עהס 82202-07-25 Alexander Ben Valerie Block v. State of Israel - part 5

(Ibid., in paragraph 18.  See also: Additional Criminal Hearing 1062/21 Urich v.  State of Israel, paragraph 30 of the judgment of President Esther Hayut (January 11, 2022))

For similar reasons, and without setting rivets, it seems to me that It is appropriate to avoid setting strict limits on the nature of the behavior that establishes the offense of disruption or interference with computer material.  Just as technological changes may change the ways in which criminals seek to illegally penetrate computers, they may also change the means used by criminals to disrupt or interfere with the operation of computers (see and compare: Niva Elkin-Koren, "How Law Shapes the Information Environment on the Network" Technologies of Justice: Law, Science, and Society 223, 259 (Shai Lavie ed.  2003)).

19. The appellant's position is also erroneous on the technological-practical level. The appellant seeks to draw a clear line between acts that exploit the existing permissions in a computer system in order to achieve results that the system's programmers did not anticipate, and acts that achieve results of this kind by penetrating or disrupting, without authorization, that system.  However, in fact, there is no such boundary.  The security vulnerabilities against which the Computer Law is intended to protect are, as a rule, situations in which a mistake occurred in the way a computer system was defined by its programmers, so that an external hacker could take advantage of the incorrect settings in order to achieve an undesirable result.  A situation in which a security breach in the software was caused by an error by the software owners is not unusual.  In fact, this is the usual state of affairs (Derek E.  Bambauer, Ghost in the Network, 162   Penn.  L.  Rev.  1011, 1019-1025 (2014); Ian Williams, The Secrets We Keep…: Encryption and the Struggle for Software Vulnerability Disclosure Reform, 25 Mich.  Tech.  L.  Rev.  105, 105-106 (2018); 6 U.S.C.  § 650(25)).  To illustrate, it is difficult to assume that an offense was not committed under the Computers Law in a situation where a person discovers that due to a defect in the manufacturing method of ATMs, it is possible to issue banknotes from them without inserting a credit card (for example, by inserting a sheet of paper into the machine, instead of a credit card).  Indeed, in such a situation, the offense was made possible due to a gross mistake on the part of the ATM manufacturer, but this does not detract from the criminal nature of exploiting the breach.

In the matter עזרא The possibility of limiting the offense of computer intrusion to only those who bypassed a technological obstacle was explicitly rejected: "I see no reason why the law should protect Reuven, who requires a password in order to use his computer, but not Shimon who did not know how to install this type of protection on his computer.  A house without a lock is not lawless - and the same applies to a computer(ibid., in paragraph 18.  See also: ibid., at paragraphs 2-4 of the judge's opinion Meni Mazuz and in paragraph 1 of the judge's opinion Hanan Melcer).  It is clear that the appellant's proposal to further restrict the offenses under The Computers Law Only for a certain type of circumvention of technological obstacles - bypassing obstacles that originate not in the manner in which the computer or computer material was defined by its owner.  Nor should we accept the appellant's argument in principle, according to which due to the autonomous nature of smart contracts, there is nothing wrong with consciously exploiting errors in the manner in which they were implemented (see, for example, paragraphs 14-15 to supplement his argument).  Defining software as a "smart contract" does not deprive it of the legal protections granted by the legislature to software, and exploiting security vulnerabilities in it is no different from exploiting security vulnerabilities in other software.  (For more on legal policy regarding flaws in smart contracts, see: Dalit Kan-Dror Feldman and Or Dunkelman, "Blockchain Technology - Not What You Thought: Technological and Legal Considerations" Deuteronomy 16 511, 534-535 (2023); Finkelstein, at pp.  360-362).

20. And what is the meaning of the striking? According to the extradition request, the appellant exploited a security breach in the Nomad system, which enabled him to bypass the "locking" mechanism that is essential for the operation of smart contracts. By transferring the command "process()" to the smart contracts, instead of the planned order, "proveAndProcess()", the appellant received the consideration offered by the smart contracts to users (tokens worth over $2.8 million), without performing his part of the transaction at all ("locking" equivalent digital currencies).  The appellant's actions exposed the security breach to other users of the Nomad system, who also took advantage of it, and emptied Nomad's digital wallet of digital currencies worth approximately $186 million.  According to what is attributed to him, therefore, the appellant knowingly exploited a security breach in order to obtain unlimited access to computer material (Nomad's digital wallet), and to steal high-value tokens through this access, in a manner that impaired the proper functioning of the Nomad system (to the point of emptying a digital wallet in which large sums of money had been accumulated).  This was done without the consent of the operators of the Nomad system, and the American indictment shows that the appellant understood this very well.  As evidence, after he made the main transfers, the appellant contacted a senior Nomad official and asked for payment in exchange for discovering a "bug" in the design of the smart contracts - i.e., an error in their definition, contrary to the intention of the Nomad system programmers (paragraph 51 of the federal agent's affidavit).  See also: paragraph 45 of the trial judgment).

