between them and their illicit clients, their criminal mixing no longer being a crime.

But this would be an absurd state of affairs. A simple technological change to the way a criminal mixer administers their back office shouldn't convert them into a non-criminal.

The danger of the "it was the code that did it" defence extends beyond the crypto economy. In the much-larger traditional economy, laundering physical cash is a relatively common criminal profession. Take the fictional example of Marty Byrde, the star of Ozark. If the Tornado Cash defence were to be accepted in a court of law, then Byrde need only program a set of self-operating cash-handling robots to do most of his tasks for him, and he can get away scot-free. "I don't exercise any control over the packages of cash, your honor. The robots did!"

Or take the example of drug cash couriers, who run the risk of being convicted for money laundering when they move cash across the U.S.-Mexico border. Taking a cue from Tornado Cash, if a courier were to deploy an autonomous fleet of AI-powered drones instead, then when charged with a money laundering offence he or she need only invoke the now-standard defence: "it was the drones who controlled the cash, not me."

Taken to an extreme, the Tornado Cash defence means that money laundering effectively ceases to exist as a crime. All the culpability shifts onto the undead intermediaries, which can't be punished. This eclipsing of money laundering laws would be unfortunate. Professional money laundering is a key sector within the broader criminal economy, greasing the wheels for the entire enterprise. Without any legal defences against launderers, we are all much more vulnerable to crime-in-general.

In what follows, I want to provide a historical example of how the law should act when confronted with the changing tactics and technologies of money launderers.

Money laundering is a relatively new crime, but it has a much older predecessor in the crime of fencing, also known as receiving. The laws against fencing and money laundering are similar, the idea being to punish not the original criminals but the third-parties who knowingly participate in the crime by accepting dirty proceeds.

Any thief runs a big risk of being caught with stolen goods. At some point in the middle ages, specialized intermediaries, or fences, emerged to absorb this risk by accepting stolen property from professional thieves and redistributing it. Thieves could now offload their goods much quicker, thereby achieving a degree of safe harbor. For their part the fences themselves were safe from prosecution. After all, they hadn't committed the original theft, and accepting stolen property was not a crime.

The addition of specialized wholesalers to the thievery production process helped drive a rise in the incidence of theft, according to historian Rictor Norton. To close this loophole, fencing was criminalized in England in 1692. For the first time, a third-party who knowingly accepted stolen goods could be punished as an accessory to the original theft. The business of reselling hot property, risk-free until then, suddenly became much more dangerous.

The illegal fencing market quickly evolved new tactics. Enter Jonathan Wild, an incredibly successful launderer of stolen goods who, by the mid 1710s, is said to have been the "undisputed leader in the fencing business of London," according to marketing professor Ronald Hill. Wild evaded the 1692 anti-fencing law by never himself handling stolen property. Instead, he acted as an early version of Craigslist, but for stolen objects. He arm-twisted all of London's thieves to secretly report any robbery immediately to him, asking them to retain possession until he contacted them. At the same time, the unfortunate victims of those thefts were encouraged to approach Wild with requests to help locate their missing property.

Once Wild knew who was at both ends of a theft, he would pay the thief and tell him to return the goods to the victim using an anonymous porter. The happy victim got their stolen goods back, paying Wild a large reward for his troubles.

With Wild running circles around the law, Parliament passed an additional anti-fencing law in 1718 that punished anyone who took a reward under the pretence of helping a victim of theft, without actually prosecuting the original felon. In 1725, Wild was apprehended, tried, and condemned to death on the basis of this statute. 

A gallows ticket to view the hanging of Jonathan Wild (Wikipedia)

Now, a death sentence is extreme. But this is a good example of the law staying hip to both the changing technology of theft and its evolving division of labour. As the profession began to be subdivided into specialist thieves and an emerging class of allied wholesalers of stolen goods, lawmakers recognized that wholesaling was really just an appendage of theft, and thus fencing was criminalized. Later on, when fences like Wild adapted with new methods, the law kept up by finding additional means to reach fencing operations.

