Greg Lang
@designheretic
The case against Roman Storm convenes in the US. on December 2 If he is convicted, it will set a dangerous precedent—the US government will be empowered to target any open source software developer for crimes allegedly committed with the help of their code Please donate to his defense @ wewantjusticedao.org
4 replies
15 recasts
84 reactions
Jordan
@ruminations
"allegedly" lmao
1 reply
0 recast
1 reaction
Greg Lang
@designheretic
The unfunny part about “allegedly” is that because TC works so well, the crimes the indictment claims they facilitated cannot be proven to have actually been facilitated by the service—all they can show is that an address they were tracking used TC—what happened after that is unknowable
1 reply
0 recast
1 reaction
Jordan
@ruminations
That’s what they thought. However, TRM and Chainalysis figured out how to trace funds through tornado cash no later than 2020. That aside — many of the crimes began before the funds arrived in tornado cash. For instance North Korean hackers frequently stole from protocols / bridges etc and then used TC to launder the funds. So the criminal case is predicated on the founders being very aware that this was happening but taking no steps to prevent this — even through the TC hosted front-end.
1 reply
0 recast
0 reaction
Greg Lang
@designheretic
I haven’t seen any such evidence that would be admissible in court, so remain skeptical that it would (probability-based or timing-based unmaskings are by their nature subject to a degree of uncertainty and thus may be inadmissible from an evidentiary standpoint) Regardless—what action could have been taken that didn’t compromise the utility of the protocol? Unless one is opposed to strong privacy existing, out of fear that some bad actors escape scrutiny, anything they might have done would’ve rendered the protocol a purposeless waste of gas I for one favor a system that doesn’t conscript protocol developers into service as police—as the legitimate uses of strong privacy are more beneficial than any negative impacts that may result from protecting bad actors along with everyone else That’s my 2 gwei—I take it you prefer a “nothing to hide, nothing to fear” approach? https://open.substack.com/pub/designheretic/p/securing-the-fourth-reclaiming-the
1 reply
0 recast
1 reaction
Jordan
@ruminations
Hey Greg, thanks for engaging. I don't buy the “nothing to hide, nothing to fear” argument. I think privacy is good. While prosecuting devs for open-source software feels distasteful, I don't think that's an accurate characterization of what happened with TC. TC Itwasn't just a repo — it was built by a company, owned by Pertsev, who profited from it. TC was later governed by a DAO which introduced a token that appreciated with usage, which members of the DAO profited from. Tornado Cash essentially acted as a corporation operating a financial services platform, which is subject to regulation like any other. If devs want to avoid legal liability for their work they shouldn’t create legal structures to profit from software in a legal gray area.
1 reply
0 recast
0 reaction
Greg Lang
@designheretic
Yes, I get that framing too—and it may be true in this case, I don’t know—I don’t have access to the evidence The precedent it will set if we accept extenuating circumstances is a slippery slope that leads directly to the prosecution of open source devs for building things that get thrown by authoritarians into the “grey zone” next It may not begin with the most abusive possible application, but if we allow for it, it will not take long to get there
1 reply
0 recast
0 reaction
Jordan
@ruminations
Yeah, that’s fair. I think the law needs to catch up here
0 reply
0 recast
0 reaction