"The chief selling point of Tornado Cash is money laundering, which is in and of itself a crime in both the US and Netherlands."
You have a fundamental misunderstanding of US law with regard to money laundering. Obfuscating the source of funds, by itself, is not money laundering. Money laundering requires a "predicate offense" - the money that is being laundered must be proven to have had an illicit source. Further, the entity accused of doing the "laundering" also must know that the source of funds is illicit before doing it. Intent to promote the carrying on of "specified unlawful activity" must also be proven in order for a money laundering conviction to occur. You can read the entire statute here [1].
Therefore, the "chief selling point" cannot be money laundering, at least under US law, because the contracts were deployed with no prior knowledge of how or by whom they would be used. One cannot form intent without prior knowledge. The chief selling point was anonymity, not money laundering, which has a highly specific legal meaning.
You're addressing 18 USC 1956 (a)(1)(A)(i) and (a)(1)(B)(i).
I'm concerned with (a)(1)(B)(ii), which concerns reporting requirements. The kind of financial transactions that Tornado Cash enables are fundamentally incompatible with the US's Federal reporting requirements.
My understanding of the Dutch criminal code (which is not great!) is that their standard is even weaker: it is sufficient to demonstrate mere concealment, not a failure to meet particular reporting requirements.
At least under US law, intent is still required. Meaning that while some users of TC may have violated this law, the devs did not, nor did they knowingly aid in it or have any provable intent to do so.
I don't know what Dutch law says with regard to intent/knowing participation, but I suspect that any system of laws in a civilized country would generally require it for criminal convictions.
(B)(ii) does not require specific intent. It requires knowledge that the transaction fails to meet reporting requirements.
The intent in question is manifested in Tornado Cash's design, which doesn't pass the malfeasance smell test: you can't absolve yourself of illegality by automating the illegality.
The intent in question is manifested in Tornado Cash's design, which doesn't pass the malfeasance smell test: you can't absolve yourself of illegality by automating the illegality.
Given that it also has legitimate uses, I think that's a very difficult case to make. Also, with very limited exceptions, nearly all crimes in the US require intent and/or knowing participation. It's a fundamental tenet of our system. There is a reason that they aren't being prosecuted in the US, and those reasons are outlined above. Perhaps Dutch law is different enough to allow a conviction; time will tell.
I'd also point out that Apple's device encryption scheme was specifically designed so that Apple itself cannot unlock devices, which thwarts law enforcement subpoenas for assistance. They can legitimately throw their hands up in the air and say "we have no ability to help you" - and that's by design. It is not illegal to design systems in this way. It just shifts the legal liability for misuse onto the users, where it should be.
No, they are not. They aren’t actively participating in the transactions, and thus have no reporting requirement. Users are not allowed to structure transactions, as it is illegal for them to do so.
Also, with very limited exceptions, nearly all crimes in the US require intent and/or knowing participation.
The fact that this statement is 100% completely wrong in totality is common knowledge.
I recently bought a kayak. In my state I'm required to register the kayak and have a registration sticker on it. If I was unaware of this, there is no, "Oopsie! Didn't know" defense.
This principle goes back to Roman law - ignorantia juris non excusat. You may have heard Thomas Jefferson saying the English version, "Ignorance of the law is no excuse". It's one of the favorite things for judges to say as they sentence people in criminal proceedings.
Is it “100% wrong in totality”? Mens rea (“guilty mind”) is a required element of many crimes [1]. Moreover, there’s the whole annoying concept of due process [2]:
> as due process required that the defendant have notice of the crime at issue. The Lambert decision explicitly recognized this fair notice requirement as an exception to the general rule that ignorance of the law is no defense.
I’m not saying that necessarily applies here but clearly ignorance of the law can sometimes be an excuse, no?
Sure, I used to use it. I won't explain the strategy, but I have a crypto trading bot that sometimes profits at the expense of other bots. The owners of these bots got so annoyed at this that they would blacklist the address at which my bot was, and would then track any addresses that I sent funds to from there and blacklist those in advance. TC broke this ownership chain, so they could no longer preemptively blacklist the addresses my bot operated from.
Privacy - just the general desire to participate in crypto as if it were cash, like originally intended. Right now if you aren't running a miner, you've lost that ability without tumblers.
Anonymity and privacy is very useful in a lot of legal use cases. One example is buying domain name without disclosing who is buying (disclosing that information may dramatically inflate price).
There are obviously workarounds without tornado cash but tornado cash is probably the cheapest option.
