Software developers have a surprising way with words. While people in other trades form chambers or associations, they join “communities” — the name given to loosely-organised groups that collaborate on the open-source software that makes our technological society hum.
As marketing language goes, it’s hard to beat; there are few warmer and fuzzier appellations in English. Think of communities and good things come to mind: families picnicking in park, kids at the local school raising money for charity, friends helping each other out after a storm.
But some developers are less neighbourly than others, and we could use new words for them. A case in point comes from the blockchain world, where there are communities working today to thwart the enforcement of anti-money-laundering laws through the creation of so-called privacy coins — cryptocurrencies designed to be difficult to track or trace.
The threat posed by privacy coins can be gleaned from the fine print of a federal criminal complaint filed this month, which accuses a New York couple of laundering proceeds from the August 2016 hack of the Bitfinex exchange that netted bitcoin worth $4.5bn at the time the government acted. Among the techniques they allegedly used was converting some of the bitcoin into “anonymity-enhanced virtual currency”, the filing says, the most notable example being a privacy coin called Monero.
The lawyers for Ilya Lichtenstein and Heather Morgan have described the evidence against them as weak. But the case has been hailed as a triumph for law enforcement and that is true, to a point. Their arrests and the seizure of $3.6bn in bitcoin allegedly in their control demonstrated the ability of authorities to respond to thefts on blockchains and recover the proceeds. Just as the FBI secured the nation’s banks against the John Dillingers of the last century, high-tech crimefighters are making progress in protecting cryptocurrency platforms from computer hackers today.
The authorities benefited from the fact that blockchains are public. They could track down the stolen bitcoin because they never lost sight of it; the proceeds from the hack moved to “wallet 1CGA4s” and most of it stayed there. The tough part was linking the loot to the alleged perpetrators. By his reading of the complaint, Tom Robinson, chief scientist at Elliptic, a blockchain intelligence firm, said he believed the break in the case came in 2017 when US officials shut down a “dark net” site called AlphaBay. “It was necessary to trace the stolen bitcoins through AlphaBay in order to link these funds to the two alleged launderers,” he said.
Stopping hackers, however, is not the same thing as preventing criminals of a traditional sort from using crypto to move their money across national borders or to swirl it around to conceal its origins. The significance of the Bitfinex case in that battle is less certain because of what seems to have happened to the alleged launders’ Monero, which obscures the identities of its owners by using “ring signatures”, meaning multiple parties are involved in signing a transaction so it is hard to tell which one initiated it.
Based on government documentation, Robinson suspects the authorities did not trace the privacy coin. Whether they were unable to crack the Monero community’s cryptography or did not need to do so, Robinson reckons the result could increase the crypto’s appeal to bad actors.
“This might push launderers and criminals to use Monero to a greater extent — they will see how traceable the bitcoin was in this case and this will push them to using Monero instead,” he said. “We have to accept that untraceable digital cash does exist. The question is how we deal with it.”
I would suggest that before more taxpayer funds are spent on another money-laundering investigation involving privacy coins — and I would bet the Bitfinex bust did not come cheap — one of our congressional committees or someone in the executive branch of government should summon representatives of the Monero community to talk things over.
A little dialogue might go a long way.
There are reasons to worry about the protection of personal privacy on the public blockchain, and based on their writings, members of the Monero community mean well. “Monero’s state of the art cryptography obfuscates every layer of a transaction,” they say on their web site, to empower people in “oppressive countries or depressed economies” and protect “consumers and companies from price manipulation, supply chain exploitation, economic discrimination, or the like”.
At the same time, the representatives of the elected government should make it clear that even software developers have responsibilities to the wider community. Money laundering is the way big-time criminals get away with their ill-gotten gains. Giving up the fight against it would hand a victory to the kleptocrats, the terrorists, the racketeers, the drug traffickers and the pimps.