Removes OFAC blacklist. #92
Conversation
We (Ethereum ecosystem) are building censorship resistant software, not building software that censors people out of the gate. If we wanted that, we would just use the fiat banking system and accept that people all over the world are unbanked due to censorship of their local governments.
|
I like your points a lot. Note that https://github.com/flashbots/mev-boost has no disallow lists at all. That is one of the big reasons for moving in this direction. Also note that moving in any direction at all requires steps. We are right now on the section of the plan I called: "Explore the options for decentralization of the builders and relays". Refer to it here: https://github.com/flashbots/mev-boost/wiki/The-Plan-(tm) This section is full of open questions: https://github.com/flashbots/mev-boost/wiki/Research#open-questions To get to full permissionless decentralization we need to answer those questions first. I don't want Flashbots to be obliterated by the united states laws before we get to play with those questions for a while. |
|
@charlie-eth I hear you. You're afraid. Many other people are, as well. The situation is unfortunate. Think, however, what you'll do in a case of a blanket-ban of the industry. US persons should comply with OFAC if they don't want to get a jail time — i'm only asking to provide a flag for non-US persons. |
|
This is a good moment to introduce our code of conduct into this repository :) While you are here, please be nice to each other. |
|
i think you are saying the quiet part out loud, basically admitting you are introducing a coc to chill the discussion of an important topic. |
|
🤷 I just said be nice. I'm here for the fun discussion of important topics. |
|
Same concern arises with enterprise staking culture. If the underlying infra is hosted on AWS, and if AWS decides to enforce compliances on all Ethereum Nodes, we are doomed. |
|
@paulmillr exactly, home-staking should be encouraged. |
|
I debated commenting because this really isn't an ecosystem I participate in much, and I don't want to be intruding or stirring the pot, but if this were my decision I would make it a flag that is off by default, and trivially easy to turn on. (I am not a lawyer and this is not legal advice, if you have genuine concerns talk to a real lawyer) At least if you are a US developer, the authorship of code has been established as protected speech. You can write and publish any code you want. Therefore, none of the US developers contributing to this repository have to fear retribution for the code that they submit or merge. What does matter is the people who run it. People who run this software are accountable to the laws of their jurisdiction. We don't know what that jurisdiction is, and we also don't know whether they want to practice civil disobedience - which is again a well celebrated technique for protesting laws in American history. We should educate users that certain laws may apply to them, and give them easy methods to comply with those laws, but also give them the full option to ignore the compliance settings under the assumption that they are out of jurisdiction or otherwise exempt from regulation. Anyone who needs to protect themselves will have both the awareness and ability to do so, but also the ideological nature of the project can remain intact. |
Tell that to the Tornado developers. 😢 While the recent sanction didn't include them, they were close enough that their lives were turned upside down even though all they did was write software. For example, GitHub accounts deleted. |
If anything, that should be a clear warning that the crypto community should migrate off of GitHub. |
|
This is a core violation of the principles of the Ethereum ecosystem. If this gets in, it becomes normalized and if it gets to the base layer it essentially makes Ethereum permissioned destroying the core value proposition of the whole chain. |
|
I fully agree and the the solution is obvious, let the individual entities decide what they blacklist themselves, but don't bake it into mev-boost. If the team have legal concerns about liability, they should let us know and we can work with them to figure it out, but slipping this into the codebase without any discussion is dangerous for the entire ecosystem. |
|
I see no reason to bake in and hardcode these into any codebase. Any entities running rpcs can decide this for themselves. And for the long term health of the chain, a light client should be able to broadcast any transaction they want and at least 1 honest entity should be able to include that transaction. It's the fundamental reason for an open and permissionless blockchain to be running in the first place |
|
If you really want to include such lists in the code why not have such sanctions list as an argument in the client with some pre-maintained lists (OFAC is not the only sanctions list) and let the user select the one that suits their jurisdiction? Default should be off as not everybody lives in the US and defaults matter. |
|
I don't expect this to be merged, but we should at least ensure that the default MEV-Boost relay (if there should be one) does not include a blacklist. |
|
Thank you @MicahZoltu for starting this important discussion. Let's look at the file history for the blacklist. If we look at the public Github profiles of the contributors, @bhakiyakalimuthu and @metachris we see that they are based outside of America. We also see that the PR approver of #90, @Ruteri is also based outside of America. Further, proving the point that the technology we are building transcends borders and should be available to everyone. |
I hear you, but I think you miss some of the picture here. Those folks work for a broader organization that has considerations that they individually might not. You also missed that it was me that implemented the original blacklist. But regardless, my request to you and everyone else is to keep the discussion at the level of Flashbots the organization instead of invoking individuals. This is a Flashbots repo after all. I also wanted to say that I appreciate the discourse from everyone here and we are listening. We'll be sharing more about our perspective on Monday, and in the meantime will be thinking about what to do with this repo and our other open source code as well. |
