Why is the SEC Concerned about Privacy now?

Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
(00:00):
Point Center's main day-to-day work our #1 mission priority is
always to defend the developers of open blockchain networks from
inappropriate regulations or unjust prosecutions.
I think it's becoming more and more self-evident that a
transparent layer 1 is not a neutral layer one, not in the

(00:22):
long run. Ultimately, transparency will
destroy neutrality. And this is not me saying that
like we should be building things that enable money
laundering. It's me saying, no, we should
build global neutral communications networks for
things like underlying settlement.
This was true of SWIFT in the 80s.
It was neutral. If we're going to build a better
system, we should be building more like SWIFT used to be, and

(00:42):
less like what Swift's becoming,where it's just a fully mediated
underlying settlement Ledger foreven for messages for for
settling transactions, let alonetransactions themselves.
We're here at Deaf Connect and today we're speaking with Peter
live and in colour. This is It's nice to see you

(01:04):
here I. Sort of worn a more expressive
outfit. If we're yeah, I think we're all
a little bit dropped, but I think it's OK.
Kind of like the background makes up for it.
So it's a it's a little for everyone who's listening to
this. It's a little trippy, but it
trophy and kind of. Creepy AI slop.
It's probably AI. There's some text in there.

(01:24):
That's definitely, Yeah, Chat GPT's idea of words.
How? How has Buenos Aires treated you
so far? Oh.
It's been great. I think, I think one of the and
it's become sort of widely discussed, one of the
interesting things about Devcon this year or Devcon actor,
whatever the big Ethereum conference this year is that
privacy is actually being discussed more fully.

(01:47):
And you know, Coin Center, my organization has been trying to
focus people's attention on the need for financial privacy and
the need to protect the buildersof financial privacy for over 11
years now. And sometimes there's periods in
that history where you're like, yeah, like Z cash or things like
that. And sometimes there's periods
where it's like, OK, everything's going to be done

(02:09):
with stable coins on chain and we'll have full transparency
into all transactions. And that's what we'll tell law
enforcement why they don't have to worry about the technology
because it's a panopticon. And now we're kind of swinging
back to like, Oh, well, actually, maybe that would be
bad not just for the criminals. We want it to be bad for the
criminals, but actually bad for all legitimate uses of the

(02:31):
technology as well. Because who wants to use a
global financial system where every time you buy a can of
Coke, a billboard pops up with your name?
It's like Peter just bought a can of Coke.
Everyone. It's bad.
This episode is brought to you by Gnosis building the Open
Internet one block at a time. Gnosis was founded in 2015 and
it's grown from 1 of Ethereum's earliest projects into a

(02:51):
powerful ecosystem for open userowned finance.
Nosis is also the team behind products that had become core to
my business and that are so manyothers like Safe and Cow Swap.
At the center is Nosis Chain. It's a low fee layer one with 0
downtime in seven years and secured by over 300,000
validators. It's the foundation for real

(03:11):
world financial applications like Nosis Pay and Circles.
All of this is governed by NosisDow, a community run
organization where anyone with aGNO token can vote on updates,
fund new projects, and even run a validator from home.
So if you're building a Web 3, or you're just curious about
what financial freedom can look like, start exploring at gnosis

(03:32):
dot IO. How much?
Of that, do you think the interest in privacy is driven by
market movements or, or is it like the demand for privacy
that's driving markets or is it the markets that's driving
privacy like you know? Yeah, it's, it's probably, it's
probably the markets driving privacy because you know, as
much as you, as much as I would like to as an advocate, as a

(03:55):
lawyer, as a person who stands up for like what we should like
normatively what we should have,you can be like, build privacy.
And people are like, why would Ibuild something no one's going
to use? And I like the thing that
infuriates me more than anythingelse.
At all of these conferences, I meet all these great people and
usually they're like, oh, how can we stay in touch after we
leave this conference? And they're like, do you have

(04:15):
Telegram? And I said to them, why would I
use Telegram like those strange half baked, not encrypted for
group chats and vaguely encrypted for individual chats
platform where they rolled theirown hash functions.
Like that's a disaster. Like we've had Signal for
decades now. What's wrong with you?
Why aren't you using Signal? And it's because people don't

(04:36):
take their privacy seriously. Ordinary consumers don't take
their privacy seriously, especially people who are like
new to crypto or new to block chains that we all want to on
board now. Like they have no idea.
And rightfully so. They're time constrained.
They're not sophisticated. But the thing that bugs me is
that sophisticated people, people have been coming to
Devcon for multiple years. People in the Etherium community

(04:57):
are like, let's let's just give all our information to to the
Russian Secret Service, which iscompromise this app and and the
the French intelligence servicesas well, right.
I mean like that, that's just odd.
Why wouldn't we use signal anyway?
I mean, I think. That I think there's a good
reason why people didn't use signal up until recently and
maybe. It's bad for creating a boiler
room because the group chat function is complicated.

(05:18):
Well, the group chat, the group chat function is complicated,
but also up until just a couple years ago, you had to give your
phone number. That's true.
And the UI around that was not great.
I think that gave Telegram the opportunity to really like
create a a huge. You found a more forgivable
argument. Yeah.
But also Eli is not great. The group chat UI was bad.
So like people who wanted to, like, pass insider information

(05:41):
about what thing they're going to pump next, Like we're like,
let's be on Telegram because we can have a good group chat.
Yeah, I don't know. So yeah, I think it's market
driven because not because consumers are demanding it, but
because the new potential consumers of like typical
consumers, new potential consumers of block chains are
institutions. And institutions take their shit
seriously. Because if you're JP Morgan or

(06:02):
you're a proprietary trading firm or whoever you're like,
you're not interested in just hemorrhaging all of your
information to the public block chain because that's not how the
traditional financial system ever worked.
You have trade secrets, you havepractices that you don't want
revealed, and that's not becausethey're nefarious.
That's just because how businessis always run.

(06:22):
So we have a more serious sort of institutional potential user
for this tech and I think they demand privacy.
So I think that's real. I think the other thing that's
driving the privacy conversationis also this is maybe more my
biased view because I come from Washington DC and I see the
evolution of these things from alegal standpoint.

(06:45):
The I think it's becoming more and more self-evident that a
transparent layer 1 is not a neutral layer one, not in the
long run. Ultimately, transparency will
destroy neutrality because if you're validating on this chain
and you see all this activity, at what point is someone going

(07:09):
to run up to you and say you're kind of culpable for that
activity? Like maybe you didn't directly
promote it, but you facilitated it, you hated it, you abetted
it. Like if you see a multi sig or
if you see a, a money launderingtransaction, multi sig money
laundering and you you you validate that as part of a
larger block. What's your long term argument

(07:32):
for? You're not being complicit,
especially if you could have used chain analysis as a
validator to identify these things and you didn't like.
That's called willful blindness in the United States and it's
not a defense to culpability forcriminal law.
Actual blindness is. And so this is the difference.
People say like well how will they ever allow Z cash to be a
thing or something with base layer privacy or Aztec built on

(07:54):
top of Ethereum. My answer is like that's the
only thing they will allow because actual blindness is a
defense to crime. Like if you hadn't literally no
knowledge of some criminal act that you facilitated, you didn't
actually facilitate a criminal act not with intent to
facilitate. And you can't be held culpable
and you shouldn't be held culpable.

