Top protocols are successively cooperating with sanctions, says The Block's Vice President of Research: Founders' willingness to go to jail determines the degree of decentralization.
The Tornado Cash incident continues to reverberate in the crypto space, raising questions about decentralization. Various protocols and centralized entities have been implementing response measures. Larry Cermak, research director at The Block, bluntly stated that the decentralization of a protocol depends on how much the protocol founders are willing to be scrutinized.
Table of Contents
Node Service Providers Ban Tornado Cash
Two major cryptocurrency API and node infrastructure providers, Infura and Alchemy, have already banned access to Ethereum APIs for users due to the mixing protocol Tornado Cash being added to the U.S. sanctions list on August 9th. Pocket Network has also become the latest service provider to comply with the sanctions.
Infura is the default RPC endpoint for MetaMask, and all three have only blocked user access on the protocol's front end interface. Users can still access the protocol through other front ends or by running nodes.
The Pocket Network announcement pointed out that although Pocket is a global protocol, Pocket Network Inc. (PNI) is still a U.S. company. PNI operates the protocol's gateway website, which means that any activities involving the website must comply with U.S. regulations. If the protocol does not have this compliance, Pocket will lose the opportunity to fulfill its mission.
The explanation given by ConsenSys, the parent company of Infura, is similar.
CEO of Pocket Network, Michael O’Rourke, responded:
I was very surprised when news of Tornado Cash broke out, it happened much earlier than I had imagined. I thought we still had two to four years before facing any impact at the RPC level. Pocket still aims to become the most censorship-resistant, reliable, high-performance RPC infrastructure provider in the world. It is not news to have to change rules technically due to a complex and constantly changing regulatory environment. While continuing to achieve our vision in the future, we will also comply with these regulatory frameworks.
Multiple Top DeFi Protocols Comply with Sanctions
Core developer of yearn, banteg, pointed out this morning on August 13th on Twitter that well-known decentralized protocols such as Uniswap, Ren, Balancer, Oasis, Aave, MakerDAO, dYdX, among others, have code in their interfaces to monitor user addresses. For example, Aave and Balancer will block sanctioned addresses, and these services are working with compliance technology company TRM Labs.
Co-founder of EthHub, Anthony Sassano, also mentioned that due to a recent hack, his address received 0.1 ETH from Tornado Cash and is now unable to use Aave.
sassal.eth now blocked from using the official Aave front-end because someone sent 0.1 ETH to my address via Tornado Cash 🫡 pic.twitter.com/TGc9LJajVU
— sassal.eth 🦇🔊🐼 (@sassal0x) August 13, 2022
banteg also mentioned the application details of compliance technology company TRM Labs, which actually collects user addresses from various DeFi protocols that use TRM Labs for compliance reasons.
Lefteris Karapetsas, founder of privacy application Rotkiapp, also mentioned that protocols working with TRM Labs can basically be considered enemies of decentralization. The GitHub open-source list shows that protocols like Voltz Protocol are also involved.
No Permissionless Access Currently Exists
Regarding the above phenomena, The Block's Research Director, Larry Cermak, commented:
I believe that censorship mechanisms and KYC will ultimately be unavoidable at the front end, especially for U.S. companies. However, the efficiency and speed at which all RPC (Remote Procedure Call) endpoints have complied this time is truly astonishing.
He considers the cooperation of Infura and Alchemy with sanctions a very serious issue and suggests that in the future, as long as RPC providers comply with U.S. sanctions and regulations, true permissionless access does not really exist, and the crypto space needs RPC providers that are non-U.S. and stable.
I think the most accurate test of decentralization is how protocols, front ends, and RPC providers respond to OFAC sanctions events. We are slowly discovering that most decentralization depends on whether the founders are willing to go to jail. By definition, protocols that comply cannot be considered decentralized enough.