With Tornado Cash, we are at a "Jonathan Wild" stage of the modern money laundering profession's development. Control of dirty proceeds is being shifted to autonomous intermediaries so that the perpetrators can avoid prosecution. Much like how the law adapted in the 1700s to encompass Wild's tactics of distancing himself from dirty property, it will have to do the same with money launderers who use crypto code, autonomous robots, or AI drones to dissociate themselves. While I don't enjoy the idea of anyone spending time in jail, finding Pertsev guilty is part of that process.

Unlike Jonathan Wild, who was a criminal mastermind, Alexey Pertsev and colleagues seem to have bungled into the crime partly out of an ideological commitment to crypto ethics, the wider community unhelpfully egging him on. That doesn't mean he's not guilty, but it does suggest a lighter sentence than the 64-month one he received might be appropriate.

I've been arguing throughout this article that money laundering law should extend to innovative financial entities created on blockchains, such as Tornado Cash. I want to close by pushing back on this a bit.

A guilty verdict for Pertsev and his colleagues should not be tantamount to a ban the creation of autonomous financial institutions, particularly those focused on privacy. If a coder wants to create an open privacy mechanism for crypto, promote it, and financially profit from it, I think that he or she should have the right to do so, subject to the following condition. The code needs to include a component that screens out dirty crypto – and this filter shouldn't be a sham attempt, it has to be a genuine effort.  

While I think the law got it right in this instance, shame on lawmakers and law enforcement if they don't accommodate future generations of code-based entities (and their creators) that actually do make good faith efforts to freeze out dirty money.

Thoughts on the Tornado Cash defence and what happens when everyone adopts it

Payments companies are regularly punished for engaging in money laundering. MoneyGram, for instance, has has to pay multiple fines. Western Union was famously busted in 2017. Meanwhile, Cash App is being probed as we speak for inadequate anti-money laundering controls.

In the future, these companies may have in their grasp a very simple techno-legal trick that allows them to deal with dirty money and get away with it. All they need to do is transfer their entire IT apparatus from a regular set of databases onto "immutable" smart contracts hosted on blockchains.

This, at least, is what happens when you take the arguments put forward by the Tornado Cash defence team to their logical conclusion.

If you follow this blog, you'll know I've written a lot about Tornado Cash.

Cryptocurrency isn't private; it's radically transparent. The function that Tornado Cash serves is to accept traceable crypto from users, both licit and illicit, and return it to them in untraceable format. Beginning in late 2020, a steady stream of stolen crypto began to be moved by thieves onto Tornado Cash for the purposes of obfuscation. In effect, money laundering was now occurring on the platform. But who were Tornado Cash's money launderers? More specifically, someone was to blame for helping these thieves to disguise their tracks – who was this someone?

Last August the U.S. government indicted two people involved with Tornado Cash for conspiracy to commit money laundering.  I wrote about the government's indictment here. (They were also indicted for conspiracy to evade sanctions and the operation of an unregistered money transmitting business, but that's another story.)

Roman Storm and Roman Semenov, the accused, wrote the original smart contracts for Tornado Cash and exercised a degree of control over a key website for accessing those smart contracts. The government alleges that Storm and Semenov knew that the property being transferred to Tornado Cash was criminally derived, and that they also knew that the hackers wanted to disguise its source. Yet the duo conducted the financial transactions anyways. These three elements – knowledge, the conducting of financial transactions, and the presence of unlawful money – are key ingredients to building a money laundering charge. (See specifically 18 U.S.C. § 1956(a)(1)B(i).)

Last week the defence lawyers for one of the accused parties, Roman Storm, filed a motion to dismiss the case, giving observers some initial insights into what arguments will be used to try and beat the government's money laundering charge. As I'll show, assuming these arguments are right, then a big chunk of the existing payments system has a fool proof plan for avoiding money laundering laws.

The distinction between the Tornado Cash front end and the actual Tornado Cash smart contracts looms large in the case, so let's touch on that briefly. The smart contracts are bits of code that reside directly on the Ethereum blockchain. This code allows users to deposit their trackable crypto to a pool along with many other users and then withdraw it, obfuscated. A front end, by contrast, is a regular website that allows users to interact with the smart contracts, and is hosted through a normal internet provider .

While users are free to interact directly with the Tornado Cash code, the most popular way to access Tornado was allegedly via the intermediation of the main website that was under the control of Storm and his colleagues.

