4
points
downandout
Joined 13,606 karma
Email - h n <at> s a l z e k o . c o m
- downandout parentNo, they are not. They aren’t actively participating in the transactions, and thus have no reporting requirement. Users are not allowed to structure transactions, as it is illegal for them to do so.
- Technically? Yes. But you run the risk of getting your account closed for this kind of thing.
- Sure, I used to use it. I won't explain the strategy, but I have a crypto trading bot that sometimes profits at the expense of other bots. The owners of these bots got so annoyed at this that they would blacklist the address at which my bot was, and would then track any addresses that I sent funds to from there and blacklist those in advance. TC broke this ownership chain, so they could no longer preemptively blacklist the addresses my bot operated from.
- They aren't the hotbed of money laundering you seem to think they are.
I spent a fair amount of time in the gaming business, and I can tell you that this statement is patently false. Very little of it gets caught, because the people involved in such schemes know what the rules are and simply work around them. Casinos themselves also sometimes turn a blind eye to such activity when it is especially profitable for them. Example [1]. That occurred even with the reporting requirements.
[1] https://www.justice.gov/usao-cdca/pr/operator-venetian-resor...
- The intent in question is manifested in Tornado Cash's design, which doesn't pass the malfeasance smell test: you can't absolve yourself of illegality by automating the illegality.
Given that it also has legitimate uses, I think that's a very difficult case to make. Also, with very limited exceptions, nearly all crimes in the US require intent and/or knowing participation. It's a fundamental tenet of our system. There is a reason that they aren't being prosecuted in the US, and those reasons are outlined above. Perhaps Dutch law is different enough to allow a conviction; time will tell.
I'd also point out that Apple's device encryption scheme was specifically designed so that Apple itself cannot unlock devices, which thwarts law enforcement subpoenas for assistance. They can legitimately throw their hands up in the air and say "we have no ability to help you" - and that's by design. It is not illegal to design systems in this way. It just shifts the legal liability for misuse onto the users, where it should be.
- At least under US law, intent is still required. Meaning that while some users of TC may have violated this law, the devs did not, nor did they knowingly aid in it or have any provable intent to do so.
I don't know what Dutch law says with regard to intent/knowing participation, but I suspect that any system of laws in a civilized country would generally require it for criminal convictions.
- Yes, but the same intent provisions still apply to the entity that enabled the structuring. Tornado Cash has legitimate use cases - I had one prior to the OFAC issue (hiding the source of funds to an address in order to prevent certain bots from reacting to it). So the devs cannot have formed intent to aid in any of the crimes that TC may have unwittingly enabled.
Casinos are used as vehicles for structuring and money laundering every minute of every day - on a much larger scale than anything Tornado Cash could ever have achieved. They don't have the intent to aid in these activities though, which is why they are allowed to operate.
- "The chief selling point of Tornado Cash is money laundering, which is in and of itself a crime in both the US and Netherlands."
You have a fundamental misunderstanding of US law with regard to money laundering. Obfuscating the source of funds, by itself, is not money laundering. Money laundering requires a "predicate offense" - the money that is being laundered must be proven to have had an illicit source. Further, the entity accused of doing the "laundering" also must know that the source of funds is illicit before doing it. Intent to promote the carrying on of "specified unlawful activity" must also be proven in order for a money laundering conviction to occur. You can read the entire statute here [1].
Therefore, the "chief selling point" cannot be money laundering, at least under US law, because the contracts were deployed with no prior knowledge of how or by whom they would be used. One cannot form intent without prior knowledge. The chief selling point was anonymity, not money laundering, which has a highly specific legal meaning.
- However, the weather is way better than Vegas, and I'm not just talking about summer. A cold ocean has its advantages.
I grew up inland San Diego, and I can tell you that our summer days there routinely topped 100 degrees. I agree that if you are fortunate enough to live very close to the water, you do have some weather advantages over Vegas. For me, it's certainly not enough to warrant putting up with the other, man-made issues in California, even if I had a place right on the beach. But I agree that for some people, the (slightly) nicer weather is worth all of the expense and putting up with the nonsense.
- "Contrast that with San Diego or New York, where the environment is not actively trying to kill you during most of the year"
Las Vegas is inordinately hot only 3 months of the year. The rest of the time the weather is relatively mild. That's hardly "actively trying to kill you during most of the year". Many people who visit Las Vegas only do so during the summer, so it seems like it's hot most of the time to them, but this is a myth.
Having grown up in San Diego and currently living in Las Vegas, I'm not sure what special advantages you are implying it has that would enable it to be "advantageous to ordinary economic conduct" vs Las Vegas. It's next to an ocean full of water that you cannot drink (without expensive water treatment). Produce is grown in California (with water that it deprives Las Vegas of), but mostly not near San Diego, so it has to be transported in to support its massive population, just like it has to be to Las Vegas. In fact, the agricultural centers of California are approximately equidistant to both San Diego and Las Vegas, perhaps +/- 100 miles.
