Matthew Green, professor at Johns Hopkins University, with the support of the human rights organization Electronic Frontier Foundation (EFF), initiated the return of public access to the code of the Tornado Cash project, the repositories of which were deleted in early August by GitHub after the service was included in the sanctions lists US Office of Foreign Assets Control (OFAC).
The Tornado Cash project developed a technology for creating decentralized services for anonymizing cryptocurrency transactions, which significantly complicates the tracking of transfer chains and hinders the determination of the connection between the sender and recipient of the transfer in networks with publicly available transactions. The technology is based on splitting the transfer into many small parts, multi-stage mixing of these parts with parts of the transfers of other participants and transferring the required amount to the recipient in the form of a series of small transfers from different random addresses from the general pool of the service.
The largest anonymizer based on Tornado Cash was deployed on the basis of the Ethereum network and processed more than 151 transfers from 12 users for a total of $7.6 billion before its closure. The service was recognized as a threat to US national security and was included in the sanctions list, which prohibits financial transactions for citizens and companies from the United States. The main reason for the ban was the use of Tornado Cash to launder funds earned by criminal means, including $455 million stolen by the Lazarus group was laundered through this service.
After adding Tornado Cash and its associated cryptocurrency wallets to the sanctions lists, GitHub blocked all accounts of the project developers and deleted its repositories. Under the blow were including experimental systems based on Tornado Cash, which were not used in working implementations. It is not yet clear whether the restriction of access to the code was part of the sanction goals or the removal was carried out without direct pressure on the initiative of GitHub to minimize risks.
The position of the EFF is that the ban applies to the use of working services for money laundering, but the technology of anonymizing transactions itself is only a method of ensuring confidentiality, which can be used not only for criminal purposes. In previous litigation, it was recognized that the source code is subject to the First Amendment to the US Constitution, which guarantees freedom of speech. The code itself with the implementation of the technology, and not the finished product suitable for deployment for criminal purposes, cannot be considered as an object of prohibition, therefore EFF believes that the re-posting of previously removed code is legal and should not be blocked by GitHub.
Professor Matthew Green is known for his research in cryptography and privacy, including being one of the creators of the anonymous cryptocurrency Zerocoin and a member of the team that uncovered a backdoor in the Dual EC DRBG pseudo-random number generator developed by the US National Security Agency. Matthew's main activities include studying and improving privacy technologies, as well as teaching students about such technologies (Matthew teaches computer science, applied cryptography and anonymous cryptocurrencies at Johns Hopkins University).
Anonymizers like Tornado Cash are examples of successful implementations of privacy technologies, and Matthew believes their code should remain available for study and further development of the technology. In addition, the loss of the reference repository will lead to confusion and uncertainty about which forks can be trusted (attackers can start distributing forks with malicious changes). The deleted repositories are recreated by Matthew under the new tornado-repositories organization on GitHub to emphasize that the said code is of value to researchers and students, as well as to test the hypothesis that GitHub removed the repositories in compliance with the order to enforce the sanctions, and the sanctions were used to prohibition of the publication of the code.
Source: opennet.ru