AMA Highlights: TornadoCash Faces the Harshest Sanctions in History, What is the Path for Privacy Compliance?

Author: Oasis Chinese Channel

On August 9, 2022, at 19:30, the Oasis Network held a Twitter Space event themed "Tornado Cash Faces the Strictest Sanctions in History, What is the Path for Privacy Compliance?"

Recently, the news that the U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has added the Ethereum mixing platform Tornado Cash to the sanctions list (SDN) swept through the community. Many leaders and KOLs in the crypto world voiced their opinions on the impact of this event. What opportunities and challenges will this event bring for privacy projects like Oasis?

In this event, we were fortunate to invite three guests: Michael, a core developer at Celer; YL, a core contributor at Key_dao; and Kevin, the founder of BitKeep, to discuss related topics with the host, William, the ecosystem product manager for Oasis in China.

This article is a review of the highlights from this AMA event, with some content edited.

Self-Introduction Segment

First, let us welcome our guests, and please introduce yourselves to everyone.

Michael:

Hello everyone, I am Michael, a core developer at Celer. Celer was one of the first to develop Layer 2 scaling solutions for Ethereum and has gradually shifted towards cross-chain solutions. Cross-chain bridges are a highly focused area in terms of funding, regulation, and users. I am very happy to share privacy-related content with you today.

YL:

Hello everyone, I am YL from Keydao. Keydao is a research-oriented DAO organization that brings together top investors, researchers, and engineers from around the world, focusing mainly on privacy and scalability. We hope to reflect our research value in the infrastructure field, and I am very glad to share and communicate with you today.

Kevin:

Hello everyone, I am Kevin from BitKeep Wallet. We are a Web3 cross-chain wallet established in 2018. With increasing competition among new public chains and the future trend of multi-chain development, we welcome everyone to experience multi-chain Web3 through BitKeep Wallet. I am also very happy to share privacy-related content with you today.

Q&A Sharing Segment

Question 1:

The news of Tornado Cash being added to the sanctions list (SDN) has swept through the community. Many leaders and KOLs in the crypto world believe this is a government forcing all parties to completely block and restrict the operation of open-source software on the internet. What insights does this event provide for privacy projects like Oasis? What opportunities and challenges will it bring to the development of Web3?

Michael:

This is the first time a smart contract address has been added to the sanctions list, but this sanction cannot stop or shut down the protocol, which I think is quite significant.

For privacy-focused projects like Oasis, I think they may be forced to consider compliance and explore how to maintain a certain level of privacy in a regulatory-friendly manner.

There may be some practices, such as not being able to guarantee or achieve 100% privacy, and having to leave a place for regulators to observe. So I feel the impact on the entire industry is quite significant, and the industry will have to make many changes.

YL:

Currently, the regulatory intensity is increasing step by step. In the past, punishing sensitive projects only involved blacklisting or shutting down the front end. Now, because smart contracts run on multiple nodes, it is difficult to handle; they can only add some suspected addresses to the blacklist and prohibit transactions with these blacklisted addresses, which is a stronger measure than previous methods.

Taking Ethereum as an example, a smart contract is equivalent to an independent legal entity. Once deployed, it is difficult to change. Therefore, in order to address or investigate such issues in the future, regulators may even need to intervene with Ethereum nodes. There is a heated discussion online that since 60% of Ethereum nodes are actually under OFAC control, if OFAC really wants to regulate, it means they can directly disable your Ethereum account. Of course, this may be a rumor; I have not verified it.

When analyzing the entire situation, the first question to answer is whether this trend will continue. I feel it will definitely continue and will only become more severe, not slow down. However, I believe that simply focusing on privacy is not within the scope of the crackdown; creating anonymous systems or confidential systems is actually not targeted.

In the future, I think the industry will be healthier. The result may be that it will cultivate some more mature infrastructures, which may give rise to a better ecosystem. Additionally, I think this is the basis for our confidence in Oasis or similar privacy projects. Previously, there may have been concerns about being phased out or negative impacts, but in the future, privacy will still be a long-term stable market.