The key argument made by Storm's lawyers is that the accused are not subject to the money laundering statutes because the money laundering statutes only apply to people who "conduct" what are defined as "financial transactions," and Storm did not conduct financial transactions.

The defence says that in order to show that someone was conducting a financial transaction it must be the case that control was exercised by that person over the actual criminally-derived funds. Storm may have had some control over the front end, but the defence claims this doesn't really matter because the front end itself did not exercise any control over the proceeds. "It did not access the funds directly," the lawyers argue. "It merely provided an interface to permit a user to interact with the smart contracts."  

As for the smart contracts, Storm clearly had no control over them. He had relinquished control back in May 2020, when a trusted setup ceremony ensured that no further changes could be made to the code. At that point, the smart contracts worked automatically. Bad actors only discovered Tornado Cash several months after the ceremony, at which time Storm had long gone. Furthermore, the smart contracts didn't actually control the funds, say Storm's lawyers, it was users of Tornado Cash who controlled the funds within the pool.

So, there you have it. The government's money laundering charge against Storm and Semenov requires locating a person or institution who is in control of the dirty funds and conducts financial transactions with them, says the defence. But it isn't the accused who exercised this control, it is the users who did so, via the intermediation of a set of financial automatons, the smart contracts.

For the philosophically crypto-pilled, the defence's arguments will make sense, since according to this view crypto is a revolutionary force for good, one destined to "break" what they see as a corrupt and old-fashioned financial system. For this breaking to happen, crypto shouldn't be forced to conform to the same old laws as stodgy payments companies like Western Union. New laws, or new ways of looking at old laws, should be shaped around crypto.

But to the non-crypto pilled, a successful defence of Storm and Semenov is quite concerning. As described by Bruce Schneier and Henry Farrel, it could potentially mean that anyone who wants to facilitate illegal activities would have a strong incentive to copy Tornado Cash, effectively turning their operation into a "golem" – a deathless artificial being run on smart contracts – and then throwing away the keys to avoid the law.

More specifically, by shifting their entire IT infrastructure over to smart contracts or some other equivalent automaton, payments institutions like MoneyGram that are currently subject to the money laundering statutes (and have already been punished under them several times) might be able to avoid future prosecution. If criminals start using the autonomous MoneyGram robot to make payments, MoneyGram can simply say: "The robot allowed them to do it, not us!" As for the official MoneyGram front end, even if the mob becomes a happy customer MoneyGram needn't worry since the front end is nothing but a filmy gauze between users and the autonomous robot, the company never actually controlling the funds (although according to the Tornado Cash lawyers the front end can continue to safely generate a profit for its owners!)*

The money laundering statutes – 18 U.S.C. § 1956 and § 1957 – are two of democratic society's key legal bulwarks against criminal behaviour. In a world in which the Tornado Cash defence prevails and payments companies adopt it as a techno-legal shield against money laundering charges, 1956 and 1957 become much less effective – and not because we decided to soften them via a democratic process, but because financial institutions found sneaky ways to get around the rules.

Mind you, the money laundering statutes wouldn't disappear entirely. The Tornado Cash defence's point is not that there is *no* money launderer. Rather, their argument is that it is the users of Tornado Cash, the public, who had "exclusive control," and not Storm and Semenov, so the latter duo aren't the guilty parties. Taking this control theory further, if the government wants to charge anyone with money laundering, it should probably be trying to target folks like Vitalik Buterin, a member of the public who regularly put his funds into Tornado Cash and thus potentially participated in the concealment of unlawful proceeds deposited by criminals.

What a dangerous financial tool to make available to the public!

Right now, I can safely transfer $1000 to Western Union without having to worry about commingling my $1000 with a criminal and thus facing a potential money laundering charge. The company takes on that liability for me. But if Western Union stops performing this legal responsibility by building financial automatons to which everyone has open access, both good and bad actors, then I am suddenly at risk of being a counterparty to criminals when I transfer $1000 to Western Union, and that could turn me into a money launderer. Money launderers can face up to 20 years in prison.

For users, a Western Union transfer suddenly becomes the financial equivalent of handling nuclear waste or operating a five-story crane. It's a task most people can't, and shouldn't, handle. Given the inherent legal risks, it's possible that the market will never widely adopt financial services delivered in the form of robots or golems or immutable smart contracts, preferring to stick with the traditional safe intermediaries who take on the burden of compliance. Or not?

