[Cryptography] Privacy, Code, and the Future

Andrew Lee andrew at joseon.com
Thu Aug 7 11:02:06 EDT 2025 

Howard, Peter and all readers,

Respectfully, I think we should be very careful about the precedent this
case sets.

The core issue here isn’t whether privacy tools are sometimes used by bad
actors as any powerful technology carries that risk.

The deeper concern is assigning criminal liability to the people who build
foundational infrastructure, especially when it’s open source and
autonomous.

Roman Storm wrote code.

That code was deployed and became immutable, operating independently on a
decentralized network.

Hard stop.

The alleged misuse happened well after deployment (years). To retroactively
connect him to those actions and label it a conspiracy feels like a
fundamental misinterpretation of how these systems work.

It’s a bit like prosecuting a fork manufacturer because someone used a fork
in a crime years after purchase. That’s not how we typically think about
liability in any other domain.

Why should cypherpunks self-deprecate? We deserve fair and unbiased
treatment, just like anyone building transformative technologies.

What was Roman's intent?

Was Tornado Cash built to protect users' privacy or to help adversaries
like Kim Jong Un?

>From everything I’ve seen, it was the former.


And if we conflate the two, blurring the lines between privacy and
criminality, we risk chilling innovation at the edges as I mentioned
before, where some of the most important work benefiting our society
happens.

The crypto space, and open source development more broadly, are still
defining their social contract with the world. I think we see this time and
time again with the issues that continue to arise across open source
projects (politics, tyranny, bullying, etc.).

This moment will shape how developers view the risks of building anything
that challenges existing systems.

With all due respect, let’s be thoughtful.

If fear defines the boundaries of what’s possible, we might as well wear a
ball and chain on our ankles.

I believe in natural limits, not artificial ones imposed by man. I know
that you all think the same, because you have all made the impossible,
possible, time and time again.

We're the ones who understand the code and its implications. It’s our
responsibility to ensure that nuance, not fear, shapes the future.

- Andrew

On Wed, Aug 6, 2025 at 7:54 PM Howard Chu <hyc at symas.com> wrote:

> Andrew Lee wrote:
> > Roman Storm, one of the developers of Tornado Cash, a smart contract on
> Ethereum designed to enable transactional privacy, has been found guilty of
> conspiring to operate an unlicensed money-transmitting business [1].
> >
> > Tornado Cash is simply code. It runs on the Ethereum Virtual Machine,
> autonomously.
> >
> > Yet, in 2022, the U.S. government designated it as a sanctioned entity,
> making it illegal for U.S. persons to interact with it in any capacity,
> including simply receiving coins therefrom [2].
> >
> > This case, and its verdict, makes writing open source code that enables
> privacy a crime.
>
> That's pure FUD. Roman Storm got in trouble because he was making a profit
> off the Tornado Cash platform.
> By definition, he was operating a business. A money transmitting business,
> without a license.
>
> Writing open source has nothing to do with the case.
>
> https://cryptobriefing.com/doj-targets-tornado-cash-profits/
>
> > It makes receiving a transaction from autonomous code a crime.
> >
> >
> > Technology is becoming more powerful, more decentralized, and more
> foundational to society. With that power comes tension between openness and
> control, privacy and compliance, innovation and regulation.
> >
> > It’s very easy to overlook these moments, since they feel distant or
> abstract.
> >
> > But make no mistake, they set precedents.
> >
> > They shape culture.
> >
> > They influence what we, the cypherpunks building at the edge, believe is
> possible or, rather, permissible.
> >
> >
> > “We must defend our own privacy if we expect to have any.” — Eric
> Hughes, A Cypherpunk’s Manifesto, 1993
> >
> >
> > Today is a setback for cryptography, for open source and for digital
> rights int he so-called land of the free [3]. We’ve taken one step back.
> >
> > It’s time to take two steps forward.
> >
> >
> > The Crypto Wars never ended.  They simply waited until the cypherpunks
> were all but gone.
> >
> > But you are still here.
> >
> > Now is the time to rise.
> >
> >
> > - Andrew
> >
> >
> > [1]
> https://cointelegraph.com/news/tornado-cash-roman-storm-found-guilty-partial-verdict
> >
> > [2] https://ofac.treasury.gov/recent-actions/20220808
> >
> > [3] https://en.wikipedia.org/wiki/The_Star-Spangled_Banner
> > _______________________________________________
> > The cryptography mailing list
> > cryptography at metzdowd.com
> > https://www.metzdowd.com/mailman/listinfo/cryptography
> >
>
>
> --
>   -- Howard Chu
>   CTO, Symas Corp.           http://www.symas.com
>   Director, Highland Sun     http://highlandsun.com/hyc/
>   Chief Architect, OpenLDAP  http://www.openldap.org/project/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20250807/e6ae8229/attachment.htm>

More information about the cryptography mailing list