The overwhelming urge to merge
The domestication of DeFi and the siren song of number go up.
In this issue:
The overwhelming urge to merge
A machine for turning cow farts into money
New rules for federal access for cryptobanks
How can a man whose mustache is so right be so wrong?
“If we launch with MEV boost and Flashbots relay … it means that functionally we are launching with censorship built in from the Merge. As soon as the Merge lands we have censorship happening as soon as it hits the ground.” — Micah Zoltu
The overwhelming urge to merge
On August 8th the Office of Foreign Assets Compliance (OFAC) — the subset of the US Treasury department responsible for enforcing international sanctions — formally sanctioned Tornado Cash, a smart contract that let users mingle their money together to create financial privacy on the otherwise public Ethereum blockchain. One day Tornado Cash was a perfectly legal tool available to law-abiding citizens, the next morning it was an international criminal on the same scale as North Korea. Things happen quickly in crypto.
The law forbids US persons1 from doing business with any sanctioned entities, but since Tornado Cash is a tool not a person/company/country the rules are far less clear. Should law abiding citizens be able to retrieve their funds? Users of Tornado Cash are able to selectively disclose the origin of their funds to prove they are not illicit — but the sanctioned entity in this case is Tornado Cash itself. Doesn't matter that those funds belong to law-abiding citizens using them in legal ways?
What about users who receive a payment from Tornado Cash involuntarily? We talked last post about how a Tornado Cash user was sending celebrity accounts small amounts of tainted ETH. Should those accounts now be considered tainted as well, even though it is not possible to refuse payment in ETH?
Being confused about the rules is very reasonable, but since sanctions violations are 'strict liability' crimes it is not a valid legal defense. After years of openly flaunting securities laws the pirate kings of DeFi have been stumbling over themselves to show how eager they are to comply with OFAC. As of writing Circle, Infura (and by implication MetaMask), Alchemy, Flashbots, Uniswap, Aave, dYdX, Oasis and a host of others are blocking not just sanctioned transactions and addresses but also blocking any addresses that have interacted with Tornado Cash even if it happened before the sanction.2
That’s more than the law requires and totally contrary to the ideals of DeFi, but no one is excited to go to prison over those ideals. That’s not a hypothetical. Virgil Griffith is serving a 63 month sentence for having given a presentation on privacy tech in North Korea in 2019. Dutch authorities arrested a programmer named Alex Pertsev for his role in Tornado Cash and have held him for a week so far with no formal explanation or charges. No one knows for sure what the exact consequences of the OFAC sanctions will be but they will certainly be serious.
This is all unfolding on the brink of the Merge, Ethereum’s long planned transition to proof-of-stake validation.3 That's a bit awkward because it is the validators that determine what Ethereum transactions are legitimate and as of right now a super-majority of the entities providing staking validation are centralized companies in OFAC compliant territories. If the majority of the stakers after the Merge decide not to include Tornado Cash transactions they will be excluded from the network.
To be clear these issues are not exclusive to proof-of-stake: Ethermine (Ethereum’s largest mining pool) has also stopped including Tornado Cash transactions in the blocks it produced after the sanctions were announced. But proof-of-stake does exacerbate the dangers of government censorship in a few different ways.
For one thing a mining pool has significantly less control over its hashpower than a staking provider has over its stake. The owner of a physical miner can instantly redirect their support to a pool that supports the censorship rules (or absence thereof) that they prefer.4 The owners of the ETH that Coinbase is using to stake would need Coinbase’s permission to withdraw and move to a competitor — and that’s only once withdrawals even become possible, which developers are estimating will be ~6-12 months after the Merge.
If OFAC forces staking providers to censor transactions there will be nothing individual stakers can do. If the staking provider offers a token (such as Lido’s stETH) investors can sell their tokens (presumably at a discount) but nothing about the provider’s level of influence over the network will change at all. All staked ETH is committed until the developers release the tools needed to unlock it.
In proof-of-work the only punishment for misbehavior is wasted effort creating blocks the rest of the network will ignore. In a proof-of-stake system it is actually possible to punish misbehaving validators by slashing the balance of their staked ETH. But the definitions for good behavior are set by majority behavior. If the majority of validators treat blocks containing certain transactions as invalid, those blocks are de facto invalid. Validators trying to include those blocks will lose their staked ETH.