Storm's lawyers may win this particular case. Their logic certainly seems sound, but I'm no lawyer. If so, there's a good argument to be made for lawmakers to consider modifying the definitions of words like "conducting" and "financial transactions" found under the money laundering statutes to prevent future efforts to use the Tornado Cash techno-legal trick. If  by merely swapping the technology used to deliver financial services a payments institution can suddenly avoid the law and offload legal responsibility onto users, that's probably a hole that needs closing.

---

* MoneyGram would still be able to financially profit from the combination of smart contracts and a front end, much like how Storm and Semenov did with Tornado Cash, by finding canny ways to use their control over the front end. According to the indictment, Storm and Semenov, along with others who had control over the front end, curated a list of "relayers" – third parties who provided users with bolstered privacy protection – and then extracted resources from relayers who wanted the privilege of getting on the list.

This profit motive can't help prove that Storm was engaged money laundering, says the defence, since there are many examples of criminals using "lawful tools for unlawful ends," and even though the tools' developers have "profited from that use" those developers were not punished.

How PayPal can use stablecoins to avoid AML requirements and make big profits

There's a new financial loophole in town: stablecoins. Stablecoins are dollar, yen, or pound-based payments platforms that are built using crypto database technology.

Financial institutions are always looking for loopholes to game the system. Typically this has meant avoiding capital requirements or liquidity ratios in one jurisdiction in favor of a looser standards elsewhere. The new stablecoin loophole allows for a different set of financial standards to be avoided, society's anti-money laundering regulations.

I'll explain this new loophole using PayPal as my example.

PayPal now offers its customers two sorts of regulated platforms for making U.S. dollar payments. The first type will be familiar to most of us. It is a traditional PayPal account with a U.S. dollar balance, and includes PayPal's flagship platform as well as PayPal-owned platforms Xoom and Venmo. These all have strict anti-money laundering controls.

The second type is PayPal's newer stablecoin platform, PayPal USD, which has loose anti-money laundering controls. PayPal USD is built on one of the world's most popular crypto databases, Ethereum. Dollars held on crypto databases are typically known as stablecoins, the most well-known of which are Tether and USDC.

What do I mean by fewer anti-money laundering controls?

If I want to transfer you $5,000 on PayPal's traditional platform, PayPal will first have to grant both of us permission to do so. It does so by obliging us go through an account-opening process. PayPal will carry out due diligence on both of us by collecting our IDs and verifying them, then running our information against various regulatory blacklists, like sanctions lists. Only after we have passed a gamut of checks will PayPal allow us to use its platform to make our $5,000 transfer.

Contrast this to how a payment is made via PayPal's new stablecoin platform.

First, we both have to set up an Ethereum wallet. No ID check is required for this. That now allows us to access PayPal's stablecoin platform. Next, I have to fund my wallet with $5,000. I can get these these funds from a third-party who already holds money on PayPal's stablecoin platform, say from a friend, or from someone who buys goods from me, or from a decentralized exchange. Again, no ID is required for this transaction to occur. Once I have the funds, PayPal will process my $5,000 transfer to you.

Can you spot the difference? In the transaction made via PayPal's legacy platform, PayPal has diligently got to know everyone involved. In the second transaction, PayPal makes no effort to gather information on us. And lacking our names, physical addresses, email addresses, or phone numbers, it can't do a full cross-check against various regulatory black lists.  

More concretely, PayPal's legacy platform does its best to stop someone like Vladimir Putin, who is sanctioned, from ever being able to sign up and make payments. But if Putin wanted to use PayPal's new stablecoin platform, PayPal makes almost no effort to stop him from jumping on.

One of the biggest expenses of running a legacy financial platform is anti-money laundering compliance. Programmers must be deployed to set up onboarding and screening processes. Compliance officers must be hired. If a transaction is suspicious, that may trigger a halt, and the transaction will have to be painstakingly investigated by one of these officers. The platform is hurt by lost customer goodwill – no one likes a delay.

That's where the stablecoin loophole begins.