Even putting aside the other issues with California - overpopulation, insane politics, high crime rates, absurdly high state income tax, high cost of living, etc. - I don't see any serious advantage that Southern California in general has over Las Vegas, unless you just like the beach (and even then...it's a 3.5 hour drive or 30 minute flight to Southern California). In fact, many Californians are starting to realize this, and are invading us.
- 2 points
- There are countless articles showing that literal monkeys throwing darts at a dart board can pick sticks as well or better than most fund managers. This is not the case with DeFi. I’m not all over the place with anything, DeFi is a place where skill still matters because of inefficiencies and the presence of a large amount of “dumb” money.
- Millions of micro markets that produce what, exactly?
You seem to be asking me to defend the merits of crypto, which is beyond the scope of this conversation. But generally speaking, most of the coins people actually buy are tied to protocols that are attempting to do things that interesting to at least some part of the population.
But, the ability to prove the provenance and ownership of any asset, whether physical or digital, has value. The ability to move value across borders instantly, cheaply, and reliably, has value.
In a world where so much has been made of fake news, imagine if you could know with absolute certainty that a given quote you read from someone in an article is authentic and given to the specific outlet you are reading it at, not taken from somewhere else, perhaps out of context. Imagine if Google integrated such information/quote verification into its search results, and could use it to prioritize sites with real quotes or information. SERPs wouldn’t be full of trash, and small sites that manage to scoop large ones could get instant #1 rankings. Authenticity verification has value.
The possibilities are endless.
- You are correct, but all investments have a maximum size at which returns will stop. That said, even large banks are seeing returns considered impossible in traditional markets with DeFi strategies, often with lower risk. Arb bots like mine are now generating more than $1 billion per year in risk-free earnings, so the pie is not exactly small. Estimates are that statistical arbitrage bots, which do take on some small capital risk, generated over $5 billion in profits last year.
I agree with you that throwing money at anyone who tells you they can take an unlimited investment and offer compounding returns on it is a recipe for disaster. But in DeFi, intelligence and strategy translate directly to greater yield. Math has proven time and again that those things matter very little in traditional markets.
- No, sadly that return is based on my infrastructure costs, which I can't keep increasing and get the same return. But yes, I'm doing better than 50X my monthly infrastructure costs with this, which are my only actual risk.
- Is your counterparty risk zero? Custody risk?
In the case of flash loans/swaps, the answer is yes. It's 0. Further, I never have any capital at risk, all of my bots use flash loans/swaps. These transactions are atomic, which means that either all parts of it succeed or they all fail (it's a "revert" in blockchain parlance). So I can borrow $200 million without any prior permission and do an arb/liquidation or anything else I want with it for the life of my transaction, with the only requirement being that I must return it by the end. If my arb/liquidation/whatever succeeds and I return the loan, I keep the profits. If not, it's as if the whole thing never happened. The only risk is the transaction fee, which on the chains I do this on are miniscule.
I realize that it sounds unbelievable, but it exists. My code does thousands of these daily. I am not the only one doing this. See https://eigenphi.io/ . With the exception of sandwich transactions, every one of the bots you see on there is making profits without any capital at risk.
- I run arb and loan liquidation bots, and have for over a year now. These are atomic transactions almost always using flash swaps/loans that exist only exist for the life of the transaction. I am only exposed to potential losses on transaction fees, but have never had a losing day while running production code. My yield on my investment (mostly infrastructure costs) is closer to 5,000%...per month. I will not lose my funds, whether the market is good or bad.
There are funds out there that conduct these activities, I know because I recently consulted for one. They are promising risk free returns and getting them.
There are things that exist in DeFi (such as flash loans) that have no real world equivalent, which is why blanket statements made about traditional markets don't necessarily apply. If used properly, these things do in fact offer "too good to be true" types of returns.
- Of course there are limits to every opportunity. I make money everyday from opportunities that exist on microsecond timescales. I run arb and loan liquidation bots, so I haven't had a single losing day, ever. The last two weeks were quite profitable for me, actually the best two week period I have ever had. There are other strategies that are easier to pull off, such as market making, that have moderate risks and outsized returns.
The point is that these opportunities exist, and they always will exist, you just have to be smart enough to be able to get into them. If someone needed money for infrastructure to run an arb bot, for example, and offered you above market, risk-free returns, it's at least possible they aren't lying to you. That was my point.
- And the Crypto Andys were all like "you just don't understand DeFi!" to which the retort is "No, you just don't understand finance".
If you believe the statement "if someone is promising you consistent above-market returns it's either a scam or there is unknown or undisclosed risk" it might be true that you don't understand DeFi to some degree. DeFi isn't a single market, it's millions of micro markets that are accessible through what amounts to a single API.
So when you have millions of markets with different returns that can be traded in every imaginable way (and some you probably haven't imagined), throw in an insane amount of dumb money, people willing to borrow at high interest rates (relative to the real world), and a laundry list of factors that introduce inefficiencies into the market, it's quite easy to find pockets of above-average returns if you're smart. I have no idea if Stablegains was actually smart, but it's more than possible to achieve above-market gains in DeFi without exposing yourself to outsized risks.