(08:15):
And so that's the only way to actually have credibly neutral
systems is to have systems that are actually blind to the
underlying transactions in the block.
I said in my talk the other day,if you really want dumb pipes,
you need the pipes to be actually blind to the shit that
flows through them, because otherwise it's not a dumb pipe.
Yeah, I, I feel like there's, there's a lot to unpack here.
So kind of like, I think we should distinguish between kind

(08:37):
of absolute privacy and relativeprivacy, right?
So kind of like people, people kind of regular consumers don't
want absolute, don't want, don'twant, don't need absolute
privacy. So kind of like, oh, they, they
don't think they need this. So kind of like they have no
issue with Telegram reading their stuff or their bank

(08:58):
knowing kind of like where theirmoney goes.
They don't want everyone to knowit.
So they kind of need relative privacy.
And I think kind of like that's,that's also something that that
kind of plays into this a lot. I really feel your discussion,
discussion point on protocol level blindness because we, we

(09:19):
recently did a thing on NOSES chain.
I don't know whether you follow the balancer hack a little bit,
a little bit. So basically there was a hacker,
he was clearly malicious. He stole 128 million across many
chains, almost 10 million of which were on NOSES chain and

(09:40):
there were there were some attempts to kind of freeze some
of it with the freezable stable coins.
And then he concentrated on mainnet and kind of sold positions
for East. So kind of it gave us a little
bit of time to kind of think what do we do here?
Because clearly this is someone who is stolen actual people's
money, kind of like it was stable, stable foods.

(10:02):
It wasn't kind of like some sortof degen sort of thing.
And it was also a pretty blue chip protocol.
So it was balance of V2 stable pools.
So it's it was yeah. So what we ended up doing is
first we kind of asked a bridge governance to kind of reduce
liquidity so that the hacker wouldn't be able to bridge off
noses chain easily. And then we tried to get

(10:27):
validators on board for a soft fork, meaning kind of, and I
mean, just just to kind of clarify a hard focus where kind
of like you change the state kind of like some some time in
the past and a soft focus basically where everyone agrees
to not process certain transactions.
So kind of like you don't include them in your block and
but you also don't attest to them.

(10:47):
And I think not including thingsin your block, this is something
that kind of has been done before and is currently done on
Ethereum. But kind of saying I'm not going
to attest to this if it's in there.
Yeah, this is this is a line that so far hasn't been crossed
until now. So on until now, our nose has
changed. I'm not proud of this, but kind
of like it. It made us and kind of it made

(11:08):
us appreciate that kind of like why we still have this power.
It's probably the arguably the right thing to do, but we still
want to get to where we do not have this power anymore.
Yeah, I, I mean, so one thing I think about a lot lately is the
SWIFT interbank settlement. So that's the Society for

(11:31):
Worldwide Interbank Telecommunications.
How is that? What that means?
Something like that? OK.
Yeah, I just learned that. I was started in Belgium in the
1970s and the central bankers atthe time didn't even know what
the heck all this computer nonsense was.
And so they didn't, they were, they were like given an option
to have a seat at the table amongst the, the, the banks that
were developing this under bank settlement tool.

(11:51):
And they were like, we don't know, like computers.
That's not what banking is about.
And SWIFT end up ends up becoming the most like single
most important cross cross-border settlement
messaging network. They're not doing the settlement
themselves. They're a messaging network.
Sounds familiar to a lot of stuff in that space in the
world. They settled 150 trillion in
transactions or they don't settle.

(12:12):
They message them so that banks can settle them every year, 150
trillion. And up until 2012, SWIFT was
credibly neutral. And if you think about the early
days of SWIFT as a messaging network, it's all plain text
transactions between their bank,their their member banks, their
member banks. It's a permission set.
But they are credibly neutral ina way because they don't have

(12:34):
the computational ability at that point in history or really
the the wherewithal to accumulate all the messages on
their proprietary network and really know who's sending what
to who and unwind it all. Like it's just not something
that's feasible. By the time we get to the 90's,
the 2000s, of course it's totally feasible.
They know everything that happens on their network and if
they continue to claim to be just a messaging provider,

(12:56):
neutral. And that finally breaks down
when the US government and the EU parliament and others say,
like, you need to stop relaying messages to Iranian banks who
are, you know, facilitating Iranian government's nuclear
program. We have sanctioned them.
Until then, Swift said, we are not an obligated entity for

(13:17):
purposes of US or EU sanctions because we are not actually
involved in the underlying economics of the transaction.
We are just a messaging provider.
And there's a good reason for that.
You want a messaging provider tobe globally neutral, otherwise
we won't have a like throughput in the global economy.
Every transaction will end up mediated and a whole council
will have to decide whether to let it through.
And the whole thing collapses when you Fast forward to the

(13:38):
Russian invasion of Ukraine and SWIFT removes the, the, the, the
Russian banks from SWIFT and now, and that was in 2022.
So we're not, we're not long beyond that.
To me, there's this slow moving crisis where SWIFT is going to
become a fully mediated, fully obligated global settlement tool

(13:59):
for messaging for settlements and it just won't have the
throughput and and and viabilitythat a truly neutral tool would
have. It's going to collapse.
This is one thing that makes me actually very bullish about open
blockchain networks is because we're going to have to find
alternative tools that don't become political footballs in
geopolitics if we're going to have actual free and open global

(14:20):
markets. But I think that to to Philly
because example about Gnosis, there's there's a there's a
distinction between coordinationwithin a group of participants
in a blockchain network and coercion.
And in the case of Swift, Swift is being coerced, yeah, by.
But any individual validator canbe coerced.
Yeah, right. And I mean, so kind of The thing

(14:42):
is Gnosis is 300,000 validators,right?
I mean, not, not as many individual entities, but kind of
like we still had to make the case to them that this is the
right thing to do. And kind of like they, they kind
of, they had to press the buttonthemselves to kind of upgrade
their node or not upgrade their node.
And kind of like in the, and most of them decided to upgrade
their notes are kind of the softfolk went, went through.

