Binance was wrong to boot Monero, ZCash and other privacy coins

https://cointelegraph.com/news/binance-wrong-monero-zcash-privacy-coins

Binance announced in May that it would delist so-called “privacy coins” such as Monero (XMR), Zcash (ZEC) and others in several countries, including France, Italy, Spain and Poland. The decision underscored the reality that some companies might step over their own feet to ban privacy tech — even where it is legal — out of a combination of risk aversion and compliance confusion.

Some Monero users have long advocated for keeping their tokens off exchanges, emphasizing that on-exchange transactions undermine user privacy by requiring personal identification data. And yet listing privacy coins on exchanges has its merits: It facilitates new user adoption, bolsters liquidity and contributes to price momentum.

European Union regulators recently enacted two significant crypto legal frameworks: Markets in Crypto-Assets rules and a Travel Rule. These mandates necessitate the collection of user data and identification information for withdrawal recipients. While these regulations might seem burdensome, privacy coin users and exchanges listing privacy coins can, in fact, comply.

Take Zcash, for instance. It offers a transparent send function and an option to privately share view keys in shielded transactions. Monero provides a similar view key feature. Discussions are underway among EU officials about a potential ban on privacy coins, but this is still in the early stages.

Binance’s overreaction is not a result of any clear regulatory mandate, and its actions also seem internally inconsistent. It delisted Secret’s SCRT governance token, which is not private itself but can be traded for a private coin. In contrast, Litecoin (LTC), which has a privacy feature, has not been delisted.

These actions from Binance might be less about European regulators’ demands and more about its unique circumstances. For instance, Binance is currently embroiled in a legal dispute with the Commodity Futures Trading Commission over alleged failures to uphold requisite Anti-Money Laundering measures.

Even in countries where privacy coins are banned outright, like the United Arab Emirates, savvy users can acquire them via virtual private networks to access peer-to-peer transfers or decentralized exchanges. Platforms like Sideshift.ai for Zcash and Bisq for Monero serve as gateways to these privacy coins. While such methods ensure privacy coins’ survival during prolonged periods of bans, they may slow the adoption among a broader user base who need crypto privacy tools for financial security and the exercise of their human rights.

The crypto industry should avoid creating its version of “Operation Choke Point,” a practice where the U.S. government discourages banks from doing business with crypto clients due to regulatory pressures. Crypto exchanges should refrain from banning privacy coins when there’s no legal obligation to do so, lest they create their own chokepoint.

Regulated exchanges manage to comply with U.S. Anti-Money Laundering laws — including Kraken, which lists Monero, as well as Gemini, which not only lists Zcash but allows customers to engage in shielded transactions on the platform.

Privacy tools in crypto are just that— tools. They are used by both everyday users and, in some cases, bad actors. But this doesn’t mean the tools themselves are inherently bad. Just like cash or the internet, these tools can be used for both legal and illegal activities. It’s important to differentiate between the tool and how it is used.

The crypto industry is still in its early stages, and it’s crucial to establish a balanced regulatory environment that respects users’ privacy while also deterring and punishing illegal activities. Overly restrictive regulations could stifle innovation and discourage new users from joining the crypto space. On the other hand, a complete lack of regulation could make the crypto space a haven for illegal activities.

Privacy is a fundamental human right and an essential aspect of the crypto ecosystem. Regulatory bodies and crypto organizations should work together to create a regulatory environment that respects and protects user privacy while also ensuring compliance with laws and regulations. This will ensure the long-term sustainability and growth of the crypto industry.

Binance should retract its misguided delisting of privacy coins, take a better view of its actual compliance requirements in EU countries, and, even more than that, get active in advocating against the EU’s consideration of a future privacy ban. Privacy will become increasingly important in crypto, and Binance and other exchanges will be left behind if they don’t take privacy coins and privacy tools seriously.

J.W. Verret is an associate professor at George Mason University’s Antonin Scalia Law School. He is a practicing crypto forensic accountant and also practices securities law at Lawrence Law LLC. He is a member of the Financial Accounting Standards Board’s Advisory Council and a former member of the SEC Investor Advisory Committee. He also leads the Crypto Freedom Lab, a think tank fighting for policy change to preserve freedom and privacy for crypto developers and users.