Kevin:

Privacy has a very strong appeal and following in the capital market, but at the government level, it has been labeled with colored glasses. I think the biggest impact this has on the entire industry is whether we should really operate under the privacy label.

Privacy is actually a heavily regulated area. I believe that a large number of Bitcoin transactions involve money laundering, but this is difficult to pursue because Bitcoin itself has been designed with privacy in mind since day one, yet it does not promote privacy. As a project or a sector, solely focusing on privacy is problematic.

Taking a field that a Chinese person is particularly familiar with, it is said that public opinion regulation within China is very strict. If you look at the fastest information dissemination today, it is no longer the huge media we know, such as Douyin, but WeChat groups. Its essence is that it operates as small nodes in a previously compliant environment, which means we believe that privacy will have a long-term trend of protocolization in the future. This is an opportunity we see: in the future, if you do many things, such as what we are discussing today about public opinion control, when everyone becomes a group of 500 people, the number of groups far exceeds the regulatory scope, a new opportunity arises.

Our current situation is similar; can we make our business in the mixing process more difficult to define and capture? I think this is an opportunity we see. In the future, our mixing activities may not have a huge well-known platform to solve them, but perhaps there will be 10,000 small platforms.

So this is our viewpoint; I think it marks the beginning of a new trend for the industry—not just promoting privacy but promoting compliance while doing privacy.

Question 2:

From the delisting of Zcash and Monero from mainstream exchanges to the sanctions on Tornado Cash, crypto privacy tools have frequently faced regulation. How should we view this phenomenon? What is the path for privacy compliance?

Michael:

From a regulatory perspective, there may be strict supervision over the entry and exit of funds. When regulators ask about the source of funds, you must provide a set of documentation. However, I think other privacy aspects, whether public chains or protocols, may need to address this. For example, providing regulators with a proof or an option to open a window for them to verify the legality of the source of funds.

Of course, one can choose complete transparency, which means there are two types of transactions: one is completely without privacy, and the other is completely privacy-focused. I feel that in the future, whether technically or operationally, there may be a requirement to open a window for regulators. Then at the entry and exit points, allow regulators the option to verify compliance, which is some of my personal speculation.

YL:

Compliance is greater than privacy, but compliance must also align with the spirit of crypto, finding a balance between regulation and crypto. If we continuously prove compliance, starting from the legality of some local funds and gradually approaching global legality, we can preserve the existence of projects like Tornado Cash. These projects may not necessarily be rejected by regulators.

Building such a compliance system that is native to crypto will take time and experimentation. Everyone is trying, so I think if regulators oppose Tornado Cash, their stance is too absolute; they only oppose what they want to oppose and dislike what they dislike. If this issue can be resolved well, then the remaining projects may all be valuable applications.

Privacy actually has two concepts: one is privacy as anonymity, and the other is confidentiality. These two may be somewhat technical terms, so simply put, for example, in a bathhouse, if someone suddenly barges in, do you cover your face or your body? Covering your face means anonymity, while covering your body means confidentiality. Which side are you trying to protect? These two methods of confidentiality correspond to KYC and AML. If you cover your face, some regulators may see that as non-compliance. Depending on different regulatory needs, I use different privacy solutions in different places to address specific issues, and then combine them. The combination of what Kevin mentioned, that compliance is greater than privacy, can perfectly find a compromise in our verbal and normal compliance world.

Kevin:

Binance's use of SBT to solve problems is quite eye-catching, as it essentially throws the on-chain identity issue to the regulators, which is a clever approach.

The trend of people pursuing freedom has no endpoint, but it also brings more problems because some malicious individuals or some improper things at the regulatory level exist. So from this perspective, I am more inclined to believe that compliance is the only way out; it is not a compromise but a method of continued progress.

I believe that every major economic advancement in history has been driven by people who are good at communication and compliance, telling the story well. I hope that in this process of promoting privacy, there will be more intelligent people in the world who can tell this story well.

Question 3:

It is reported that the main reason for the sanctions on the Tornado Cash protocol is that it has been used to launder over $7 billion worth of digital currency since its creation in 2019. However, many community members believe that focusing solely on privacy facilitating illegal activities is very one-sided.

