incredibly overbroad, comprehensive, and perfectly designed to allow arbitrary information collection at any scope they choose to enforce. It truly is
incredibly overbroad, comprehensive, and perfectly designed to allow arbitrary information collection at any scope they choose to enforce. It truly is a mind-blowingly large grab attempt at private information of anyone they can get their hands on. They want all regulated entities — VASPs, banks, financial institutions or entities like casinos, etc. — to by default submit reports of any transactions interacting with mixing within 30 days of noticing the relevant transaction and its association to mixing activity. Currently, most exchanges and businesses keep these records anyway, but they do not by default send copies of them to regulators unless deeper inspection actually merits a reason to do so. FinCEN wants that to change.
To really get a sense for the scope of things, the first thing to look at is the definitions of mixing provided in the proposal. Obviously, the act of mixing is obscuring the source of funds, but the specific technical definitions they give for what falls under the definition of mixing are incredibly broad when looked at together. Let’s go through them:
- “Pooling or aggregating [funds] from multiple persons, wallets, addresses, or accounts” This encompasses so many different activities other than a traditional custodial mixing service. Lightning channels? That is multiple persons pooling and aggregating funds together. Multisig wallets held by multiple people in general are doing the same thing. Just combining a recent withdrawal from Coinbase with coins you had from Kraken from the point of view of both exchanges is pooling funds from multiple addresses. According to the language of this proposal, something that just happens on a regular basis in the normal course of using Bitcoin, with no attempt whatsoever to obscure or render private anything about the activity, fits into the definition of mixing.
- “Using programmatic or algorithmic code to coordinate, manage, or manipulate the structure of a transaction” Again, that completely covers the Lightning Network. Coinjoins fall into this definition. In fact…you know what? This is so ridiculously and absurdly broad — it doesn’t even specify manipulating the structure of a transaction to attain obfuscation of the source of funds — that this literally encompasses any piece of Bitcoin software that handles making and signing transactions. 100% of the transactional activity on the Bitcoin blockchain out of sheer logical necessity fits this definition of mixing.
- “Splitting [funds] for transmittal and transmitting the [funds] through a series of independent transactions” This is also incredibly broad. How are legitimate independent transactions between the same parties to be distinguished from a single transaction split into many for obfuscation purposes? What about situations where that is a perfectly legitimate thing to do for no reason other than your personal privacy? What if I only have three different UTXOs that three separate people know about, and I don’t want to reveal to all three of them my payment history with the other two in order to make a payment requiring all three UTXOs? Does opening multiple independent Lightning channels with the same node constitute this?
- “Creating and using single-use wallets, addresses, or accounts, and sending [funds] through such wallets, addresses, or accounts through a series of independent transactions” So default behavior of the super majority of Bitcoin wallets — not reusing addresses — constitutes mixing? When I go to my exchange to withdraw with a unique address every time, are they required to consider that action “mixing” my coins? Do physical Bitcoin bearer instruments constitute “single-use wallets?”
- “Exchanging between types of [cryptocurrencies] or other digitals assets” So every single person trading NFTs, dumb tokens, utility tokens, and just outright shitcoins, whether on an exchange or on-chain through different mechanisms, is now mixing?
- “Facilitating user-initiated delays in transactional activity” Uhm..timelocks in Lightning? Any type of 2FA rate limited multisig set up? Just the DCA scheduled withdrawal function at different on-ramps? All of this is now mixing
COMMENTS