Thursday mailbag: Financial Frankensteins?

What happens when banks fear regulators and DAOs fear no one

article-image

Artwork by Crystal Le

share


This is a segment from The Breakdown newsletter. To read more editions, subscribe.


“You are my creator, but I am your master — obey!”

— Frankenstein

If it’s crypto, is it not money laundering?

Roman Storm declared yesterday’s partial verdict in the DOJ’s case against him a “big win,” dismissing his conviction on money transmission charges as “bullshit” and saying he expects to win on appeal.

Peter Van Valkenburgh makes a thoroughly convincing case that Storm should win an appeal. 

But also that the complexities of judge and jury selection mean it’s not a sure thing.

In short, the legal debate usually boils down to whether it’s possible to launder money without ever controlling it.

Tornado Cash, being non-custodial, never has control of anyone’s money, so its defenders reason that it can’t possibly be guilty of transmitting it.

What might be the consequences if the courts agree?

JP Konig believes it would mean the “decriminalization of crypto money laundering.”

If no one is liable for money that’s transmitted via immutable smart contracts, he reasons, why would anyone move money any other way? 

“Banks and fintechs,” Konig says, “will be incentivized to switch their database infrastructure over to crypto in order to qualify for this loophole.”

Global banks are thought to spend over $200 billion a year on financial crime compliance, so they would be highly incentivized to move their money transmitting to crypto rails. 

“Once the entire financial sector has migrated through the loophole,” Konig adds, “it will no longer be a crime to launder funds for criminals.” 

Is that the outcome we’re hoping for?

If Storm is correct that money transmitter laws don’t apply to Tornado Cash, we probably need new money transmitter laws.

The golem theory of DAOs

Henry Farrell and Bruce Schneider follow Konig’s line of reasoning, but think the Roman Storm case has implications far beyond banking.

The security and privacy experts colorfully describe the Tornado Cash DAO as a “golem” — a manmade entity that follows its instructions blindly, indifferent to consequences and beyond the control of its creators.

A financial Frankenstein, in other words.

If such modern day monsters are allowed by law, Farrell and Schneider argue “likely, anyone who wanted to facilitate illegal activities would have a strong incentive to turn their operation into a DAO — and then throw away the key.”

Things could get weird, if so.

“What if robots, like DAOs, are designed to obey only their initial instructions, however unlawful,” the authors ask, “and refuse all further updates or commands?” 

“Robots are even more obviously golems than DAOs are,” they write — so if DAOs operating in the digital world are effectively above the law, autonomous robots probably should be, too.

Now imagine the two together: A Frankenstein DAO robot that cannot be held liable for its actions because it runs on immutable smart contract code. 

We’ve been looking for a real-world use case for smart contracts and DAOs and it doesn’t get any more real-world than that.

Google on social-engineering crypto heists

A report from Google details the growing threat of state-run social engineering scams, in which attackers infiltrate a company’s cloud-based systems by impersonating freelance software developers.

Google takes us step by step through an exploit executed by the North Korean hacker known as UNC4899, who “primarily targets the cryptocurrency and blockchain industries.”

Why those two guiltless industries?

A co-author of the report told Decrypt that the attackers target companies’ cloud-based systems “because that is where the data, and thus money, is.”

But presumably only the crypto money.

Decrypt reports that $1.6 billion of crypto has been stolen this year in such attacks, which is a lot.

But if you were really stealing money based on where it is, you’d be stealing it from banks.

Banks, though, keep their money in spreadsheets, not crypto wallets, which makes it harder to move.

The Google report explains that hackers “replace existing JavaScript files with those containing malicious code, which were designed to manipulate cryptocurrency functions and trigger a transaction with the cryptocurrency wallet of a target organization.”

That wouldn’t work with a bank’s spreadsheet, so I take the report as evidence that crypto remains the best money to steal.

And launder, of course.

Should banks get to decide who they bank for? 

In a short blog post, Peter Conti-Brown offers a defense of banks accused of debanking.

The legal scholar argues that President Trump’s claim that “the banks discriminated against me very badly” is an instructive example of “how incoherent the advocacy against debanking is.”

“Donald Trump and his various entities were extraordinarily risky bets for his many banking partners,” he reasons, so it was only natural for banks to be wary of him.

“Debanking,” as Conti-Brown frames it, is simply the free market at work: “There are 9,000 insured depository institutions in America. Many are willing to take the risks that some are not. That’s how markets work.”  

Nic Carter and many others argue that banks targeted crypto companies for debanking for political reasons, but this too can be framed as risk management: the risk of incurring giant fines from regulators. 

In short, the banks were probably just doing what the government told them to do, as the Cato Institute’s Nick Anthony highlights.

Austin Campbell similarly argues that the blame lies not with the banks, but with regulators for “harassing banks who banked crypto clients.”

Banking regulators are all-powerful, so you can hardly blame the banks for giving in to the harassment. 

This will feel like a distinction without a difference to crypto people who have been debanked, but it’s relevant to the remedy. 

The proposed solution to debanking often sounds like preventing banks from denying service to any customer for any reason.

But surely private banks should get to decide what risks they take?

Conti-Brown argues that telling banks what risks they have to take is a form of “heavy-booted statecraft.”

And what could be less crypto than that?


Get the news in your inbox. Explore Blockworks newsletters:

Tags

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

recent research

Research Report Templates.png

Research

Pipe Network is a decentralized content delivery network (dCDN) that replaces the sparse, capital intensive data center footprint of traditional CDNs with a permissionless mesh of independent node operators. By orchestrating under-utilized resources that already exist at the edge, rather than purchasing or leasing thousands of servers, Pipe slashes capital intensity while letting supply expand autonomously in the places where bandwidth is scarcest and most expensive.

article-image

After its first phone drew jeers from a popular tech YouTuber, Solana Mobile delivered on its newest device

article-image

Markets strongly suspect that committee members will make the first interest rate cut of 2025

article-image

After four days of deliberation, the jury found Roman Storm guilty on Wednesday of one federal count

article-image

Pendle’s new platform transforms perp funding into tradable yield units — paving the way for a full-stack onchain fixed-income ecosystem

article-image

9.6% of crypto industry employees were paid in crypto, and most opted for USDC and USDT

article-image

You don’t own the protocol. You own the incentives.