I know a little bit about HFT, and I don't have anything particularly nice to say about it. But it's more or less unrelated to the particular crime of money laundering.
Structuring though is one of the dumbest, laziest and most arbitrary law ever. If you say that the limit is, say, max 100 K USD for something but plan to attack for structuring the person who did 5 times 100 K USD, then simply make the law clearer: make the law say 100 K USD max and, say, max 200 K USD over five years. But don't come after people who did respect the numbers written in the law for "structuring".
It's another crazy concept of overreaching states and IRSes enjoying way too much power. They can arbitrarily decided what's structuring and what is not. Arbitrary decisions aren't how a democracy should work.
You want to prevent people doing these kind of transfers? Make it clear what the limits are. Don't come after people doing precisely what the limit allows several times: precise it can only be done once or x times over a certain time period.
That's by the way, how some laws do work. For example in France you're allowed to give your kids up to 150 K EUR of real estate (or something), tax and inheritance tax free, once every 15 years. After 15 years you're free to do it once again.
But putting limits and then attacking people respecting the limits? To me it's the sign of something deeply rotten in the state and that such laws exists isn't something that should be cheered.
Your real estate example is not a great fit, because real estate transfers are not common. That particular tax-free status on the transfers would probably be best interpreted as a carve out or loophole, with the normal status being that the transactions should be taxed.
On the other hand, depositing money is the normal status. Depositing what amounts to large sums over arbitrary periods of time is also normal. Directly to the point, the limit in place is not a restriction, but merely one that triggers mandatory reporting. The limit is very clear and absolute -- though at their discretion banks may report smaller transactions. Structuring is specifically about avoiding that limit and the accompanying questions and reporting.
So how would you rewrite this law to require mandatory reporting, but also not allow structuring? Because it's not apparently trivial how to achieve that goal any better than they did.
I feel like the signal-to-noise ratio must be terrible, especially as inflation gradually lowers the meaning of a $10,000 reporting limit. Selling a used car is enough to trigger a reportable amount of cash.
I'd think what we need is less magic numbers, and instead a better training/reporting ecosystem that insulates people with good intentions but gives them the right tools to identify criminal behaviour.
Actually expecting banks to know their customers at a personal level should be the goal.
I suspect, in contrast, everyone involved likes a fixed 10k limit because it provides a convenient liability hand-off. Compliance can be automated on a much greater level and they can say "we filled out the appropriate forms when required, how were we supposed to know that Hamas Cupcakes Inc was a front?"
Agreed on the last bit. Having a clear-cut line where "this must be reported" is I think necessary for liability reasons. There are definitely other transactions that should be reported, in the spirit of the actual AML (anti money laundering) issue. But I think it's necessary to be able to say, in a legal setting, that the required obligation was met and discharged, even if something happened that probably should have been caught.
The government is well-aware of how inflation erodes reporting thresholds. If you look at the obligation to report non-US bank accounts to FinCEN, they've indexed the penalties ($10,000 per line item) to inflation but not the $10,000 aggregate reporting threshold.
I must say that I dislike the rationale for banning structuring. It's basically a law that bans attempts to comply with the letter of another law without complying with its spirit. Complying with any law should be completely straightforward.
I must say that I dislike the rationale for banning structuring.
So there are two possibilities.
1. You think the government shouldn't be allowed to track money laundering
2. You have a suggestion on improving money laundering tracking without anti-structuring laws
If you believe the government has a legitimate vested interest in stopping money laundering and you set a $10,000 limit before something must be reported, the reporting requirement might as well not exist if someone can deposit $9999.99 literally 100 times per day without a report being generated.
So what would your suggestion be on how to track money laundering? Or do you just think that's none of the government's business?
The answer isn't to then set the $10,000 limit and add an opaque criteria of "but the limit doesn't matter if we look at your transactions and think you are hiding something".
Something more reasonable may be: a limit of $10,000 per month (or any time frame) before mandatory reporting. That of course means dropping the hand wavy exception completely.
Yes, but the same intent provisions still apply to the entity that enabled the structuring. Tornado Cash has legitimate use cases - I had one prior to the OFAC issue (hiding the source of funds to an address in order to prevent certain bots from reacting to it). So the devs cannot have formed intent to aid in any of the crimes that TC may have unwittingly enabled.
Casinos are used as vehicles for structuring and money laundering every minute of every day - on a much larger scale than anything Tornado Cash could ever have achieved. They don't have the intent to aid in these activities though, which is why they are allowed to operate.
[Casinos] don't have the intent to aid in these activities though, which is why they are allowed to operate.
