• By Amy Castor and David Gerard

• We need your support to keep these posts coming. Send us money! Here’s Amy’s Patreon, and here’s David’s. Sign up today!
• Patrons can also get a couple of “Bitcoin: It Can’t Be That Stupid” stickers just by messaging one of us and asking.
• David has signed author copies of his books for sale.
• Sign up on Amy’s blog to see every new post she makes as it goes up, and click here and enter your email address for every new post on David’s blog as it goes up.

“EXCLUSIVE: IT’S RUMORED THAT GARY GENSLER HAD A BLT FOR LUNCH TODAY. EXPERTS BELIVE THIS IS BULLISH FOR A POSSIBLE SPOT BITCOIN ETF APPROVAL”

— Sean Tuffy

IMPORTANT: Patreon sponsors, please check your pledges!

Patreon changed its billing for this month from California to Dublin. So a lot of banks rejected the transactions as possible fraud.

This would easily be reversible … except that Patreon’s systems automatically wiped all patron relationships where a transaction bounced! [Twitter thread, archive]

If you sponsor anyone on Patreon, not just us: please check your transactions for August, re-send them if they bounced, and rejoin as a patron if you need to. The “retry” link should be located in your billing history. Your creators will be most grateful!

We also have Ko-Fi links where you can send us casual tips — here’s Amy’s and here’s David’s.

Razzlekhan cops a plea

Bitcoin rapper Heather “Razzlekhan” Morgan and her husband Ilya Lichtenstein were arrested in February 2022 for hacking Bitfinex in 2016. They agreed to a plea deal a couple of weeks ago. [DOJ press release; Reuters]

The plea hearings were today, Thursday, August 3. Morgan pleaded guilty to money-laundering conspiracy and conspiracy to defraud the United States. The BBC says that “Morgan masqueraded as a rapper.” [BBC]

Lichtenstein pleaded guilty to money-laundering conspiracy. He also admitted to being the original perpetrator of the Bitfinex hack!

Lichtenstein stashed some of the hacked funds as buried gold coins. Arrr. [Bloomberg, archive; CNBC]

Curve: smart contracts, stupid humans

“Smart contracts” are small programs that run right there inside a blockchain. In enterprise computing, these would be called “database triggers” or “stored procedures.”

You never use triggers or stored procedures unless you absolutely have to, because they’re very easy to get wrong and a pain in the backside to debug. In the real world, you keep your financial data and the programs working on it separate.

So, of course, crypto uses programs embedded in the database for everything and touts the difficulty in working with them as a feature and not evidence of the idea’s incredible stupidity.

A smart contract full of crypto can reasonably be treated as a piñata, just waiting for you to whack it in the right spot and get the candy.

Today’s piñata is Curve Finance, a DeFi exchange used for trading stablecoins and other tokens. Curve was hacked on July 30 due to a bug in the Vyper language compiler. Smart contracts that were using Vyper versions 0.2.15, 0.2.16, and 0.3.0 were vulnerable. About $70 million in funds was drained from liquidity pools whose smart contracts used these versions. [Twitter, archive; Twitter, archive]

Vyper, which is inspired by Python, was supposed to have been an improvement over the hilariously awful Solidity — a.k.a. “JavaScript with a concussion” — that most Ethereum Virtual Machine smart contracts are written in. Unfortunately, the Vyper compiler had a bug that meant compiled code was exploitable. So you could mathematically prove your smart contract program was correct … and the compiled version could still be exploited. This could hit any Vyper smart contract using vulnerable versions. [Twitter, archive]

Some have suggested that the Vyper exploit and subsequent Curve hack were “state-sponsored” — which is quite possible, given that we already know that North Korea actively seeks to launder money using crypto.

If North Korea is caught cashing out from the Curve hack, then we suspect large DeFi protocols may get a call from OFAC soon for the same reasons that Tornado Cash did.

David wrote an entire book chapter on all the ways that smart contracts were stupid back in 2017. He foolishly thought that this would knock the idea firmly on the head.

CoinDesk on the block

The bankruptcy of Genesis left Genesis owner Digital Currency Group scrambling to sell off the silverware. DCG’s news site CoinDesk was rumored in January to be up for sale. CoinDesk is now being bought for $125 million by an investor group led by Matthew Roszak (Tally Capital) and Peter Vessenes (Capital6). [WSJ]

DCG bought the failing media outlet in 2016 for $500,000. It’s been shoveling money into CoinDesk ever since. DCG wants to keep the CoinDesk conference business, which is the only part of the site that makes any money.

Bitcoin old-timers will remember Vessenes from the Bitcoin Foundation of the early 2010s. He was the CEO of CoinLab, which was functionally a US agent for the Mt Gox exchange. CoinLab and Mt Gox sued each other repeatedly over alleged contractual breaches. After Mt Gox went bankrupt, CoinLab escalated its claims against the dead exchange from $75 million to an amazing and implausible $16 billion. [Bitcoin Magazine, 2013; Cointelegraph, 2019]

We don’t know what Vessenes wants with a media outlet that only loses money, even from a commercial propaganda perspective. We suppose he could alienate the site’s expensive hires of the past couple of years.

