Finance
Specials
On-chain Eco
Entry
Podcasts
API/RSS
Social
A turning point in the history of encrypted finance: USDCs are counterattacking DeFi
Summarized by AI
Original author: 0x137, BlockBeats
At the same time that the Ethereum test network announced the successful merger, the encryption world also ushered in another historical turning point: because the USDC issuer Circle froze the funds of some addresses Access rights, the mainstream DEX protocol dYdX has blocked user accounts and passively followed Tornado Cash sanctions.
3 days ago, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) placed Tornado Cash and 45 1 of its related Ethereum wallet addresses are included in its SDN sanctions list. This also makes Tornado Cash the second mixer sanctioned by OFAC after Blender.io. But unlike the former, Tornado Cash is the first case of regulators targeting an agreement for sanctions.
“The entire encryption industry has entered a major turning point, and the government’s supervision of the industry has also entered an unknown field". In a blog post published earlier yesterday, Circle CEO Jeremy Allaire kept emphasizing the significance of the "Tornado Cash incident." While expressing an attitude of absolute compliance with the regulatory order, the lines in the article reveal Jeremy's concerns and worries about this industry regulation and the future of encryption.
Tornado Cash: Side B of a Tool
< /p>
Creation Story
Roman Semenov, the founder of Tornado Cash, majored in physics as an undergraduate. He especially likes to study black holes, cosmic particles, and quantum statistics. But with the rise of the Internet trend, Roman began to contact and learn programming, and soon founded several Internet start-up companies in succession. In 2017, out of curiosity and love for new things, he entered the blockchain field again and worked on the expansion of Ethereum. At that time, the mainstream solution for Ethereum expansion was Plasma, but Roman discovered the efficiency problem of Plasma shortly after joining, and soon turned to the path of ZK Snark.
Roman initially learned about ZK Snarks without considering the privacy potential of the technology, It is only used to solve the scalability problem of Ethereum and the development of some oracle machines. However, as Roman went deeper into the encrypted OG community, he discovered the huge market for the privacy track and the natural advantages of his team.
Due to the underlying design, whether it is Bitcoin or Ethereum, transactions on the network are public. As long as others know your wallet address, your financial history is completely exposed. Roma found that many crypto hardcore players are unwilling to let themselves fall into this passive state, but it is very inconvenient to transfer assets between privacy tokens such as Ethereum and Monero. So I used this idea to try some privacy projects on the Ethereum hackathon, but I didn't expect it to be a big success.
Not long after, the team decided to put their little experiment into production and Tornado Cash was born up.
The most important thing about Tornado Cash is that it is no longer a simple The coin mixer, but a coin mixer built on a smart contract. For crypto newbies just joining Crypto, this may not make a difference. But for crypto OGs, this is critical because it involves custody.
In fact, the concept of coin mixer is not new, there are many teams working on it before Tornado Cash have tried, but most of them are centralized companies. Users only need to submit the specified address and pay the fee, and the asset transfer process is completed off-chain. This also means that their assets will be managed by the company, and user data and ownership are at risk. For many encrypted OGs that have experienced the "Mt. Gox incident", this is a huge Red Flag.
Smart contract based mixers like Tornado Cash are non-custodial. After sending funds to the mixer, the user will receive a deposit certificate and can send a withdrawal operation from the new address to the mixer at any time. In addition, Tornado Cash will also work with relay service providers to ensure that new addresses can withdraw funds without gas deposits. That is, it does not require hosting and saves Gas. Compared with traditional currency mixers, Tornado Cash has naturally become the first choice for privacy users.
After several years of development and nurturing, Roman has long been an iron-clad Ethereum OG. Adhering to the community-led concept, after Tornado Cash went live, the team hardly intervened in the operation of the protocol, mainly conducting development and research, and releasing new codes to GitHub. All Tornado deployments, protocol changes, and important decisions are made by the community through the DAO's governance model.
Of course, at this time Roman Semenov did not expect that his trump card agreement would be in 3 Years later, he became the "in-law" of terrorists and drug lords.
Hackers' favorite
In March 2022, the cross-chain bridge Ronin Bridge built by the famous chain game Axie Infinity team was stolen, and encrypted assets worth more than 620 million U.S. dollars were stolen in less than Lost in the space of a month, resulting in the largest crypto hack ever. When people discovered the problem and notified the team, all they could do was watch as almost $450 million in stolen funds flowed into Tornado Cash and was wiped out without a trace.