Casinos are allowed to operate because not only do they not have the intent to aid these activities, they happily track and report everything they're required which is just as much as a bank is required. They aren't the hotbed of money laundering you seem to think they are.
They aren't the hotbed of money laundering you seem to think they are.
I spent a fair amount of time in the gaming business, and I can tell you that this statement is patently false. Very little of it gets caught, because the people involved in such schemes know what the rules are and simply work around them. Casinos themselves also sometimes turn a blind eye to such activity when it is especially profitable for them. Example [1]. That occurred even with the reporting requirements.
There really seems to be a lot of mental gymnastics going on here.
Your original point was that casinos are allowed to operate because of their "lack of intent". I respond that it's actually because they're as heavily regulated as banks are. Your response is, "But sometimes they break the law!"
Who cares? Casinos are heavily regulated and most of the time they follow their regulations. Or they would be shut down.
And here we go back to the real original point... what regulations were Tornado Cash following? Were they ever following AML/BSA regulations? Did they do anything significant to attempt to comply with regulations that all money exchange companies have to comply with?
Your little example of Casino money laundering was $47 million and was touted as “the largest all-cash, up-front gambler the Venetian-Palazzo had ever had to that point,”.
Now read that link from treasury.gov:
Tornado Cash, which has been used to launder more than $7 billion worth of virtual currency since its creation in 2019. This includes over $455 million stolen by the Lazarus Group, a Democratic People’s Republic of Korea (DPRK) state-sponsored hacking group
It's not even comparable. $47 million is 0.6% of $7 billion. Tornado Cash's raison d'être was money laundering and it was right to shut them down.
"Contrast that with San Diego or New York, where the environment is not actively trying to kill you during most of the year"
Las Vegas is inordinately hot only 3 months of the year. The rest of the time the weather is relatively mild. That's hardly "actively trying to kill you during most of the year". Many people who visit Las Vegas only do so during the summer, so it seems like it's hot most of the time to them, but this is a myth.
Having grown up in San Diego and currently living in Las Vegas, I'm not sure what special advantages you are implying it has that would enable it to be "advantageous to ordinary economic conduct" vs Las Vegas. It's next to an ocean full of water that you cannot drink (without expensive water treatment). Produce is grown in California (with water that it deprives Las Vegas of), but mostly not near San Diego, so it has to be transported in to support its massive population, just like it has to be to Las Vegas. In fact, the agricultural centers of California are approximately equidistant to both San Diego and Las Vegas, perhaps +/- 100 miles.
Even putting aside the other issues with California - overpopulation, insane politics, high crime rates, absurdly high state income tax, high cost of living, etc. - I don't see any serious advantage that Southern California in general has over Las Vegas, unless you just like the beach (and even then...it's a 3.5 hour drive or 30 minute flight to Southern California). In fact, many Californians are starting to realize this, and are invading us.
However, the weather is way better than Vegas, and I'm not just talking about summer. A cold ocean has its advantages.
I grew up inland San Diego, and I can tell you that our summer days there routinely topped 100 degrees. I agree that if you are fortunate enough to live very close to the water, you do have some weather advantages over Vegas. For me, it's certainly not enough to warrant putting up with the other, man-made issues in California, even if I had a place right on the beach. But I agree that for some people, the (slightly) nicer weather is worth all of the expense and putting up with the nonsense.
Re: economic conduct: I was referring to the fact that San Diego is on the ocean and has a crucial shipping port. Las Vegas is traversed by a highway, but that highway could just as well be served by a small town (with a very large gas station).
Don't forget the railroad - which was one of the major reasons Vegas got started. That and there were a few natural artesian wells in the valley.
And as for highways, the information superhighway has a significant presence in Las Vegas too - Switch was the largest datacenter in the world for over five years and it's far from the only one here.
And the Crypto Andys were all like "you just don't understand DeFi!" to which the retort is "No, you just don't understand finance".
If you believe the statement "if someone is promising you consistent above-market returns it's either a scam or there is unknown or undisclosed risk" it might be true that you don't understand DeFi to some degree. DeFi isn't a single market, it's millions of micro markets that are accessible through what amounts to a single API.
So when you have millions of markets with different returns that can be traded in every imaginable way (and some you probably haven't imagined), throw in an insane amount of dumb money, people willing to borrow at high interest rates (relative to the real world), and a laundry list of factors that introduce inefficiencies into the market, it's quite easy to find pockets of above-average returns if you're smart. I have no idea if Stablegains was actually smart, but it's more than possible to achieve above-market gains in DeFi without exposing yourself to outsized risks.
