CODE TO CONVICT

courtroom chaos in the case of tornado cash.

Foreword

I am going to open this one with a personal note, which is to say I stand with one leg in both worlds on this topic. My first job out of college involved building models of terrorism risk, and I'm an advisor to a company doing social media and blockchain monitoring to interdict hackers and scammers, among them nation-state actors sowing chaos. On the other hand, I'm a free speech advocate and firmly believe in things like fair banking access, where I have testified as a witness in front of Congress on Operation Chokepoint 2.0, argued against lawfare and torturing legal frameworks in order to over-police conduct by US regulators.

Suffice to say, I've put my money where my mouth is on both sides of this debate in the past, so let me start by saying this: anyone who thinks this case is not a truly complex set of facts that lays bare the fact that imperfect tradeoffs will necessarily exist at the heart of the privacy and security debate has not thought deeply enough about this problem and is missing something. Worse, it's complex enough before we get to the complicating factor of the absolute trash-tier level of understanding of some of the elements demonstrated in the court proceedings.

TORNADO CASH?

The truly short answer is that it is something called a "mixer" - in plain English, that's a tool to mix funds together from various crypto wallets, and then withdraw them into other wallets to obfuscate transaction flows. In other words, rather than wallet A sending tokens directly to wallet B, wallet A sends to the mixer, and then some time later, amounts go out to wallet C, D, and E, which are then sent to wallet B, complicating attempts to trace funds.

Imagine throwing money into a large bucket, and then much later the person you intend to receive the money comes to the bucket and takes out a few dollars at a time over weeks. If this sounds like some form of dead drop in the traditional physical world, that's because it kind of is.

TechnicalLY, No bucket

Early generations of "mixers" did indeed require you to effectively deposit money in a big pot controlled by some third party who you had to trust to send that money back out later. But Tornado Cash is a "non-custodial" mixer - you never have to give up control of your tokens, thanks to a Zero Knowledge Proof-based mechanism, and no one involved with the creation of the Tornado Cash protocol has any power to touch any of the money deposited to it, in any way.

This non-custodial nature of the tool was a major input to the confusing nature of the case: FinCEN way back in 2019 defined a "money transmitter" as an entity with custodial authority to move customer funds, and in combination with the Blanche memo, this led the government to a weird, partial theory of its Money Transmitting charge against Storm.

ANONYMITY

YAY OR NAY?

Is this anonymizing tool a good thing? No. Is this a bad thing? Also no. It is just a thing.

Privacy can prevent a hostile nation-state from spying on democracy or human rights activists; allow women in Afghanistan to hide that they own bitcoin; or allow my friend Omid Malekan (he was a witness in this case) to donate to Planned Parenthood without becoming a political target for right wing activists; or allowing a gun rights supporter to donate to political organizations without themselves becoming a political target for left wing activists. These are all in a range from totally acceptable to genuinely good things.

On the other hand, the North Koreans using a mixer to launder funds from a hack, where they stole the life savings of many people, destroyed companies, and ripped funds from the hands of their legal owners to fund the nuclear program of a deeply insecure fat kid who is intent on dressing like a parody of Hillary Clinton in Star Trek, is not a good thing. It's a very bad thing.

That might be a bit legally vague. Everything I said is true (sorry not sorry, Hillary), but we need to add some details to explain why this case is such a radioactive tire fire from both a complexity of facts and complexity of policy perspective.

The first is Tornado Cash isn't one thing. If it was, this would all be much easier. If Roman Storm, the developer on trial here, had simply written immutable smart contract code, slapped it onchain, and then walked away and never touched it again nor made any commercial representations about it, I think it's unlikely any of this case happens. You can tell from the way I wrote the previous sentence that this is not actually what happened.

There are additional layers to the puzzle here. First, prosecutors argued Roman Storm was running a business called Tornado Cash, while the defense tried to maintain some daylight by focusing on Peppersec Inc., the U.S. legal entity that launched the Tornado Cash service.

