Crypto Fans Are Mad, Mad, Mad at the US Government. Again.

Zero-Knowledge Proof: The Fight for the Future of Financial Privacy Technology

To be fair, the Department of Treasury’s latest proposed rule targeting cryptocurrency “mixers” has backed enthusiasts and developers into a corner. A drawn-out fight in the courts seems likely.

On the other hand, some believe the same cryptographic capabilities that the government has targeted could also help crypto get out of this particular pickle.

In October, the Department of Treasury filed a notice that it intended to create a rule requiring financial institutions to submit detailed reports about transactions involving platforms or services known as mixers. Mixers pool deposits from multiple users before letting individuals withdraw the same amount as they deposited, but stripped of any information that may identify them. People use mixers to do things like make anonymous donations — and, yes, launder money.

Under the proposed rule, if a crypto account at a regulated financial institution were to transact with a mixer and the institution so much as “suspects” that the transaction involved a non-US jurisdiction, it would be required to submit a report to the Treasury’s Financial Crimes Enforcement Network (FinCEN). The report would need to include the amount, personal information about the customer, and information about the mixer the customer used, among other data points.

This kind of thing does not go over well with crypto users, who tend to also be privacy advocates. As written, the rule would “baselessly tar many legitimate transactions as criminal,” crypto policy think tank Coin Center argued in its public comment last week.

The proposal “seeks to vilify a particular technology rather than address the root cause,” argued LeXpunK, an advocacy group made up of crypto lawyers and developers. Treasury’s actions, including the sanctions it imposed against Ethereum-based mixer Tornado Cash last year, have had “a material chilling impact on privacy and the development of privacy-preserving technology, particularly in the US,” the group added.

It is true that Treasury has drafted a broad definition of “mixing” that could encompass a large portion of all day-to-day cryptocurrency transactions. And based on my reporting, Treasury’s actions have legitimately raised fears among developers that working on crypto privacy technologies could get them in trouble with American law enforcement. As I’ve argued before, this stuff has implications for the future of online privacy generally, not just cryptocurrency.

But let’s acknowledge the elephant in the room.

It seems clear that Kim Jong Un’s regime in North Korea has forced the US government’s hand here. If the Lazarus Group, North Korea’s notorious state-sponsored hacker collective, had not been one of the biggest users of Tornado Cash, we may not even be having this conversation.

So, if crypto developers could come up with their own way of preventing North Korea from stealing and laundering cryptocurrency to fund its nuclear weapons program, maybe Uncle Sam wouldn’t be so bent out of shape. (Okay, the key word is “maybe.” Call it a plausible theory.)

Mixers are bad … mkay?

Treasury’s proposed rule would draw on authority provided by the Patriot Act, a sweeping anti-terrorism law created in the wake of the 9/11 attacks. It would classify “transactions involving convertible virtual currency (CVC) mixing” as “transactions of primary money laundering concern.”

“Over the past few years, Treasury has monitored, and expressed concern with, the increasing use of CVC mixing by illicit actors,” the department stated in October. “In particular, the (Democratic People’s Republic of Korea) — already under pressure from robust United States, European Union, United Kingdom, and United Nations sanctions — relies upon CVC mixing to launder the proceeds of cyber heists in order to finance the DPRK’s WMD program.”

This is where details get murky and there’s simply a ton of information that the feds probably have that we, the public, definitely do not. In August, when the Treasury imposed sanctions on Tornado Cash, it claimed that the Lazarus Group had used the service to launder more than $500 million in stolen crypto. Public reporting from blockchain analytics firms suggests that North Korea has raised well over a billion dollars over the past several years by stealing cryptocurrency. Late last year, during a hearing focused on combating illicit finance, Senator Mark Warner implied that the government has more knowledge of these activities than it has revealed, and said he’d try to get more declassified. “Unfortunately crypto is being used in a disproportionate way” by “rogue regimes” including North Korea, Warner said.

No matter how you slice it, crypto is in a pickle: one of America’s nuclear-armed adversaries is inarguably using the technology to its advantage, activating national security policies that expand the government’s power to impose restrictions on certain kinds of financial transactions. Private cryptocurrency transactions, utilized by many folks who are not committing crimes or undermining the US, are in the crosshairs.

For example, suppose someone holding crypto in an account at an exchange wants to donate some of that money to a politically controversial cause and doesn’t want their name attached to the transaction. They might send money to a mixer first. Under this rule, the exchange would have to report details about that transaction to FinCEN.

The “primary money laundering concern” designation “carries real economic consequences,” Coin Center wrote, “such as financial account limits, blocks, and closures, as well as the moral condemnation and reputational harm that is likely to stem from being labeled a presumptive money launderer and criminal.”

If the government doesn’t narrow the category of transactions for which this designation would apply, “there will be abundant opportunities to expand the case law on the due process rights of persons wrongly designated as a [primary money laundering concern],” Coin Center wrote. “In all past cases the designation has been specific to a finite foreign geographical region or a particular financial institution rather than, as here, a broad and vaguely-defined category of activities in which many ordinary Americans engage.”

FinCEN says that a given entity will only need to submit reports when it “knows, suspects, or has reason to suspect a transaction involves CVC mixing within or involving a jurisdiction outside the United States.” But an institution could not “know” this — that’s the point of a mixer. Similarly, how is an institution supposed to have enough information to “suspect, or have reason to suspect” involvement of a foreign jurisdiction? “The rulemaking is silent on the question,” Coin Center noted.

Put a ZKP on it

Is the only prescription … more crypto?

“FinCEN’s concerns can be addressed through a technological solution centered around zero-knowledge proof (ZKPs),” argued the DeFi Education Fund (DEF), another crypto policy advocacy group. This technology, which is also at the heart of Tornado Cash, lets one party verify a secret for another party without revealing the secret itself. “ZKPs can be customized to prove that a withdrawal is not associated with illicit activities by proving that the withdrawn funds do not originate from deposits on a ‘black list,’” the DEF explained in its public comment.

This proposal is essentially the same one that Ethereum co-creator Vitalik Buterin, crypto developer Ameen Soleimani, and others have referred to as “privacy pools” or “proof-of-innocence.”

“The core idea…is to allow users to publish a zero-knowledge proof, demonstrating that their funds (do not) originate from known (un-)lawful sources, without publicly revealing their entire transaction graph,” wrote Buterin, Soleimani, and three other co-authors in a recent academic paper examining the privacy pools concept. Before withdrawing from a mixer to an exchange, a user could, for example, prove their deposit was part of a set that included deposits from customers at legitimate banks — confirming that a bank had run anti-money-laundering checks — without revealing which deposit it was. Or they could prove that their deposit was not part of a blacklisted set that included addresses known to be associated with criminals or national security threats like the Lazarus Group.

Like so many crypto things, that sounds very cool and very … theoretical. The DEF provided few details about how FinCEN could make it work practically. But projects are working on making the idea a reality, including Soleimani’s Privacy Pools and the private payment protocol Railgun. If they succeed, the next trick would be convincing the normies in Washington that something called a “zero-knowledge proof” is something they can trust — before they get the chance to mess things up with imprecise regulation.