> it's more than possible to achieve above-market gains in DeFi without overexposing yourself to insane risks
"Insane" is subjective. The point is nothing safe yields ten or 20%. Someone saying "you will not lose your funds" [1] when paying above-market yields is lying.
I run arb and loan liquidation bots, and have for over a year now. These are atomic transactions almost always using flash swaps/loans that exist only exist for the life of the transaction. I am only exposed to potential losses on transaction fees, but have never had a losing day while running production code. My yield on my investment (mostly infrastructure costs) is closer to 5,000%...per month. I will not lose my funds, whether the market is good or bad.
There are funds out there that conduct these activities, I know because I recently consulted for one. They are promising risk free returns and getting them.
There are things that exist in DeFi (such as flash loans) that have no real world equivalent, which is why blanket statements made about traditional markets don't necessarily apply. If used properly, these things do in fact offer "too good to be true" types of returns.
> My yield on my investment (mostly infrastructure costs) is closer to 5,000%...per month.
As in, $100 in January becomes $500 in February, $2,500 in March, ... $976,562,500 in December?
Edit: actually I read that wrong, that would only be 500%. 5,000% per month (money x 50) would turn the $100 into $9,765,625,000,000,000,000 by December.
Unless by 5,000% yield you mean you get 50x your original investment on top of the original investment, like how 5% yield on a dollar gets me $1.05. In that case it would be more. But I think the 9.8 billion billion would be good enough for me.
No, sadly that return is based on my infrastructure costs, which I can't keep increasing and get the same return. But yes, I'm doing better than 50X my monthly infrastructure costs with this, which are my only actual risk.
Ah, ok, so this is more like a thing where you drive around looking for loose change on the ground, and you find enough to exceed your fuel and maintenance expenses. But you can't scale it up by hiring more drivers, because there is only so much loose change to be found.
Surely you see how even a 10% safe return on investment like these DeFi schemes offer is a whole different thing, when it's a compounding return. There's no way to sustain it. All the arbitrage opportunities in the world can't deliver the funds required to make investors' money grow exponentially.
You are correct, but all investments have a maximum size at which returns will stop. That said, even large banks are seeing returns considered impossible in traditional markets with DeFi strategies, often with lower risk. Arb bots like mine are now generating more than $1 billion per year in risk-free earnings, so the pie is not exactly small. Estimates are that statistical arbitrage bots, which do take on some small capital risk, generated over $5 billion in profits last year.
I agree with you that throwing money at anyone who tells you they can take an unlimited investment and offer compounding returns on it is a recipe for disaster. But in DeFi, intelligence and strategy translate directly to greater yield. Math has proven time and again that those things matter very little in traditional markets.
>But in DeFi, intelligence and strategy translate directly to greater yield. Math has proven time and again that those things matter very little in traditional markets.
You're all over the place with your usage of concepts.
Here you say that intelligence and strategy matter little in "traditional" (vague) markets. Yet, in DeFi, they do.
Not buying it. It feels like I could copy and replace your replace all of your uses of "DeFi" in this thread with <insert ponzi scheme>.
It's "different" than normal markets...I made it work personally (but not at scale)...
There are countless articles showing that literal monkeys throwing darts at a dart board can pick sticks as well or better than most fund managers. This is not the case with DeFi. I’m not all over the place with anything, DeFi is a place where skill still matters because of inefficiencies and the presence of a large amount of “dumb” money.
> I will not lose my funds, whether the market is good or bad
Is your counterparty risk always zero (between you and the chain)? Custody? What if a chain is halted or amended?
These systems run on novel rails. You couldn’t honestly tell an investor “you will not lose your funds,” and you’d refrain from using the word “deposit.” Because you’re trying to honestly communicate an opportunity, not to defraud.
In the case of flash loans/swaps, the answer is yes. It's 0.
Further, I never have any capital at risk, all of my bots use flash loans/swaps. These transactions are atomic, which means that either all parts of it succeed or they all fail (it's a "revert" in blockchain parlance). So I can borrow $200 million without any prior permission and do an arb/liquidation or anything else I want with it for the life of my transaction, with the only requirement being that I must return it by the end. If my arb/liquidation/whatever succeeds and I return the loan, I keep the profits. If not, it's as if the whole thing never happened. The only risk is the transaction fee, which on the chains I do this on are miniscule.
I realize that it sounds unbelievable, but it exists. My code does thousands of these daily. I am not the only one doing this. See https://eigenphi.io/ . With the exception of sandwich transactions, every one of the bots you see on there is making profits without any capital at risk.
