Hot Takes

Law enforcement is learning about the benefits of open networks.

Last week I spoke at the National Cyber Investigative Joint Task Force's Digital Currency Symposium in Orlando. The NCIJTF is a multi-agency task force whose members include the FBI, NSA, CIA, Secret Service, and other law enforcement and technology-focused groups in the US government. The Symposium included talks from blockchain forensic firms Eliptic and Chainalysis, panels with compliance directors at leading exchanges as well as banks, and a talk from co-founding member of the Ethereum Foundation, Taylor Gerring.  My presentation offered a review of open consensus mechanisms, specifically, and an explanation of why open networks are critical for certain applications: electronic cash, identity, and the Internet of Things. The response was overwhelmingly positive; it's good to know that law enforcement understands the tremendous benefits these technologies promise given they typically spend their days mostly focused on the risks. 

Link / Tweet

Why do we get up each morning to work at a cryptocurrency nonprofit?

It’s for the same reasons that Zooko Wilcox works on Zcash, which he articulated in a great interview with Bitcoin Magazine today. It’s worth quoting in full:

The Internet is an unfinished revolution. I remember what the world was like before the Internet. You didn’t talk to people from other countries! National boundaries were communication boundaries. And you couldn’t talk to or share information with almost all of the people in your own country, either. You were dependent on a small number of personal acquaintances and information gatekeepers.

The Internet changed all that, and it changed the world, and it changed all of our lives for the better. The myriad ways that the Internet has remade and improved our lives is impossible to even measure.

But it is an unfinished revolution, because although it allows you to share information with potentially billions of people, it doesn’t provide a way for you to organize with them. You can’t cooperate with them to allocate resources. You can’t pool your resources with them, you can’t help them pay their bills or make sure they get food, such as by hiring them, buying something from them, or donating to them. And they can’t do that for you. You can’t enter into an enforceable agreement (a contract) with a group of people, unless your group fits into a product from the small number of gatekeepers that control such possibilities.

What is our role in history? I want to be able to look back and say that we played even a small part in reigniting the unfinished revolution. I want to be able to say we were there, pushing for that great transformation that began to wash away the suffocating mass of inefficiency, corruption, and isolation — the transformation that unlocked the potential of billions of humans who had been trapped behind walls — cooperation boundaries! If we can help that happen, and help it happen sooner, before it is too late for so many people, then it will have been worth it, whatever else happens.

If Coin Center can remove just a few regulatory rocks from the stream of innovation, allowing that stream to become a raging river of opportunity and freedom sooner rather than later, then we’ve spent our time well.

Link / Tweet

The blockchain powered future is amazing and maybe even a little scary.

This week Peter Coy and Olga Khariff wrote a thorough examination of the state of “blockchain” for Bloomberg BusinessWeek. It looks at some of the technology’s use cases being developed by banks and even companies like Toyota, which is imagining a smart contract system to govern car loans:

Some ideas for blockchain are a little scary. Toyota Financial Services has toyed with using a blockchain contract in which “if a finance payment isn’t made, the smart contract automatically transfers ownership and doesn’t let the owner use the car anymore. The car wouldn’t turn on,” says Chris Ballinger, the unit’s chief financial officer and global chief officer for strategic innovation. “People would do this voluntarily, because they can then finance at a lower rate.”

It goes on to highlight the bigger dreams of some blockchain enthusiasts. That is, to fundamentally improve how groups of people organize themselves by removing the need for intermediaries.

After streamlining companies, the next step for blockchain will be blowing them up. Ethereum, for one, goes beyond the ledger function to work more like Google Docs—shared software that can be used by all but is tamperproof. You can safely do business with someone you don’t know, because terms are spelled out in a “smart contract” embedded in the blockchain. There could be blockchain versions of Uber and Airbnb that are peer-to-peer: No company would need to sit in the middle of the transaction to gather data about your spending habits or collect a fee.

The entire piece is worth reading, not just for its clean summary of the current state of play for this technology, but also its thoughtful approach to examining what life in a world increasingly streamlined by smart contracts built on blockchains might be like.

Link / Tweet

Bitcoin is a legitimate technology that’s being exploited by extortionists for ransomware.