PayPal can reduce its costs of getting to know its customer by nudging customers off its traditional platform and onto its PayPal USD stablecoin platform. Now it can onboard them without asking for ID. Since it no longer collects personal information about its user base, fewer transactions trigger flags for being suspicious, and only rarely do they register hits on sanctions blacklists. That means fewer halts, delays, and costly investigations. PayPal can now fire a large chunk of its compliance staff. The reduction in costs leads to a big rise in earnings. Its share price goes to the moon.

For now, PayPal's stablecoin platform remains quite small. Only $150 million worth of value is held on the platform, as the chart at the top of this post shows. The company's legacy platforms are much larger, with around $40 billion worth of balances held. Given the compliance cost difference, though, I suspect PayPal would love it if its stablecoin platform were to grow at the expense of its legacy platform.

I've used PayPal as my example, but the same calculus works for the financial industry in general. If every single bank in the financial system were to convert over to a stablecoin platform for the delivery of financial services, and no longer use their legacy platforms, the industry's total anti-money laundering compliance costs would plummet.

So far I've just explained this all from the perspective of financial institutions, but what about from the viewpoint of the rest of us? Society has set itself the noble goal of preventing bad actors from using the financial system. A large part of this effort is delegated to financial institutions by requiring them to incur the expense of performing due diligence on their platform users. This requires a big outlay of resources. Many of these costs are ultimately passed on to us, the users.

If institutions like PayPal switch onto infrastructure that doesn't vet users, then resources are no longer being deployed for the purposes we have intended, and the broader goals we have set out are being subverted. Is that what we want? I'd suggest not.

---

Some followup thoughts:

1. PayPal's stablecoin platform employs fewer anti-money laundering controls than its regular platform. On the other hand, its stablecoin platform has stricter standards in other areas, including the safety of its customer funds. I wrote about this here: "It's the PayPal dollars hosted on crypto databases that are the safer of the two, if not along every dimension, at least in terms of the degree to which customers are protected by: 1) the quality of underlying assets; 2) their seniority (or ranking relative to other creditors); and 3) transparency."

2. The pseudonymity of stablecoins is something I've been writing about for a while. In a 2019 post, I worried that at some point this loophole would lead to "hyper-stablecoinization," a process by which every bank account gets converted into a stablecoin. I'm surprised that almost five years later, this loophole still hasn't been closed.

3. The typical riposte to this post will be: "But JP, stablecoins are implemented on blockchains, and blockchains are transparent. This prevents bad actors from using them, and so stablecoins should be exempt from standard anti-money laundering rules." I don't buy this. Bad actors are using stablecoin platforms, despite their pseudo-traceability. "Its convenient, it's quick," say a pair of sanctions breakers about payments made via Tether, the largest stablecoin platform. Society has deputized financial institutions to perform the crucial task of vetting all their users. By not doing so, stablecoin platforms are shirkers. Trying to outsource the policing task to the public or to the government by using a semi-transparent database technology doesn't cut it.

It's time to get rid of "crypto"

Call me a pedant, but I'm not a fan of the word "crypto". It may have been a serviceable category back in 2011 when there was only one type of crypto thingy – bitcoin. But it's ceased to be a meaningful term and, if anything, it causes a regression in understanding.

Source: Fidelity

Case in point is the above diagram from Fidelity, which suggests that clients should conservatively invest 40% of their wealth in "equity," 59% in "fixed income", and the other 1% in "crypto."

These categories are nonsensical because in many cases, crypto *is* equity. (And in other cases, crypto *is* fixed income.) Fidelity's buckets are not mutually exclusive.

For instance, take MKR tokens, which are inscribed on the Ethereum blockchain and are a top-100 asset listed on CoinGecko. MKR may sound like it deserves to fall in the crypto bucket, but hold on a sec. As a MKR holder, you enjoy a right to the earnings of MakerDAO, which is effectively an offshore bank. You enjoy buybacks, voting control, and a residual claim on assets after creditors in case of windup or bankruptcy. Guess what, folks. That's equity! Yep, buying MKR shares is economically equivalent to buying shares in Bank of America.

