Ethereum is censoring transactions

On October 14th, more than 50% Ethereum nodes blocked Tornado Cash related transactions, complying with a US ruling to block the service.

To be clear, as of now Tornado Cash transactions are still going through and will continue to do so as long as some portion of nodes are creating blocks that include them and more than 50% of validators accept blocks that include Tornado Cash transactions.

To understand this better, let’s look at how Ethereum processes transactions. First a user submits a transaction to the network; at this point the transaction is considered pending. For every block (bundle of transactions), one node is elected to be the block creator, and they get to decide which of the pending transactions they want to include, it’s completely up to them. Once they’ve created the block, they ask all other nodes to approve their block. This is designed to stop fraudulent blocks from going through, but nodes can reject a block for any reason. Once more than 50% of nodes accept a block, the block is deemed valid and all of the transactions within the block are permanently locked in.

image.png

Right now, the censorship of Tornado Cash is limited to the elected node choosing not to include the transaction, but it’s easy to see how Tornado Cash could be completely blocked if nodes started rejecting any blocks whatsoever that include a Tornado Cash transaction. And if more than 50% of nodes decide to do that, then Tornado Cash will cease to exist. Censorship resistance will have completely failed.

Given that more than 50% of nodes are already complying with the ban in some form, it’s easy to see how this scenario could quickly become a reality.

To make matters worse, the Tornado Cash ban was not just applied to Ethereum nodes. Included in the ban was their domain name, Github accounts (including personal accounts all contributors) and infrastructure providers Alchemy and Infura (who provide access to the Ethereum network, in an easier but non-decentralised way). These additional bans made it more difficult to run the service, and for users to find it.

The fact that all these bans has not taken Tornado Cash completely offline is a testament to how far we have come in web3, but at the same time we can and must do better.

D_D Newsletter CTA

The road to better censorship resistance

Ethereum is an incredible protocol, but one of its major weaknesses is that all transactions are public. Any node on the network can see what smart contract is being called, what data is being sent, which node was elected, and which transactions they included. This makes it trivial for the US government to see exactly which nodes are complying with their ban, and which are not. And because a large portion of the nodes are run in the US, compliance is high.

Of course, increasing decentralisation, so that more nodes are run outside the US would be a good short term solution, but in practice that is hard to enforce. You could try to incentivise nodes from outside the US to be a larger part of the network, but proving the location of a node is almost impossible.

The only real long term solution, is to make nodes participating in the protocol completely dumb to what is actually being processed. That’s actually how the internet already works. Almost all data on the internet is encrypted, so network infrastructure cannot reject certain types of messages (although they can of course block domains and IPs).

New types of protocols that support this type of blind processing are starting to appear (including the company I co-founded, Polybase), so in time this problem will start to dissipate.

In addition to better blockchain infrastructure, we also need more applications themselves to be decentralised. A decentralised application is more than just the code running on the blockchain. These applications need software, collaboration and discovery tooling to continue to exist and grow. And if that tooling can easily be blocked, then we continue to be at risk. We need all of these supporting apps to become fully decentralised.

Our role as consumers of these decentralised apps and services is to put pressure on their creators to become truly decentralised.

Should Tornado Cash exist?

A bit of background. Tornado Cash is a smart contract built on top of Ethereum that allows users to send in cryptocurrency, and then anonymously withdraw it. Everyone can see the money go in, but after that it’s impossible to see where the money goes next. The trail is dead.

This of course is a dream for bad actors, and as you’d expect it was used heavily by hackers, fraudsters and money launderers.

From Cointelegraph:

Tornado Cash was sanctioned by the Office of Foreign Assets Control back in August. OFAC claimed the smart contract mixer has helped to launder more than $7 billion worth of cryptocurrency since its creation in 2019, including over $455 million stolen by the North Korean-linked hackers Lazarus Group.

But, there are also lot of legitimate use cases for wanting your transactions to be private. What if I’m in Russia and want to donate money to Ukraine without being arrested. What if I want to pay for a dating app, but not reveal my sexual orientation?

So private financial transactions, can be a force for good, and for evil. So does the good outweigh the bad?

Actually, that’s the wrong question. This technology will exist. The more important question is what can we do as a community to limit the use of our technology for evil.

There’s a number of things we can do, each with different trade offs. One option, is that rather than requiring all transactions to be public, the user could choose to reveal specific information on request, for example when submitting their tax return or perhaps by way of a court order. Another is to enforce that transactions of a certain size be handled in a different way. Or perhaps we could have a decentralised review system.

This is not an easy problem to solve and we don’t yet have all the answers, the industry is still relatively new. But hopefully as web3 moves forward, we can create better mechanisms for balancing the incredible new opportunities, with the ongoing imperative to limit bad actors.


D_D Newsletter CTA

👋 I'm the co-founder of Polybase the web3 database. You can follow me here and Polybase here. This article was originally posted on my blog.