> There isn’t a “Bitcoin classic” chain floating around with an old set of consensus rules.
Yes, there literally is a Bitcoin Classic, and prior to that was a Bitcoin XT. There's also Bitcoin Cash, and many others.
Even excluding hard forks which were chain splits (so upgrade only), there have been several. There were two hard forks in 2010, one to add OP_NOP and one fixing a critical bug where anyone could spend any Bitcoin. There was a hard fork in 2013 (BIP-50) because a block broke a limit and at least one double spend occurred.
Why comment if you aren't educated on the topic? Or rather, why actively spread misinformation?
Sounds like you haven't wrapped your head around the basics of smart contracts.
Yes, a blockchain gives you an (ideally) immutable foundation. No, that doesn't mean that every transaction that invokes a smart contract has to be immutable. If a smart contract for a particular use case needs to have the ability to "backtrack", so it can, there's nothing stopping it.
I don't have particular vitriol against Tornado itself, they do offer compliance tool and seem to have just been an eventual outcome in crypto.
I do however have an issue with the incredibly high rate of money laundering etc that flows through crypto. Particularly so with Tornado cash. It's the 'go-to' for easy money laundering.
And no that's not a 'general ignorance' it's just a bi-product of having decentralized systems, it's not for me. That doesn't mean people are ignorant of it.
Edit: It really irks me this "oh you just don't get it" from some people. It's unproductive and from my own experience, incorrect. They give crypto supporters a bad name.
Tornado cash is not money laundering. It just isn't. Please stop claiming that.
If it were money laundering, you would be able to purchase a house with the money you made from drugs and then mixed through tornado. You can't. It's indistinct from having cash you made from selling drugs.
You still need to create a fake business to launder your money the old fashioned way if you want to have a legitimate origin for your money. Tornado does not launder your money. Claiming the origin of your money is tornado and nothing else is akin to claiming the origin of your money is cash you found on the street or something.
> Tornado cash is not money laundering. It just isn't. Please stop claiming that.
If I deposit 200k USD into my bank account which came from Tornado.cash - They will ask for proof it came from there.
Tornado cash will confirm this with their compliance tools etc. However as to where it came from before is in practice today impossible to identify.
The bank // IRS whoever may suspect something bad, but unless they can prove it, and I pay taxes on it, then that money is considered clean.
All one would need to say is - I lost my original wallet(s) when I slowly dripped it from a few old accounts I had when I was mining back in the day into Tornado.
I'm sure there are other clever ways cretins will come up with too but thats just off the top of my head. A very effective annonomizing tool helps that.
I'm not condoning it, I just don't think you should be too naive to believe its not happening.
> I do however have an issue with the incredibly high rate of money laundering etc that flows through crypto.
Incredibly high relative to what exactly? The total exchange volume of the cryptocurrency industry? Can you show some figures to back that assertion? OR are you talking relative to the global economy? In that case, it's not even a drop in the bucket.
Clearly the Tornado Cash team should have simply started a bank instead, then they would only need pay a fine and carry on.
> You simply can't argue that money laundering isn't rampant on cypto currencies.
Actually, I can quite easily argue that. Neither of your sources give evidence or numbers that justify your assertion.
In fact, less than 1% of transactions are shown to be illicit activity, and the majority of that is scams, not money laundering. Here's a report from your 2018 source, CipherTrace, only using more recent data: https://ciphertrace.com/2020-year-end-cryptocurrency-crime-a...
I quote:
> Cryptocurrency, with its similar characteristics, may likewise struggle to ever completely shake its bad reputation, despite illicit transactions making up less than 0.5% of Bitcoin’s yearly volume in 2020.
A more important clarification, which is precisely the reason I used blockchain instead:
Crypto != cryptocurrency.
You conflate the two several times across this thread, they are not the same.
With that aside, I'll ask again. Can you show some figures that back your assertion that there is a "high rate of money laundering flowing through crypto[currency]"? I would assume not, given that the very firms actively working with regulators and monitoring this activity disagree with that assertion.
I'm not going to be argumentative here, but the last article you referenced. Clearly coinbase would have a bias to promote userbase.
That said :
> Of that small portion, scams make up the overwhelming majority of cryptocurrency related crime.
How do you think those scams will cash out ? Next step - Places like Tornado.
> From 2017 to 2020, criminal economic activity was overwhelmingly conducted through traditional financial institutions.
This is apples and oranges. But a good number to put on paper when promoting a cryptocurrency exchange for sure.
There is just an incomparable amount of traditional fiat currency compared to crypto currency so how someone would even make that argument says a lot.
> Myth #2: More illegal activity takes place using cryptocurrency than with cash.
I have no idea what sincere person would say that myth was true unless it was said as a joke. So no argument there but again, not adding any value. See above comment.
> Myth #3: Cryptocurrency makes it harder for law enforcement to investigate malfeasance.
And the 'Facts' given ignore services like Tornado.cash. Conveniently wouldn't you agree ?