MECHANICAL COMPLEXITY

Structure aside, Tornado Cash had a social media presence, there was a front end (which is not an automated, decentralized, deployed thing), and there was a profit motive - albeit through the indirect mechanism of the $TORN token. This complicates things a lot.

It was also deployed on a blockchain, so its users were potentially everyone. Yes, you read that right. In literally every jurisdiction in the world where you had the internet, you could access Tornado Cash. This is part of what has driven much of the logistical and legal complexity of blockchain cases in general, and here it is no different.

So what is Tornado Cash? It's a mixer, a front end, a business, automated smart contract code, and more. Great, now we are done with the least complicated part of this (what, did you think we were starting off with the hard part? Buckle up!)

raison d'être (REASON to EXIST)

One of the under-discussed problems with public blockchains is the public part. There are millions of threads on the internet, mostly on X, but also sometimes other platforms, that grapple with the design and construction of things like blockchain governance, transaction throughput, validator frameworks, smart contract design, and more. But there is precious little out there about the public part of public blockchains.

Partially, this is likely because people spend less time thinking about privacy in general than they should, as privacy breaches are usually some form of negative tail event, rather than the kind of thing that people experience daily. Partially, this is because the actual tools to properly evaluate blockchain data are still somewhat esoteric, helped by the fact that most block explorers have interfaces that look like they were designed by engineers, for engineers, in the most user unfriendly way possible (or in the case of Solana, by a paranoid schizophrenic who believed that if the government could read the block explorer, lizard people would come mind control whoever built it).

The bottom line is that if you aren't taking steps to obscure your transaction trail onchain, once your wallet address is exposed, people can see everything you did. Made dumb trades? Used an exchange? Put money into DeFi? Bought things? All visible.

Think of the current banking system, only completely public (a comparison Storm's defense team made in its opening statement, to prosecutors' considerable chagrin). Once your pseudonym is breached, you're just out there completely naked. For some people, this is not a desirable outcome, and thus there have been efforts to create various implementations to provide some degree of privacy and either break the transaction chain (things like Tornado Cash) or eliminate it (Zcash).

Thus, unless you believe the correct stance for a financial system is default public for everything at all times always, you probably do agree with the initial thought behind creating something like Tornado Cash (even if you disagree with the specific implementation or the name).

REASON TO USE

Let's start with the one that is true: criminals definitely used Tornado Cash. This was a known fact throughout the industry, back to the whole public part of the public blockchain above. We could watch the North Koreans dumping money in there. That happened. They were not the only ones to use it (other hackers and scammers did, though the Pig Butchering scammers ironically used it much less, despite having made an appearance in the case, as they are somewhat less sophisticated at hiding their tracks). There were definitely legitimate users of Tornado Cash as well, and those users also likely had valid reasons to use it.

There were also very conflicted efforts to attempt to segregate this activity, with certain privacy-preserving but compliance-friendly options built into the protocol that proved to be some degree of too complicated / too ineffective / simply something people didn't care about, as the adoption was a rounding error on zero. Equally so, there was a front end that was being run, and it's almost 100% certain that both good and bad transactions went through there, though it's very different to have detected those after the fact vs. in the moment they were occurring (just ask any bank if they can interdict 100% of fraudulent activity in real time, after all).

More so, to front run the question, the criminal usage was not "small" for any realistic definition of small. It was not basis points or even low single digit percentage points. A lot of bad actors were using Tornado Cash. It's impossible to verify the exact amount, but estimates exist that indicate it is at least possible that a majority of the traffic going through Tornado Cash at some points was illicit activity. Not great!

David: Here again I'll interject a different perspective on criminal usage rates. Storm and his cocreators made some effort to filter illicit users from the frontend they controlled by installing a Chainalysis-run OFAC blocklist of sanctioned wallets, but this was at best marginally effective (arguably more CA and OFAC's fault than Tornado Cash's).