This article is for general information purposes and is not intended to be and should not be taken as legal or investment advice. The views, thoughts and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.

DeSantis looks like the choice for crypto enthusiasts in 2024

https://cointelegraph.com/news/desantis-airdrops-crypto-policy-into-the-2024-election

Ron DeSantis understands the ethos of cryptocurrency. For single-issue crypto holders, that puts him ahead of the pack in the 2024 presidential race.

Users will decide if they can still trust Ledger with their seed phrases

https://cointelegraph.com/news/can-we-still-trust-ledger

Self-custody is important in crypto, and security is essential to self-custody. Ledger, a notable hardware wallet manufacturer, has built its reputation on the secure storage of users’ private keys. Hardware wallets create a secure offline environment for storing keys and using keys to execute transactions.

The user’s private keys are generated and stored within the device and are supposed to never leave it. This “cold storage” provides an unrivaled level of security compared with “hot wallets” or online wallets. The problem is that lots of people lose their keys.

Ledger rolled out a seed phrase backup product this week called Ledger Recover. If you give the company your ID and personal information, you can pay for a service that takes your seed phrase within your device, encrypts it into three “shards” and then shares them with various custodians.

Introducing a third party inherently centralizes control, creating a single point of failure that could be exploited by hackers or be subject to regulatory actions.

I don’t begrudge Ledger its effort to grow as a business to reach non-OG and non-cypherpunk-ethos users. Millions of normies, like our skeptical baby boomer in-laws, will only ever be onboarded to crypto through this type of custodial backup approach. Its mistake may have been in trying to use the same product to appeal to both crypto self-custody OGs and the broader future customer normies.

Ledger’s rollout of its backup product met with some strong reactions among its community of customers. Many were surprised to learn that Ledger has always had the capacity to touch your secret key with its hardware updates. Many of us view our hardware devices as sacrosanct. I clearly wasn’t knowledgeable enough about this device that I trust to protect my crypto assets.

Haseeb Qureshi chimed in that while he also reacted negatively at first, he realized that this was always true about Ledger. We’ve always trusted it not to insert malware in its firmware updates to steal our seed phrases. He’s not wrong, but I wouldn’t say that’s a comforting thought.

In the end, nothing bad can happen on your hardware device unless you sign a transaction. You retain the power. I don’t know about you, but I’m not a coder — I can’t tell a malicious update from a legitimate one, so I’m trusting Ledger on that too. And I don’t exactly have the option not to approve the latest firmware update that includes Ledger Recover capability, as Ledger warns that failure to update your firmware is a security risk.

I do trust Ledger — it’s a great company. It has been the linchpin in the technology stack for crypto self-custody, at least in my own crypto journey.

But the goal of a crypto self-custody tool should be to minimize trust requirements. And that could be improved at Ledger through open-sourcing more of its software and hardware. Ledger’s chief technology officer was asked about this on May 17’s Bankless podcast and responded that Ledger has signed nondisclosure agreements that preclude it from doing so and argued that people are unlikely to crowdsource security audits anyway.

I’ll bet security researchers like Andrew Miller, who uncovered vulnerabilities in the Secret Network, would take up that task.

While Ledger’s communications regarding the rollout have been a disaster, its crisis communications have been enlightening. I have certainly realized I had an insufficient understanding of how hardware wallets work. But “Sorry, we can’t open-source anything because of NDAs” is an insufficient answer to those in the community who have concerns that Ledger Recover could be used by a malicious actor to trick users with a fake update and steal their seed phrase.

Ledger could also give me the option to continue to update my firmware without adding the Ledger Recover code to my device. But in the absence of open-sourcing its firmware, it won’t do much, as we won’t have any way to verify its claims.

This could be a branding win if Ledger pivoted to roll out a “cypherpunk”-branded dimension to its hardware and software that appeases the OG crypto community such that they might be willing to opt into it, and lets existing hardware owners opt into it for their previously purchased hardware such that new updates are cypherpunk-branded and -approved, as open source as possible, with crowdsourced security audits — the whole package. All would be forgiven.