A Ripple in the war on Terra

Terraform Labs issued the TerraUSD and Luna coins, which triggered the crypto crash of May 2022, which popped the 2021 bubble.

We were surprised to hear that Terraform is not dead! It has a new CEO, Chris Amani, who was previously the firm’s COO and CFO. Amani’s hot plan is to revive the Terra blockchain. Amani says that Terraform won’t be launching a new stablecoin. Founder Do Kwon, who is in jail in Montenegro, is still Terraform’s majority shareholder. [WSJ]

The SEC’s case against Terraform proceeds. Terraform filed in May to dismiss the SEC’s complaint, using similar arguments as Coinbase and Ripple. Terraform recently filed that the bizarre July finding in the Ripple case supports dismissing the SEC complaint.

The SEC responded to Terraform and confirmed that it’s appealing the Ripple ruling because it’s nuts: “Ripple’s reasoning is impossible to reconcile with all of these fundamental securities laws principles … SEC staff is considering the various available avenues for further review and intends to recommend that the SEC seek such review.” So we can look forward to that appeal in Ripple. [Doc 29, PDF; Doc 47, PDF; Doc 49, PDF; case docket]

Judge Rakoff concurred with the SEC and got quite pointed about the very dumb and bad ruling in Ripple: [Doc 51, PDF]

Howey makes no such distinction between purchasers. And it makes good sense that it did not. That a purchaser bought the coins directly from the defendants or, instead, in a secondary re-sale transaction has no impact on whether a reasonable individual would objectively view the defendants’ actions and statements as evincing a promise of profits based on their efforts.

… Simply put, secondary-market purchasers had every bit as good a reason to believe that the defendants would take their capital contributions and use it to generate profits on their behalf.

We don’t expect the Ripple ruling to stand.

4

Crypto trading is illegal in China — technically, anyway. The Wall Street Journal says that Binance users coming in from China still trade $90 billion a month — it’s “Binance’s biggest market by far,” with over 900,000 users. [WSJ]

The importance of China is “openly discussed internally.” In fact, “the exchange’s investigations team works closely with Chinese law enforcement to detect potential criminal activity.”

Binance denies the reports, with the very specific wording: “The Binance.com website is blocked in China and is not accessible to China-based users.” Good thing nobody in China uses a VPN, hey. The WSJ says that Binance directs its Chinese users to “visit different websites with Chinese domain names before rerouting them to the global exchange.” [Cointelegraph]

Binance CEO Changpeng “CZ” Zhao responded “4” — meaning that it’s all FUD. [Twitter, archive]

Fore!

The US Department of Justice is considering charges against Binance, but worries about causing a run on the exchange — or so says Semafor, which says the DoJ is considering fines or a deferred prosecution agreement instead. We think that any Binance user who hasn’t already priced in yet more US government action against Binance, particularly an indictment, just doesn’t want to be told. [Semafor]

Binance is cutting employee benefits, citing a decline in its profits — which suggests its customers are running away screaming. The non-US employees laid off in June were offered severance of two months’ salary paid in BNB tokens. [WSJ]

If Binance has a drop in profits, it’s likely the large institutional traders — Binance’s “VIPs” — jumping ship while they can. Where can they be going? Is there a good casino left for the VIPs with an ample supply of suckers to milk? Or was Binance the end of the line?

CZ has filed a motion to dismiss the CFTC complaint against him. He holds that Binance just doesn’t do business in the US, so the CFTC doesn’t have jurisdiction. Also, the securities aren’t securities, apparently. [Doc 59, PDF] 

CZ wanted to just shut Binance US earlier this year because of the regulatory heat, two people told The Information. The BAM board voted, but the lone holdout was Binance US CEO Brian Shroder. CZ also considered selling Binance US to Gemini or a sovereign wealth fund. Binance told Cointelegraph that it was “not commenting” on this issue. [The Information, paywalled; Cointelegraph]

In June, the SEC Nigeria ruled that Binance Nigeria had to stop operating in the country. Binance claimed that “Binance Nigeria” had nothing to do with them. SEC Nigeria has now reiterated that they really do mean binance.com. Nigeria has also told all other crypto platforms to desist: “all platform providers, making such solicitations, are hereby directed to immediately stop soliciting Nigerian investors in any form whatsoever.” [SEC Nigeria]

Everybody gets a stablecoin!

On July 26, Binance listed a new coin, FDUSD — a “1:1 USD-backed stablecoin issued by First Digital Labs. Reserves of FDUSD are held by First Digital Trust Limited.” Its trading pairs are BNB, USDT, and BUSD — with zero fees. [Twitter, archive; Binance]

Binance has been going through the stablecoins lately. Binance’s own BUSD has shut down, Binance doesn’t seem to be on such solid terms with Tether, and it tried pumping out a few billion questionably backed TrueUSD after that coin’s main custodian, Prime Trust, had collapsed. First Digital — previously known as Legacy Trust — just happens to be the remaining custodian for TrueUSD.