But given that criminals had effectively free access to the tool, the percentage of criminal use was lower than I personally would have guessed. According to defense analysis, 16 major hacks tallied by the prosecution amounted to around 15% of Tornado Cash volume over a two-year period. The next 16 largest known criminal uses of Tornado Cash amounted to about 2% of overall volumes in the same period.

Inference suggests continuing diminishing returns and a total criminal share of roughly 20% of TC volumes. That is in no way acceptable or OK in itself - but it does show just how much demand there was for privacy among honest users of Ethereum.

LEGALLY SPEAKING

Here is where things start to truly get complicated, as the answer to that appears to now be a screaming fistfight where nobody knows anything at the current point in time. Why? Let us start with what the criminal charges in the case were.

Roman Storm was charged with three things: conspiracy to commit money laundering, conspiracy to violate US sanctions, and conspiracy to operate an unlicensed money transmission business.

Before we get to the arguments and the jury's decision (and why, as a result, we are now in a world filled with chaos that will likely benefit nobody, least of all the government), let's talk about what the elements of each of these crimes are.

CONSPIRACY TO COMMIT MONEY LAUNDERING

This is a formal or (importantly) informal agreement to engage in conduct that violates the money laundering statute. This typically involves knowing that the property was involved in some form of unlawful activity, with the intent to either promote carrying on the unlawful activity or conceal the nature, location, source, ownership, or control of the proceeds.

Notably, an individual need not know all the details to be involved in the conspiracy, nor does there need to be a direct agreement. Instead, knowing the funds were criminal and the transactions were intending to disguise them, and then facilitating could be enough.

Importantly for this charge, there are some implications that matter for policy. One is that there is no licensing requirement. Anyone can be guilty of this; essentially, it's not okay for anyone to launder money or conspire to do so. Second, it requires some degree of intent (or, I suppose, potentially extreme degrees of gross negligence under some theories such that you should have known). If you genuinely had no idea the funds were derived from criminal activity, it's going to be hard for you to be deliberately engaging in conduct to violate the statute.

The jury deadlocked on this charge.

David: To clarify a point that initially confused me: money laundering conspiracy does not require a direct agreement with the perpetrator laundering criminal funds. There was no claim at trial that Storm and his partners ever communicated with criminal actors like North Korea's Lazarus Group.

Instead, the substance of the allegation was that Roman Storm, Alexey Pertsev, and Roman Semenov entered into a conspiracy to create a tool for criminal money laundering - without any knowledge of specific future users. The presence of criminal intent in the conception, creation, and maintenance of Tornado Cash was key to this charge. The jury's inability to reach a verdict on both this and the sanctions violation charge reflects that much of the prosecution's case rested on communications that were at best ambiguously criminal, while the defense presented ample evidence that non-criminal motives, specifically privacy, fundamentally drove the project.

CONSPIRACY TO EVADE SANCTIONS

The second charge, conspiracy to evade sanctions (e.g IEEPA), requires that there must be an agreement (similarly to the above, in that the agreement does not mean a formal written contract but may be informal), to willfully or knowingly engage in transactions prohibited by sanctions, such as dealing with property in which a sanctioned person or entity has an interest. OFAC is usually the source for who has been sanctioned here.

Once again, this conduct must also be knowing. If you bought a car from someone, and it turns out the car was previously owned by the North Koreans, but you had absolutely no knowledge of this when you bought it, it's going to be hard to hit you with a conspiracy to violate sanctions charge as you have to know there is a conspiracy going on to be part of it. Ignorance is a defense, in a way, though perhaps not blindingly idiotic ignorance. Being fair to the government there is some point at which, the car having the North Korean flag painted on it, the guy selling you the car being Kim Jong-Un, and being directly told "hey it's not an issue for you to keep this quiet because otherwise we have a problem" means that yeah, okay, you are implicated if you still go through with it or you are so dumb you are probably not competent to stand trial.