The risk of the trade on chain defaulting is virtually non-existent, agreed. Custody risk is never zero. Dollar in / dollar out returns involve lots of counterparties.
Hi there.
My name is Bryan, and I'm a member of the EigenPhi team. Thanks for recommending us; twice!! :D Would you please spare a few minutes to have a quick chat? I'd love to receive your feedback and provide more valuable data! Here is my email: bryan at eigenphi.com.
Looking forward to your reply!!
> DeFi isn't a single market, it's millions of micro markets that are accessible through what amounts to a single API.
Millions of micro markets that produce what, exactly? Last time I checked there has to be at least something on the other side of the calculation what a coin is worth.
You think crypto coins magically make people work harder, better, faster, stronger?
That's not how the constraints of the physical world work.
Millions of micro markets that produce what, exactly?
You seem to be asking me to defend the merits of crypto, which is beyond the scope of this conversation. But generally speaking, most of the coins people actually buy are tied to protocols that are attempting to do things that interesting to at least some part of the population.
But, the ability to prove the provenance and ownership of any asset, whether physical or digital, has value. The ability to move value across borders instantly, cheaply, and reliably, has value.
In a world where so much has been made of fake news, imagine if you could know with absolute certainty that a given quote you read from someone in an article is authentic and given to the specific outlet you are reading it at, not taken from somewhere else, perhaps out of context. Imagine if Google integrated such information/quote verification into its search results, and could use it to prioritize sites with real quotes or information. SERPs wouldn’t be full of trash, and small sites that manage to scoop large ones could get instant #1 rankings. Authenticity verification has value.
> In a world where so much has been made of fake news, imagine if you could know with absolute certainty that a given quote you read from someone in an article is authentic and given to the specific outlet you are reading it at, not taken from somewhere else, perhaps out of context. Imagine if Google integrated such information/quote verification into its search results, and could use it to prioritize sites with real quotes or information. SERPs wouldn’t be full of trash, and small sites that manage to scoop large ones could get instant #1 rankings. Authenticity verification has value.
This assumes that 100% of the ecosystem is already some form of blockchain.
And guess what: It isn't and it never will be due to the democratic nature of the proposed system architecture.
The flaws of every coin I've seen is that there are too many assumptions about markets, and dependencies of the markets in the sense of goods and/or services that are just "assumed" to migrate to their blockchain at some point. That's not how incentive proposals should work, as they will (logically) lead to exit scams because a couple of people cannot write and reinvent an ecosystem from scratch.
Look at how long IPFS took to mature. Look at how long DAT was refactored in a backwards-incompatible manner. Look at how long it took to write the hypercore protocol stack.
Systems like this and - especially markets like this - need time to evolve, which means that the proposed DeFi assumptions about rapid growth bullshit are anti-market proposals, and literally the same way hyped and unverified bonds in the legacy financial systems lead to market crashes.
> But, the ability to prove the provenance and ownership of any asset, whether physical or digital, has value.
This only works for assets which themselves exist on the blockchain and for whom the blockchain is the only source of truth - such as cryptocurrencies.
Anything else that involves off-chain activity would require a bulletproof way of keeping the on-chain and off-chain state in sync which is typically a neutral, trusted party, at which point you may as well just let them operate a conventional database and forget the whole blockchain bullshit.
> In a world where so much has been made of fake news, imagine if you could know with absolute certainty that a given quote you read from someone in an article is authentic and given to the specific outlet you are reading it at, not taken from somewhere else, perhaps out of context. Imagine if Google integrated such information/quote verification into its search results, and could use it to prioritize sites with real quotes or information. SERPs wouldn’t be full of trash, and small sites that manage to scoop large ones could get instant #1 rankings. Authenticity verification has value.
I don't see how blockchain/cryptocurrencies help here? Cryptographic signing is all you need.
> it's quite easy to find pockets of above-average returns if you're smart…
Right, but even then how deep are those pockets (what amount of investment can they absorb without being tapped out), how big a time window will they exist for, how will you know if those limits are being reached, and are you really sure you can quantify all the risks?
By definition if it’s a pocket of opportunity, it’s very constrained opportunity. As soon as those constraints are breached it will suddenly stop being low risk and might collapse completely. A lot of people have lost a lot of money on sure fire pockets of opportunity that were great when they lasted.
Of course there are limits to every opportunity. I make money everyday from opportunities that exist on microsecond timescales. I run arb and loan liquidation bots, so I haven't had a single losing day, ever. The last two weeks were quite profitable for me, actually the best two week period I have ever had. There are other strategies that are easier to pull off, such as market making, that have moderate risks and outsized returns.