That’s the conclusion of a spot-on analysis by Danny Palmer in ZDNet this week:

Ultimately, it could be said that the internet itself has been a huge gift for criminals, who are now using it not only for ransomware, but also malware, Trojans, hacking, and all manner of illegal activities on the dark web. In that case, Bitcoin is just the latest in a long line of technologies that have brought benefits to the wider world while unfortunately boosting the criminal underground.

When we’re asked about the very real problem of ransomware, our response to policymakers is that not only is Bitcoin not the root cause of ransomware, but it has only been adopted by ransomware criminals because it works so well as a payments system. As we’ve said,

The truth is that criminals have, as usual, very strict design parameters for the tools they use because there’s no tech-support, contract, or legal recourse for a criminal whose tools fail to perform as they should. Criminals are using Bitcoin in this case because it’s a reliable system that just works. Ransomware hackers are rather like the proverbial rumrunners of prohibition: they like fast custom cars because almost everyone else is still driving a Model T.

And as Palmer points out, we can never forget about the “benefits to the wider world” these technologies are bringing to areas such as remittances, healthcare, metered payments, and maybe even regulation itself.

By the way, we have a video version of that rum runners analogy.

Link / Tweet

State banking regulators are nervous with the prospect of a federal fintech charter.

That’s what American Banker is reporting a great piece quoting several state commissioners.

Bank supervisors in several states, which already oversee many examples of tech firms that provide financial services, say a federal charter could provide regulatory favor to still-unproven firms. They also worry that a national charter could weaken states’ own established authority to enforce consumer protection and licensing laws for tech companies in the financial sphere.

“We believe a federal one-size-fits-all framework for fintech is neither possible nor appropriate,” said Maria Vullo, New York State’s superintendent of financial services. […]

[S]tate regulators say a federal charter could be seen as validating business models on a national basis before they have proven they can withstand a crisis. They also raise concerns reminiscent of the federal preemption battles before the 2008 financial crisis, saying that a federal fintech charter could undermine state authority.

Coin Center asked the OCC for a lightweight, limited-purpose federal charter that would give digital currency firms an alternative to the state-by-state patchwork of overlapping and incongruous regulation. Notice I said alternative, because state licensing regimes would remain untouched and would always be an option for firms who chose that route.

A federal alternative is necessary because we no longer live in a world where firms offer services within just one or a handful of states. Internet-native fintech firms are by definition national–or even global–companies from the day they launch. If the authority and influence of states regulators is weakened under such an approach, it would only be because a 50-sizes-fits-all model is outmoded and unworkable in today’s enviroment. And if the U.S. doesn’t recognize that in its national policy, then it will lose to other countries that will.

Link / Tweet

We got a deeper look at how law enforcement uses Bitcoin forensics.

This compelling story from Ars Technica gives us the deepest look yet into the corruption scandal that brought down two federal agents. The duo attempted to steal and extort hundreds of thousands of dollars from the Silk Road dark net market but were thwarted by a mix of investigative work and simple analysis of the publicly available Bitcoin blockchain. 

This new site, like no other before it, could accurately trace the history of bitcoin payments and wallets. Moreover, it was able to map wallets into known "clusters"—that is, mapping addresses to known entities like Silk Road, Coinbase, and other large Bitcoin players. (Wallet Explorer, and its commercial successor, Chainalysis, made use of academic research that first debuted in October 2013.)

There was more to this discovery. After becoming more comfortable with his blockchain analysis, Gambaryan strongly suspected there was another bad actor. The dozens of hours he'd spent tracing the movements of bitcoins through the blockchain showed some currency being moved in small groups, while others were bouncing around as large chunks. Force had made simplistic transfers of money using his own name. But Gambaryan saw another, more complicated set of transfers as well.

The whole thing is worth reading.

Our advisory board member Jason Weinstein, a former federal prosecutor and director of the Blockchain Alliance, previously looked at how law enforcement leverages the blockchain in investigations. Tools and savvy have only become more available since then. We will likely hear many more stories of criminal enterprises foiled by the blockchain in the future. 