Although the theft of hundreds of millions of Ronin is still very rare, various large and small Small exploits and theft cases have shown a growing trend over the past year, especially in DeFi protocols and cross-chain bridges. And these incidents often have one thing in common, that is, the hackers will send most of the stolen funds to Tornado Cash.
It must be admitted that the core positioning and function of the coin mixer, and its seldom require KYC features, making them a natural first choice for cybercriminals. According to data from Chainalysis, nearly 10% of the funds sent from illegal addresses are transferred to currency mixers such as Tornado Cash, while the funds transferred to centralized trading platforms and DeFi such as "mainstream infrastructure" are not even distributed. More than 0.5%.
From 2021 to 2022, the proportion of funds from illegal addresses in the Tornado Cash protocol rose by 10% to more than 25%. In Monday's report, OFAC went even further to portray Tornado's role in illegal money laundering, pointing out that it has laundered more than $7 billion in money laundering in just three years since its inception.
Before imposing sanctions on Tornado Cash, the regulatory authorities also contacted Roman many times, hoping that the team It can provide corresponding improvements and solutions to the problem of illegal money laundering, but the team's response to this is not positive. Roman said that his team has little control over what Tornado users do with the protocol, and “there’s nothing we can do to help with the investigation because the team doesn’t have much control over the protocol.”
In an interview, Roman even set the Flag. He believes that imposing sanctions on decentralized protocols is “technically impossible.” For such a response, the regulatory authorities had no choice but to come up with a heavy hammer.
Central supervision vs open source protocols: How decentralized is Crypto?
A user named @Depression2019 tweeted shortly after news of the regulation broke , said that he has accumulated a large number of wallet addresses of celebrities and KOLs, and will send 0.1 ETH to them through Tornado Cash. Many users interacted below one after another, thinking that this kind of public resistance to supervision was just a joke.
Unexpectedly, on Tuesday, an anonymous address actually sent a transaction from Tornado Cash to these Ethereum addresses. Coinbase CEO, Beeple, talk show host Jimmy Fallon, clothing brand Puma, and wallet addresses created for donations to Ukraine were all affected, sparking a lot of discussion.
To a certain extent, this does reflect the absurdity of sanctioning users who receive funds from SDN blacklisted addresses, after all, they cannot refuse other people's transfers. At the same time, this again reflects the essential difference between native and centralized Crypto applications.
Because Tornado Cash is a coin mixer smart contract, not only cannot be closed, but also very It's difficult to fit into the legal regulatory framework, because you always have to have a sanctioned entity. Therefore, OFAC's approach is to "transfer" sanctioned entities, requiring or sanctioning US individuals or entities associated with Tornado Cash, requiring them to freeze transactions or funds from Tornado Cash.
Obviously, this method is very clumsy. The system framework of the regulatory agency is still stuck in the traditional finance that uses banks, funds and other institutions as "gatekeepers". If the entity of the institution is seized, the faucet of money will be seized. However, the open source and decentralized nature of Crypto itself aims to eliminate intermediaries. Without the concept of entities, supervision is actually difficult. According to data from Dune Analytics, since the OFAC ban was announced on the 8th, more than $55 million in ETH has still been transferred out of Tornado Cash and into new wallet addresses.
So, why are developers in the encryption field still full of concerns about this sanction? The answer is still the same.
「Source Code Is Speech」
Tornado Cash is not an entity. Although many encryption institutions "enjoyed" legal sanctions before Tornado, Tornado Cash is the first time that the regulatory department Pursue legal responsibility for the agreement. In other words, the sanctions against it not only have an impact on user privacy, but also pose a new threat to protocol freedom.
We have been in the encryption circle for a long time, and we have already understood the concept of "Code is law" . But for many OG developers, the agreement is not only the law in their eyes, but also the embodiment of their own thoughts and speech. In other words, freedom of agreement is as important as freedom of speech. After the announcement of the ban, some developers even moved out of the 1996 Federal Court "Bernstein v U.S." (Bernstein v U.S.) to defend the legal legality of "source code is speech" protected by the First Amendment of the United States Constitution. Regularity.
Circle CEO Jeremy also wrote in a blog post yesterday: "The sanctions agreement has now become a major policy issue, that is, we want to get The right to innovate without permission, while still upholding the principles of financial integrity and deterring bad behavior. This should attract great attention and discussion, and new policies are constantly developed.”
Indeed, the rough sanctions against Tornado Cash set a bad precedent for the supervision of the encryption field. Today is Tornado Cash, will it be Uniswap or SushiSwap tomorrow? When is the end? Where is the bottom line? Either way, the sanctions put decentralized protocols in a dangerous position.