FDUSD was launched on June 1. Data Finnovation wonders why millions of dollars of deposits to and minting of FDUSD started a week before its supposed launch. “If you believe these are strongly linked to real usd you deserve what you’re gonna get.” [press release; Twitter, archive]

Vincent Chok, CEO of First Digital, has a storied history in business. Before Chok’s move to Hong Kong, he was selling real estate in Canada with Platinum Equities in 2014 — a company that was sanctioned by the Alberta Securities Commission for fraud (though Chok wasn’t named). Chok’s previous company was Intreo Wealth Alliance in Calgary. [press release]

None more stable

Wyoming is trying to do a stablecoin again with their Stable Token Commission! The total budget for the initiative: $500,000. We wrote before about Caitlin Long’s crypto bank Custodia and what a disaster that was. Custodia also hoped to launch a national stablecoin backed by the Fed, but the Fed was having none of it. So good luck, guys. [Wyoming Truth]

Michel de Cryptadamus notices that Tether’s attestations show its actual cash on hand is getting quite low. On December 31, 2022, they claimed to have $5.31 billion in cash. On March 31, 2023, they claimed $481 million. On June 30, 2023, they claimed just $90 million. This is as the issuance of tethers keeps going up. But we’re sure it’s all fine. [Twitter, archive]

The New York Fed wrote about “Runs on Stablecoins” — concerning the Terra-Luna collapse of May 2022. David Rosenthal contextualizes the New York Fed paper: “Note in particular that traders don’t actually believe that USDT is safe, it is just that its size makes it convenient for traders to use USDT unless, like Wile E. Coyote, they look down at it as they did last May.” [NY Fed; blog post]

The White House has told Rep. Patrick McHenry’s stablecoin bill to go away, at least according to McHenry. [The Block] 

Coinbase: not so keen on regulatory clarity

Coinbase wants regulatory clarity. The SEC was happy to give it to them. Brian Armstrong of Coinbase told the Financial Times that prior to the SEC suing Coinbase in June, the commission told them to delist all cryptocurrencies other than bitcoin. [FT, archive]

The SEC told CoinDesk that “SEC staff does not ask companies to delist crypto assets. In the course of an investigation, the staff may share its own view as to what conduct may raise questions for the Commission under the securities laws.” [CoinDesk]

Coinbase told CoinDesk that the FT report “lacks critical context” but was somehow unable to also say what the context was.

This is pretty rich given that it was literally Armstrong who told this to the FT, presumably hoping to gin up the crypto crowd — which he certainly did.

Coinbase concurred that the SEC did not, in fact, formally tell the exchange to delist everything except bitcoin.

We strongly suspect the actual conversation was Coinbase asking “Well how can we absolutely avoid breaking any laws then, smart guy?” and then the SEC fellow suggesting the very safest possible option.

Good news for bitcoin

Kyle Davies from Three Arrows Capital (3AC) has gone sovereign citizen. Davies holds that renouncing his US citizenship in October 2020 means that he can’t be held in contempt of court for not responding to 3AC liquidators Teneo in their US action. Davies’ lawyers also claimed that he hadn’t been properly served, as if he could claim not to know about the proceeding while arguing it in court. [Doc 106, PDF; Doc 107, PDF; case docket]

The SEC suggests that crypto “attestations” that aren’t audits might be a worry … for the accountants. Subheadings in the SEC’s statement on “The Potential Pitfalls of Purported Crypto ‘Assurance’ Work” include “The Accounting Firm’s Potential Liability for Antifraud Violations.” The footnotes mention that “liability for fraud may extend to “attorneys, engineers, and other professionals or experts.” This means that the SEC will look at what the developers were doing. [SEC]

Swift is running a pilot program that lets you make instant payments across different currency zones! So what backend do you need to use for instant remittances across currency zones? It turns out the answer is: a database. [FinExtra]

Kuwait has banned cryptocurrency for payments or investments. The National Committee for Combating Money Laundering and Terrorism Financing says it’s doing this to implement FATF requirements. Crypto mining is also banned. Securities under the Central Bank of Kuwait or Capital Markets Authority regulation are exempt. [Arabian Business; Al Jarida, in Arabic] 

FedNow, the Federal Reserve’s real-time retail settlement system, has gone live, dragging US retail banking kicking and screaming into the 2000s. This puts a Fed CBDC into the trash can, as the White House had already noted. The hard part is getting thousands of banks to sign up. But the Fed has its ways of asking for things. [Federal Reserve]

Media stardom

David told the Moscow Times — who are not fans of Mr. Putin and who are currently banned in Russia — that a CBDC ruble wouldn’t do anything new to help evade sanctions that Russia can’t already do with rubles: “The problem is that nobody wants rubles.” [Moscow Times]