For the umpteenth time in this thread: intent matters. Regardless of what the NSA said 30 years ago, it is manifestly apparent to every single person in this conversation that neither HTTPS nor PGP nor any other cryptographic scheme designed for individual privacy was designed with money laundering in mind.
At the absolute worst, they were agnostic to the presence of criminal activity. This is in contrast to Tornado Cash, which was repeatedly told that their service was being used to launder money.
What project? PGP was bundled up and thrown onto the Internet; there was no development or services community established around it. The US Government threw a hissy fit over that and they ended up distributing it as a "book" instead, converting it into a question of free expression.
There is no meaningful sense in which PGP could ever be said to "facilitate" terrorism in the same way that Tornado Cash is rightfully characterized as facilitating money laundering. PGP is a program that runs on your host, encrypting your email. Tornado Cash is a service, run by an individual who was warned to cease serving sanctioned entities, and failed to do so.
> Tornado Cash is a service, _run by an individual_ who was warned to cease serving sanctioned entities, and failed to do so.
This is false. The (vast majority of the) Tornado Cash contracts were either deployed to Ethereum as immutable contracts, or updated in 2020 to revoke mutability (once the final zkSNARK parameters were included) [0], meaning that they could not later be updated by the user(s) that deployed them. Arguing that Tornado Cash is run by an individual means arguing that the entire Ethereum network is run by an individual. There was no way for a warned individual to comply with that warning.
>The (vast majority of the) Tornado Cash contracts
Thousands of little contracts doesn't absolve a financial institution from a few many-billion dollar illegal transfers, especially after they've been warned repeatedly.
What do you mean by "thousands of little contracts"? I haven't looked at Tornado's source code too much, it's entirely possible there are additional contracts created by their contracts as part of the protocol, but this would be pretty unusual.
Usually a smart contract protocol is a set of contracts working together, deployed to the blockchain, which provide application logic that executes regardless of who is interacting with it (via "transactions")
Thousands of different private keys doesn't absolve a corporation from billions of illicit conversations, especially after they have been warned repeatedly.
Ignoring the front-end (which is unnecessary to use it), Tornado Cash is a protocol, run by a decentralized network of computers. The code for the protocol is shared by a network of computers execute this code according to specific rules and validate transactions. A specific deployment of the code was sanctioned, but this means anyone else using the code (which has to be deployed to this network to be used trustlessly) is risky to use now
At the absolute worst, they were agnostic to the presence of criminal activity. This is in contrast to Tornado Cash, which was repeatedly told that their service was being used to launder money.