The jury also deadlocked on this charge.

UNLICENSED MONEY TRANSMISSION BUSINESS

Third, there was the conspiracy to operate an unlicensed money transmitting business charge, which is where things are going to start to get somewhat weird and where the true confusion has been introduced from a legal and policy standpoint.

Historically, money transmission (incl. in guidance by FinCEN, which the DoJ proceeded in direct opposition to in the Roman Storm prosecution, a fact that the judge barred from being introduced to the jury) is understood to include control of the funds, and the underlying act that has to occur for the conspiracy charge is operating a business that engages in money transmission, defined usually as the acceptance of currency, funds, or value to another person or location by any means (18 U.S.C 1960(b)(2)). Specifically, it is doing this without a license.

Here, you can see if you have been paying careful attention, we have turned left down what people previously thought was a dead end and are now in unexplored territory. Why?

David: Well, Tornado Cash is a smart contract implementation that is non-custodial, meaning at no point did the creators have literal control of the funds. In fact, if you wanted to be a real nudge, you could argue that Tornado Cash was specifically designed not to transmit money at all, but to make sure that only the original owner could retrieve the funds, using a ZK-based "secret."

At trial, prosecutors threw a lot at the wall, including through an expert witness from a blockchain firm called Anchain who proposed a frankly embarrassing alternate model of Tornado Cash relying on a centralized whitelist and effective full custody - a model which not only would have failed as a privacy solution, but which would have definitely made any administrator party to money laundering.

More broadly, prosecutors argued that their full control over the front-end and other digital infrastructure around the Tornado Cash contracts gave creators the ability to filter use of the protocol. Again, the mixed jury decision reflects the confusing inconclusive nature of these arguments.

MONEY TRANSMISSION PARADOX

Austin: Charging Roman Storm under this theory creates a deep legal problem: where, exactly, is the boundary that turns something from money transmission to not money transmission? If it's not control of the funds, what is it?

The legal reality, as I understand Valkenburg's read, is this: Prosecutors initially filed the MTB charge on fork A of statute 1960, failure to register. But in May, the Trump administration's Blanche memo guided a halt on criminal crypto prosecutions for non-registration, and prosecutors ultimately wound up instead focusing on section b1C of the statute - the handling of funds "known … to be used to promote or support unlawful activity."

Note that this is a different standard than that for money laundering, requiring mere knowledge of criminal users, rather than specific intent to facilitate criminal use. This standard is lower - again according to Valkenburg - because it follows a predicate assumption that the entity at issue is registered, regulated, and explicitly custodial, and therefore has greater responsibility and control to proactively monitor and control users.

But eliminating the registration fork of the MTB charge, as well as the custodial predicate, renders the verdict close to incoherent: Storm was convicted of being a negligent (rather than criminal) money transmitter, but was not accused of … being a money transmitter.

This all leaves the question of what qualifies as an MTB wide open, and subject to destructive re-interpretation. If we want to argue that Storm and co. were operating a front-end, then I have to ask the following question: are Chrome, Brave, or Edge money transmitters who need licensing? I say this because they do provide a front end that allows me to access my banking services (via the webpage of Chase or Bank of America or Wells Fargo or Citi or some such). If it's not them, is it the provider of the exact website that is the money transmitter? That's (more sane), but that starts to get muddy if we look into things like apps that then integrate these services or websites that actually rest on top of others (Amazon?).

If the argument is that someone, somewhere is licensed in the stack and thus everyone is riding on those licenses, then the argument here is that someone in Tornado Cash should have had a license but because nobody did it was conspiracy to engage in unlicensed money transmission. But then who is the person who was supposed to have the license? Was it… the end users? Peer-to-peer money transfers or self-sending requires a license? That seems like an odd outcome (also cash is now illegal?). Was it… the validator set? That, wow, okay, so now we are back to TCP/IP and any computer or server facilitating that is an unlicensed money transmitter?

