Conversation

if true, this thread has scary implications for anyone who contributes to open source privacy software. basically you can be arrested if criminals use it and the authorities can’t figure out who else to arrest.

Quote Tweet

Petr Korolev

@skywinder

Aug 19

4/ That triggered investigations in the USA and Europe. And it appears that the investigators had no idea how to deal with the situation, no idea how open-source software development works, and just hit a developer with numerous commits and a real name on GitHub.

Show this thread

138

295

Replying to

It seems that this could potentially be legally complicated, a lot depending on Dutch law. Running a full on anonymized service would likely violate laws, unclear what writing software would imply and what’s the specific suspected crime here

Replying to

and

Tornado Cash is a smart contract which had approval for updates, etc. delegated to a community via a DAO. It's not a service they ran. The people running the code are Ethereum miners and people running other validating Ethereum nodes. The developers didn't host it as a service.

Replying to

and

I'm not sure "the DAO members aren't the ones guilty of the crimes committed by the code, everyone running Ethereum nodes are the ones guilty" is the winning position you think it is...

Replying to

and

Ethereum miners are the ones who can choose to omit transactions. One of the mining pools stopped including Tornado Cash transactions after the sanctions. They're the ones processing the transactions. It's legal for them to do that if they follow regulations placed on them.

Replying to

OFAC sanctions apply to US persons: home.treasury.gov/policy-issues/ If a miner is based in the US or run by US citizens, then they have to worry about this. Tornado Cash DAO wasn't processing transactions. They could come to consensus to push an update. Tornado Cash is still there.

Replying to

Since the DAO killed itself and apparently wiped their multisig keys, the only way to stop it is to find a serious vulnerability or miners could stop including TC transactions in their blocks. The code is still being run, and the DAO is gone. They aren't the ones running it.

Replying to

Ethereum miners are in the process of being replaced this month. Miners omitting transactions from blocks is relevant for a couple more weeks, at which point the people able to do that don't need a significant real world presence with lots of hardware / electricity anymore.

Replying to

Also, miners simply omitting transactions in their blocks is just an inconvenience rather than working censorship unless they start rejecting blocks from other miners including those transactions and have 50% + 1 hash rate in which case they've done a fork and have to win that.

12:17 AM · Aug 24, 2022Twitter Web App