For now, it doesn’t seem Ledger plans to do that. So, the options are to use open-source hardware wallets, but those do not have Ledger’s wide-ranging interoperability with emerging blockchains. Or you could build your own, or just use the new refurbished Gameboy open source hardware wallet.

For now, and for many coins, the safest option is probably to trust Ledger while staying open to competing developers of open-source hardware wallets.

Elizabeth Warren wants the police at your door in 2024

https://cointelegraph.com/news/elizabeth-warren-wants-the-police-at-your-door-in-2024

In 2022, Massachusetts Senator Elizabeth Warren authored a bill that would require cryptocurrency wallet providers to comply with bank Anti-Money Laundering rules. No crypto exchanges, mind you, but the wallets themselves. Kansas Senator Roger Marshall joined her on the proposal as a co-sponsor.

Sadly, Marshall betrayed the populist principles he ran on as a candidate. The bill also betrayed the civil liberties and privacy tenets of progressivism that Warren espouses.

Warren and Marshall are planning to reignite that debate on Capitol Hill this summer and have enlisted law enforcement advocates to their cause. Prosecutors and federal agents doubtless support the bill as they have every other bill that turns the one-way ratchet of financial surveillance. If they had their way, our personal bank account and credit card logins would rest on a central repository for the Department of Justice to access at will and without a warrant.

The Warren bill would require that anyone who designs a crypto wallet (a computer program designed to store the encryption code that helps to keep your crypto tokens secure) register as a money services business and, essentially, be regulated like a financial institution.

This means that any computer programmer entrepreneur who writes code to help customers control crypto investments from their phone — and to help keep the crypto secure from hackers — would need to register with the Treasury Department as if they were Western Union. Good luck with that, crypto startups.

Warren instigated the bill. The quiet part she is not saying out loud (and that Marshall doesn’t seem to understand) is that this blunt application of rules for Western Union, when applied to entrepreneur computer coders, doesn’t work. They can’t comply, and she knows it.

This bill is a Trojan horse designed to destroy the crypto markets under the false guise of a pro-national security bill. It’s a smart strategy. Convince national security conservatives that this is an answer to a perceived problem, particularly members with little background knowledge as to how crypto works, and then let crypto development die off.

The legislation also seeks to outright ban crypto privacy tools. If the vision of Bitcoin as a means of payment will ever be realized, it needs to be private. Without privacy tools that would be banned by this legislation, every time you use Bitcoin to pay for a coffee, the barista can use your public key to look up your entire transaction history. Thieves and hackers can do the same.

There are tools on popular blockchains like Bitcoin and Ethereum that can provide user privacy, and they are being used around the world, as we speak, by citizens of totalitarian regimes like Iran’s. Women in Afghanistan living under Taliban rule use these crypto tools to provide for their families in secret. The Warren/Marshall crypto bill to end privacy would expose all of these crypto users to surveillance by the Taliban, Russia and North Korean hackers alike. That ultimately harms national security.

When donors sent Bitcoin (BTC) to Canadian trucker protestors over vaccine mandates in Canada — protesters aligned with Marshall’s views against censorship and cancel culture — the Canadian government tracked down those donors and aggressively canceled their bank accounts.

The proposed bill would force crypto wallet providers to adopt regulations similar to those imposed on traditional banks that were used by Canadian authorities against the truckers. Marshall was glad to get help from Trump voters in his reelection, but now seems to be doing an about-face on that commitment. Marshall promised to fight against censorship and cancel culture — not give Warren allies more tools for censorship.

It’s ironic that even after Marshall gave trucker protest leaders a tour of the United States Capitol, he now supports a tool that has already been used against Canadian trucker protesters and those who tried to donate Bitcoin to support them. Ultimately, Marshall’s decision to co-sponsor this bill betrays the populist and pro-Trump principles that he ran on as a candidate.

When Marshall was asked to choose between taking a stand against the financial regulatory tools progressives use to cancel anyone they disagree with or standing with Warren and her Trojan horse bill to destroy cryptocurrency, he chose to stand with Warren. Hopefully, his Republican colleagues in the Senate will not make the same mistake.

Law enforcement’s tired refrain that some really bad crimes might occur without the latest surveillance law should fall flat in Congress. And if it does not, civil libertarians on the Supreme Court — such as Justice Neil Gorsuch — may be crypto’s last hope.