What role do you think privacy technology will play in Web3? How can we better stimulate the greater value of privacy in benefiting society?

Michael:

From a practical perspective, I feel there is still great potential in this area. On one hand, people may think that blockchain's public transparency is a good thing, but from a financial perspective, privacy is still very important. Whether for large holders or even retail investors, no one wants their operations to be seen by so-called market makers. Therefore, I believe there is still a lot of room for the development of privacy.

Additionally, regarding personal identity, there have been many identity leakage incidents recently, both domestically and internationally, which have had a significant impact. I feel that privacy can play a significant role here. Many identity information cannot be trusted in a centralized Web2 entity because almost all centralized entities carry risks.

Of course, this does not contradict regulation at all, as you can prove your personal identity to regulators through other channels, but it does not mean that this information must exist in a centralized entity. These two are completely not contradictory. Therefore, I believe that from both practicality and necessity, privacy is very important and will play a greater role.

YL:

I have also learned that Oasis has collaborated with a gene sequencing company, and these directions are also areas we can focus on. Many real-life scenarios can align with privacy, and these gene platforms have such collaborations. However, I believe that in the future, these things may become more grounded and closer to our lives, rather than just presented as a story.

William:

Thank you, YL, for mentioning the collaboration between Oasis and Genetica. In this collaboration, users can retain ownership of their genomic data, while Genetica can analyze the data without viewing the client's raw information. The specific process is as follows:

When users purchase a gene testing kit and submit samples, they can log in to Genetica to obtain test reports and learn about new gene mutations and risk scores.

After the collaboration, user data in Genetica will be stored on Oasis's platform, Parcel. After creating an Oasis account, clients can view data usage policies and grant authorization. Their gene data will be encrypted through Parcel and loaded into a Secure Enclave environment (a type of privacy computing technology that can be understood as a trusted execution environment, providing an isolated computing environment to protect privacy and security for applications and their data).

Before Genetica calls data and analyzes usage, Parcel will verify the client's authorization and compliance with the stated usage policies. Only with client authorization can Genetica execute code, call data, and generate new gene reports based on the latest scientific discoveries in the Secure Enclave environment. Additionally, Parcel users can return to the Oasis Steward application at any time to view the complete history of when and how their genomic data was accessed. They can also use the Oasis Steward application to revoke permissions at any time, ensuring they have complete control over their genomic data.

Meanwhile, in addition to data rights confirmation and monitoring purposes, users can actually receive benefits from sharing data. If a pharmaceutical company needs to access the Genetica database for research, they need to pay individual users based on the number of calls and the volume of data.

As a Layer 1 blockchain network that balances privacy and scalability, Oasis is committed to not only protecting data but also stimulating data benefits, returning data and its benefits to users, realizing our vision of a responsible data economy. Therefore, we are very dedicated to applying privacy technology to more practical aspects of life.

Kevin:

First, I want to talk about what I think is the relationship between privacy and Oasis. I personally understand that the most important aspect of privacy protection is the gradual separation of individuals and accounts, which is very important. I believe the greatest contribution of the metaverse lies in this, rather than what people imagine it to be, which is to solve the relationship between accounts and individuals.

When everyone escapes the shackles of "one account, one person," a more virtual self can fully establish a persona. In this process, it can even have income and expenditure, but this persona can be independent in this world, not necessarily bound to a single individual. I think this is an absolute trend, but at that time, thinking about regulating an individual will become more challenging.

I believe the core today is that when we can no longer easily trace an individual, we will usher in a future where the creativity of society is greatly enhanced.

Privacy technology, to a certain extent, redefines people's understanding of assets and ownership. I am looking forward to more innovative collaborations in the future. Organizations will be reshaped, and companies will gradually form new organizational structures. All of this is brought about by new technologies, so I believe the greatest role of privacy is to promote the birth and creativity of previously unseen organizational forms.

Question 4:

Many people firmly believe that the multi-chain era will be the future, but frequent security issues with cross-chain bridges seriously hinder the development process of the multi-chain future. How do you view the current development pattern of cross-chain bridges? How can privacy protection be achieved in the process of multi-chain development?

