Zcash: Privacy vs AML


#1

Hey everyone,

I am relatively new to the crypto space, and I was hoping to understand this a little more in depth. Fungibility is clearly one of the most important aspects of any currency, and a bitcoin that is “white-washed” by the FBI being valued above another bitcoin presents a problem. That is where the privacy of Zcash presents significant value.

My question is, is there any way to prevent Zcash used on the black market from being laundered through exchanges? Someone could easily be validated through KYC while also using crypto on the black market. If the history of the coin can’t be tracked, like what Chainalysis does for Bitcoin, how can money laundering be prevented? If the SEC can’t prevent money laundering with Zcash, I don’t see why they wouldn’t eventually make the use of Zcash illegal in the United States.

Thank you in advance for your help!


#2

I can’t speak to the KYC/AML laws, but I did want to comment on the privacy aspect.

Privacy is all about scope. If you trust a single governmental group to oversee the privacy of people with the pretense of enforcing laws, it becomes a single point of failure. If that government or group becomes corrupt the entire group is compromised, including the law-abiding individuals stuck in that system.

If you instead trust each user with their own privacy you then have many points of strength rather than a single point of failure. Sure, a few of them might try and break the law, and this could be difficult for those enforcing the laws to track down (inconvenience), but it’s much safer for the overall group who is following the rules and doing what is right. Further, without individual privacy, democracy and freedom in general starts to erode.

“Power tends to corrupt and absolute power corrupts absolutely”

I believe that Zcash should prioritize transitioning to only using Z_Addrs (opaque) so that the use of them isn’t taboo. Otherwise there is the pretense of, “why do you need privacy”?

It’s the same reason why an older individual might want their online order of Depend adult diapers to be delivered in a plain box without branding all over it (just one example).

This is one of the core reasons I became so interested in Zcash from the start. Privacy is a human right.


#3

Its no different than normal money laundering, the only way to prevent it is to instill a sense of morality in someone otherwise its reaction, Zcash wasn’t intended for illegal purposes (wiki), its intended to protect your privacy and work as tender, cash
Besides J5’s on the prowl, thats job creation!


#4

I doubt it could be stopped completely because even cash money laundering occurs. As long as the exchanges perform their legal duties it should be fine. Even if it became illegal on exchanges people could still do it anyway. It wouldn’t be as private but still doable by making the amounts out of the z addresses different from the t address inputs.


#5

There are a number of standard, pre-existing anti-money laundering techniques that, when used together, can help detect and prevent this sort of activity.

The first is KYC or “Know Your Customer”. This is where the exchange takes steps to identify who their account holders are by, for example, requiring that they submit copies of their ID documents, etc. Bad actors typically won’t want to identify themselves, so they will either be dissuaded from opening an account or they may attempt to open an account using false ID (which carries wth it the risk of detection).

The second is the process of identifying the Source of Funds. In layman’s terms, this is equivalent to asking the customer “Where are you getting this money from?” (whether it’s cybercoins or fiat currency). Sometimes, the exchange may ask a customer to supply supporting evidence/documentation to back up their explanation for where the funds are coming from. For example, if you’re a miner, they may ask for a print-out or screenshot from your mining pool.

The final technique is suspicious activity reports (SARs). If an exchange believes that there is something suspicious about a customer or their activity, they are required to report that fact to the relevant authority (in the United States, this is FinCEN), which collates SARs from various sources and investigates as appropriate.

I think it goes without saying that there is no way to guarantee that Zcash (or any other cryptocurrency) can never be used for money-laundering, just as there is no way to eliminate the use of traditional financial networks and institutions (and cash, for that matter) for money-laundering. There’s a balance to be struck between the benefits of new technologies like Zcash and the risks that they pose. In the case of Zcash, one of its core benefits is privacy. In many jurisdictions, there are laws and regulations that protect personal financial privacy (e.g. the Gramm-Leach-Bliley Act in the United States, the GDPR in the EU), so there’s actually an argument to be made that the privacy protections that Zcash offers mean that its use should be supported by regulators instead of being discouraged.

I recommend reading this blog post published by Coin Center, which goes into this aspect of Zcash in more detail: https://coincenter.org/entry/what-is-zcash


#6

ZCash can be, will be, has been and is being used by criminals. So what. Criminals use the internet, cars…pens, even…who cares. The goal of ZCash is that the user is assured of the means to trade value privately. Whether criminals or JP Morgan use it to keep their transactions their business is irrelevant. As @root stated, privacy is a basic right, and while I don’t agree anyone has any right to anything other than their willingness to assert their own will in proportion to their willingness to be violent or suffer pain by doing so (slight digression), Privacy in the modern age should be assumed to be something everyone “should” have…

Money laundering is the act of concealing the true nature of the illicit gains. If A sends ZEC to B and both are using a Z address, then no one knows from whom or to whom or how much ZEC was sent other than the parties. If A sends ZEC in return for some value derived by criminal conduct, then both A and B are parties to the act of money laundering and the conspiracy to commit it. However, since criminals are not too choosy to the laws they violate, ML is something they do every day. Proving ML in this example is impossible without one of them ratting out the other…

Here’s how I see it if someone wanted to take cash from whatever source and turn back into cash not appearing to be from any source:

  1. Open an account on Coinbase (let’s hope they can soon);

  2. Buy some ZEC with fiat;

  3. Send that ZEC from CB’s t address (they surely won’t ever offer Z addresses if they include ZEC there) to your own t address somewhere else, like, say Winzec;

  4. From Winzec send your ZEC in your t wallet to a Z address, and then from that Z address to a new Z address (NB, the person would want to make many smaller transactions of odd amounts over time so the total ZEC can’t be learned if inspecting the blockchain);

    4a. To be safe, the operator could do another Z => Z send of different amounts to add more smoke;

  5. Now from that final Z address, they would send that ZEC to a t address on Krapen or another exchange.

  6. Then he would sell the ZEC there on Krapen for fiat and then withdraw that fiat to a bank account different than the one he used to fund his CB account.

Some side prep work he could do would be to setup one bank account in one country with one strawman and then the second (or many) in other countries with another strawman or strawpersons.

Do I think this is being done? Surely it is. Any sophisticated criminal operator in the modern age would likely be doing something like that right now…and again, so what! Freedom aint free, y’all…some will exploit the freedom for their own gain by all means.

While I don’t want to be writing the “Anarchist’s Cookbook to Laundering Crypto in the Modern Age”, I am illustrating the process to make the point below. KYC/AML is there for one reason, and that’s to stop (or make difficult) operators from doing just what I’ve outlined above.

You see, the Entry and Exit Gateways into crypto are well controlled by the greedy hand of Government. It’s their sole intention to know who is using their money and when and how they do. If you want to convert fiat <=> crypto, you have to pay the toll to get onto the road. It is at the entry and exit gates where the ML Operator can be caught.

tl/dr: People use crypto for money laundering; ZEC makes this easier to do; Exchanges make this harder to do; liberty should never be more important than safety.