It's just super confusing. Without the DoJ having concretely pointed to something saying: "This entity should have been licensed, everyone knew they were not, and thus the facilitation was knowing they should have been and then helping evade that requirement", it's just impossible to know exactly what they should have meant here.

There was also not a clear answer to this at the trial. I don't think anyone in that courtroom could walk out and articulate "this specific entity should have had a license, and here is why and what the dividing line is" if control is not the dividing line.

The jury convicted Roman Storm on this charge.

WHAT HAPPENED INSIDE THE COURTROOM

David: I'm not quite a veteran, but I've reported on several criminal trials in depth now - and this was simultaneously the most procedurally chaotic, legally complicated, and technically involved case I've ever seen, by far.

A huge amount of important wrangling took place in pretrial motions. Probably the most impactful came in October of 2024, when Judge Failla rejected a motion to dismiss and accepted the prosecution's strange definition of a money transmitter. According to Peter Van Valkenburg, this decision effectively locked the jury into a guilty verdict on the MTB charge, almost a year before the trial began.

The trial itself was professional in tone, but full of fights over evidence that unfolded in real time - and frankly, with some very marginal evidentiary practice by the prosecution. This started with the very first witness, Hanfeng Lin. Lin was the victim of a romance scam, who believed that her funds had been sent to Tornado Cash based on the advice of a "recovery" service called Payback - but it became clear after her testimony that this service itself may have been a scam, and it appears to have given her false information.

The defense, rightly skeptical that Lin had any connection to Tornado Cash whatsoever, floated the possibility of a mistrial. Scrambling, the prosecution tasked a subsequent IRS forensic accountant - not a blockchain forensic expert - with tracing Lin's funds. He used a "Last In, First Out" method that's meant for tax accounting, not blockchain tracing: as the witness admitted on cross-examination, his method did not establish ownership of the wallets it traced funds through, and therefore did not actually prove Lin's funds passed through Tornado Cash "at all". This could have led to an immediate mistrial ruling, but ultimately, it was left to the jury to reach the same non-conclusion.

Another mortifying (though less critical) example of strikingly bad prosecution evidence came in the testimony of an FBI forensic accountant who, for a start, presented pie charts that didn't add up to 100. The same witness, bizarrely, was tasked with walking through Peppersec Inc. bank accounts, which the agent admitted under cross examination did not actually show signs of money laundering activity - its only input was an investment from Dragonfly Capital, and its expenditures were clearly for legitimate business costs.

These costs were one element the defense could have honed in on a bit more sharply: The salary run rate for Peppersec was almost absurdly low, with less than $200,000 spent on roughly a half-dozen workers over about two years.

Perhaps the most directly objectionable element of the prosecution, though - and one that is largely now under seal in the official record - involved potential testimony by Dragonfly Capital's Thomas Schmidt. Dragonfly invested in Peppersec and the Tornado team, and Schmidt would presumably have been brought in to testify to the technology's usefulness. But instead, he plead the 5th out of worry that he was exposed to legal risk, even merely as an investor.

The defense tried to get prosecutors to explicitly say Schmidt was not at such risk, but the prosecution declined, describing Schmidt as still a "subject" of the investigation. Dragonfly cofounder Haseeb Qureshi responded to this oblique threat with fury. This effectively bumped what could have been an important defense witness - and then on Monday, once Schmidt was neutralized, the prosecution ostentatiously backtracked, insisting it had never suggested Schmidt was in jeopardy.

LONG-TERM IMPLICATIONS

This whole situation has created something of a confounding mess, due to a couple of issues that have been discussed. However, to sharpen the point, the following issues are likely to create a long-term impact in both linear and non-linear ways that will have a significant impact on the development of financial technology in America.

DEPARTMENT OF JUSTICE CREDIBILITY

First, the government has done a lot to damage their credibility in their cases here. To me, this is a huge own goal; I know for a fact there are highly competent people in the government or who are government contractors who could have done a much better job both with the fact patterns and information provided for the case than the prosecution.