J.W. Verret is an associate professor at the George Mason Law School. He is a practicing crypto forensic accountant and also practices securities law at Lawrence Law LLC. He is a member of the Financial Accounting Standards Board’s Advisory Council and a former member of the SEC Investor Advisory Committee. He also leads the Crypto Freedom Lab, a think tank fighting for policy change to preserve freedom and privacy for crypto developers and users.

Let First Republic and Credit Suisse burn

https://cointelegraph.com/news/let-first-republic-and-credit-suisse-burn

When crypto markets took a hit after the collapse of FTX and other crypto lenders last year, some crypto critics repeated the mantra, “Let crypto burn.” Now, it’s big banks that are faltering — including Credit Suisse and First Republic — after regional banks, including Signature Bank and Silicon Valley Bank, sparked a cascade. As a result, Moody’s has downgraded the entire banking sector.

If “Let crypto burn” was a snappy way of saying that operating outside the financial system means more personal responsibility and heightened risk, fine, crypto natives understand that concept. But now, we have a chance to turn a critical lens on the traditional financial system.

With traditional banks experiencing financial pressure, it’s time to let many of them fail. Forest fires can burn away old growth to make way for new trees to sprout. The same principles apply to banking.

Politicians and crypto critics have aligned to build the narrative that crypto is the risk at the heart of the crisis. The dirty little secret is that Treasury bonds were the nuclear bomb at the epicenter of this banking crisis, and central bank interest rate policy was the plane that delivered the payload.

These struggling banks loaded up on long-term treasury bonds during a period of near-zero interest rates and at a time when the United States Federal Reserve continued to try to mollify banks that they would keep rates near zero for the foreseeable future.

There is an unavoidable tradeoff between low-interest rates and inflation; Fed macroeconomists know this, and yet the Fed acted with surprise as it quickly raised rates to catch up to the inflation wildfire over the last two years. A steep rise in rates made the old long-term treasuries — the ones paying very low interest — sharply decrease in value. When depositors demand their money back (with heightened speed in the era of internet banking) and all you have to sell to pay them are junk Treasuries, you have a problem.

The Federal Reserve has given Treasury bond holdings preferential treatment in its regulations and supervisory approaches (including those from which SVB was recently exempted). This puts blame on the Federal Reserve from two directions, its surprise about-face on interest rate policy and its regulatory policy favoring Treasury holdings.

There are many highly inefficient aspects of TradFi, where rotten trees are choking the growth of new sprouts. Some are a result of similar pathologies where the government uses the banking system to subsidize its own political objectives. It would be better for the economy to let them burn.

Much of the business model of taking in fiat short-term, on-demand deposits, and parking that money in illiquid long-term Treasurys (subsidizing the government) or mortgage-backed securities (where the government subsidizes unaffordable home prices) needs to burn away.

Rent-seeking brick-and-mortar facades, with most customer service outsourced overseas and who earn most of their revenue from overdraft fees, need to burn. Payment systems that bribe cardholders with “cash back” programs then use the market power their consumer bribes give them to gouge the merchant, need to burn.

Some smaller and regional banks who have failed to innovate, and for which the otherwise unobtainable bank charter has become the modern-day taxi medallion ensuring them rents from third-party custody of fiat deposits, need to burn away some of the overgrowth as well.

Crypto is a revolution in finance, intended to replace the intermediary-centric financial system with a self-sovereign approach where the individual is able to digitally custody native financial assets themselves.

This transformation will take time. Developers at decentralized finance (DeFi) protocols and layer-1 blockchains live most of their lives in the fiat economy. The federal government will only accept fiat dollars for tax payments, while banks dominate real estate mortgages.

DeFi protocols are making inroads into home mortgages, but that’s at its earliest stages. Consumer finance and tax payments are still fiat-based. And crypto developers at a minimum deserve the same treatment as anyone else participating in the fiat economy. That means they shouldn’t be discriminated against in the provision of basic checking and savings accounts.

We need some of the banking system to survive. But we don’t need all of it to survive, and the parts that burn away open opportunities for crypto-native replacements if banks don’t unfairly discriminate against crypto clients.