Michael:

The security issues of cross-chain bridges are indeed concerning. Some larger cross-chain bridges have experienced more or less security issues. I think we can analyze this from two points:

On one hand, many cross-chain bridge projects or official bridges, once hacked, involve very large amounts of money. Therefore, we can see that their security awareness or measures are insufficient. When handling such large amounts of funds, basic risk control measures are necessary. Our Celer's cBridge has implemented many such measures, ensuring that even if there are issues with the contract or bugs on our end, it will not result in significant losses. In terms of security, we have established a POS network that requires at least a dozen nodes to jointly perform cross-chain multi-signatures, making it unlikely for one or two nodes to fail and result in the loss of funds for the entire bridge.

Currently, the situation of cross-chain bridges may need to evolve, meaning that the bridge itself should not have such a high TVL; it would be more reasonable for funds to remain within various protocols. This way, both in terms of security and capital utilization efficiency, it would be more efficient than the current form.

Regarding cross-chain privacy, we have already seen some collaborative protocols that have created a cross-chain classification, where one chain deposits and another chain withdraws, while retaining the characteristic of privacy during the cross-chain process, which is very interesting.

We are also continuously exploring, including direct dialogues with regulators. From the protocol itself, we can ensure that ordinary users will not be sanctioned, but on the front end, if an address is suspected of interacting with this team, we may provide some relevant warnings or temporarily block some IPs or addresses from the front end, which is also possible.

YL:

I would like to share some insights about cross-chain bridges from an investor's perspective. I believe cross-chain bridges are a rapidly developing field with a relatively clear track.

In the past, people thought cross-chain was a false proposition because there weren't many ecosystems on-chain at that time. So, cross-chain bridges seemed a bit early. Later, as the ecosystem grew, people felt this track became certain, leading to a massive influx of funds, which caused some issues.

On one hand, investors have given cross-chain bridges very high valuations, often exceeding hundreds of millions. On the other hand, the locked funds in cross-chain bridges are substantial, leading to heavy responsibilities. This means that for such projects, the entire team needs to be more stable and prudent.

We often see some projects with good financing and great reputations encountering issues during their ongoing processes. If these issues are not technical, I believe that technical problems are a small part; the majority are issues related to team mentality or mismanagement.

The key question is whether the team's mindset is stable enough and whether they can grow alongside the technical cycle without being influenced by the capital cycle. I think this is a crucial point that tests the team's resilience.

Kevin:

The reason cross-chain bridges frequently encounter problems is fundamentally that the cost for hackers is too low, while the team manages too large a sum of money. It is unrealistic to expect the team to have a conscientious mindset.

I believe the essence of this matter is that if you have such significant power to control assets, you are essentially providing centralized services, and your responsibilities are akin to those of centralized exchanges. Today, you bear such a significant trust responsibility. I believe this matter must have two dimensions: first, it must have sufficient profits. If the business model of cross-chain bridges does not generate substantial revenue, why would they have the obligation to maintain the cross-chain bridge? It cannot just be based on high valuations; this is the first issue.

Secondly, it must have a strong business loop to help it maintain sufficient technical costs. Therefore, I am skeptical about whether cross-chain bridges are suitable as a purely independent business. At the same time, we are also very vigilant about fulfilling the role of bridges and not allowing cross-chain bridges to become places for asset hoarding.

Question 5:

Tornado Cash is a privacy solution based on ZK-SNARK (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge). How do you view ZK-SNARK? Besides ZK-SNARK, what other feasible privacy computing solutions are there?

Michael:

Regarding other privacy solutions, I recall there are two types: one is FL (Federated Learning), and the other is based on core computing, specifically TEE (Trusted Execution Environment) technology. This means that if you trust the hardware to be secure or reliable, you can use TEE to perform some privacy settlements. In fact, if it supports smart contracts or general privacy computing, the cost is relatively low, and it is also easier to implement and land. From the perspective of project parties, I may be more optimistic about TEE technology in the short term.

