It's just a neutral tool, open for everyone to use. There's plenty of people that used the tool for completely legitimate reasons, simply wanting to protect their privacy just like GrapheneOS users.
Why is the creator of this tool being held responsible for how others use it? That's like dragging Henry Ford to court the moment a car driver runs someone over.
Making and selling lockpicks is very different from running an "I will pick a lock for you" service. The latter is a dramatically higher level of involvement and culpability.
> Why is the creator of [Tornado Cash] being held responsible for how others use it?
Nonsense, they didn't give away (or even sell) a tool, they were actively operating the tool themselves, taking requests to control and aim it in different ways.
> That's like dragging Henry Ford to court the moment a car driver runs someone over.
No, it's like dragging Henry Ford to court because he was the driver of a vehicle that struck people, and his taxi service was advertised as The Light Is Green If The Passenger Says So™.
Driver Ford might not be the only person in the vehicle responsible for manslaughter, but a court case is absolutely justified.
I agree with you that creating a tool is different from providing a service. However, I disagree on the rest of what you said, here's why:
> Nonsense, they didn't give away (or even sell) a tool, they were actively operating the tool themselves, taking requests to control and aim it in different ways.
They did give away a tool - they published (open-source, GPL3) a set of smart contracts. They then deployed those immutable (!) smart contracts as a one-time thing. From that point forward, anyone could interact with those smart contracts permissionlessly, that's just how Ethereum works. They didn't afterwards control or aim it in different ways - how could they? The smart contracts are immutable.
All they actually did afterwards is host a user interface (also open-source btw) that made it easy for users to interact with those smart contracts. After some outside pressure they added geo-blocking to the user interface they hosted, which —unsurprisingly— didn't actually stop bad actors from using Tornado Cash. After all, even if they were unable to get around the geo-blocking, bad actors could self-host the user interface or interact with the smart contracts directly.
Think of their user interface as an email client. Would somehow blocking an email client actually stop people from sending emails? No, they could still just use SMTP and directly interact with a server. In the same way, taking down their user interface or implementing any sort of check would not have prevented bad actors from interacting with the smart contracts directly.
Let’s just say it is in a different category than Alexandra Elbakyan.