(15:03):
But kind of like if you have a three letter agency kind of
calling you up and saying you're, you're, you're, you're,
you're processing some really dodgy transactions here.
This is, this is the dynamicallyupdated list of things you
shouldn't be processing. And please, please make sure you
subscribe to this and and and and it it informs your, your

(15:25):
validator at any given time thatthat's a totally different
situation, right? Right.
I mean, I, I think that's true, but I think that we need to make
sure that our systems are resistant to coercion so that
right and maybe privacy fixes this, but like we're are.
Not resistant to coercion. And and the original project of

(15:46):
Satoshi and the project of Vitalik and the larger Ethereum
community is not necessarily to,you know, ensure that validators
are incapable of all malfeasance.
But that there are so many validators that even if some are
like regularly censoring or blocking, either because they've
been coerced or because they arethemselves not interested in the

(16:06):
free and open blockchain. There will be some minority
participants on the network, like located in far-flung areas
of the world who will continue to put things in in the
blockchain, right? But I think.
No longer true kind of as as long as kind of like you have
this attestation thing, right? Because then you kind of need a
two third majority kind of like to to attest to this.
So kind of like not only do you need a block builder who knows

(16:28):
this, but you also need to kind of like to luck out and have 2/3
of the testers kind of be on theon the non three data agency.
I'm just learning about this here at Devconnect, But this
proposal fossil, which would be a theorem improvement proposal

(16:49):
where in block builders would have to sort of the mandatory
and be required to include the transactions that are validated
by like a committee of some 16 or something like that.
And there'd be minority members in that committee who might be
the people likely to put in transactions that aren't wanted
by the majority of the staking power on the network.

(17:09):
It's like, this is interesting because it's like, oh, let's,
let's rebuild censorship resistance in a world where
we're starting to lose it because we we don't have those
far-flung validators on chain. This is actually very bad from a
regulatory standpoint. If you don't get this with
privacy, because now an Americanstaking individual or company is
going, if they want to build ballot box is going to be forced

(17:29):
to include transactions in the block that might that might
violate say OFAC sanctions law. And I don't know what their
defense is going to be. If it's if it's a plaintext
transaction that clearly actually can be read by law
enforcement or anyone with chainanalysis or blockchain analysis
tools that shows North Korea using the Etherium blockchain.
You had to put it in your block.They come to you as a validator

(17:50):
and say, why did you put this sanction transaction in a block?
And you say, well, the Etherium protocol demands that I do it.
And then they say, well, you don't have to be on the Etherium
protocol, right? You violated sanctions.
Law, but I think kind of like, Ithink that's, that's an
interesting distinction here because kind of like the, the
kind of like putting, not putting certain transactions in
blocks. This is currently the status
quo, right? I mean this is and it's been 4

(18:11):
years but kind of not attesting to them this is new.
This is new. OK, right.
So it's that hasn't been done before.
Clearly it can be done. But yeah and yeah and I think, I
mean I think it'll happen and you goes put kind of like it
just drives home kind of like how we need to improved system

(18:31):
such that you have no way of knowing what you're validating.
Be actually blind, not willfullyblind and not and certainly not
just like eagerly looking at me like, yeah, sure, I'll get that
one and then wait for the knock on the door.
The case that Coin Center has recently worked on that really
brought this into focus for me just before Dev Connect here is

(18:54):
actually the Pereira Bueno case.The Pereira Bueno brothers are
the the guys who found the exploit in the MEV Boost
software and then sandwich attacked sandwich attackers and.
It was hilarious. It was hilarious.
What's kind of not hilarious andrather terrifying is that you
could have imagined that the victims victims, because they

(19:15):
also just lost in cutthroat competition.
They didn't actually like get, Idon't think they're criminal
victims, but the victims of thatexploit.
They could have brought a civil case maybe and said, like you
misused the MEV boost software in a way that that hurt us.
We want to reclaim our $20 million.
That didn't happen. That would have been bad enough.
What actually happened is prosecutors in the Southern

(19:38):
District of New York, criminal, federal criminal prosecutors
brought a wire fraud case against the brothers, saying
your behavior on the Etherium blockchain as a validator is
fraudulent, is wire fraud because you were not.
And this is a quote from the jury instructions that they
actually asked the judge to provide the last moment in the
case a couple weeks ago because you were not an honest

(20:00):
validator. But this is absurd because kind
of like the entire point of MEV boost is that kind of like you
extract from from unwitting users of kind of whatever defy
protocol, yes, like let the robbers rob in peace.
Yes, well, I'm not even let the robbers rob in peace.
It's just like you wouldn't go to a marketplace that is known

(20:21):
for having established rules of commercial conduct that are
effectively like. Like if you rely as bitter, you
win. It doesn't matter if if you made
people think you were going to bid lower earlier or bit higher
earlier. Like if this is a market where
the expectations of all the participants is that like people
will profit maximize up to the bare rules of the protocol, then
there is no fraud or misrepresentation.

(20:43):
Everyone knows that in the worldof minor extractable value,
people are going to compete to extract as much maximum
extractable value, as much as they can get out of the
protocol. And that might be not desirable,
but we intend to fix that using technology, not layering a whole
system of duties and honor that would then be enforced by
criminal prosecutors on top of all validators.

(21:05):
Because if that's what happened,we'd be in a very bad situation.
And there's specific claims in in that prosecution, because
they did equivocate according tothe Etherium consensus rules.
They presented 2, you know, blocks that can't be reconciled
with each other simultaneously, for which they got slashed.
And so in a, in a highly technical, like going all the

(21:27):
way back to the Satoshi's white paper, what is an honest on
honest chain? They did something that is not
honest validation. They equivocated.
But this is not dishonest, dishonest commercial conduct in
the wire fraud sense where they made a representation to someone
that someone relied on in a fiduciary or contractual
relationship and then they were able to profit from that.

(21:49):
And so this notion that like honest validation and dishonest
validation being something that you could actually criminally
prosecute just further indicatesthat we're going to have a huge
problem with transparent ledgerswherein the government's going
to see validator behavior and figure out all kinds of ways to
get jurisdiction over it, including when they're being

(22:09):
self interested in a way that maybe some people in the
community don't want them to be self interested.
But everyone knows that they're self interested and it's, it's
just, it's not going to work. So we filed an emergency amicus
brief in this case because that jury instruction was something
the defense flagged. And we've been in touch with the
defense, and they were like, we can't have the jury decide that
they committed wire fraud because they were a dishonest

(22:31):
validator. That that doesn't make sense.
And so we wrote an emergency brief basically explaining the
history of that term, honest validation within these networks
and how the Etherium blockchain and the community at large has
an expected penalty. So a slashing fine or a slashing
fee for exactly that behavior. And that's carefully calibrated

(22:52):
to be actually quite modest justto prevent constant equivocation
on chain. And to think that you'd have now
a slashing penalty for that behavior and possibly like
multiple years in jail from a felony criminal charge
completely unseats the the calibrated norms and established
rules within the protocol and itjust would make Ethereum not

(23:13):
work. Yeah, yeah.
This is a lot, but yeah, no, it's fascinating me lately and.
Yeah. I mean, it's, yeah, I, yeah.
It kind of, it breaks kind of like this closed system game
theory of kind of, of, of the protocol itself.
What, what kind of what struck me while you were talking?
I mean, obviously, kind of like we have this entire situation

(23:34):
way worse on a way bigger silverplatter with L twos, right, kind
of like and kind of like the multi sig L twos where kind of
like you can you can upgrade from hopefully you're Mikey Sig
and not a single address. I mean, this is, there's also
some of the EOA whatever, whatever, but kind of like and

(23:55):
where you can, where you typically have a single sequence
of a very small set of sequences.
So basically, in fact, in fact, in effect, the entire chain is
built by a single entity. How, how do you think we'll see
that play out in a choose first?Or do you think they'll go for

(24:16):
for the base layer? I think no, no, that's going to
be a very appetizing target because you'll, you'll have an
identify identifiable criminal defendant.
They have very clear control over a lot of relevant aspects
of the transaction flow. If we're talking about some
illicit transaction in the bundle that they that the

(24:37):
sequenced and they're probably well moneyed defendants too.
So you could extract large penalties from them because
they're all like these companiesthat raise tons of money to
build L twos, right? So it's a very dangerous state
of affairs. And I mean, I've said for a long
time that we need truly decentralized sequencing on L
twos and there's efforts to build that.