Why introduce a victim who was caught in an unrelated scam (pig butchering) and then had a set of potential intermediaries between her funds and Tornado Cash, which may not have even had a direct link to the North Koreans? Are we truly saying that if someone takes money out of a Wells Fargo ATM, and that six hops later those funds are stolen and then used in a cocaine buy, that the victim of the theft has a legal cause of action against Wells Fargo? Because, insanely, that appears to be what the government is arguing here? If nothing else, plaintiff's attorneys all over New York should be sitting straight up after this ruling and coming up with a small horde of nuisance-level cases to chase every single bank, payments company, and money transmitter in the state on issues like this. If they aren't doing so, it's only because they don't understand what was ruled yet or want to wait for the appeal before hitting go, and as soon as they do, I am going to predict that things could get pretty weird!

Why proceed directly against the guidance from FinCEN on this topic, as well? If you really want to argue that an agency of the Federal government directly providing interpretive statements on this point has no legal power, then… uh… what are you saying in general? Apart from the obvious fair notice issues that this will introduce for people in the future, the government saying that the government is free to lie to you and then you have to figure out the legal consequences later when you are prosecuted is exactly the sort of thing that just caused a massive political backlash that might destroy the SEC, and we're saying yes, do more of that, and do it with the DoJ? It's shocking (and disqualifying) that this specific prong of the charge was not put on hold by the Trump DoJ if they could not come up with better, cleaner, and more clear arguments as to exactly why this was money transmission and where control was. As it currently stands, I defy anyone to give me a 100% clear definition of money transmission in the United States. It may also be doubly hilarious if FinCEN faces a rush of people who now want to register who do not meet the registration requirements. Put differently: as someone who has run businesses in this space, there are actual and significant consequences to a ruling like this that I don't think anyone involved thought deeply about, because if they had, they wouldn't have gone about it this way. Note: I'm not even saying you couldn't get to an unlicensed money transmission charge, but that even in a best case scenario this is like saying because all pigs are fish, 2+2=4.

Imagine people trying to figure out arithmetic works after that.

This is also why I think the jury deadlocked on the other two charges. A clean, clear prosecution argument about why Roman Storm built a tool that he definitely knew was being used significantly (primarily?) for criminal activity, with a direct path between hacks by the North Koreans using Tornado Cash to obscure their trail, and then continued operation and profit from Tornado Cash would have been the correct argument. That is the textbook informal agreement to commit conspiracy (e.g. the knowing turning of a blind eye for personal gain) argument.

There will be folks who say that is a losing argument and Roman did not commit the crime, and folks who will say that is a winning argument and Roman did commit the crime, but at least in that context we would have a clear, well-articulated case put before a jury that would give us a conclusive result that would likely stand the test of time.

Instead, the government did… well, whatever they did, because it's obvious the prosecutors running this case and some of the witnesses had the same level of understanding of blockchain technology that I have about products to treat male pattern baldness, which is to say I definitely cannot and should not be trusted to talk about that and if a court admitted me as an expert and allowed me to talk about that, they need to have their head checked.

In short, the finance and crypto space have been looking for ways to work together constructively and build bridges after the disaster of the last four years, but the Department of Justice has now put everyone on notice that talking with them at all might line you up to be prosecuted under truly unique theories by people who have no intention of defining a clear boundary. When the SEC did that under the Biden Administration, it lead to a near and total lockdown by the industry and experts refusing to communicate with them, setting us back from a policy and productivity perspective by at least four years compared to some of our nation-state adversaries. This risks the same situation, or at a bare minimum, everyone under the age of 40 thinking the Department of Justice is run by some combination of power-hungry self-serving bureaucrats and/or 90 year olds who don't understand that ConEd is not part of a conspiracy for providing electricity that was used to send an email about an illicit financial transaction.

