The Scourge is Coming
Ethereum, Tornado Cash and the Future of Blockchain Censorship Resistance.
OFAC Sanctions the Cryptocurrency Mixer Tornado Cash
Last year in early August, the Office of Foreign Asset Control (OFAC) - a US Department of Treasury enforcement agency - issued a press release sanctioning the “notorious virtual currency mixer Tornado Cash”.
Tornado Cash is a cryptocurrency mixer (or tumbler) which is used to anonymize blockchain transactions. It does this by pooling funds from many different depositors and then, after a period of time, returning them. This means that for anyone trying to trace these funds through the public blockchain, the money trail effectively stops at Tornado Cash. While there are entirely legitimate privacy-preserving uses for mixers, they obviously also attract illicit funds. This is little or no different to how cash is used in the realm of fiat currencies.
At the time of the OFAC press release, Tornado Cash had processed around $7.7 billion in deposits. This included $455 million from the Lazarus Group (a state-sponsored North Korean hacking collective) and $96 and $7.8 million from the Harmony Bridge [1] and Nomad heists respectively.
OFAC sanctions make it illegal for US citizens to interact with Tornado cash - requiring special permission to even withdraw their funds from the platform. However, given it’s decentralized nature, Tornado cash continues to operate - albeit with drastically lower volume.
On 10 August 2022, just a few days after the sanctions were announced, 29-year-old Tornado Cash developer Alexey Pertsev, a Russian national living in the Netherlands, was arrested by the Dutch Fiscal Investigation and Information Task Force. He is accused of concealing criminal financial flows and facilitating money laundering. Designated a flight risk, Pertsev was denied bail and is still in state custody. He will remain there at least until his next court date, currently scheduled for 20 February 2023.
» Sign the petition to free Alex Pertsev
Tornado Cash, by design, is not operated or maintained by a single person or legal entity. It’s also non-custodial, meaning that Tornado Cash never has any direct control over the funds circulating through it. It’s just code running on public blockchains like Ethereum in the the form of a dApp or decentralized application. Pertsev’s arrest cannot have any impact on its availability and continued operation.
This begs the question: Why arrest a developer with no influence over the software at the center of the allegations? The most readily discernible reason is to send a message: Developers can and will be held responsible for how their code is used. The fact that they have no control over it is beside the point. (Although this last point could be attributed to plain ignorance about how decentralized applications.)
OFAC Compliance = Blockchain Censorship?
OFAC sanctions have had a chilling effect not just on the cryptocurrency development community, but on the networks at large. To comply with sanctions, certain critical parts of Ethereum’s network infrastructure (known as MEV-boost relays) started to block transactions from Tornado Cash and affiliated addresses. 60% of new Ethereum blocks are currently OFAC-compliant.
Relay operators (especially those based in the US) see blocking transactions from sanctioned addresses as necessary regulatory compliance. They fear that processing these transactions could be considered legally tantamount to aiding and abetting a criminal enterprise - despite the absence of any clear legal precedent for this assumption.
Crypto ideologues have vehemently decried transaction blocking of any kind. They see this as a form of censorship - namely, a violation of the principle of platform neutrality. Platform neutrality is a core tenet of the rallying ethos driving many cryptocurrency projects. It's the idea that all network participants should be treated equally by the network infrastructure.
“If you have an idea for an [app] or if you should deploy an asset, even if you do a Ponzi scheme or whatever, the platform treats you in a neutral way,” he explained. “I feel like it’s important to have one place where, even at a geopolitical scale, you don’t have the fear that one party could just, say, freeze the accounts or the assets of another party.”
Will Censorship Fork Ethereum?
Conceptually, platform neutrality bears a certain resemblance to net neutrality. There were was a spirited online debate about net neutrality a few years ago, when the US Federal Communication Commission under President Trump scrapped hard-fought Obama-era restrictions on throttling and restricting content by internet service providers - a move that could pave the way for what has been described as a two-tier internet.
In practice, transaction censorship by Ethereum relays has not made it impossible for users to interact with Tornado Cash or other sanctioned entities. There are still three major relays that remain neutral, accepting transactions from any addresses. Even with the percentage of OFAC-compliant blocks standing at 70%, it still takes only around 30 seconds for a non-compliant transaction to be confirmed.
However, the Tornado Cash episode did highlight some potential weaknesses in Ethereum’s network design.
The Merge and the Scourge
On 15 September 2022, Ethereum underwent its largest network overhaul to date. Dubbed “The Merge”, this update saw Ethereum migrate from a proof-of-work (PoW) to a proof-of-stake (PoS) consensus mechanism. (A consensus mechanism is the means by which new transactions are validated, confirmed and added to the blockchain.) The switch to PoS means that transaction validation is accomplished by staking (locking in a certain amount of coins for a period of time) rather than by mining. As a result, Ethereum’s energy consumption sank by 99.95% overnight.
The Merge is the first milestone of what was initially a five-stage development roadmap proposed by Vitalik Buterin, the founder of Ethereum. An additional stage (The Scourge) was added in early November 2022. The stated purpose of The Scourge is to “ensure reliable and fair credibly neutral transaction inclusion” [!] and to “solve MEV issues.”
The updated Ethereum development roadmap is now as follows:
- The Merge: migration from PoW to PoS consensus - completed September 2022.
- The Surge: improve network scalability and capacity - tentatively scheduled for 2023.
- The Scourge: decentralization improvements.
- The Verge: introduction of statelessness, simplify transaction verification.
- The Purge: reduce blockchain size on-disk.
- The Splurge: fixing everything else.
With The Scourge, Ethereum directly addresses censorship concerns in support of the principle of platform neutrality. And while ensuring censorship resistance may be of limited practical importance for most Ethereum users, it’s a critical win for crypto evangelists and the industry at large. The community’s response to Tornado Cash sanctions demonstrates resilience, unity and clarity of purpose. This reveals that there is widespread agreement on what crypto is and the value it brings to the world.
Funds originating from the Harmony Bridge heist were recently moved to Binance and Huobi. The accounts associated with the transactions were frozen by both exchanges. ↩︎