Note: Alongside the offense of tampering or disturbing computer material, the state relies on the offense of penetrating computer material for the purpose of committing another offense (according to Section 5 30The Computers Law), where the other offense is fraudulent receipt under aggravated circumstances or theft under special circumstances (See: Section 17 for the completion of the argument on behalf of the State).  With regard to the elements of "receipt" or "theft" in the other offense, I will note that what is stated in the American indictment is sufficient to attribute to the appellant an attempt to revoke the tokens permanently.  According to the U.S.  indictment and the federal agent's affidavit, the appellant did indeed negotiate the return of the tokens in exchange for payment, but he changed his mind and severed the connection between himself and the representatives of Nomad - an indication that he had finally decided to keep the tokens in his hands (paragraphs 51-54 of the federal agent's affidavit).  See and compare: Criminal Appeal Authority 11066/03 State of Israel v.  Rom, paragraph 4 (May 28, 2007); Yaakov Kedmi on criminal law Part Two - On Property Damage 804-805 (2013)).

21. Indeed, there are differences of one kind or another between the American offense of computer fraud and the offenses under the Israeli Computer Law, but the essential elements of the offenses are parallel to each other; They are intended to protect identical interests; and the acts attributed to the appellant clearly carry out the offenses under Israeli law. For similar reasons, there is also no basis for the appellant's claim that the trial court ignored the fact that it was not attributed an active act of intrusion into the smart contract or the change in its code.  As to the appellant's argument that according to case law in the United States, his actions do not constitute an offense of computer fraud - his arguments on this level will be examined in the framework of the criminal proceedings in the United States, and this proceeding is not the place to address them (Criminal Appeal 9026/11 Shochat v.  Attorney General, para.  29 (December 6, 2012); Criminal Appeal 6003/19 Greens v.  Attorney General, para.  18 (September 3, 2020)).
22. The offenses of money laundering and the transfer of stolen goods: With regard to these offenses, the appellant argues, first, that the offense of money laundering attributed to him lacks a basis in the evidence; and second, that the state did not present an Israeli equivalent to the offense of transferring the stolen goods, and therefore the dual criminality requirement is not met in its case. I did not find any substance in these claims either.
23. Section 9(a) of the Extradition Law states that a court will declare a wanted person eligible for extradition only if it finds that "there is sufficient evidence to prosecute him for such an offense in Israel." This section is interpreted in a narrow manner, and it is determined that it is sufficient that there is evidence, which is not prima facie worthless, sufficient to continue to conduct the criminal proceedings against the wanted person in the requesting country (see: Criminal Appeal 2490/18 Giorno v. State of Israel, para.  13 (January 8, 2019); Criminal Appeal 4416/20 Anonymous v.  Attorney General, paragraph 10 (December 8, 2020)).  As part of this investigation, it is not necessary to conduct an in-depth examination of the weight and reliability of the evidence presented, and there is no need to determine that the evidence presented is sufficient to bring about the conviction of the wanted person (Criminal Appeal 8304/17 Lempel v.  Attorney General, para.  22 (May 8, 2018); Criminal Appeal 2542/19 Tawil v.  Attorney General, para.  9 (December 3, 2019)).
24. The evidentiary basis presented in the affidavits of the plaintiff and the federal agent meets this condition. According to the affidavits, the appellant converted the tokens he took from Nomad's digital wallet into other types of digital currencies, and then re-converted some of the digital currencies back into the type of tokens that Nomad had taken in the first place.  Later, he even split the tokens into several different accounts.  According to the affidavits, these actions - some of which have no economic purpose - are money laundering techniques aimed at disguising the origin of the digital currencies (paragraphs 41-50 of the federal agent's affidavit and paragraph 28 of the plaintiff's affidavit).  The appellant argues, based on the opinion he submitted, that the acts attributed to him do not give rise to a concern of money laundering, since all transactions on blockchain networks are visible to all, and because in the framework of the transfers in question, various techniques were not used to obscure the origin of the digital currencies.  