Likewise with Dai tokens, the payments instrument – aka stablecoin – that MakerDAO issues to customers on the Ethereum blockchain and the 25th largest asset on CoinGecko. Sounds like crypto, no? But along with being pegged to the U.S. dollar, Dai pays interest of 5%. That puts it firmly into the fixed income bucket, very much like an uninsured interest-yielding account at the Bank of America.

What exactly is crypto, then?

The word "crypto" describes a database technology, not an asset class. Various asset classes – equity, bonds, options, and savings accounts (or various combinations of these) – can be recorded and stored on crypto databases, much like how MKR shares are served up on Ethereum, one of the most popular crypto database. These crypto databases fall in the same bucket as an Azure SQL database or an Oracle databases, both of which record assets but neither of which belongs itself to an asset class.

So now you can see why Fidelity counseling its customers to invest 99% in equity + fixed income and 1% in crypto is absurd. It's a category mistake, like if Fidelity advised folks to hold 99% in equity + fixed income and 1% in assets stored on Oracle databases.  

Telling customers to invest 1% of their wealth in generic assets stored in Oracle databases isn't just a category mistake; it's downright reckless. All sorts of wild financial stuff appears on Oracle databases, including sports bets and zero day options. Conservative investors have no business touching these. As for crypto databases, they are particularly notorious for holding financial fluff like ponzis and digital chain letters (i.e. litecoin, dogecoin, floki inu and their various ancestors and cousins); none of which Fidelity should be hocking to serious customers.

Crypto doesn't refer to an asset class, it describes the database technology on which assets appear. Better yet, let's just get rid of the word altogether. It's beyond repair.

The long arm of OFAC and its reach into the Ethereum network

Coinbase, the U.S.'s largest crypto exchange, is openly processing Ethereum transactions involving Tornado Cash, a piece of blockchain infrastructure that was sanctioned by the U.S. government last year for providing mixing services to North Korea. 

Over the last two weeks Coinbase has validated 686 Tornado-linked transactions, according to Tornado Warnings. I've screenshotted the table below:

This table shows how many blocks each validator has proposed that includes a transaction that has interacted (either depositing or withdrawing) with Tornado Cash contracts in all denominations, or with TORN tokens. Source: Tornado Warnings by Toni Wahrstätter

This is awkward for everyone involved.

First, it's embarrassing for the agency that administers U.S. sanctions, the U.S. Treasury's Office of Foreign Assets Control, or OFAC. OFAC clearly states that U.S. based persons are not to transact with sanctioned entities unless they have a license. Yet here is America's largest crypto exchange interacting with a sanctioned entity, Tornado Cash, without a license.

OFAC can look away and pretend that nothing unusual is happening, which is pretty much what it has done so far. But since these financial interactions are clearly displayed on the blockchain, everyone can see the infraction occurring. Eventually, OFAC will have to confront the problem and make some tough decisions, a few of which may end up damaging companies like Coinbase and the Ethereum network.

The whole affair is also awkward for the crypto industry. After a 2022 in which much of the ecosystem went bankrupt or succumbed to fraud, crypto currently finds itself in the damaging crosshairs of the culture war and the pervasive threat of being banned. It is desperate for social license, yet here is crypto's leading company choosing to operate in contravention of one of the key pillars of U.S. national defence.

Meanwhile, Coinbase's main U.S. competitor, Kraken, has taken a very different approach to dealing with Tornado Cash. As the table above shows, Kraken has processed zero Tornado Cash transactions over the last two weeks compared to Coinbase's 686. These diverging approaches to handling sanctioned transactions only highlight the awkward nature of crypto's "compliance" with sanctions law.

Before I dive deeper, we need to fill in the basics. For folks who are confused about crypto, what follows is a quick explanation why Coinbase is interacting with Tornado Cash, whereas Kraken isn't.

What is validation?

To begin with, Coinbase and Kraken operate in many different businesses. Their most well known business line is to provide a trading venue where people can deposit funds in order to buy and sell crypto tokens.

I suspect that both companies are being very careful to ensure that their trading venues avoid any dealings with Tornado Cash. If someone were to try to deposit Tornado-linked funds to Coinbase's exchange, for instance, I'm sure Coinbase would quickly freeze those transactions, which is precisely what OFAC obliges it to do. Crypto trading venues have gotten in trouble before for dealing with sanctioned entities: last year Kraken was fined by OFAC for processing 826 transactions on behalf of Iranian individuals.

