And if you're having difficulty unfolding the thread, here's the whole thing in on message…

I simplified the employer side here. They would also use the UI, but for simplicity I assume they just put the salary in the smart contract manually, North Korea style.

The employee then uses the UI to retrieve the salary. That way their boss can't see what they do with it. This UI is hosted on a website*, some web3 magick where you use a browser plugin to connect your wallet. In addition to providing a nice user interface, it also picks a relayer for the employee.

A relayer is a third party smart contract that makes it easier and more private to withdraw. They get a percentage fee for that. It's non-custodial though! The DoJ hints that they're also after the people running them, but that's for another time.

* = slightly oversimplifying, because with web3 you could in theory put the whole site on IP (Inter Planetary File System) and have the smart contract point to it. But afaik that wasn't the case here (yet).

There are multiple relays out there, so how does the UI decide which one to use? Well, one way would be to always pick the one with the lowest fee. But then you can't have tokenomics. And VC investors want tokenomics. So what do you do as a founder? YOU MAKE A TOKEN

The idea for the token (called TORN) was that relayers can stake it. This increases the chance of their relay being picked. That's represented by the green line on the left going from TORN to the Relayer. They're a buying force.

Then of course there's the founders who received coins in the pre-mine (according to the DoJ). That's the red line on the left.

Now if that was all there's to this, you could perhaps make a (vague) case for profiting from money laundering as follows:

1. Some bad people use the UI and relay system

2. Relay operators pump the token price in order to get business from these bad people

3. Founders take profit by selling tokens

However this does NOT prove the founders profited from North Korean hackers laundering their proceeds. Because they (until proven otherwise) don't use the relay system, so relayers do not buy TORN to get them as a customer, so there's no token pump and no profit to take.

But it's more complicated than that. Of course it is, sigh. And that's the green arrow on the right: speculators. These are not people in the business of laundering money. They don't (necessarily) use the Tornado Cash system. They simply buy the token because number go up. Some people might call them degens.

So now when the price goes up and founders sell some tokens, where did those profits originate? From crime or from speculation? The DoJ makes zero effort, at least in what they published, to distinguish this. But will a judge / jury understand that? Or care? We'll find out.

But wait, there's more. What's unique about the founders is that they have control over the hosting. . That's what's represented with the dashed line to the UI. They also put in more work in the form of writing code, marketing, etc.. The DoJ mentions all that in order to argue they're a business.

But what about that DAO? It seems to control rather important stuff like how the relay selection works. Hence the other dotted line from TORN token holders to that DAO and from the DAO to the UI. So this begs the question what the liability is for the other token holders.

Control aside, all token holders make money if the price goes up. So what happens to the VC if they ever decide to take profit?