The appellant's argument in principle that blockchain networks cannot be used to launder money is surprising - since it contradicts the position of financial regulators in Israel and around the world, who have found that these platforms actually increase the risk of money laundering (a joint announcement to the public regarding the possible risks inherent in cryptocurrencies (a joint announcement by the Bank of Israel, the Capital Market, Insurance and Savings Department, the Tax Authority, the Securities Authority and the Authority for the Prohibition of Money Laundering and Terrorist Financing), 2014); Hadar Jabotinsky and Michal Lavie, "Uncovering the Identity of Electronic Currency Users," Regulation Studies 8 147, 184-188 (2025)).  The reason for this is that although the details of digital wallets on blockchain networks are visible, the identities of the holders of these wallets are hidden, and blockchain networks make it difficult to expose them.  The appellant's specific argument, according to which it was not claimed that he used techniques intended to obscure the source of the transfers, contradicts his previous argument, according to which, as a rule, it is not possible to use blockchain networks in order to launder money, and in any case, it is not beneficial to him.  There is no relevance to the fact that according to the extradition request, the appellant used only some of the methods of money laundering, and did not use other methods.  In order to determine that there is a basis for the charge, it is sufficient that the affidavits of the prosecutor and the federal agent presented actions taken by the appellant with the property, the purpose of which was "to conceal or disguise its source" (section 3(a) of the Money Laundering Law).  See and compare: my opinion inA.  3463/24 Malka v.  Attorney General (March 6, 2025) and C.A.  1204-12-24 Pan v.  State of Israel, paragraphs 50-53 of the judgment of Justice Yosef Elron (June 29, 2025) (request for an additional hearing was denied in Additional Criminal Hearing 31931-07-25) (hereinafter: the Pan case)).
25. The appellant's last argument is that the dual criminality requirement is not met in relation to the third offense in the American indictment - the transfer of stolen goods. This is because there is no offense in Israeli law that includes similar components, and in particular an element of transfer between countries in the United States.  As the state emphasizes, the acts that constitute this offense, according to the American indictment, are the same acts for which he is charged with the offense of money laundering (according to American law).  Therefore, I am of the opinion that the requirement of dual criminality also exists in relation to this offense.  The acts for which the appellant is charged with the transfer of stolen goods clearly fall within the scope of the offense of money laundering (according to Israeli law), as described above.  Moreover, there is a similarity between the values protected by the offenses.  In both cases, the offenses were intended to prevent the exploitation of the legitimate economic system for criminal purposes, and to reduce the incentive for economic crime by denying criminals the ability to enjoy or trade in the fruits of their actions (see, respectively: Criminal Appeal 2333/07 Taanach v.  State of Israel, para.  233 (July 12, 2010); Pan case, at paragraph 48 of the judgment of Justice Elron.  Compare: United States v.  Sheridan, 329 U.S.  379, 385 (1946); Moskal v.  United States, 498 U.S.  103, 111 (1990) (with respect to another alternative of 18 U.S.C.  103).  § 2314 )).

Indeed, in the offense of transferring stolen goods, there is an additional component, which deals with the transfer between states in the United States, but it is not one of the essential components of the offense (which is the focus of the examination under the dual criminality requirement (see paragraph 15 above)), but rather a component intended to confer jurisdiction on the federal government (see: Luna Torres v.  Lynch, 578 U.S.  452, 456-457 (2016)).  In any event, the extradition treaty between the United States and Israel explicitly states that the existence of elements relating to federal jurisdiction in the definition of the American offense (including "Transportation between countries") shall not constitute a consideration in the matter of the dual criminality requirement (Article 2(3) of the Convention, as drafted in accordance with the Amending Protocol to the Extradition Convention between the Government of the State of Israel and the Government of the United States, 21 56 (1511) 1, 3 (signed in 2005).  See also: Matter Ozifain paragraph 58).

26. Conclusion: For the aforementioned reasons, the appellant's arguments against the District Court's judgment should be dismissed. Therefore, and as stated in the judgment of the District Court, the conditions for declaring the appellant extraditable to the United States were fulfilled in relation to the offenses attributed to him in the extradition application.