Of course, this sanction also made the industry realize that the key to regulating Crypto is not in the protocol and No, but how many entities are there in the realm. In fact, this industry is not as decentralized as we thought.
Web3 on Web2
Within 24 hours after OFAC sanctions were announced, Tornado Cash's source code disappeared from Github, Roman's personal GitHub account was deactivated, and personal repository Shut down, he wasn't even on the sanctions list himself. And Gitcoin, the most important donation application in the encryption field, immediately stopped all sponsorship of Tornado Cash.
Although the code of Tornado Cash is still running, its interactive front-end webpage cannot be opened, making the It becomes even more difficult for crypto users unfamiliar with smart contracts to retrieve their funds.
Tornado Cash Github page
In the past year, various Web3 protocols and applications have emerged one after another, which is dizzying. We live in the decentralized narrative every day, seemingly forgetting our dependence on Web2. The management of community information relies on Discord, the dissemination of industry information relies on Twitter, and the dissemination and development of code relies on GitHub.
This seemingly reasonable dependence provides a favorable bargaining chip for centralized supervision, Because it increases the number of entities in the realm. Although regulators cannot close the contract, they can prohibit the dissemination of code; although they cannot ban the DAO community, they can monitor or even cut off the contact between members; although they cannot find an anonymous team, they can block the Twitter account of the project. As long as there are enough entities, the regulatory hand can be everywhere.
These real risks are in the narrative of the industry's "harmonization" and "mainstreaming" It has been completely forgotten by people, and decentralization and dematerialization seem to have become two concepts. This sanction can also be regarded as a wake-up call for the industry. In Web3, the non-agreement is the entity, and once the entity is regulated.
Centralized DeFi
Despite fully expressing concerns about OFAC sanctions, Circle should be obedient and immediately froze the USDC access rights of the addresses on the SDN list. This has opened the eyes of many crypto users, and it turns out that the "digital dollars" in their hands can also be confiscated. We can't help but think, how is this different from traditional finance?
In the field of encryption, stable currency can be described as the largest track, with a market value of over 100 billion US dollars. 10% of the entire crypto market. There is no doubt that without stable coins, there would be no DeFi Summer, let alone the prosperous Web3 ecosystem today. It can be said that stablecoins are the cornerstone of today's decentralized world. However, three of the four major stablecoins (USDT, USDC, BUSD, and DAI) currently occupying the main body of the market come from centralized institutions.
After USDT fell into a brief crisis in 2018, the risks of centralized stablecoins have always been It's a hot topic of debate. Although the centralized stable currency is based on sufficient collateral, there is a risk of freezing the US dollar legal currency stored in its bank account. In addition, some deposits will be used to purchase corporate bonds, national debt, etc., which also increases the risk of centralization. People have always preferred USDC over USDT, believing that Circle is more compliant and transparent. The freezing of access rights has also made many people realize that the difference between the two is not very big.
In order to get rid of the risk of centralization, decentralized stablecoins like DAI came into being . It also adopts full mortgage, but uses decentralized encrypted assets, and the anchor with the US dollar is realized by adjusting the interest rate through an algorithm. As good as the narrative is, the reality is not. Whether it is DAI or FRAX, USDC has an absolute proportion in its mortgage assets. In other words, the current decentralized stablecoins are still built on a centralized basis.
Sure enough, shortly after Circle announced the freezing of blacklist address access rights, dYdX, one of the mainstream DEXs, reported that user accounts were frozen for no reason Condition.
dYdX issued a statement saying that OFAC's "surprise ban" made many people who had never directly used Tornado Cash users were also impacted, without even realizing their funds had been associated with Tornado Cash until they interacted with our platform.
Although the dYdX team is working hard to adjust within the scope of compliance, some accounts have been unbanned, But in the face of the "invisible hands" of OFAC and Circle, the team is powerless. On Twitter, dYdX founder Antonio expressed regret over OFAC sanctions and Circle’s freezing of access rights, but at the same time pointed out the reality that DeFi cannot do without USDC. It is conceivable that more DeFi protocols or Web3 applications will have the same problem in the future.
In fact, after the collapse of UST, the proposition of algorithmic stable currency gradually lost its luster. New and old stable currency projects have returned to the road of full or over-collateralization, and USDC has also become the their main endorsement assets. This is indeed a very Ironic fact: a financial institution incubated by a Wall Street giant has now become the mainstay of the entire DeFi. We can't help but wonder, who is the master of the decentralized world?