(24:59):
I do feel like some of those efforts got maybe stymied or put
on the back burner when, you know, like American politics
changed and everyone was like, oh, the SEC is maybe not going
to care as much anymore, which is not necessarily true, by the
way, but also still not the right way to build because you
should be building decentralization for
decentralization's sake, not just because you're afraid of a
wells notice from the SEC. And then the other thing I would

(25:21):
say is like, I'm much more for obvious, like this was not a
would not be a surprise to anyone right now.
I'm much more of a fan of like the the let's find ways to to
have fully private blind sequencers like a like an Aztec
type model. So that, you know, even if we
have a certain amount of centralization with the
sequencer, they are not, they are not like looking into what

(25:44):
they're actually sequencing in away that would make them
responsible for mediating disputes.
Whether that's filtering out, you know, transactions that
might be related to money laundering or whether it's just
like favoring their own transactions on chain or a
number of other things for whichthey could be held culpable.
And this is not me saying that like we should be building
things that enable money laundering.

(26:05):
It's me saying, no, we should build global neutral
communications networks for things like underlying
settlement because that's the only way we're going to have a
global economy that actually functions at the scale and
efficiency that we want the global economy to function.
This was true of SWIFT in the 80s.
It was neutral. They were just moving money for
Iran all the time. And that was a necessary cost of

(26:25):
having a liquid and free and open global economy.
And you say that like this is ultimately going to be good for
human freedom because totalitarian regimes will suffer
in that world, even if they get occasionally the benefit of the
underlying transaction rails because they're free and open.
You lock them down, you actuallyempower totalitarians.
And so like, if we're going to build a better system, we should
be building more like SWIFT usedto be and less like what Swift's

(26:48):
becoming where it's just a fullymediated underlying settlement
Ledger for even for messages forfor settling transactions, let
alone transactions themselves, you know?
I'd love to talk about KYC AM L and compliance as it relates to
privacy. I have a hunch that a lot of the
reasons why we have so many. Let me let me put this another

(27:08):
way. The the the compliance cost to
companies to funds not even justin crypto, just broadly
individuals is absolutely massive yes.
I don't know that there are any real estimations of what this
costs to the economy, but I'm I'm sure it's in the. 10s or
perhaps hundreds of billions of dollars.
Yeah. I think, I think of a reliable

(27:29):
estimate was some firms in the US spending upwards of 20
billion just individually and that the total cost was
something like 300. Yeah.
I mean, there's some guy named Robert Pohl who's a big a very
good critic of anti money laundering.
We've also published a report recently, so I hope I'm not
misstating any of these. I'm sometimes bad with decimal

(27:52):
points, but I think we're actually on target here.
We were published a report called Tear Down this Walled
Garden. It's a Coin Center report.
It was authored by myself and headmires and the first half of it
or maybe the first quarter just lays out how expensive MLKYC is.
And that would actually be fine if it had bang for buck.

(28:12):
But there's also good, there's actually more reliable estimates
as to like how much illicit finance is actually deterred and
how many, how much illicit moneyis actually frozen or blocked in
the economy. These are estimates from they're
not estimates from weird crypto libertarian org.
That's the United Nations and the Financial Action Task Force.

(28:33):
Their estimate of the amount of illicit funds actually seized
within the global economy thanksto a MLKYC is sub 1%.
In fact, it's about point 2% of all illicit funds and.
This is coming from the FATF, the very organization that is
implementing or pushing to implement.
The Financial Action Task Force,yes, they have a stock take that
actually basically puts that number up and the UN as well.

(28:56):
So these systems, now a counter argument to that is, OK, yeah,
the seizure and blockage rate isactually extraordinarily low
compared to how much illicit money is out there.
But the deterrence is what makesit work.
When a criminal goes to use one of these tools, they go, Oh no,
I have to put in my mother's maiden name, they're going to
catch me now, you know, and I'm making this counter argument

(29:18):
sound too weak. Maybe there probably is some
deterrence, especially for like low sophistication criminals.
There's no deterrence for high sophistication criminals.
In fact, the very fact that financial institutions have been
collecting all of these documents and keeping them in
insecure facilities means they constantly get hacked.
And you can buy on the black market any number of like

(29:40):
identity credentials that you can use to open bogus accounts
if you're a sophisticated criminal.
So sophisticated criminals, I don't think are effectively
deterred at all by the system. If anything, they might be
empowered in a way because they know they can find readily
available fake documents that have been hacked from an
institution that was obligated under law to collect all of them
in the first place from their users.
So that system is not working, and that's the point that we

(30:02):
make in the first quarter of this paper.
The rest of this paper is OK. We're not just here to be mean
to financial crime authorities. We all need to recognize that
there's a deficiency here. And we all do want to stop
terrorism and terrorist usage offinancial networks as best as we
can without destroying the global economy, of course.
So what can we do better? This approach clearly isn't not

(30:25):
working. It's not working for law
enforcement. It's not working for ordinary
persons whose privacy is invalidated.
Or I would also add, whenever people factor the cost of KYC,
they, they factor the cost of financial institutions.
You rarely ever see anyone actually measure the, the costs
of say the, the global identity theft losses from people whose
privacy has been compromised or just the psychic losses of

(30:45):
knowing that your privacy is fully compromised, which would
be hard to monetize or, or or account for, but are are real,
like if you believe in, in a right to privacy setting all
that aside, we can do better. And a lot of the technology
that's been pioneered in this space, 0 knowledge proofs, multi
party compute, verifiable credentials is actually like

(31:06):
exactly what you need to sort ofbrew up in order to build a
system that works better. And we're seeing some of these
as like early proofs of concept prototypes, like in the, in the
Aztec token sale that's happening right now.
I think you can use their own, their own passport, which means
you create a proof that you, your passport, you, you are in
possession of a passport, at least in this moment that says

(31:26):
you're an American and this is your name.
And then they can cross check that against the sanctions list
and things like that. These are still not enough
though. And this is the paper.
The paper we're writing says, look, isn't this cool?
These are already here. But what we really need is
global composable user sovereigndigital identity wherein I know
I have a passport, what I can create 0 knowledge proofs of

(31:49):
that I have a bank account, theywill allow me to attest to my
balance. I have a Gmail account that's
had this message history for thelast 11 years and I can actually
make an attestation to that effect.
And I can compose these myself into a risk score that might be
recognized by some particular authority as being credibly not

(32:11):
a criminal or credibly of a low risk.
And there's some important features there.
It should be multi factor. It should be attribute based.
Maybe they don't learn my identity when they, when, when I
provide them this risk score. They just learned that I had the
ability to construct this risk score out of credentials that I
myself possessed. And it, it should be far better,

(32:32):
I think than than just, you know, oh, you want an open
account? Send us a scanned version of
your passport, which is a garbage version of actually
putting deterrence in. So I think you can build
deterrence into these systems, but you should be building them
with as much as possible attribute proofs from zero
knowledge proofs rather than identity proofs like I am.