My personal opinion of the CoinBase article is "Shill out of Ten".
It does help when you check the numbers before making your assertions.
> Clearly coinbase would have a bias to promote userbase
You discount the post because it is from Coinbase, yet every point made is backed up with up-to-date sources from firms you have already deemed appropriate, such as CipherTrace and Chainalysis. That's an... interesting perspective to hold. A bit of cognitive dissonance going on there, methinks?
> How do you think those scams will cash out ? Next step - Places like Tornado.
From your own sources, usually exchanges which implement KYC/AML policies equivalent to traditional banks. Did you actually read them or do you just plop a few keywords in Google and hope for the best?
> And the 'Facts' given ignore services like Tornado.cash. Conveniently wouldn't you agree ?
> However, in spite of the money laundering risk associated with cryptocurrency mixing
services, tumblers are used for lawful activities more often than for illegal ones.
You don't seem interested in a rational or data-driven discussion so there's little fruit to harvest here, I'll leave you to your imaginings.
I think we have two different opinions on a side topic of Money laundering in regards to Tornado.
The original OP is the US Gov and GH overreaching and on that I fully agree.
I don't think your comments should be downvoted to oblivion at all. You definitely make some good points. I don't have all the real data in front of me so I'm just suspicious when there's a tool like Tornado.
It's an interesting problem and one that many decentralized applications will be forced to contend with, beyond simple airdrops. Many on-chain protocols and primitives simply don't need to differentiate between human user and program, but the ones that do are usually crippled if they fail to adequately do so. Quadratic funding mechanisms, for example.
I believe we're still very early on this front, there's lots of opportunity for innovation in terms of Sybil defense. Dox Your Customer is the easiest and naturally the most at odds with the Web3 paradigm, but there are others that make fewer compromises which have been tried with varying levels of success. Vouch networks/social graphs, attestation or reputation systems, video identity registries, recurring cost, time-coordinated Turing tests, etc.
I am certain novel approaches will continue to emerge until we land on something robust without sacrificing decentralization or the right to privacy.
> But the same irrevocability is now what makes me deeply concerned.
Strange hang-up to have. Irrevocability is not a trait that is fundamental to blockchain applications.
If the application is smart-contract based, irrevocability is a choice at the source code level. Just because one transaction in a block is irrevocable doesn't mean that another transaction in a future block can't undo whatever arbitrary state change was committed in the first. It depends entirely on what you make possible in the contract code.
Neither does the claim hold water for L1s that are the application (e.g. Bitcoin, Monero, etc.). If the entire Bitcoin core development team turned rogue, social consensus from the broader Bitcoin community would soon establish a new canonical chain. Hard forks can be and have been used. This is blockchain 101. Cryptographic and economic guarantees are not fundamental; the social layer is.
But that's just it: bad choices in the social layer become nearly irrevocable once a self-interested, powerful elite emerges. The bad choices put them on top and they will do anything to stay there.
> But that's just it: bad choices in the social layer become nearly irrevocable once a self-interested, powerful elite emerges. The bad choices put them on top and they will do anything to stay there.
I would argue that this trait is not unique to blockchain systems -- in fact, if you presented this argument without context, I doubt many readers would put blockchain in the top 5 potential referents. See: economic systems, political power struggles, social structures, etc.
Satoshi thought bailouts were the problem, but concentrated power was the problem. The libertarian "cure" of stronger property rights only exacerbates power concentration because concentrated power is in the best position to exploit stronger property rights. Cue exponential growth.
Regular economics uses the same dirty trick when it talks about value creation rather than wealth-weighted value creation. It stuffs all its dirty laundry in that one weight term and then "forgets" to talk about it. Oops!
Weight by wealth? You are failing to understand the basic concept of a hard fork. Social consensus doesn't care what your number on the blockchain says.
Case in point, the Hive hard fork.
One very prominent and widely unliked individual purchased majority ownership of the STEEM token. Weighted by wealth, they could now control the chain, its governance, and most notably unlock tokens (20% of the supply) that were (per social consensus between Steem and its community) not supposed to be unlocked.
So, what did the Steem community do in response? They hard forked the platform, launching Hive. All STEEM holders could migrate their assets to Hive, except the individual in question who attempted to takeover Steem via wealth. The malicious elite was cut off entirely. Today, two years on, Hive is still gaining in activity and has more than twice the market cap of STEEM. Comparatively, Steem has become a ghost town.
It is a choice at the software later. And who is making that choice? It's the initial people who actually write that software.
But what if that system is now affecting many other people, or the entire planet in a significant way? Should they have some voice over that?
Under a traditional governance regime the answer is that that is at least possible to change. It may be difficult, but it does not violate the laws of physics and can happen in less time than the heat death of the universe. But we can now write software that makes it functionally impossible for anyone to make that choice, even potentially the original designers. That is an option that we did not have before. It's in some sense the essence of trustlessness.
In some cases, this might be the right trade-off. For example, beyond the blockchain, this is also a way to think about encrypted communications. It is a very significant new power that we can now wield.
