Crypto legal experts are skeptical of a freshly proposed Senate bill aimed at tackling money laundering sanctions violations within the decentralized finance (DeFi) ecosystem.

The bipartisan legislation – titled the Crypto-Asset National Security Enhancement (CANSEE) Act – would subject anyone who “controls” a DeFi project to penalties if they do not comply with “basic” anti-money laundering (AML) and financial reporting requirements, which already apply to banks and centralized crypto trading platforms.

The definition of who “controls” a DeFi service, however, will be solely decided by the Secretary of the Treasury – potentially conferring the department with excess authorities.

“The bill gives virtually unbounded discretion to the Secretary to decide what it would take to designate one as having ‘control’ of a protocol,” wrote crypto policy think tank Coin Centre in a blog post on Thursday. For instance, this control could extend to open-source software contributors.

“This is likely not what the authors of the bill have in mind, but it’s what the plain meaning of the bill they wrote would allow the Secretary to do,” Coin Centre said.

By definition, DeFi is supposed to be “decentralized,” meaning there are no concrete parties that control a particular protocol or service.

However, as acknowledged in a Treasury report earlier this year, many DeFi protocols are more centralized than they claim, featuring clear governance structures and concentration of voting power in the hands of wealthy governance token holders.

While acknowledging that such services that are “decentralized in name only,” do exist, Coin Centre believes such services can simply comply with existing rules for financial institutions.

“Our financial surveillance regime applies specifically to intermediaries,” explained Neeraj K Agrawal, Director of Communications at Coin Center, in a message to Decrypt. “In a decentralized protocol, there is no intermediary. There are only two people transacting with each other.”

Per the CANSEE Act, the Treasury would also be responsible for granting exemptions to “controlled decentralized finance protocols,” that comply with existing regulations. The non-profit fears that the Treasury could be free to never grant any such exemptions – a viable concern given the seemingly targeted crackdown of U.S. regulators against the crypto industry.

There’s also a constitutional issue: The bill would extend penalties for sanctions violation to anyone who “makes available an application designed to facilitate transactions using a digital asset protocol.” Once again, this could penalize software developers, who have a first amendment right to publish code as freely as speech.

It wouldn’t be the government’s first attack on this right: Last August, Tornado Cash developer Alex Pertsev was arrested shortly after the Treasury placed sanctions against the Ethereum-based privacy protocol, which had become popular among criminals for hiding ill-gotten gains.

Last year, Sen. Elizabeth Warren (D-MA) also presented a bill to combat crypto sanctions violations. Her version contained language targeting any blockchain node runners or software developers for networks that facilitate money laundering.

Daily Debrief Newsletter

Start every day with the top news stories right now, plus original features, a podcast, videos and more.