On 14 May 2024, a Dutch court sentenced Alexey Pertsev to more than 5 years in prison for complicity in money laundering as the main developer of Tornado Cash, a decentralised mixer operating on the Ethereum blockchain. While this court decision has given rise to considerable reservations among legal experts due to doubts about the qualification of the offence of money laundering to an anonymisation protocol, above all it signals the end of illusions about decentralisation in Web3.
The question of the responsibility of the developers of a protocol whose use may have been diverted to illicit ends raises legitimate questions in terms of rights and freedoms. This case comes on the heels of the lawsuits launched against the developers of Samurai Wallet and the conviction of Ross Ulbricht, founder of the SilkRoad platform. Alexey Pertsev has already lodged an appeal against this conviction.
Already much discussed, this decision sheds new light on a key concept in the Web3 ecosystem: decentralisation. Like Tornado Cash, many projects call themselves 'decentralised' in order to consider themselves outside the scope of financial regulations, particularly in terms of the fight against money laundering. However, while this desire for decentralisation often stems from a sincere philosophical desire, the legal immunity it is given often proves to be illusory and leads to particularly dangerous consequences.
Decentralisation can be defined as the distribution of power from the centre to autonomous entities. It implies that power (i.e. governance) is sufficiently distributed among the participants that none of them is in a position to significantly influence the direction of the project. The purest examples are Layer 1 protocols such as Bitcoin or Ethereum: neither the miners or validators, nor the developers, nor the users or service providers alone have the power to change the rules or operation.
In this decision, the judges have methodically deconstructed the allegedly decentralised nature of Tornado Cash, thereby providing an instruction manual for engaging the liability of decentralised applications or Layer 2 protocols:
firstly, Tornado Cash's DAO did not in practice have as much power as the actual directors. Secondly, Alexey Pertsev and his co-founders could be described as effective directors on the basis of public data (interviews, presentations on the website or social networks) and their involvement in the IT development of the project (Github); Finally, the accused had formed a small team holding 30% of the tokens, thereby retaining significant control over the project. For these reasons, the judges clearly stated that "the fact that Tornado Cash had, at some point, begun to operate as a decentralised autonomous organisation (DAO) made no difference". The judges' very concrete analysis of Tornado's governance sends out a strong signal to projects - with or without a legal entity - whose artificial decentralised structuring schemes do not allow the "effective managers" (founders, developers, etc.) to be exonerated from their responsibilities.
This judicial demonstration of the superficiality of certain decentralised governance models should be closely analysed by projects since it materialises a fundamental trend in terms of liability in Europe and the United States. With less than six months to go before MiCA comes into force, it provides a useful guide to qualifying projects "delivered entirely decentrally without any intermediaries" to which the regulation will not apply, without illusions.