Link / Tweet

Is the EU about to impose on itself state-by-state licensing of digital currency businesses?

That's the concern raised by Diacle's Adam Vaziri in response to a new European Banking Authority report on applying EU anti-money-laundering rules to exchanges and wallets:

[T]he EBA's remarks notably mention that VC exchanges and wallets operating in multiple countries in the EU "may […] be required to be registered or licensed in each Member State in which they intend to provide VC-related services".

The seemingly small aside in the nine-page response is notable, as such a measure would be akin to the state-by-state registration process that VC exchanges have to do in the US.…

Usually that process can take between three to six months, however, the VC exchanges and wallets will now need to contend with language barriers, administration and bureaucratic fragmentation in each member state where it wants to do business.

It is sadly ironic that registering in 50 states in the US may be easier as at least the process is in one language. The same state-by-state requirement in the EU will mean the VC exchange operator will need to contend with 24 official languages.

In the U.S. businesses face one national AML regulator and dozens of state consumer protection licensors. The easy "passporting" of licenses in the EU has been seen as a competitive edge for the bloc. That would be undermined if legislators pursue a new route that retains single "passportable" consumer protection licensing, but then require dozens of state-by-state AML registrations.

Link / Tweet

The California bill fight is over.

Faced with overwhelming opposition ahead of a Senate banking committee hearing on Monday, and with some in the state government unwilling to compromise, the bill’s sponsor, Assemblymember Matt Dababneh, on Friday afternoon decided to drop the bill and it won’t be considered again this year. Although constrained by different interests within and without government, Dababneh's intent has always been to bring regulatory clarity for digital currency businesses in California while remaining a state welcoming to entrepreneurs and encouraging of innovation. If he takes the issue up again next year, we’ll be happy to work with him again to get it right.

Link / Tweet

Here's an update on the new California digital currency bill.

We've been hard at work since Assembly Bill 1326 had its language replaced with new language earlier this week. As we noted in a recent blog post, this completely new language does nothing to clarify the status of digital currency users with respect to money transmission law (the original purpose of the bill) and contains language that could be interpreted to cover non-custodial services like mining, providing multi-sig services, or operating full nodes or lightning network nodes. 

We have been communicating with legislative staff and are happy to report that they have been very receptive to our concerns and suggested changes. We hope that the new bill will be amended to address our concerns. If that can be accomplished, the final bill may even be better than the previous version as there would be no capital requirements or other similar burdens on covered entities. That said, the bill today remains unchanged, and we cannot support it as it stands.

For those of you who are interested in our complete analysis of it, you can read here a letter we have sent today to the California Senate Banking and Financial Services Institutions Committee, which will soon be holding a hearing on the bill. It lays out in detail our concerns with the bill and our suggested changes.

Link / Tweet

What does the CFTC have to do with the Bitfinex hack?

Yesterday we explained that CFTC’s enforcement action against Bitfinex was not the proximate cause of the exchange’s hack, but some are arguing that it was the but-for cause. It’s probably also a stretch to say that the enforcement action was the but-for cause of the hack, but it certainly seems to be the case that Bitfinex implemented a multisig security model the way it did in order to avail itself of a statutory exemption to the Commodities and Exchange Act.

The exemption in question applies to retail commodity trades that result in “actual delivery” of the commodity (in this case bitcoin). What qualifies as actual delivery of traditional commodities like wheat or gold is pretty well understood and the subject of many court cases as well as CFTC guidance. However, what constitutes actual delivery of cryptocurrency has not been well defined.

As we pointed out a couple of weeks ago, the CFTC has before it a petition for a notice-and-comment rulemaking to define what constitutes actual delivery in the cryptocurrency. We believe the CFTC should grant that petition and embark on such a rulemaking, and we believe this for a couple of reasons.

First, rather than case-by-case negotiated settlements with individual companies, an open and transparent process in which all parties can provide input is a preferable way to determine the contours of actual delivery. And second, it’s possible, if not probable, that under consideration of the full Commission, rather than only enforcers, the CFTC might conclude that actual delivery of cryptocurrency can be achieved in a way that allows for many different security models and implementations. That would be good for everyone.

Link / Tweet