The point is that these opportunities exist, and they always will exist, you just have to be smart enough to be able to get into them. If someone needed money for infrastructure to run an arb bot, for example, and offered you above market, risk-free returns, it's at least possible they aren't lying to you. That was my point.
> If someone needed money for infrastructure to run an arb bot, for example, and offered you above market, risk-free returns, it's at least possible they aren't lying to you. That was my point.
If you needed money for infrastructure for more arb bot, would you look for random novices and offer them 15% (and raise $3m in VC to market to random novices)? Or would you take out an unsecured personal loan from a bank at a lower rate, or a much lower cost loan from a counterparty involved crypto, especially one who understands the nature your trades?
A market where, with work, you can "find pockets of above-average returns if you're smart" is MILES away from one where companies are "promising you consistent above-market returns"
I'm looking forward to your followup post where you lost all your money and can't figure out where you went wrong.
It always happens with people who think they are smarter than the "dumb money" they're taking advantage of. "Sure it's a scam, but I'm smart enough to not be the one getting scammed!"
I write MEV bots for a living. I can tell you that the Beanstalk "hack" was evidence of extremely poor design. One of the key security aspects of designing a DAO is that you are not supposed to let the results of a vote take effect in the same transaction or even the same block. This was entirely on the designers of that protocol. It's so negligent and downright stupid that I would be quite surprised if it weren't an inside job. The fact that it took more than a day for anyone to notice this is truly shocking.
I’m not remotely in DeFi but your comment suggests there’s a world of design rules & patterns within it, which are always somewhat interesting to learn about. Where would you go to learn this stuff (other than as a practitioner eg with access to mentors)?
At this point, alot of this stuff floats around Twitter and substack. It's still a bit of a dark art. If you'd like to read some stuff about MEV, start here:
You can go pretty far down the rabbit hole on crypto twitter.
This was also a cool event, there is 7 hours of video and slides, which have more of the kind of info I think you're looking for...discussions about protocol flaws and design etc.
How can something both be a dark art with no actual organized space for best practices and also have it be extreme negligence and stupidity for somebody to fail to follow these best practices? I'm not aware of any other area of software engineering where best practices are only just floating around on twitter.
That’s the closest thing to a collection of standard contracts for protocol builders to use that I am aware of. I’m more on the MEV side - I try to profit from protocols rather than build them. So it wasn’t my first thought.
Would you be interested in interviewing somebody on this? I run an interview platform called Taaalk (https://taaalk.co), and I'd be happy to organise an interview with somebody relevant
Is there a list of common attacks with names? This is the first time I've heard the term "reentrancy attack", there's probably a dozen other terms I've never heard of, but would like to read about.
I don’t think it counts as one, I was thinking that needs the governance contract to either recursively call itself or call an external unrelated contract
Correct, the Beanstalk thing was not a reentrancy attack. That was a governance attack on the world's most insecure DAO. The Rari Capital exploit was a reentrancy attack.
On the ETH chain, Flashbots [1] has decimated profits, by turning MEV into a race to the bottom, where miners wind up with most of the profits that bots ("searchers") create. On other chains there is much more profit to be had. People are making large amounts of money, as you can see here [2] (check out BSC on there, most of those profits go to the actual bot owners).
It's gotten incredibly competitive, and there has been quite a bit of consolidation. You used to be able to make a bot that could just make a few thousand dollars per day. Now you're either making 6 figures per day as part of a team, or a few hundred dollars per day on your own. One of the reasons you need a team and financing is that much of it is infrastructure based - being right next to miners/validators in the same server rack, etc. It takes significant resources to have nodes exactly where you need to have them, in various parts of the world.
It's also feast or famine. Sometimes, you'll wake up with hundreds of thousands of dollars from thin air. Here [3] is a loan liquidation using a flash loan from last week that netted the person that submitted it $366K (that was the value at the time) - in a few milliseconds. The only money they had to have to do this tx was the $1.50 transaction fee. The ~$8 million necessary for the liquidation was flash borrowed from a Pancakeswap pair.
I don't know much about this at all so apologies if this is a stupid question, but presumably the owner of that $8m was compensated out of the profit of the deal and the $366k is what is left over for the person who set this deal up.
If so that was a great deal and worked out, but if the deal hadn't worked out for whatever reason, a bug in the code for the bot etc what would the downside be and how would it be enforced?