But the issue here isn't these companies' trading platforms. Coinbase's interactions with Tornado Cash are occurring in an adjacent line of business. Let's take a look at how Coinbase and Kraken's validation services business operate.

Say that Sunil lives in India and wants to make a transaction on the Ethereum network, perhaps a deposit of some ether to Tornado Cash. He begins by inputting the instructions into his Metamask wallet. This order gets broadcast to the Ethereum network for validation, along with a small fee, or tip. A validator is responsible for taking big batches of uncompleted transactions, one of which is Sunil's Tornado Cash deposit , and proposing them in the form of "blocks" to the Ethereum network for confirmation. As a reward, the validator collect the tips left by transactors.

The biggest validators are the ones that own large amounts of ether, the Ethereum network's native token. Since Kraken and Coinbase have millions of customers who hold ether on their platforms, they have become two of the most important providers of Ethereum validation services. Coinbase accounts for 14% of global validation while Kraken stands at 3%, according to the Ethereum Staking dashboard. So even though Sunil is not actually depositing any crypto to Coinbase's trading venue, he may end up interfacing with Coinbase via its block proposal and validation business.  

Validators can choose what transactions to include in their blocks. This explains the difference between the two exchanges. Whereas Kraken chooses to exclude transactions like Sunil's Tornado Cash deposit, Coinbase includes all transactions linked to Tornado Cash in the blocks that it proposes, in the process earning transaction fees linked to Tornado Cash.

To sum up, Coinbase operates its trading venue in a way that complies with OFAC regulations, but it doesn't run its validation service in the same manner, whereas Kraken does. Next, we need to fill in another important part of the story. What does OFAC do?

OFAC around and find out

For folks who don't know how U.S. sanctions work, a big part of OFAC's job is to blacklist foreign individuals and organizations who are deemed to undermine U.S. national security or foreign policy objectives. These blacklisted entities are known as SDNs, or specially designated nationals. U.S. citizens and companies cannot deal with SDNs without getting a license.

OFAC also administers comprehensive sanctions. These prevent U.S. individuals or businesses from interacting with entire nations, like Iran.

With each of the individuals or entities that it designates, OFAC discloses an array of useful information including the SDN's name, their aliases, address, nationality, passport, tax ID, place of birth, and/or date of birth. U.S. individuals and firms are supposed to take a risk-based approach to cross-checking this information against each of the counterparties they transact with so as to ensure that they aren't dealing with an SDN. They must also be aware of U.S. comprehensive sanctions so they don't accidentally interact with an entire class of sanctioned individuals, say all Iranians. Failure to comply can result in a monetary penalty or jail time.

Whereas Coinbase appears to have chosen to ignore OFAC's requirements when it comes to validation, Kraken hasn't, and has incorporated the SDN list into the internal logic of the validation services that it provides. But Kraken has only done so in a limited way, as I'll show below.

Five years ago OFAC began to include an SDN's known cryptocurrency addresses in its array of SDN data. To date, OFAC has published around 600 crypto addresses, including around 150 Ethereum addresses, of which a large chunk are related to Tornado Cash. Kraken is using this list of 150 addresses as the basis for excluding certain transaction from the blocks that it is proposing to the Ethereum network.

Data source: OFAC and Github

Among members of the crypto community, this sort of editing out of OFAC-listed addresses is sometimes described as creating "OFAC-compliant blocks." Hard core crypto ideologues believe that it compromises Ethereum's core values of openness and resistance to censorship.

While Kraken's approach may appear to be the compliant approach to proposing blocks, it's not. It's half-compliance, or compliance theatre. 

OFAC-compliant blocks as compliance theatre 

Right now, Kraken's block validation process merely weeds out transactions involving the 150 or so Ethereum wallets that OFAC has explicitly mentioned, which includes Tornado Cash addresses. But many of the SDNs linked to these 150 wallets have probably long since adapted by getting new wallets. Kraken isn't taking any steps to determine what these new wallets are, and is therefore almost certainly processing these SDN's transactions in its blocks. This would put it in violation of OFAC policy.