CHILLING INNOVATION… OR WORSE

I think the chilling innovation point should be clear: if we don't know where the line on money transmission is, then I think it's going to be difficult for US entrepreneurs and software engineers to write code knowing where the boundaries are. That's not a controversial statement, either: it's usually nice to know if you will be breaking the law before you do something. If that's not possible, you are going to get less of it. If you don't believe me, please look into the entire canon around 1A law.

However, I don't think that's the most interesting potential implication here. I'm going to go the other way: what if say that the government's theory on how money transmission works under the law is correct? Here, we assume the DoJ had it right and we can proceed in good faith that some undefined combination of elements can create a magical alchemy where, even if all of them had been done individually they are not money transmission, then at some point combined together they become money transmission-y enough that boom, magic happens, and now you are unlicensed. Where is that line? Great question! It's based on vibes.

There are two words for laws like that: unconstitutionally vague. One line of attack that I expect to be raised here, if the appeal on the conviction does not succeed on the grounds that the unlicensed money transmission was handled incorrectly (be that on venue, evidence, jury instructions, or otherwise) is that the law itself is unconstitutionally vague. If someone cannot know in advance if what they are doing is a crime or not until some mustachioed gov't lawyer crashes through your wall screaming "MONEY TRANSMISSION" like a nightmarish parody of the Kool-Aid man, it's likely not constitutional. Of course, this doesn't mean the whole thing gets turned over (if we just go back to the control standard, the rules are very clear, which may have something to do with why FinCEN wrote it that way in the first place).

It would be a truly hilarious own goal for the government if, in attempting to expand or confuse the definition of money transmission to convict Roman Storm, they instead end up bringing down the entire foundation upon which their theory was constructed.

PRIVACY

One thing I know about the cypherpunk community is that they don't like the government and they don't trust the government. Partially this is because of their own anti-authoritarian proclivities, but also partially this is because the government is continually giving them good reasons not to trust them (see: SEC under Biden, Operation Chokepoint 2.0, etc.).

They aren't going to take this laying down. If anything, I suspect this probably leads to the development of more completely obfuscated protocols that make it harder, not easier, for the government to determine what is going on and who is involved. I also don't expect these protocols will be openly developed by identifiable individuals who we can then prosecute easily. Instead, you're going to see stuff run out of offshore jurisdictions that might be simply those that exist based on their out-of-reach-ness (Seychelles, anyone), or it might literally be those of our nation state enemies, but this is not going to go away. When you kick the cypherpunk hornet nest, you tend to get many small, anonymous stings in response.

IS ROMAN GUILTY?

So let's get to the final point that I know everyone is going to want to know, which is simple: is Roman Storm guilty of a crime?

Let us start with the easy one: either he is not guilty of unlicensed money transmission, or that statute is so broad and malleable that the law itself should be struck down (as it would likely implicate protected speech in at least some cases as applied by the government in this case - CoinCenter has been ably speaking about this, among others, and their arguments are persuasive).

Much more complicated, and impossible to assess given the government's absolutely inept handling of presenting victims and fact patterns, is the question of conspiracy to commit money laundering or sanctions evasion. Here, it is entirely possible that Roman Storm is, in fact, guilty of these charges and that a competent prosecution could have highlighted this in much more obvious fashion. However, that's not what we got. It would have been vastly preferable for everyone for Roman to have the best defense possible, the best prosecution possible, and a very clear, direct, and technically accurate presentation of the facts so that we would have gotten to a clear conclusion on this point.

We did not. Thus, it's impossible to say with any specificity if this is the case or not, leading us to the actively unhelpful chaos that we now face. However, if there is a decision to retry the case, I hope it is put in the hands of a prosecution team with far better understanding of the technology, and one that actually presents the case in a clear, effective manner to a jury rather than waving their arms violently screaming "criminals" and hoping that leads to a conviction on the basis of state-of-mind (which it clearly did not this time around).