(32:53):
This is everything about me. And they need to be modular so
that we can like assemble the right series of credentials that
would be difficult for a bad actor to fake, but actually
quite easy for a normal person who's just a good person to
accumulate. But.
But I mean, sorry you have to beconspiratorial here, but my
feeling is that there is, there will be and probably is a lot of

(33:16):
resistance to these systems because of the amount of control
and information that financial institutions, indeed governments
are able to collect from the blanket capture of everyone's
financial data, companies, financial data documents,
etcetera. And then of course, all the
service providers and businessesthat sort of live off of this

(33:38):
off of this model. I guess my, my, what I wanted to
get to here. What what do you think within
United States Congress and and policy makers is the appetite
for moving towards the world where we have more sort of ZK at
the station base KYC and AML compliance rules?
Because, you know, coming from from Europe, I feel like yeah,

(34:01):
the consensus view in Europe is that we should just collect
everyone's information and know what everyone's up to all, all
the time. I don't know if that's the same
in the US. In fact, at the end of the day,
it's the. U.S. policy that will dictate
what the FATF does in the future.
That's usually what happens usually.
Usually the US says to FAT if this should be the global policy
implement it and bullies the world into doing it and then
actually often doesn't implementit for its own citizens because

(34:23):
they're a constitutional right concerns.
So it's a bad I call it policy laundry actually, like we'd love
to impose these on ordinary Americans, but we can't.
So we'll go to we'll go to Brussels and we'll tell people
to do it globally. Then we'll come back to the US
and be like, see, it's now the global standard.
And then Americans will be like,actually, you can't you can't do
that with our anyway, that's a digression.
So to answer your question directly, like what's the

(34:45):
appetite? And you framed it very well in
like maybe it's not conspiratorial, but maybe the
reason people really like AMLKYCis not actually deterring
criminals, it's mass surveillance and there may be
some truth to that. I think that the less
conspiratorial reason why there isn't the appetite we would hope

(35:08):
is simply that if you're a regulated financial institution
today, what incentive do you have to stick your neck out and
try alternative modes of of antimoney laundering compliance?
Like, are you really going to bethe bank that talks to your
probably like mid level bank examiner and says this year we
decided to stop doing KYC and instead we're relying on these

(35:29):
risk scores, which are actually amalgams of much more credible
information about the likelihoodof criminal behavior from our
users. But we don't know their names
anymore. No one is going to do that.
And no, no bank compliance department is going to support
their chief innovation officer going to treasury and being
like, hey, let's do this, right?Like there's there's no money in
it for them. There's no reason for them to do
it. It's just downside risk.

(35:51):
And so it's a collective action problem.
At the end of the day, we might be able to get to a better world
where financial institutions andtechnologists could build these
tools that actually make a bigger dent in illicit finance
while still protecting our privacy.
But who's going to be the first to do it?
Government's not going to designthat system.
They don't have the technical competency, and it's really

(36:13):
maybe not their place to even develop the technical
competency. The private sector, as far as
any individual bank, is not going to lead by sticking their
neck out because there's no incentive for that.
This is why we think there's this opportunity in our space,
in the more novel fintech and blockchain space, for a group to
get together and say, like, actually, we can do a lot
better. Share these ideas with

(36:36):
regulators. Regulators who are general,
genuinely interested in deterring illicit finance, whose
day job is watching terrorist financing and just knowing that
there needs to be a way to stop it.
We're more concerned with that than they are with mass
surveillance, like knowing whether Peter is buying the
wrong books today. Domestic terrorism might kind of
conflate some of these things together, and maybe that gets

(36:57):
questionable. But in the free society, we
wouldn't, we wouldn't want to collect surveillance data on
what books people are reading. So we take these ideas and we
socialize them with those regulators.
And ideally, and this is Coin Center's goal for work over the
next few years, actually, we're we're doing it under a internal
project we call the John Hancockproject because it's the most
famous signature on the Declaration of Independence.

(37:19):
The goal is to see if we can actually get regulatory buy in
once we present like truly robust and viable alternatives
to KYC that are privacy preserving.
And by regulator buy in, I don'tmean like a strong like yes, if
you build this, it will be 100% compliant.
I simply mean a credible statement from the
administration, from Treasury ormaybe from the SEC if they're

(37:41):
starting to talk about tokenizing equities and things
like that, that we are open to doing pilot programs for
regulated financial institutionsto do alternative customer
onboarding where a risk score ismaybe preferable to a full, full
identity documentation. Because I think if you got that
signal from regulators, that starts to break the collective
action problem, wherein who wants to be the first to stick

(38:03):
their head up with a new, a new system for deterring illicit
finance when everyone seems to be fine with the bad system
that's working today. And there's no no incentive or
or money for you to build a better system.
Well, I'm, I kind of, I, I really commend you for this.
I think it's, it's, it's a terrific initiative.
Are you worried about the fact that most people just don't care

(38:26):
because it deals like, it seems like in principle kind of like
this, this will be kind of like a political fight.
And kind of if if you look at how much people winning the
divide of themselves, how much they use extractive services
despite the fact that they are that feature equivalent private
privacy preserving ones, Do you think it's kind of like a

(38:51):
cultural battle that kind of we have to win first?
So if we were just talking aboutchanging consumer behavior,
yeah, this would be fairly hopeless.
But I'm talking about something.OK, let's drop it off.
I'm talking about something far more narrow, which all down
today, even if you have a consumer who cares deeply about

(39:13):
their privacy, when they go to open an account at a regulated
financial institution, they haveto submit something very
specific. They have to it.
In most cases it will be a photoof your passport and your face
right now. And that will be stored in a in
a, probably in an unencrypted database at some point in the in
the flow of data. And that's just bad, right?

(39:35):
It's really bad. And so just that is all a
regulatory function that's not consumer behavior being, you
know, not not conscientious enough about your own online
safety. That's literally just a rule
that is an interpretation of theBank Secrecy Act in the US that
says institutions need to collect this information for
their customer due diligence. And that rule could be changed

(39:57):
if you had people who cared not in the consumer base, but just
in the regulatory and complianceareas.
And I think I think there are more people that Care now.
Just from my meetings with people in Treasury and the SEC
over the last five years, there is a growing awareness of the
how how bad the current AML efficacy is and.