- Yes, but it’s a meritocracy. I don’t control whether or not I look like Brad Pitt. I do control whether or not I am educated enough in this space to carry out a strategy like this.
If you can show that you have the knowledge to do it, getting the money to do it is absurdly easy these days. Crypto VCs are far different and much more accessible than traditional Silicon Valley VCs that only talk to connected startup bros from Stanford or MIT. They’ll all listen to what you have to say if you know what you’re doing. They also move with lightning speed relative to their SV counterparts, and they seem genuinely interested in helping those they invest in. My experiences with them have been off-the-charts amazing, compared to 100% disappointment I have had with SV VCs/angels.
- The owner of the $8 million was a smart contract, in this case a DEX (decentralized exchange) pair on Pancakeswap. Yes, the contract is designed to do this. I believe the fee on that pair is 0.25%. Technically this was a “flash swap,” not a flash loan, but they are functionally equivalent for purposes of this discussion.
If the contract loans the tokens and isn’t paid back by the end of the transaction, it reverts as if nothing ever happened. Ethereum transactions are “atomic” - either all parts of the tx succeed, or they all fail. So there is no risk to the lender, they always get paid back.
- Fair point. I probably should have directed him to:
https://www.openzeppelin.com/contracts
That’s the closest thing to a collection of standard contracts for protocol builders to use that I am aware of. I’m more on the MEV side - I try to profit from protocols rather than build them. So it wasn’t my first thought.
- They are in the sense that they level the playing field. People wouldn't give me millions of dollars to do arbitrage in real life, but I can borrow $200 million from a smart contract without issues if I find a profitable opportunity with it. That is game changing.
That said, there are still challenges. Last week, for 6 hours, there was $1 billion up for grabs [1]. Nobody noticed it except for one person, who only took $13.5 million. But bots are coming that will spot these things instantly....I have one under development that would have caught it.
[1] https://twitter.com/0xngmi/status/1524891992429318144?s=20&t...
- The answer is yes, for DEX arbs, since you have to trade in the pools anyway and must pay the resulting fees.
- Correct, the Beanstalk thing was not a reentrancy attack. That was a governance attack on the world's most insecure DAO. The Rari Capital exploit was a reentrancy attack.
https://twitter.com/BTCTN/status/1520425720631156736?s=20&t=...
- It is and it isn't. Getting to the point where you were the one bot fast enough to get into the right position to snag that liquidation involves writing the bot itself, writing the smart contract, understanding the lending protocol and how their liquidations work, understanding how oracle transactions work, working out the math such that every input and output is precisely correct to 18 decimal places, having your server in the right rack in the right datacenter to beat the others, and on and on, are not easy tasks.
But yes, once you do all of that...it actually is a money printing machine that will never end as long as markets have volatility. It's a bit like living in the movie Ready Player One...once you are clever enough to run the gauntlet, riches are yours.
- On the ETH chain, Flashbots [1] has decimated profits, by turning MEV into a race to the bottom, where miners wind up with most of the profits that bots ("searchers") create. On other chains there is much more profit to be had. People are making large amounts of money, as you can see here [2] (check out BSC on there, most of those profits go to the actual bot owners).
It's gotten incredibly competitive, and there has been quite a bit of consolidation. You used to be able to make a bot that could just make a few thousand dollars per day. Now you're either making 6 figures per day as part of a team, or a few hundred dollars per day on your own. One of the reasons you need a team and financing is that much of it is infrastructure based - being right next to miners/validators in the same server rack, etc. It takes significant resources to have nodes exactly where you need to have them, in various parts of the world.
It's also feast or famine. Sometimes, you'll wake up with hundreds of thousands of dollars from thin air. Here [3] is a loan liquidation using a flash loan from last week that netted the person that submitted it $366K (that was the value at the time) - in a few milliseconds. The only money they had to have to do this tx was the $1.50 transaction fee. The ~$8 million necessary for the liquidation was flash borrowed from a Pancakeswap pair.
[1] https://docs.flashbots.net/
[3] https://bscscan.com/tx/0x73d37b728ebd55088d0d7ccd3f82a485ac3...
- At this point, alot of this stuff floats around Twitter and substack. It's still a bit of a dark art. If you'd like to read some stuff about MEV, start here:
https://twitter.com/bertcmiller/status/1402665992422047747?s...
and here
https://twitter.com/0xmisaka/status/1525964196181057537?s=20...
You can go pretty far down the rabbit hole on crypto twitter.
This was also a cool event, there is 7 hours of video and slides, which have more of the kind of info I think you're looking for...discussions about protocol flaws and design etc.
https://flashbots.notion.site/flashbots/mev-day-836f88806995...
- I write MEV bots for a living. I can tell you that the Beanstalk "hack" was evidence of extremely poor design. One of the key security aspects of designing a DAO is that you are not supposed to let the results of a vote take effect in the same transaction or even the same block. This was entirely on the designers of that protocol. It's so negligent and downright stupid that I would be quite surprised if it weren't an inside job. The fact that it took more than a day for anyone to notice this is truly shocking.