Unfortunately they've already started arresting as well. I don't participate in the flashbot repo - but I am/have been a user of flashbots. I could be wrong, but it seems to me flashbots is already in a grey enough area as it is, and is very decisive. It can be easily be interpreted as both evil, or good in the way it is used. This move feels like it's an attempt to differentiate/appease, and not become part of the future sanctioned projects (which I assure you, there will be more of). It might be a necessary evil. I don't like it, in fact I hate it, but I can see the reasoning behind the decision. It seems to me the only way forward here is as others have suggested, more decentralization of flashbots(https://github.com/flashbots/mev-boost). Who knows though how overzealous these future regulations will become, banning tornado cash already to me is a massive leap. The USA is making it clear either you're with them, or not, and they're willing to arbitrarily ban anyone who goes against that grain without any due process. It's possible anything related to flashbots could be banned in the future, due to how it could be misused. While it sounds far-fetched, the slope is extremely slippery, and Tornado wasn't only used by bad actors. |
|
Some useful comments here, in particular @LefterisJP "OFAC is not the only sanctions list", so I've made some progress on ensuring that we capture as many sanctions lists as possible so that we can comply with all governments: #96 I think it is important to not be too US-centric here and take the approach of 'if one of them is okay, they're all okay'. The world is bigger than the US and it would make sense to comply to any government agency sanctioning any address for any reason, than it would be to comply to only one but not the others. |
|
https://en.wikipedia.org/wiki/Paradox_of_tolerance
|
|
If nodes become OFAC compliant Ethereum's vision is dead. |
Absolutely true. People will permanently stop using Ethereum. Good luck keeping all public repos on the sanctions list after that. With individuals being weak link, the censorship resistance is truly fading away here. |
|
So people will start seeing blocked tx due to ofac sanctioned address on metamask now? |
If you configure MetaMask to use the Flashbots relay, then yes. Also if you configure MetaMask to use Infura (the default in MetaMask). |
|
I suggest #99 as something that should be less controversial. |
Imo you guys should put a copy of your codebase in https://radicle.xyz |
It's not about being controversial or not. As I alluded with the Paradox of Tolerance, if you want to run an open society which is currently Ethereum vision, you need to keep the option to be intolerant of intolerance, in short censor censorship. |
|
This is one of the first goalposts to challenge and see how censorship resistant we really can be in this society / world. Ideally, no blacklists is amazing. However, if peoples' lives are at risk due to compliance, then a configurable compliance setting with different options / lists seems logical for survival - although censorship resistance takes a huge hit... And the hardcore cypherpunk / crypto-anarchist ideology, too. |
|
There are tons of valuable points in this comments flow:
Please guys WAKE UP, realize where you are, and what you're doing. Mistake are acceptable as you learn and move forward. |
|
Just add a flag to pass a list of blacklisted address. You satisfy all parties and we can move on with the merge please Regulated US institution Regulated UK institution Else |
what if UK is next, then Europe, then Asia ? This doesn't makes any sense |
|
@julesGoullee I agree with your point but
Is it though? It has been showed time and time in history than "neutrality helps the oppressor" (Elie Wiesel, Nobel Peace 1986 speech) |
|
I totally agree with @mratsim on his point to not tolerate intolerant. If community accepts this, it will open the doors to a whole bunch of other abuses.. |
|
I'm with you: I may agree, but the parallel with the current situation is complex, who do you think is the victim and the oppressor? Who has the power there? |
|
IMO (for what it's worth): blacklist configuration should be empty/no-op by default and there should be an optional "blacklist txt file" config flag which allows a user to configure their list however they like. This ensures maximum extensibility and flexibility while maintaining flashbots credible neutrality. |
See #99 Note however that Ethereum's primary goal is censorship resistance, not maximum flexibility. Giving people the tools to attack Ethereum and subvert its primary purpose runs counter to Ethereum achieving its goals. |
The point here is that the Flashbots devs are imposing their own notion of morality to all the users of Flashbots. It's each user's decision if they want to comply with OFAC sanctions or any other. The devs are not only deciding that all users have to follow OFAC sanctions but also that no users should follow other sanctions lists (as was made clear on #96). |
|
Okay y'all let's merge this. |
|
There's no reason not to merge this anymore. From the number of +1 and -1 reactions, the 99% confidence interval is 0.9710 to 1.0000. In layman's terms, that means that there's only a 1% chance that less than 97% of flashbots users support removing the OFAC blacklist. Furthermore, there's about a 0.0000000000006550316% chance that less than 80% of flashbots users support this. It's your project, but you can't argue with the numbers. I strongly advise you to listen to the overwhelmingly negative feedback, revise your previous motivation, and state the currently unknown reason why you're not removing the blacklist. Or you could merge this PR. I'll point out that one of these is a lot easier than the other. |
|
To be fair, your probabilities assume a random sampling, and I suspect that the 👍 and 👎 are not randomly sampled at all. Not only because this issue was likely seen by more anti-censorship people than pro-censorship people, but also because there is a weak social norm on GitHub to thumbs up when you agree with something but not thumbs down when you don't. That being said, I still think this should be merged. 😀 |
We (the Ethereum ecosystem) are building censorship resistant software. We are not building software that censors people out of the gate. If we wanted that, we would just use the fiat banking system and accept that people all over the world are unbanked due to censorship of various governments.
If we support the OFAC blacklist, why not the equivalent Chinese or Russian blacklist? The whole point of this endeavor (Ethereum, crypto-currency, etc.) is to get away from censorship and this code just embeds it. If MEV-Boost is going to be a core part of Ethereum's infrastructure, it should be written to be censorship resistant from the ground up.
If individual relayers, proposers, or builders want to run with a blacklist then they are welcome to do that and they can choose to support the totalitarian regime of their choice. It should not be part of the codebase that you are seeking to get "blessed" by the broader Ethereum community though.