Ethereum supporters have unironically been forced to take to Twitter to plead for commitments to censorship resistance from the businesses that run major staking platforms right now. Coinbase CEO Brian Armstrong called it "a hypothetical we hopefully won’t actually face" and said he thought Coinbase would shut down the staking business rather than contribute to Ethereum censorship — but Coinbase also reported ~$1.1B in Q2 losses and recently laid off ~20% of their workforce. It’s not clear how much financial pressure they are or will be under. The largest staking validator Lido Finance (we’ve talked about them before) tweeted broadly about their commitment to keeping Ethereum censorship resistant … but they also disabled Twitter replies. Not exactly confidence inspiring.
Another wrinkle is that Miner Extractable Value (see this explainer if you aren’t familiar) requires increasingly specialized skills and software to stay competitive. That means the majority of Ethereum’s proof-of-stake validators don’t actually create their own blocks at all — they rely on specialists that are experts in how to maximize the transaction fees earned in a given block. The smaller of the two providers (BloXroute) is not censoring transactions but the larger of the two (Flashbots) has made it clear they have and will continue to comply with OFAC sanctions:
We are observing the first serious attempt to domesticate DeFi and it is forcing the market to undergo an abrupt, painful meiosis where the cypherpunk minority of the Ethereum community is being torn away from the larger mass of users who don’t mind government censorship as long as number go up. Coinbase, Circle and Infura cannot be the central pillars of a government-resistant ecosystem.
The developers could decide to delay the Merge (again) in the hopes of finding a technical solution but it would certainly be unpopular and there is no sign that they intend to. More delays would probably be very damaging to the price of ETH and to the investors who already staked their ETH and are waiting for liquidity. In some ways the government probably overplayed their hand a bit by revealing how much control they already had right before the Merge instead of right after, but it probably doesn’t matter.
The market appetite for the Merge (even without decentralization) at this point seems irresistible. The Merge has already launched to several testnets and appears to be working as expected. Nothing has actually changed about the network except people’s awareness of how it actually works. The forces that have centralized control over the proof-of-stake network are not bugs that can be ironed out or patched. They are the accumulated result of fundamental design decisions going back to Vitalik dismissing the idea of average users validating the network themselves as 'a weird mountain-man fantasy.'
The Merge will land. The number will go up. Coinbase users will be content. The decentralization of DeFi will end — not with a bang, but with a whimper.
Other things happening right now:
Here is a cool interview with the first Bitcoin miner in Ireland, who is using waste biogas from farming to power a local Bitcoin miner. That’s similar to the Bitcoin miners that have been replacing methane flares at natural gas mines but in an agricultural context. Mining this way converts methane emissions into carbon-dioxide, which is drastically better for the environment.
The Federal Reserve announced a new set of guidelines for financial institutions with "novel charters" to apply for and receive accounts directly with the Fed. That makes it possible for a crypto-focused bank to gain access to the banking network directly instead of needing to find a banking partner.
Presented without comment:
… and U.S. companies and companies that do business with the U.S so effectively all of international finance. To a first approximation everyone is affected by US financial law.
The majority of these companies are relying on a company called TRM labs to detect and block sanctioned addresses. Fun fact! The founder of TRM labs used Tornado Cash for privacy when he bought his ENS address and Bored Ape. Don’t worry though, TRM uses "time-bound attribution" to make sure his privacy is grandfathered in. Privacy wasn’t as suspicious back then, I guess! It was a simpler time.
Proof-of-stake is sometimes presented as a security upgrade and sometimes presented as an environmental upgrade but I don’t think it is actually either of those things. Mostly I think it is better understood as an effort to manage the Ethereum tokenomics for the benefit of people who are holding ETH rather than people who plan to use Ethereum. That’s the subtext of the 'ultrasound money' meme: ETH2 is good because number go up.
There is a rich and interesting conversation to be had about how decentralized physical hashpower actually is and how easy it would be for governments to detect and disrupt rogue hashpower, but GMail doesn’t have the technology to support long emails yet so I’ll have to defer that topic to another post.