But it must be wielded carefully, and that doesn't seem to be happening.
So yes, blockchain applications don't need to be irrevocable. But the ability to make them so is something that could have a very significant implications—potentially negative.
As a somewhat tongue in cheek example, but with a little bit too much reality to be comfortable, this irrevocability might allow you to "create" a paperclip maximizer DAO (incentivized at the social layer, with humans doing the work).
> But what if that system is now affecting many other people, or the entire planet in a significant way? Should they have some voice over that?
This is an important point you are making. What you must recognize is that they absolutely can have some voice over that.
Just as we can write software (or smart contracts) that allow no one to update and fix such issues. We can write software that allows one person to do it. Or we can lock the ability behind a multisig, requiring a majority of the software's developers to do so. Still not good enough for the use case due to far-reaching trust ramifications? Then we write code that delegates the ability to trigger such an update to the entire userbase of the application.
In the world of contract platforms, you have to keep in mind that contracts and the tools that you can build with them are primitives. They are composable. There is no problem in building a DAO to control the ability to update a contract (or trigger arbitrary functions to remedy critical situations caused by unexpected and undesired state changes). This is already done in practice in various applications--and sometimes with undesirable outcomes! Of course, these are still experimental times and lessons are still being learned.
I've heard the metaphor that "writing your ledgers in pen instead of pencil doesn't make transactions irreversible" - meaning that in the same sense, actions on the blockchain could be coded to be irreversible.
The difference is in the authority of who gets to reverse transactions. For example, Tether can freeze and generally arbitrarily control USDT token. USDT therefore isn't really a cryptocurrency, since now a central authority can seize it. It seems to me that this authority undermines why one might want to use crypto in the first place. I don't think you can have it both ways.
It may undermine why you want to use USDT. I don't see why it would affect your desire to use DAI, for example.
The point is that you can have it any way you like it. There are no hard and fast rules like "irrevocability" as described above.
You can have a contract be not updateable, final, and verify its source code to know there are no malicious functions. Or you can have one that is updateable by its developer. Or one that is updateable by an elected authority. Or updateable by a DAO of the contract's users. There's no single way to do it or perfect solution.
Like most software development, it is the understanding of application requirements and selection of tradeoffs.
Wrong. Smart contracts can be updated. If they are deployed with the ability to update, any outcome can be revoked. It is as simple as adding a new function.
?? Updating a smart contract does not rollback the history of transactions, a wallet drained due to a buggy contract is drained for good, that’s what “irrevocable outcome” refers to.
You're missing the point. You don't need to rollback past transactions that make unwanted changes to the contract state. If you have the ability to update a contract, you can add whatever functionality you need to undo a given state transition. You invoke the new function with a new transaction. The old transactions don't suddenly not happen. Your new transaction simply reverses the state changes, making it as if they hadn't affected the state at all.
It's likely that you aren't considering this possibility because, of course, the average token contract does not do this. It would be a significant trust violation if a contract controller circumnavigated the need for signature checking or allowance setting in order to perform arbitrary token transfers. That does *not* mean the possibility for it to be done does not exist.
At the end of the day, token balances are just key-values in the contract storage, and how those values are changed is enforced at the contract code level. That code can say whatever its controller wants it to say, and if they deploy with the ability to update, they can alter the code as necessary in the future. Token contracts are extremely simply, easy to audit, and so are seldom deployed to be updateable.
To summarize, "irrevocable outcome" is not a fundamental trait of a smart contract application. It is a choice at the code level, with tradeoffs, which can be adapted to suit the application.
The way it has supported the development of practical zero-knowledge proof-based applications alone is worth the weight of the blockchain industry in full, and then some.
Not sure it has made it worth wading through the 2017 hot takes that HN continues to insist on upvoting though.
No - zero-knowledge Succinct Non-interactive ARgument of Knowledge (zk-SNARK) was first outlined in 2012[1] and the first real production implementation of it in the wild was Zcash (development of which started in 2013).
The ZK proof protocols being used today in blockchains are very different than those envisioned in the 80s. Specifically they are "non interactive" and "succinct" (proof is very short and easy to verify). Most of the massive leaps in development of ZK proof technology recently has been led by crypto currency space.
Ironically the zksnark paper had a glaring, crypto system breaking error and the implementers of zcash went out of their way to hide the parameters until sapling, where they could correct the problem.
That being said, zcash is a quite useful construction.
> There isn’t a “Bitcoin classic” chain floating around with an old set of consensus rules.
Yes, there literally is a Bitcoin Classic, and prior to that was a Bitcoin XT. There's also Bitcoin Cash, and many others.
Even excluding hard forks which were chain splits (so upgrade only), there have been several. There were two hard forks in 2010, one to add OP_NOP and one fixing a critical bug where anyone could spend any Bitcoin. There was a hard fork in 2013 (BIP-50) because a block broke a limit and at least one double spend occurred.
Why comment if you aren't educated on the topic? Or rather, why actively spread misinformation?