Of course, in the long term, achieving completely trustless privacy computing may be better served by TEE technology for now; this is my personal viewpoint.

YL:

Currently, from the algorithmic perspective, there are mainly three: one is DK, another is the aforementioned Homomorphic Encryption (HE), and the last is MPC solutions. I feel that the MPC solution can be implemented the fastest. I think MPC is already being applied in some bridges or custodial systems, so I am quite interested in this area.

Kevin:

To be honest, we are also very focused on ZK (Zero-Knowledge Proof), but there is a practical issue. Our entire direction is somewhat different from what everyone thinks. There are many applications within the ZK direction, but I have always felt that privacy is the core demand. I am skeptical about this matter; we are currently most concerned about privacy issues, or rather, we call them security issues. We want to find ways to solve them, and we want to explore more offline private key management solutions. Compared to privacy, the bigger issue is actually security. We believe that security issues may ultimately lead us to hardware solutions. We are still working hard to achieve effective isolation between hardware and mobile devices while ensuring a certain level of user experience. I think this is a particularly important aspect we are focusing on.

The second issue is the wallet track. I can simply describe it as the core competition in the wallet track being operational competition, providing users with an unprecedented experience while lowering the threshold. Everyone is extremely concerned about security, which is our lifeline. I believe that in the next two years, you will be able to log into Web3 in a simpler way, discarding private keys just like using an account password. This will be an opportunity for the first significant increase in Web3 users.

From the wallet perspective, privacy may be a topic after security and low thresholds, but this is my viewpoint, and I welcome communication and discussion.

Question 6:

The recent sanctions on Tornado Cash primarily focus on privacy transactions, which easily brings to mind the development of PriFi. How do you view the future of PriFi? As a high-performance Layer 1 blockchain network that balances privacy protection and scalability, will Oasis become an ideal soil for developing PriFi?

Michael:

I personally have great expectations for privacy finance or finance with privacy features. I am also looking forward to seeing infrastructures like Oasis that focus on privacy. Whether from user awareness or from some protocols, adding privacy to the protocol itself is important. This may still depend on user experience; if a good experience can be achieved without excessive changes, I think it will be quite beneficial. Of course, Oasis has some advantages in this regard. If it supports smart contracts and adds privacy features, it can easily integrate with existing Web3 infrastructures like MetaMask with slight modifications to the protocol, which will be very helpful for the popularization of non-privacy finance.

YL:

I would like to temper expectations a bit. I think Oasis may not need to rush. If we categorize the current mainstream DK privacy technologies, or even the MPC and FL privacy technology solutions mentioned earlier, DK is relatively more advanced. Therefore, in the short term, DK and TEE are basically indistinguishable.

In the mid to long term, DK has a parallel expansion plan, which may face a computational burden of consensus and proof in the future. However, choosing the TEE route does not have this issue because TEE is hardware, and all miners must possess first-class technology chips. Therefore, many aspects of its architecture do not involve consensus or proof. This is an advantage of Oasis, but the manifestation of this advantage will only become apparent when the entire Layer 2 ecosystem has significant applications; at that time, the advantages will stand out.

Before this advantage, everyone is essentially at the same starting line, which means the things being done are quite similar. At this stage, everyone is also introducing ecosystems, and who can win will depend on who can better attract more developers' favor in the earlier stages. In this sense, I am confident in the long term, but in the short term, I think the competition is very fierce.

Kevin:

I am not sure if my understanding is correct, but I am very interested in privacy. I believe that the direction of future society will definitely be in solving problems we have never encountered before, problems we never thought of. Typical applications like shared bicycles and Didi emerged when smartphones were just becoming popular, and people were unaware of these issues.

I believe that privacy, including low-carbon initiatives, has a high likelihood of being realized through these new technologies. However, I remain skeptical about the methods of realization and look forward to the surprises brought by ecosystem development.
Thank you to the guests for their answers, leading us to further understand the past, present, and future of privacy compliance. Thus, this Space session comes to a close. Thank you to the guests for their wonderful speeches, to everyone present for their active participation, and to the media partners for their strong support.

Looking forward to the next event, let’s meet again!