“Know Your Customer”: About Privacy and Confidentiality
People in the encryption circle talk about KYC all the time. Centralized trading platforms require KYC, project crowdfunding requires KYC, and Metaverse requires KYC to buy real estate. However, although KYC is often mentioned in this industry, many users do not know what KYC means. In fact, KYC is not just a set of verification procedures.
"Know Your Customer" has been the basic principle of traditional finance for a long time. By understanding the work and financial background of your customers, you can assess the potential risks of opening an account for them, and more importantly, prevent "Bad Actors" from entering the market. But we also know that finance is also an industry that attaches great importance to privacy. After all, no one wants to let others open their financial status casually.
Because of this, anti-cheating KYC needs and privacy needs to protect personal information form a The forces that exclude each other but attract each other have become a paradox that the industry cannot solve. So in the financial world, we will hear another saying: "Privacy and secrecy are like twins, often confused by people."
The Panama Paper
In April 2016, a German newspaper called Sddeutsche Zeitung published a leaked document from a law firm. A week later, more than 100 media outlets from around the world, in collaboration with the International Consortium of Investigative Journalists, launched a massive investigation into the document that has since become synonymous with exposing international financial and political corruption—the Panama Papers.
The leaked documents come from Mossack Fonseca, one of the world's four largest offshore law firms. Among the 11.5 million encrypted files, more than 210,000 tax avoidance networks were covered, involving individuals and entities from 200 different countries, including more than a dozen current or former world leaders, hundreds of business and entertainment celebrities, and other plutocrats. The individuals' personal financial information is kept completely private until the documents are made public.
Investigators found that most of the documents contained no illegal activities, and the offshore Commercial entities are also perfectly legal. But when people dig deeper, they find that under layers of shell companies and obscure terms, there are a lot of crimes such as tax evasion and fraud hidden. This mature legal framework does not simply protect the financial privacy of Super Rich, it also provides a shelter for "Bad Actors".
located in Panama
It is undeniable that the privacy market can bring huge profits. But the pursuit of privacy and high standards often nourish the growth of secrets unintentionally, and sometimes even deliberately. After all, the people who have the greatest need for privacy are nothing more than the above two types of people. For a long time, the competition for the privacy market has been staged in various financial centers around the world. From Switzerland to London to New York, governments and financial institutions have attracted higher standards and more affordable terms under the hat of "Know Your Customer". Huge sums of money, including "Blood Money" from ill-gotten sources.
crypto's "Secret War"
I mentioned so much, just to show that the struggle about privacy and secrets does not only exist in the encryption field, but an eternal proposition that runs through the entire financial world .
Actually, Tornado Cash is not exactly a "house of robbers". According to Chainalysis data, more than half of Tornado’s funds come from DeFi protocols and centralized trading platforms. Due to privacy needs, many DeFi project teams and Crypto whales will regularly use Tornado Cash to change their wallet addresses. For them, Tornado is an essential privacy tool.
The same is true for ordinary encrypted users. When we encounter situations such as anonymous donations to specific organizations and countries, or payment of sensitive medical expenses, privacy tools reflect For what it's worth, it's just that such cases are uncommon. On the 9th, in order to support this view, Vitalik also publicly stated on Twitter that he had used Tornado Cash to donate to Ukraine.
In response to the regulatory sanctions, the industry has actually responded positively. While emphasizing the importance of this incident, Circle CEO Jeremy called on industry leaders and developers to brainstorm to provide decision makers with better and more suitable regulatory solutions for Crypto to ensure the future of free and open source protocols.
Personally, I always believe that what Crypto is facing is not a regulatory battle, but a "secret" battle.
For a long time, the regulatory excuses for the encryption industry are mainly anti-money laundering and anti-fraud. This is true from currency to DeFi, and now Tornado Cash. You have to admit that there are a lot of illegal behaviors in both the real world and the encrypted world. Since the illegal behaviors in the real world are sanctioned, why shouldn’t the illegal behaviors in the encrypted world?
In fact, decentralization does not mean deregulation, even in a decentralized world, There is still "Code is law". Crypto should not become a place outside the law. Maintaining a healthy financial and community order is also the basic responsibility of "Crypto Code".
欢迎加入律动 BlockBeats 官方社群:
Telegram 订阅群:https://t.me/theblockbeats
Telegram 交流群:https://t.me/BlockBeats_App
Twitter 官方账号:https://twitter.com/BlockBeatsAsia
