The indictment is deeply disturbing in its utter disregard for the truth. The basis for it is summarized by this paragraph in the linked article:
>>The allegations include that the defendants: (a) paid for web hosting services for a user interface that allowed users to send transaction messages to the underlying smart contracts, (b) paid for a software repository (Github) where smart contract and user interface software and documentation was hosted, and (c) had (for a time before May 2020) “complete control” over the Tornado Cash smart contracts.
Paying for Github hosting of open source software, and running a server that serves the HTML/JS of a web interface, that people run locally to interact with a blockchain-based smart-contract, are completely protected under the First Amendment.
The last of the three allegations refers to an admin key that the developers could use to upgrade the smart contract, that they destroyed two years before any alleged criminal use of the smart contract.
The indictment is disingenuous, containing mischaracterizations, contradictions and lies of omission. You can find it here:
It first claims they made no modifications to the "service" (by which they mean a supposed combination of the web front and the smart contract that the indictment alleges was run by them) to prevent criminal use:
>STORM and SEMENOV knew about these money laundering transactions and received complaints and requests for help from victims of hacking and other cybercrimes. However, they refused to implement any controls and continued to operate the Tornado Cash service and facilitate these money laundering transactions.
Then it contradicts itself in acknowledging they did change the "service", as they changed the web front to prevent criminal use:
>They implemented a change in the service so that they could make a public announcement that they were compliant with sanctions, but in their private chats, they agreed that this change would be ineffective.
But they couch this acknowledgment in an absolutely false/fabricated implicit claim that they deliberately neutered the modification to allow illegal use.
The indictiment follows this with the claim that they proceeded to run their "service"—by which they refer to the combination of the web front end and the smart contract—to process criminal deposits:
>They then continued to operate the Tornado Cash service and facilitate hundreds of millions of dollars in further sanctions-violating transactions, helping the Lazarus Group to transfer criminal proceeds from a cryptocurrency wallet that had been designated by the Office of Foreign Assets Control as blocked property.
The assertion is that the private chats confirm all of this, which again, is an absolute lie.
The missing context here is that the developers ran a server that served a web front end, that users ran locally to interact with the distributed smart contract.
The chats the indictment reference discuss how even with the filtering they instituted on the front end, bad actors would continue to be able to use the immutable smart contracts, because users were able to switch from using the sanctions-compliant front-end the developers provided, to their own front-end that was not sanctions-compliant.
The chats demonstrate showing frustration at the fact that criminals would be able to bypass the front end they provided, and continue using the autonomous Tornado Cash smart contract, putting to a lie the claim that 1. they could have done more to prevent criminal use of the smart contract, and 2. that they controlled the "service"—by which they refer to the web front end and smart contract they allegedly ran—used by criminals. They only uses of any software that they ran—after they implemented the changes the indictment references—were sanctions-compliant ones.
The truth is exactly the opposite of what this indictment claims.
Money transmission is a licensed, strictly regulated, and strict liability carrying industry in the United States.
If there is one way to get the entire weight of the Department of Justice dropped on your head, it is to screw around and provide criminal/money laundering friendly financial transaction primitives.
Then, if you employ the internet or any State border crossing network to do it, it's wire fraud. If you lie to the Feds, and get caught having done so intentionally, that's a felony.
The law is not a computer. The judge and prosecution care not one iota for your imagined interpretation of what the law should be, and most of the time, the jury just wants to get it over with. In this case, it's likely the jury is going to be a lot more sympathetic to the victims of those who benefitted from this operation than the operators.
As I just explained, they did not launder any money. They served HTML/JS that users ran client side to effect their own transactions. Their service was completely passive in the transaction. Conceptually, it was no different than hosting a Github page.
They provided what is effectively open source wallet software, and you're suggesting other people using that software on their own computers, to commit crimes, should make them liable.
If the banal arguments of you anti-crypto ideologues are accepted by the courts, it would have absolutely devastating implications for Open Source software, Free Speech rights and technological innovation.
>>The allegations include that the defendants: (a) paid for web hosting services for a user interface that allowed users to send transaction messages to the underlying smart contracts, (b) paid for a software repository (Github) where smart contract and user interface software and documentation was hosted, and (c) had (for a time before May 2020) “complete control” over the Tornado Cash smart contracts.
Paying for Github hosting of open source software, and running a server that serves the HTML/JS of a web interface, that people run locally to interact with a blockchain-based smart-contract, are completely protected under the First Amendment.
The last of the three allegations refers to an admin key that the developers could use to upgrade the smart contract, that they destroyed two years before any alleged criminal use of the smart contract.
The indictment is disingenuous, containing mischaracterizations, contradictions and lies of omission. You can find it here:
https://www.justice.gov/usao-sdny/pr/tornado-cash-founders-c...
It first claims they made no modifications to the "service" (by which they mean a supposed combination of the web front and the smart contract that the indictment alleges was run by them) to prevent criminal use:
>STORM and SEMENOV knew about these money laundering transactions and received complaints and requests for help from victims of hacking and other cybercrimes. However, they refused to implement any controls and continued to operate the Tornado Cash service and facilitate these money laundering transactions.
Then it contradicts itself in acknowledging they did change the "service", as they changed the web front to prevent criminal use:
>They implemented a change in the service so that they could make a public announcement that they were compliant with sanctions, but in their private chats, they agreed that this change would be ineffective.
But they couch this acknowledgment in an absolutely false/fabricated implicit claim that they deliberately neutered the modification to allow illegal use.
The indictiment follows this with the claim that they proceeded to run their "service"—by which they refer to the combination of the web front end and the smart contract—to process criminal deposits:
>They then continued to operate the Tornado Cash service and facilitate hundreds of millions of dollars in further sanctions-violating transactions, helping the Lazarus Group to transfer criminal proceeds from a cryptocurrency wallet that had been designated by the Office of Foreign Assets Control as blocked property.
The assertion is that the private chats confirm all of this, which again, is an absolute lie.
The missing context here is that the developers ran a server that served a web front end, that users ran locally to interact with the distributed smart contract.
The chats the indictment reference discuss how even with the filtering they instituted on the front end, bad actors would continue to be able to use the immutable smart contracts, because users were able to switch from using the sanctions-compliant front-end the developers provided, to their own front-end that was not sanctions-compliant.
The chats demonstrate showing frustration at the fact that criminals would be able to bypass the front end they provided, and continue using the autonomous Tornado Cash smart contract, putting to a lie the claim that 1. they could have done more to prevent criminal use of the smart contract, and 2. that they controlled the "service"—by which they refer to the web front end and smart contract they allegedly ran—used by criminals. They only uses of any software that they ran—after they implemented the changes the indictment references—were sanctions-compliant ones.
The truth is exactly the opposite of what this indictment claims.