(40:19):
You know, it's kind of like finding fun common ground with
people. I hate it because it's the
system that destroys my privacy and I have certain civil
libertarian ideological underpinnings.
You hate it not necessarily for exactly the same reason you you
might believe in in a certain like rights to privacy and
freedom, but you hate it becauseit's just not even stopping

(40:40):
criminals anymore. It's in fact stopping
disenfranchise people, poor people, people who are easily
dissuaded from using financial services when they put up
barriers to them. And it's not dissuading, you
know, hardened criminals who caneasily amass a whole dossier of,
of fake passports or passports that are not their own, right.

(41:01):
Yeah. I mean, I I think the there's,
there's two parts to this. I mean, there, there is the
consumer part and I feel like it's probably fintech apps that
would implement this sort of risk based KYC using
attestations. You know, I could see like a
Revolute doing this right for consumers, but it gets so much

(41:25):
more complicated for companies. And we run a small fund and the
cost of compliance and the amount of compliance work that
we have to do is just like, I don't even want to imagine like
a, you know, a fund twice or three times their size or like a
company like Nosis, The amount of compliance work goes into
just day-to-day operations and the cost that has the company.
And if you extrapolate that to the entire economy, it's a huge

(41:48):
number here. You've loaded some numbers
earlier and, and, and I think itgets much harder then because
it's not just, you know, your passport and what your salary
is, why it's, you know, it's the, the entire organizational
structure. You know all of your UB OS and I
mean you know. Well, so much of it is still
human driven today, which is wild and part of the reason the
system doesn't work well. Like if you if you had more

(42:10):
composable proofs that are difficult to that are difficult
to forge and you had some ability, probably from a third
party like a watched dog organization or even the
government to recalibrate. When one particular aspect of a
proof say, like your say, you say a particular financial
institution gets hacked. And they were one of the ones

(42:31):
making at the stations about like past bank transaction
history for civil prevention, just proof of human or maybe
that they'd KYC these people. Then you need to be able to on
the fly devalue that as a bundleof a risk score.
Maybe it doesn't go to 0 within the risk score, but suddenly
that which was providing some robustness to this risk score
gets unweighted to down to like half of what it was before.

(42:52):
Because we think it's compromised and we don't think
all the identity data they have is bad and all the attestation.
So they make it bad, but it should definitely be lower in,
in the, in the, in the ultimate cumulative calculation of of
risk. And like that's what you want.
You want a system that's got theability to observe threats and
rapidly recalibrate, sometimes referred to as an OODA loop.

(43:13):
It's like observe, I don't know.I don't know what it stands for.
It's it's in like military, it'slike a fighter pilots.
They're supposed to like survey their realm and then make
decisions based on new information and rapidly iterate.
That's what you want in an in anenvironment with revolving
threats, Right. But that's not what we have
right now. Right now we have like people
who actually manually look at passports still.
And like when you go to the airport, all the security theory

(43:35):
is like, yeah, it looks like you.
It's like you have facial tracking now.
Like why are you still doing this?
I don't know anyway. How much I think this is kind of
like part of part of the equation, kind of like making
sure that actual bad guys are more easily catchable, right?
But I think kind of like you canalso see it from the other, from

(43:56):
the other side of you actually owning your identity because
kind of like if you, if you lookat the way how we use identity
services, mostly we're renting. I kind of like if I kind of like
login with Google, kind of like,what do I have?
I mean, they have they have all my stuff, they have my data,

(44:17):
they know who I am and kind of like I, I am beholden to them
that they don't that they don't off board me.
And same for all other kind of it's there's there's that kind
of like in web tool, there's nothing that's truly yours.
It's kind of like you are the renter for everything.
And it's a huge power imbalance kind of like in kind of puts

(44:40):
every single person at an enormous disadvantage.
And if you could just say this is yourself sovereign identity
and you can kind of you, you canyou can use this to validate
your identity in whichever way you choose against whatever you
don't need. You don't need someone else kind
of stand up for you and say, yeah, this is really Peter.

(45:01):
I think, I think this, this, it's super powerful.
I've started saying that like when you are you online, you
have a different name, like going back to like the feudal
medieval period, like where yourname was like Peter Blacksmith
because you were the blacksmith,right?
When you're online, you're PeterInstagram or your your
nirajx.com like you're not yourself, you are you are a

(45:23):
vassal of the feudal Lord. That's a problem.
This has long been discussed in crypto circles as being part of
the problem. And a big a big the the the goal
is the end goal is to be self sovereign over your identity
over your persona online. And this does factor into things
like KYC because the simplest way to do better KYC would be to

(45:45):
have one big corporation that collects all of this information
and generates a risk score that is far more computationally
efficient than trying to do it using disparate credentials,
multi party compute, and maybe some like anchoring on open
block chains which require proofof stake or proof of work or any
number of other inefficient non paralyzable processes.

(46:07):
It would be much better if it was just one company.
But then of course we all understand why it shouldn't be
one company, because this is notjust one company that collects
all the passports. Now it collects your entire
trail of bread crumbs that you leave across your entire life
that you want to amass into a viable proof.
It should instead be the user using commonly available

(46:27):
transparent open source tools and amazing new privacy
preserving technologies can amass these credentials and
voluntarily themselves generate probably variously differently
calibrated risk scores that might be calibrated by third
parties, but third parties don'thold the underlying data.
The underlying data, all the attestations that the person
wants to make with their credentials are things that they

(46:48):
control in a wallet that they have.
So very much like the alternative to Google sign on
being like sign on with Meta mask or sign on with some sort
of like key pair that you control.
But that would need to be that there's a lot of building left
to do there, obviously. I mean, you say that that entity
shouldn't exist, but kind of like, if you look at what Google
plausibly knows about you, Peter, I mean that that entity

(47:11):
exists, right? And multiple of them actually
exist. I mean, they shouldn't exist.
I think this is yeah. But right now they're not
identified in law as the as the entity that should be doing anti
money laundering verifications they'd probably be really good
at. It they would be accident at it.
Yeah, if you started, if you passed a law that said banks
don't need to do KYC anymore, they just need to ask Google if

(47:33):
somebody's evil or not. And Google can't be evil.
So that would that would probably be much more efficient
as far as like stopping a lot ofmoney laundering and crime, but
it would also be a disaster froma civil liberties standpoint.
So ideally we need to identify in law something else that could
be equivalently superior to the existing AML regime, but doesn't
hand all the power to one big tech corporation or big bank.

