ZSAs and Legal Risk

I can’t wait for ZSAs as a Zcash users and crypto owner. Such an exciting project.

I wanted to mention a couple of things in light of the aggressive position we’ve seen the US FinCen and DOJ take with respect to the definition of money transmitters.

I wrote an amicus brief against the US Treasury Dept’s position in support of the Coinbase employees legal challenge to the Tornado designation so I appreciate how out of control Treasury can be.

What has been done so far is just support software and cryptography development as I understand it, which seems like it would be fine.

I’m currently serving as an expert for the defense in US v. Sterlingov, so I see first hand how much the government abuses the money transmitter statute and the concept of conspiracy to cast a wide net.

As ZSAs get up and running, if there is any kind of central actor, coordinator, facilitator that helps ZSAs run that actor could be deemed an unlicensed money transmitter by the Treasury Department.

If that is the case, then I don’t think that coordinator or facilitator should receive any support from the Founder’s reward, directly or indirectly. They should not coordinate directly or indirectly with anyone at ECC, ZF, or ZCG, otherwise those entities could be deemed part of a conspiracy. They should be completely independent of the Zcash ecosystem and do their own thing.

I don’t like it, but the risk is real. I’ve spent 20 hours in a jail cell with Roman Sterligov so I am seeing first hand how ugly the US government’s abusive application of the money transmitter and money laundering conspiracy statutes can be.

Another suggestion I have to help the community navigate this would be to fund a grant to an attorney for an opinion about ZSA operation and how ZSA operations could be structured such that they would not trigger application of money transmitter laws or money laundering conspiracy law. And for that mission I would give the grant to Mike Mosier, who is former acting head of FinCen but at same time is a crypto native developer and privacy advocate.


Thanks @ProfJWVerret, for the warning and all your work.

If ZSAs are permissionless, with no actor responsible for issuance, where is the risk? Is there a specific scenario you have in mind?


Best guide is the TC Founder indictment, https://www.justice.gov/usao-sdny/file/1311391/dl?inline.

The govt emphasizes operation of “relayers” that supported TC operations even though TC was a smart contract with a admin key that was burned.

Even if issuance of ZSAs are permissionless, is there a central actor doing anything to support ZSA functionality, even indirectly? That actor is at risk of being deemed an unlicensed money transmitter and a co-conspirator in money laundering.

That’s why I see value in putting the full design of ZSAs into someone like Mosier’s hands and getting their full feedback.


Wont the entities with the money transmitter licenses be the ones using those types of ZSAs that would require a license depending on the jurdisdiction? If the point is that development fund money should not be used to fund projects that are knowingly violating money transmitter laws for a respective jurisdiction, that makes a lot of sense. Is’nt the risk at the wallet level as well and not at the blockchain/asset level?


Good questions for a guy like Mosier: https://www.arktouros.co/about-mosier


I agree this is a substantial concern. Here I’ll restrict myself to explaining some of the possibly-relevant technical aspects of the current ZSA design, and giving a reference to the “money transmitter” definition. An important caveat is that the ZSA design may change before (or after) it activates on the Zcash network.

Properties of the current ZSA design

First note that ZSAs aren’t restricted to representing currency; they can also represent NFTs, and a ZSA could be used simply to provide a record of a chain of title, for example.

As far as the protocol is concerned, in the current design proposal, ZSAs work like ZEC with the following differences.


Transaction fees are always denominated in ZEC, not in a ZSA.


Transfers of ZSA assets, excluding issuance and burning which are covered below, are always shielded.


Issuance for each ZSA is controlled by an issuance authorizing/validating key pair, rather than being predetermined by consensus rules.

Issuance of a ZSA has the same privacy properties as a miner creating a ZEC shielded coinbase output. The issued note is not encrypted, so its destination address, asset identifier, and value are known. Its nullifier deriving key (\mathsf{nk}) is not revealed, and so the issuance transaction is not linkable to the transaction that spends the note, without additional information such as its incoming viewing key.

An authorized issuance action can permanently disable future issuance of its asset. For example, this might be used if the key is suspected to have been compromised, or if the issuance schedule for the asset requires it.


There is an explicit mechanism for verifiably burning ZSA assets.

The source of the burned funds assets is shielded; the amount is public.

Definition of “money transmitter”

(“Person” means a legal person including businesses.)

The definition of a money transmitter according to the BSA/AML General Definitions (which is what FinCEN refers to) is:

Money Transmitter - 1010.100(ff) (5)(i)

In general.

  • (A) A person that provides money transmission services. The term “money transmission services” means the acceptance of currency, funds, or other value that substitutes for currency from one person and the transmission of currency, funds, or other value that substitutes for currency to another location or person by any means. “Any means” includes, but is not limited to, through a financial agency or institution; a Federal Reserve Bank or other facility of one or more Federal Reserve Banks, the Board of Governors of the Federal Reserve System, or both; an electronic funds transfer network; or an informal value transfer system; or

  • (B) Any other person engaged in the transfer of funds.

(ii) Facts and circumstances; Limitations.

Whether a person is a money transmitter as described in this section is a matter of facts and circumstances. The term “money transmitter” shall not include a person that only:

  • (A) Provides the delivery, communication, or network access services used by a money transmitter to support money transmission services;

  • (B) Acts as a payment processor to facilitate the purchase of, or payment of a bill for, a good or service through a clearance and settlement system by agreement with the creditor or seller;

  • (C) Operates a clearance and settlement system or otherwise acts as an intermediary solely between BSA regulated institutions. This includes but is not limited to the Fedwire system, electronic funds transfer networks, certain registered clearing agencies regulated by the Securities and Exchange Commission (“SEC”), and derivatives clearing organizations, or other clearinghouse arrangements established by a financial agency or institution;

  • (D) Physically transports currency, other monetary instruments, other commercial paper, or other value that substitutes for currency as a person primarily engaged in such business, such as an armored car, from one person to the same person at another location or to an account belonging to the same person at a financial institution, provided that the person engaged in physical transportation has no more than a custodial interest in the currency, other monetary instruments, other commercial paper, or other value at any point during the transportation;

  • (E) Provides prepaid access; or

  • (F) Accepts and transmits funds only integral to the sale of goods or the provision of services, other than money transmission services, by the person who is accepting and transmitting the funds.


Should that be less specific than funds because with a ZSA it is conceivable that I decide to issue one that is filled with 299MB of .txt jargon, but nothing that is fund-like?

Money Transmitter - 1010.100(ff) (5)(i)

Under that context, It feels to me that in the worst scenario, all users of ZSA could be blanketly cited as money transmitters. The allegation would be that if even one ZSA were used to transport USD, then all would have to be assumed to.

It is sad that we’re in a world where the US Gov exercises so much authority over software engineers, b.w.o. threats to prosecute related to Money Transmitter laws.

1 Like

Yes, I should have said “assets” here (and even that may give the wrong implication, but it’s the terminology we settled on). Corrected.