Expect the SEC to use its Kraken playbook against staking protocols

https://cointelegraph.com/news/expect-the-sec-to-use-its-kraken-playbook-against-staking-protocols

The United States Securities and Exchange Commission (SEC) settled with Kraken on Feb. 9 for an action taken against the exchange’s staking rewards program. Kraken paid a $30 million fine and agreed to halt the program.

Set aside for a moment the irony that the SEC is going after a solvent firm in the crypto space with a decade-long reputation as a good actor. Kraken has been helping settle verified Bitcoin (BTC) claimants from the hacking of rival exchange Mt. Gox over a decade ago. It invented the use of Merkle Root data to create verifiable proof of reserves. It allowed customers to effectively crowdsource audits of the asset side of the balance sheet by verifying what’s in their account against data on-chain.

And while Sam Bankman-Fried urged customers to keep their tokens on FTX for obvious reasons, Kraken founder Jesse Powell has always been a “not your keys, not your coins” guy. Meanwhile, the SEC was asleep on FTX, Terra and Three Arrows Capital. This week the SEC acted like a beat cop who pulls over a commuting soccer mom and throws the book at her to act tough on crime after a streak of robberies.

We have to set aside other political hypocrisy in this affair, like politicians decrying proof-of-work (PoW) blockchains yet now seeking to outlaw staking on proof-of-stake (PoS) blockchains. Or that Kraken tried to come into compliance with the SEC by applying for an Alternative Trading System license but got crickets in response.

The SEC emphasized that Kraken’s staking program was custodial, pooling investor assets together. Some on Twitter were quick to comment that this is actually great news for crypto. “Hey, look, SEC Chairman Gary Gensler is parroting our motto of ‘not your keys, not your coins.’ This just means more decentralization of staking in PoS blockchains.”

Not so fast. Lido and Rocket Pool are innovative alternatives to centralized exchange staking programs, but they also pool together tokens. Pooling is essential for most retail investors to stake in Ethereum due to the minimum stake of 32 Ether (ETH) (~$50,000). The SEC’s enforcement playbook against Kraken will eventually be used against those protocols. The SEC is adept at warping the definition of security in the statute to cover all sorts of crazy things, from sales of chinchillas to online gambling to orange groves. The SEC will eventually apply its playbook to more decentralized staking protocols if the founders aren’t sufficiently anonymous.

It is a mistake to assume that Gensler believes in the cypherpunk philosophy behind the motto “not your keys, not your coin.” The SEC’s proposed reforms to regulating alternative trading systems last year — which would force developers who write smart contract code to register as exchanges — demonstrates how he views decentralized finance (DeFi) better than anything, as this is impossible.

It’s becoming clear from a pattern across financial regulators and the White House that the subtext in the administration’s policy toward crypto is that it should be choked off. The White House is against proof-of-work; the SEC is hitting proof-of-stake delegation, and the banking regulators are using subtle tools of examination to encourage banks to deny bank account access to anyone with “crypto” in their name even if the customer in question doesn’t actually hold crypto.

By all means, if your proof-of-work chain would operate more securely, effectively, or fairly under a proof-of-stake system, make the transition like Ethereum did. But don’t switch to proof-of-stake out of some hope it will protect you from regulatory or political risk because it won’t.

As a securities law professor, I can put on my analysis hat and find some aspects of Kraken’s staking rewards program that increased the risk of it being deemed a security, particularly some of the advertising communications. But that doesn’t mean the program should end or that a fine of this nature is warranted when there has been no fraud or investor harm.

Instead, a working rule set for custodial intermediaries offering this unique financial product should be drafted, as the SEC has done in the past for asset-backed securities, real estate investment trusts, oil firm master limited partnerships, etc. There are legions of securities lawyers working in the crypto space who would help the SEC write the rulebook today if given the opportunity. They could do so through an open SEC call for comment on crypto regulation, as I urged Gensler to adopt when I advised him. SEC Commissioner Hester Peirce’s dissent over this fine also calls for a set of reasonable rules.

Until that is possible, the only hope forward for crypto is ongoing legal challenges to administration overreach and protocol builders that stay true to the cypherpunk philosophy of Timothy May.