The owner of the $8 million was a smart contract, in this case a DEX (decentralized exchange) pair on Pancakeswap. Yes, the contract is designed to do this. I believe the fee on that pair is 0.25%. Technically this was a “flash swap,” not a flash loan, but they are functionally equivalent for purposes of this discussion.
If the contract loans the tokens and isn’t paid back by the end of the transaction, it reverts as if nothing ever happened. Ethereum transactions are “atomic” - either all parts of the tx succeed, or they all fail. So there is no risk to the lender, they always get paid back.
It is and it isn't. Getting to the point where you were the one bot fast enough to get into the right position to snag that liquidation involves writing the bot itself, writing the smart contract, understanding the lending protocol and how their liquidations work, understanding how oracle transactions work, working out the math such that every input and output is precisely correct to 18 decimal places, having your server in the right rack in the right datacenter to beat the others, and on and on, are not easy tasks.
But yes, once you do all of that...it actually is a money printing machine that will never end as long as markets have volatility. It's a bit like living in the movie Ready Player One...once you are clever enough to run the gauntlet, riches are yours.
Yes, but it’s a meritocracy. I don’t control whether or not I look like Brad Pitt. I do control whether or not I am educated enough in this space to carry out a strategy like this.
If you can show that you have the knowledge to do it, getting the money to do it is absurdly easy these days. Crypto VCs are far different and much more accessible than traditional Silicon Valley VCs that only talk to connected startup bros from Stanford or MIT. They’ll all listen to what you have to say if you know what you’re doing. They also move with lightning speed relative to their SV counterparts, and they seem genuinely interested in helping those they invest in. My experiences with them have been off-the-charts amazing, compared to 100% disappointment I have had with SV VCs/angels.
Yeah this is tough. Even just dealing with CBP (8 decimals) I was losing fractions of cents here and there, not sure how they get it right, sometimes seems like randomly round to come out even (cases like emptying ballance).
They are in the sense that they level the playing field. People wouldn't give me millions of dollars to do arbitrage in real life, but I can borrow $200 million from a smart contract without issues if I find a profitable opportunity with it. That is game changing.
That said, there are still challenges. Last week, for 6 hours, there was $1 billion up for grabs [1]. Nobody noticed it except for one person, who only took $13.5 million. But bots are coming that will spot these things instantly....I have one under development that would have caught it.
On a tangent, what distinguishes a successful bot from a poor bot? For many of the arbs, the logic is simple to imitate. I understand there is some infrastructure engineering (having servers close to some node) involved, but besides that, it seems a level field in terms of money and tech.
Flash loans are useful for both arbitrage and loan liquidations. Every swap on Uniswap and its many forks on many chains is actually a "flash swap" under the hood - you can take the coins out and use them before the code checks that you have sent the tokens for the swap in to the contract. You don't even need a dedicated flash loan provider on a given chain to be able to use very large amounts of capital sitting in DEX pair contracts.
There are other case-specific uses for them, but loan liquidations and arbs are the big ones.
Depends on your use case. First, AAVE is on ETH, and most arbitrage profits are on other chains. For example, there aren't a lot of flash loan providers on BSC (Binance Smart Chain) with deep liquidity, so everyone just uses flash swaps. The most profitable chain for arbs is BSC (binance smart chain). If you're using the loan for DEX arbitrage, then there is no point in using a third party loan provider like AAVE. You have to pay swap fees regardless, and a flash swap is "free" in the sense that you only pay the swap fees for the coins involved, and you must pay them whether you send the coins to the contract first, or if you borrow them and pay them back at the end.
So if you bring in outside money from a place like AAVE for a DEX arb, then whatever fees you are paying to AAVE are an extra, optional expense, since the swap fees must be paid regardless.
Exactly this. Musk doesn't seem to have any patience for political nonsense - from either side of the political spectrum. The kinds of employees that would do this likely aren't a culture fit in a Musk-run operation, where pragmatism is the order of the day. You can always find another employee who isn't a PIA.
I characterize the organizations he creates as pragmatic. They exist to objectively look at problems and solve them. You cannot solve hard engineering problems in any other way.
The difference is that the pregnancy doesn’t affect the lives of all the people on Twitter. This guy was communicating with his clients, who had to respond to the news by working to prepare their albums for upload to iTunes. He had a perfectly legitimate reason for posting this on his website.
Agreed…the hypocrisy of these decisions grows increasingly outrageous each day. For example, the reasoning behind the banning of Donald Trump from Twitter was that his rhetoric was “dangerous,” in that it may have encouraged/not discouraged the January 6 riot. On Tuesday (March 1), a Russian official threatened actual war over the economic sanctions the world is taking against his country [1]. His account is still active and the tweet is still up.
