The mining process starts with a pile of unconfirmed digital checks, cryptographically signed by the accounts’ corresponding private keys (in public key cryptography, only the private key can generate a signature but anyone can verify the signature with the public key). Each miner takes all the checks and decides which ones they are going to consider. Miners first have to make sure that each check they consider is valid and that the sending account has sufficient funds. Miners then choose from the set of valid checks they want to include and collect them together in a “block.”Below the fold, I look into the implications Weaver draws from this.
The main implication is that miners are providing money transmission services under US law:
The term “money transmission services” means the acceptance of currency, funds, or other value that substitutes for currency from one person and the transmission of currency, funds, or other value that substitutes for currency to another location or person by any means.Thus, in the US, they are required to follow the Anti-Money Laundering/Know Your Customer (AML/KYC) rules:
Not only do the miners have to make sure checks are valid, but they also have to make numerous choices beyond this, usually focused on maximizing revenue by selecting the checks that provide the highest fee to the miner. So a miner who creates a block is explicitly making decisions about which transactions to confirm. This successful miner ... is a money transmitter.And there is an existence proof that miners can use their freedom to choose which transactions to include in the blocks they mine to exclude transactions from unknown parties:
And these miners are transmitting a lot of value. Let us examine a single Bitcoin block — the newest block when I wrote this paragraph. In this block the miner, “F2Pool,” confirmed 2,644 transactions representing a notional value of $1.6 billion. Of course many of these transactions are simply noise (the Bitcoin blockchain is notorious for transactions that do not represent real transactions), but even the “small” transactions represent several hundred dollars moving between pseudonymous numbered accounts. And each and every one of them was processed, validated, selected and recorded by this one mining pool.
There is proof that one can attempt to produce a “sanctions-compliant” mining pool. Marathon Digital Holdings is a small mining pool (roughly 1 percent of the current mining rate). During the month of May, Marathon used a risk-scoring method to select transactions, intending to create Bitcoin blocks untainted by money laundering or other criminal activity. Yet they stopped doing this because the larger Bitcoin community objects to the idea of attempting to restrict Bitcoin to legal uses!David Gerard comments:
Nicholas Weaver points out that this completely gives the game away: miners have always been able to comply with money transmission rules, they just got away with not doing it.In the US the AML/KYC rules are enforced by the Financial Crimes Enforcement Network (FinCEN). Most countries follow FinCEN's lead because the penalty for not doing so can be loss of access to the Western world's banking system:
This basic observation — that cryptocurrency miners, no matter the cryptocurrency itself, are money transmitters and should be treated as such — would effectively outlaw Bitcoin, Ethereum and other cryptocurrency mining in most of the world. And some nations that generally don’t follow FinCEN’s model, notably Iran and China, are cracking down on Bitcoin mining because it poses both a local money-laundering threat and an obscene waste of energy.
HashCow will no longer sell mining rigs in China. Sichuan Duo Technology put its machines up for sale on WeChat. BTC.TOP, which does 18% of all Bitcoin mining, is suspending operations in China, and plans to mine mainly in North America. [Time] Mining rigs are for sale at 20–40% offWeaver points out the entrepreneurial opportunity a collapse of the hash rate opens up:
Chinese miners are looking to set up elsewhere. Some are looking to Kazakhstan. [Wired] Some have an eye on Texas — a state not entirely famous for its robust grid and ability to keep the lights on in bad weather. [CNBC]
Additionally, Bitcoin and other proof-of-work cryptocurrencies have a security weakness: The system is secure only as long as there is a lot of continuously wasted effort. If the available mining drops precipitously, this enables attackers to rewrite history (a rewriting process that, if it only removes transactions, is arguably not a money transmitter). I’m certain ransomware victims and their insurers would pay $1 million to a service that would undo a $5 million payment.He concludes:
It is time to seriously disrupt the cryptocurrency ecology. Directly attacking mining as incompatible with the Bank Secrecy Act is one potentially powerful tool.The whole post is well worth reading.
Update July 4th: Three days after I posted this, Nicholas Weaver co-authored a follow-up article with Bruice Schneier entitled How to Cut Down on Ransomware Attacks Without Banning Bitcoin which is also well worth reading. They write:
Ransomware isn’t new; the idea dates back to 1986 with the “Brain” computer virus. Now, it’s become the criminal business model of the internet for two reasons. The first is the realization that no one values data more than its original owner, and it makes more sense to ransom it back to them — sometimes with the added extortion of threatening to make it public — than it does to sell it to anyone else. The second is a safe way of collecting ransoms: Bitcoin.Alas, this is already out-of-date. When the DarkSide gang hit Colonial Pipeline:
Colonial Pipeline paid in bitcoin, despite that option requiring an additional 10 percent added to the ransom.DarkSide made a mistake in handling the roughly 75BTC and Dan Goodin reported that US seizes $2.3 million Colonial Pipeline paid to ransomware attackers::
"On Monday, the US Justice Department said it had traced 63.7 of the roughly 75 bitcoins Colonial Pipeline paid to DarkSideThe 10% additional ransom was for payment in Bitcoin rather than the more anonymous Monero. The ransomware industry has learned from this not to allow payment in Bitcoin. Lawrence Abrams reports in REvil ransomware hits 1,000+ companies in MSP supply-chain attack:
The ransomware gang is demanding a $5,000,000 ransom to receive a decryptor from one of the samples.The image of the demand shows that payment in Monero is now the only option.
Nevertheless, Weaver and Schneier's argument that the ransomware industry can be disrupted by targeting exchanges is plausible:
Criminals and their victims act differently. Victims are net buyers, turning millions of dollars into Bitcoin and never going the other way. Criminals are net sellers, only turning Bitcoin into currency. The only other net sellers are the cryptocurrency miners, and they are easy to identify.They also agree with my suspicion that Tether has a magic money pump when they write:
Any banked exchange that cares about enforcing money laundering laws must consider all significant net sellers of cryptocurrencies as potential criminals and report them to both in- country and U.S. financial authorities. Any exchange that doesn’t should have its banking forcefully cut.
The U.S. Treasury can ensure these exchanges are cut out of the banking system. By designating a rogue but banked exchange, the Treasury says that it is illegal not only to do business with the exchange but for U.S. banks to do business with the exchange’s bank. As a consequence, the rogue exchange would quickly find its banking options eliminated.
While most cryptocurrencies have values that fluctuate with demand, Tether is a “stablecoin” that is supposedly backed one- to-one with dollars. Of course, it probably isn’t, as its claim to be the seventh largest holder of commercial paper (short-term loans to major businesses) is blatantly untrue. Instead, they appear part of a cycle where new Tether is issued, used to buy cryptocurrencies, and the resulting cryptocurrencies now “back” Tether and drive up the price.I would add that, while they are correct to write:
This behavior is clearly that of a “wildcat bank,” a 1800s fraudulent banking style that has long been illegal. Tether also bears a striking similarity to Liberty Reserve, an online currency that the Department of Justice successfully prosecuted for money laundering in 2013. Shutting down Tether would have the side effect of eliminating the value proposition for the exchanges that support chain swapping since these exchanges need a “stable” value for the speculators to trade against.
banning cryptocurrencies like Bitcoin is an obvious solution. But while the solution is conceptually simple, it’s also impossible because — despite its overwhelming problems — there are so many legitimate interests using cryptocurrencies, albeit largely for speculation and not for legal payments.