Of the 12,000 or so SDNs on OFAC's SDN list, most are not explicitly linked by OFAC to a specific Ethereum wallet. But that doesn't mean that these entities don't have such wallets. To be compliant, Kraken needs to scan the entire list of 12,000 SDNs and verify that none of them are being included in Kraken blocks. Again, it doesn't appear to be doing that.

Complying with OFAC isn't just about crosschecking the SDN list. Remember, OFAC has also levied comprehensive sanctions on nations such as Iran, which prohibit any U.S. entity from dealing with Iranians-in-general. Because Kraken limits its block editing to the 150 or so Ethereum addresses mentioned by OFAC, it is almost certainly letting Iranian transactions into the blocks that it is proposing. Which is ironic, since the very infraction that Kraken was punished for last year was allowing Iranians to use its trading platform. Apparently Kraken has one Iran policy for its trading venue, and another policy for its block proposal service.

Coinbase's decision to ignore OFAC altogether now makes more sense. Perhaps it's better to not comply at all and thereby retain the ability to claim the non-applicability of sanctions law to validation, than to comply insufficiently but in the process tacitly admit that OFAC has jurisdiction over validation. As part of this strategy, Coinbase may try to fall back on arguments that validation isn't a financial service, but qualifies as the "transmission of informational materials," which is exempt from sanctions law.

Having started down the path to compliance, the only way for Kraken's validation business to be even close to fully compliant with sanctions law is to adopt the very same exhaustive process that its own crypto trading venue abides by. That means painstakingly collecting and verifying the IDs of all potential transactors, cross-checking them against OFAC's requirements, and henceforth only proposing blocks that are made up of transactions sourced from its internal list of approved addresses.  

By adopting this complete approach to verifying transactions, Kraken would now be closer to compliance. As for OFAC, it would be relieved of its awkward situation.

There is no easy policy decision for OFAC

However, this approach has its drawbacks. A requirement that IDs be verified for the purposes of block inclusion would be expensive for Kraken to implement. I suspect that the company would react by ceasing to offer validation services. Even if Kraken and Coinbase were to roll out an OFAC-compliant know-your-customer (KYC) process for assembling blocks, most Ethereum transactions would probably flow to no-hassle offshore validators, which don't check ID because they are under no obligation to comply with OFAC.

So in the end, the very transactions that OFAC wants to discourage would end up happening anyway.

Compounding matters, by pushing validation away from U.S. soil, the U.S. national security apparatus would have destroyed a nascent "U.S. Ethereum nexus," one they might have otherwise levered as a tool for projecting U.S. power extraterritorially. If you're curious what this entails, consider how the New York correspondent banking nexus is currently harnessed by the state to exert U.S. policy overseas. A San Francisco-based Ethereum nexus would be the crypto-version of that. But not if it gets chased away.

To prevent validation from being performed everywhere but the U.S., the government could twin a requirement that domestic block validators implement KYC with a second requirement that all U.S. individuals and companies submit all Ethereum transactions to sanctions-compliant validators. This would pull U.S. Ethereum transactions back onto U.S. soil and into the laps of Coinbase and Kraken.

But this is a complicated chess game to play, and you can see why OFAC has been hesitating.  

On the other hand, OFAC can't prevaricate forever. Sure, crypto is still small. But OFAC is an agency with a democratic mandate to administer law, and law is clearly being broken. It cannot "not govern." To boot, sanctions are a matter of national security, which adds to the urgency of the issue.

One option would be for OFAC to offer an explicit sanctions law exception to U.S. blockchain validators in the form of a special license. But that invokes questions of technological neutrality and equal treatment before the law. Why should Coinbase and Kraken be allowed to maintain financial networks that admit sanctioned actors whereas other network operators, like Visa or American Express, do not enjoy this same exemption?

This isn't just about fairness. By providing a blockchain carve-out, OFAC may unintentionally spur the financial industry to switch over to blockchain-based validation, because that has become the least-regulated and therefore cheapest technological solution for deploying various financial services. At that point, OFAC will find itself with far less to govern, because a big chunk of finance now lies in the zone that OFAC has carved-out.

I don't envy the mandarins at OFAC. They've got a tough decision to make. In the meantime, Coinbase continues to process Tornado Cash transactions every hour.