Exactly. Lets assume Trump was completely the leader of January 6th and giving direct orders to go into the building and those people were his army. The only death by violence was one person and on a causality on his side. In Ukraine literally thousands are dying. There are people who literally attempted assassinations getting bail and keeping their online accounts.
It is reasonable to say that Donald Trump caused the January 6 insurrection. The bigger issue for platform owners is that the insurrection represents catastrophic risk to them, and it is within their power to prevent it.
The social media platforms can't prevent if Russia goes to war with NATO. Censoring the russian official won't do anything.
Jan 6th didn't "cause" catastrophic risk. Events like jan 6th present huge potential risks.
If the insurrection had been successful the best case scenario would be economic collapse and possibly civil war in the country where these platforms are based out of. It is likely that many states would reject the sovereignty of the federal government if it didn't honor the outcome of the election, and from there things would quickly spiral out of control.
The potential outcome from the end of democracy in the us would entail catastrophic risk for the companies based here.
War being threatened by a nuclear power like Russia carries with it the “catastrophic risk” of the end of the world, with billions of people dead. Even if one were to wholeheartedly believe that the hyperbole in your comment was an entirely plausible outcome of January 6, the Russian tweet is far more dangerous than anything related to the Capital riot.
It’s outrageously hypocritical that the Russian official’s account is alive today. They didn’t even slap a warning label on his tweet.
They couldn’t control January 6 either. Literally the only people charged with sedition - those who had a plan - were part of an extremist organization that coordinated in person.
The Jan 6 insurrection were organized almost entirely on social media, not the news. The news was barely talking about a "stop the steal" rally in dc on Jan 6 before it happened.
Much of it was organized on social media, and many those who participated it used the platforms to live stream and tell more people to come and participate, too.
Either all of social media should be white supremacist, holocaust denying 4 Chan, or it is those platforms' responsibility to enforce thought-crime intervention.
So instead of doing that we should just make the whole internet 4chan?
No it won't, not in meaningful numbers. Most people don't want that kind of garbage in their feeds. If they did 4chan would be more popular than Twitter.
Most people don't want to have disgusting, antidemocratic viewpoints forced on them by social
media. They want to not see that stuff.
No. What the hell is wrong with all this absolutism. As I mentioned elsewhere, these platforms should have moderation guidelines from the outset that they adhere to. Now they play political games instead.
If a platform is too large to be moderated effectively, there needs to be a discussion about what happens next, which indeed is either free-for-all, clear moderation policy or opaque random and easily biased decisions.
My boomer parents are now asking me about 4chan because of the censorship (someone in the mainstream was talking about it last year.) People are looking and they'll get sucked into this stuff.
It’s sad that youtube can choose what content to host?
As I suspect you know, his point was that it’s sad that YouTube is making politically motivated censorship decisions, just like China would. While we all know that Silicon Valley leans left, I think that those of us who want good things for the world would like to believe that these companies can check their politics at the door when it comes to running platforms that serve people across the political spectrum. Sadly, that’s not the case.
If YouTube identified itself as a partisan platform where speech that is not left leaning is in danger of being curtailed (which is what it is), I wouldn’t have a problem with these actions. But it masquerades as a neutral platform that is open to all, in the same way that CNN, MSNBC, and Fox masquerade as news outlets. That is a threat to democracy, because it creates the impression that only content which aligns with the platform owner’s political ideology is newsworthy or acceptable for viewing, and anything else is fringe.
You can contribute mining power to a large network of miners and get a percentage of the profits. They are called mining pools. These exist for virtually all currencies. Here's a list for bitcoin: https://www.buybitcoinworldwide.com/mining/pools/
You have a fundamental misunderstanding of US law with regard to money laundering. Obfuscating the source of funds, by itself, is not money laundering. Money laundering requires a "predicate offense" - the money that is being laundered must be proven to have had an illicit source. Further, the entity accused of doing the "laundering" also must know that the source of funds is illicit before doing it. Intent to promote the carrying on of "specified unlawful activity" must also be proven in order for a money laundering conviction to occur. You can read the entire statute here [1].
Therefore, the "chief selling point" cannot be money laundering, at least under US law, because the contracts were deployed with no prior knowledge of how or by whom they would be used. One cannot form intent without prior knowledge. The chief selling point was anonymity, not money laundering, which has a highly specific legal meaning.
[1] https://www.law.cornell.edu/uscode/text/18/1956