(47:56):
And the stuff in our space is the stuff that can build those
systems, though it will be a very difficult thing because
we're competing against much more efficient technology
companies that don't have the costs of civil liberties, which
are spreading data out, decentralization, strong
encryption, things like that. We've we've talked a lot about
privacy and identity. Yeah, it kind of just became the

(48:19):
privacy identity. I hope you don't mind.
No, I think it's a great discussion.
This is perfect. Are those the things that you
think kind of we need to we needto pay the most attention to
right now? Are there are there lesser
publicized things where where you think kind of like this is
something that is currently overlooked that we absolutely
need to get right? I'm glad you asked the question

(48:41):
because, because people who don't know Coin Centre might not
be mistaking me for like, like, like the Digital Identity
Center. And I'm like, no, that's, that's
an initiative that we're just beginning because we realize
there's appetite from regulatorsto try alternative AML methods
that could better preserve people's privacy.
Coin Center's main day-to-day work, our #1 mission priority is

(49:01):
always to defend the developers of open blockchain networks from
inappropriate regulations or unjust prosecutions.
And so this goes back to our earlier discussion about, say,
the Pereira Bueno case where, you know, you've got people who
are validating on chain, obeyingthe rules of the protocol, and
yet the Southern District of NewYork wants to accuse them of
being involved in wire fraud or committing wire fraud.

(49:23):
That's not a good legal precedent to set.
And it's it's, it's going to discourage people from
participating in these free and open networks as validators.
The other big things, the thingsthat we were definitely
discussing more say like last year are the Tornado Cash case.
First, the sanctions of Tornado Cash, which a big win actually
in U.S. policy was Coin Center and others challenged the

(49:48):
legality of those sanctions. And ultimately just this past
spring, those core challenges wewon and that means that the the
administration delisted Tornado Cash.
So Americans are now free to useTornado Cash again.
This is actually like a very real.
Only Americans or well. Let me yeah, let me be clear.

(50:08):
The sanctions only ever applied to Americans.
That sanctions law says these are foreign sanctioned entities.
Americans are are not allowed totransact with them.
Foreign persons could have maybesecondary liability even though
they're not Americans for violations of sanctions law, but
that's less clear. But Americans were just banned
from using Tornado Cash after the sanctions came out.

(50:30):
That was unequivocal, but just. The small tangent here speaking,
does that mean that people who had funded funds in Tornado Cash
can now take them out and you know the Binance and trade them
back for. Bitcoin or whatever, absolutely
really under the law. Under the law, there's the the
the sanctions are now null and it is as if they never existed.
Got it. So you you are not liable for

(50:53):
sanctions violations if you now reclaim your property that left
in the Tornado Cash pool. You should be very careful doing
it. And I'll just say this because
many of the user interfaces to Tornado Cash, the underlying
pools are actually compromised now from what I understand,
because they kind of fell into disuse and people started
setting up like front ends that actually had back doors that
would steal your steal your funds instead of allowing you to

(51:14):
take them. So be careful if you are trying
to reclaim property that was left in Tornado Cash from a long
time ago, but legally you're safe.
But will you ever have a bank account again?
Because kind of like even if kind of like you're you're it's
no longer on the sanctions list,Will it still be flagged?
Will you be de platformed from whatever yeah, traditional rates

(51:35):
you have? I mean, not that I had ever used
Tornado Cash, but I know people who have.
I have used Tornado Cash. I've used it liberally and for
good reason. So kind of it's.
This is a tough one because whatyou all, what you, what you need
to do to address that is to socialize the fact that there
there is no legal risk to a financial institution in now
accepting Ethereum that came from a tornado cash address,

(51:59):
Especially if you know the customer who's bringing it to
you, like you know that they're just American who is like
getting paid their salary on on Ethereum and wanted privacy over
their salary, like one of our Copley tips in our lawsuit.
But how can we socialize that amongst all the compliance
departments of all the banks? So if there's if there's a
stigma that's still attached, that's something else.

(52:19):
My point is that the law has changed.
It is now technically legal to reclaim those funds and to use
them. Maybe you should run them
through railgun first before thetaking somewhere else to take
off the tornado cash funk on them.
They might get new funk from other from other privacy, which
goes back to our discussion about base layer neutrality.
Like base layer neutrality, it like no one's going to

(52:39):
ultimately end up using these privacy tools if they're still
just islands of privacy within alarger transparent chain because
you'll always be like hell, the scarlet letter of having gone
through this little privacy tool, even if you were doing it
for the right reasons. And we can also watch in real
time as bad people use these tools.
And that creates headline risk and it creates, you know, risk
to the whole technology. So the sanctions are invalided.

(53:00):
The other big thing that happened this year, and it's not
it's bad news instead of good news, is the developers of
Tornado Cash, Roman Storm specifically was found guilty of
unlicensed money transmission inhis court, in his court case in
the Southern District of New York.
That is a very bad outcome. It's maybe not the worst outcome

(53:22):
for Roman Storm because he was also charged with money
laundering and sanctions evasionbut the jury couldn't reach a
verdict there. So he could get re prosecuted
for that or may not but he was found guilty of unlicensed money
transmission and this coin center has done tons of work on
this. It's just ridiculous because
Tornado cash never had control over user funds then certainly

(53:42):
not the developers of Tornado Cash and also not the torn token
holders. No one did.
They were in immutable pools on chain and FinCEN, the regulator
for who needs to register ISM asa money services business in the
US who is doing money transmission at the federal
level, has said you're not doingmoney transmission unless you
have total independent control over customer funds.

(54:02):
So you might ask, why is he thenguilty in New York of unlicensed
money transmission if the regulator said he wasn't ever
doing money transmission? And it's because of the Southern
District of New York has this sort of wild theory of criminal
liability for unlicensed money transmission.
That transmission is something broader than what the regulator
requires a license for. And they did it.
And therefore we can charge themwith this.

(54:24):
And what I think what's really happening is it's hard to charge
someone with money laundering sanctions evasion, because you
have to prove criminal intent, some specific intent to actually
hide some specific bad funds. And like, yes, North Korea used
Tornado Cash, but that was afterthey published the software.
And So what did they have intentto do?
They had intent to publish a privacy tool and then somebody

(54:45):
used it for money laundering after.
That's not intent to launder money.
That's intent to publish a tool that people will use to do lots
of things. It's much easier to charge
someone with unlicensed money transmission because there's no
intent requirement. All you have to ask the jury is
were they doing money transmission?
And we will tell you jury that we legally define money
transmission broadly. And did they knowingly transport

(55:08):
criminal funds while doing moneytransmission?
And I guess you could argue likethey watched it as it happened
with their software did it. So it's a, it's a much lower
bar. There's no, there's no need to
show the jury that they intendedfor this to happen or wanted
this to happen or directly facilitated it happening.
You just say did you have a license?
Or not. So it's saying that they watch

(55:30):
them watch their software do it and did nothing about it.
It's like insane because like watch, it's like, it's like
having a gun store and have someone buying the gun and then
watching that guy mow down a crowd of people as he walks out
your store, right? And, and that's why we we would
not usually subject people to a strict liability regime for
things that are not ongoing conduct.

(55:51):
We subject money transmitters toa strict liability regime
because they're always in control of the conduct on their
platform. And so maybe the reasonable
liability rule is if you're always in control, you could
always stop it. So if anything bad happens,
you're automatically responsible.
But that only makes sense in thecontext of a money transmitter.
If you're a software developer, having strict liability for all
the things that people do with your software for failure to

(56:13):
license it is just going to makeit impossible to publish
software because it's everyone knows most people do good things
with the software. Some people do bad things.
If you're responsible for all the bad things people do with
your software, you won't publishsoftware anymore.
So it's as I said, Roman could have had a worse outcome as far
as like jail time if they've been convicted of money
laundering and sanctions evasion.

(56:34):
But the fact that he was found guilty of unlicensed money
transmission is a very bad precedent for the space, because
that charge could be brought up against almost anyone in this
space. Because their theory of what is
money transmission that requiresa license is any facilitation of
the movement of tokens on chain,which is something that, like
everybody who's involved with cryptocurrency has done in some

(56:54):
way. And most of them, unless they're
like coins, Coinbase, have not gotten a license to do it.
So this is a very bad precedent.It needs to be challenged at the
appeal level. So we're hoping that Roman will
appeal his guilty verdict. Coin Center is also supporting a
civil litigant, Michael Llewellyn in Fort Worth, TX, who

(57:17):
is a developer who wants to release the privacy preserving
crowdfunding tool. He calls it Pharaohs and is
willing to sue the Department ofJustice for declarative judgment
before he publishes that tool toget clarity from a judge that
publishing that tool without licensing with Vincent will not
be a felony, will not be unlicensed money transmission

(57:37):
and coin Center is supporting his lawsuit.
So we have sort of multiple paths to address this particular
threat, legal threat to the permission that the the freedom
to build these permissionless systems.
We also have a legislative effort.
There's a bill moving through Congress called the Blockchain
Regulatory Certainty Act, which would create a safe harbor for
non custodial developers. And I'm actually optimistic it

(57:57):
already passed the House. It might pass the Senate.
There's like a good chance we'llactually get a legislative
solution to this problem as well.
This is the day-to-day work of Coin Center and now we are all
increasingly interested in privacy preserving alternatives
of KYC, but most of our work is in the trenches in the courts,
in the legislature, trying to protect developers from

(58:17):
inappropriate liability for other people using the software
to do bad things. So.
If you had to make a prediction,one thing that we don't yet see
coming, kind of like from the regulatory sphere for the next
12 months, what, what, what would it be?
You know, this is actually an interesting one.
People might be expecting me to say, like, something scary and

(58:37):
bad. The thing that's surprised me
most recently that I think a lotof people haven't grokked yet is
that the SEC, which until recently was a very aggressive
regulator in this space, interested in going after even
people who were potentially goodactors, tried to do their best
to comply. The SEC has done a 180 and
actually in a very good way. Hester Purse commissioner there

(59:02):
and the new chairman Paul AtkinsThey are they are legitimate.
They are they are very genuine when they say they want to
tokenize everything which is actually like Paul Atkins gave a
speech about this and they are also very genuine.
They talk about financial privacy Commissioner has to
purse give an amazing speech in defense of financial privacy

(59:22):
where she where she said we should celebrate rather than
attack the availability of technologies that will recreate
transactions that are like the transactions our forefathers
understood when they wrote the 4th amendment that if I pay you
in some coins or some some dollars, there's no record of
that transaction and that there's no way to surveil that

(59:43):
transaction in a warrantless way.
So between tokenizing everythingand technologies for financial
privacy are important and shouldactually be celebrated.
Rather than attack, the SEC sounds ready to do a lot of
proactive things in the space toenable the kind of global and
open and fair and liberal financial system that we want to
build. And.

(01:00:05):
There's open and liberal financial system and SEC in the
same sentence as something that I had on my bingo card, but
it's. And, and lots of people are, are
now aware of this, but I think Istill talk to people who are
like, should I go in and talk toCommissioner Purse about the,
the very potentially important tool that I'm building?
Or is that scary? Should I find a way to say that

(01:00:26):
like we can still preserve the role of say transfer agents and
other intermediaries in the system because they're wary of
like going full token tokenized?And I'm like, not necessarily
like everything's on the table. I think there.
And like there isn't necessarilyright now amongst the
commissioners a desire to reintermediate when that
reintermediation of securities transactions is inefficient and

(01:00:49):
unnecessary. So I think like just fully
tokenized equities are on the table and I think private
transactions are on the table. Now, there is an interesting
thing here where obviously we'renot going to have a world where,
you know, North Korea could steal a bunch of US equities in
tokenized form and they're not going to find a way to cancel
those shares. So we will still need tools for

(01:01:11):
identity and compliance on theseperhaps permissionless new
securities ecosystems. But that's again, part of why
I'm interested in finding like privacy preserving alternatives
to the ineffective KYC regimes we have today so that we can
find ways to like figure out what the issuer security issuers

(01:01:33):
liabilities should be or obligation should be vis A vis
the wrong person getting a hold of the US equities that they
issued. But there's ways to address that
in a tokenized environment that aren't like just rebuild a
transfer agent who's a person who's just like got a list of
names of shareholders and is like, well, we can't send that
to him, you know, like somethingbetter than them.
So so. Tell people working, learn more

(01:01:54):
about Coin Center and support your work.
So I think it's very important work, so.
All of our work is publicly available at coincenter.org.
This report that I mentioned on digital identity is one of the
more recent things we published.And also I think more people
should take a look at that amicus brief we filed in the
Pereira Bueno case about Mev boost.

(01:02:15):
Whether you're interested in minor extractable value or not,
it's it is it sort of helps tee up why there is this existential
threat to neutrality of the baselayer, in part because of the
transparency of the transactionson it and the inevitability of
regulators or prosecutors inferring legal duties on the
validators and then arresting them for failure to obey those

(01:02:37):
duties. So that amicus is also up on our
site right now, yeah. Super cool.
Thanks a lot. Thank you for taking the time
to. Speak with us.
It was a pleasure. Yeah.

All Episodes

Episode Transcript

Popular Podcasts

Stuff You Should Know

My Favorite Murder with Karen Kilgariff and Georgia Hardstark

Dateline NBC

.css-15opob5{left:0;position:absolute;top:0.8rem;} All Episodes

.css-14f5ked{margin:0;word-break:break-word;display:-webkit-box;-webkit-box-orient:vertical;box-orient:vertical;-webkit-line-clamp:2;overflow:hidden;}Why is the SEC Concerned about Privacy now?

Episode Transcript

Popular Podcasts

.css-r6mb8g{margin:0;word-break:break-word;display:-webkit-box;-webkit-box-orient:vertical;box-orient:vertical;-webkit-line-clamp:1;overflow:hidden;}Stuff You Should Know

My Favorite Murder with Karen Kilgariff and Georgia Hardstark

Dateline NBC

All Episodes

Why is the SEC Concerned about Privacy now?

Stuff You Should Know