Michael Lewellen, an independent software developer, has officially filed a notice of appeal with the U.S. Court of Appeals for the Fifth Circuit, seeking to overturn a district court’s dismissal of his lawsuit against the U.S. Department of Justice and Attorney General Merrick Garland. The case, Lewellen v. Garland, represents a pivotal legal battle over the classification of software developers under federal financial regulations. Supported by the cryptocurrency advocacy group Coin Center, Lewellen is challenging the government’s interpretation of money transmission laws, arguing that the mere act of writing and publishing non-custodial privacy software should not subject a developer to the same regulatory requirements as a bank or a traditional money transmitter.
The appeal follows a March 25 decision by a federal district court to dismiss Lewellen’s complaint. Critically, the lower court did not rule on the underlying legal merits of the case—specifically, whether publishing non-custodial code constitutes money transmission under 18 U.S.C. § 1960 and the Bank Secrecy Act (BSA). Instead, the court dismissed the action on procedural grounds, citing a lack of "standing." The court held that Lewellen failed to demonstrate a "credible threat of prosecution," a prerequisite for pre-enforcement judicial review. Lewellen and his legal team contend that this ruling creates a dangerous precedent, effectively forcing developers to risk felony charges and imprisonment before they can seek clarity on whether their work is legal.
The Legal Core: Software vs. Money Transmission
At the heart of the dispute is the definition of a "money transmitter." Under current federal law and guidance from the Financial Crimes Enforcement Network (FinCEN), a money transmitter is an entity that accepts and transmits value from one person to another or to another location. Traditionally, this has applied to custodial services—businesses like Western Union or centralized cryptocurrency exchanges like Coinbase—that take physical or digital control of a customer’s assets to facilitate a transaction.
However, Lewellen’s case focuses on non-custodial software. This category of technology allows users to retain full control of their private keys and assets at all times. The software acts as a tool or an interface, but the developer does not sit in the middle of the transaction, does not hold user funds, and does not have the power to stop or redirect transfers. Lewellen argues that because he never "accepts" or "transmits" funds, he cannot logically be classified as a money transmitter.
The Department of Justice has increasingly signaled a broader interpretation. Recent indictments against developers of privacy-preserving tools have suggested that providing the infrastructure for others to conduct private transactions may be sufficient to trigger criminal liability under Section 1960. This ambiguity has sent a chill through the open-source development community, leading to the current legal challenge.
The Standing Doctrine and the "Catch-22"
The district court’s dismissal hinged on the concept of Article III standing, which requires a plaintiff to show an "injury in fact" that is concrete, particularized, and actual or imminent. In pre-enforcement cases, where a person sues to prevent a law from being applied to them, the Supreme Court has held that a plaintiff must demonstrate a "credible threat of prosecution."
The district court ruled that Lewellen did not meet this threshold, relying heavily on a recent internal DOJ policy memo. This memo suggested that federal prosecutors would deprioritize certain cases involving developers of non-custodial software who do not engage in additional "money transmitting" activities. The court interpreted this as a sign that Lewellen was not in immediate danger of being charged.
Lewellen’s appeal argues that this reliance is misplaced. Legal experts note that DOJ policy memos are not law; they are internal guidelines that can be rescinded or ignored by individual U.S. Attorneys at any time. Furthermore, the existence of such a memo does not change the statutory language of the law itself. Coin Center and Lewellen argue that the government’s recent actions against other developers—such as those involved with Tornado Cash and Samourai Wallet—provide more than enough evidence that the threat is real and credible.
"The district court’s ruling effectively creates a Catch-22," Coin Center stated in a recent brief. "Developers cannot challenge the law unless they first risk felony prosecution. But by the time they are prosecuted, the damage to their lives and the software ecosystem is already done."
A History of Enforcement and the Credible Threat Argument
To understand the "credible threat" Lewellen faces, one must look at the timeline of DOJ enforcement actions over the past several years. These events form the backdrop of the current litigation and provide the data points Lewellen is using to argue that his fear of prosecution is far from hypothetical.
August 2022: The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned Tornado Cash, a non-custodial privacy protocol. This was the first time a piece of autonomous software code was placed on a sanctions list, sparking immediate concerns about the liability of developers.
August 2023: The DOJ indicted Roman Storm and Roman Semenov, the founders of Tornado Cash. They were charged with conspiracy to commit money laundering and conspiracy to operate an unlicensed money transmitting business. Crucially, the government’s theory of the case suggested that the act of creating and maintaining the software interface constituted money transmission, even though the developers did not hold the users’ funds.
April 2024: The DOJ arrested the founders of Samourai Wallet, Keonne Rodriguez and William Lonergan Hill. Like the Tornado Cash case, the charges included operating an unlicensed money transmitting business. The government argued that the developers’ "mixing" service, despite its non-custodial nature, fell under the purview of federal regulations.
These cases involve the same statutes that Lewellen is concerned with. For a developer like Lewellen, who publishes similar privacy-centric software, these indictments serve as a clear signal that the DOJ considers the publication of such tools to be a potential criminal act.
Timeline of Legal Challenges and Regulatory Shifts
The path to the Fifth Circuit has been marked by several years of escalating tension between the developer community and federal regulators.
- 2013: FinCEN issues its first major guidance on virtual currencies, stating that "software developers" are generally not money transmitters.
- 2019: FinCEN updates its guidance, introducing more ambiguity by suggesting that "anonymizing service providers" could be classified as money transmitters depending on the facts and circumstances.
- 2022: Coin Center files a lawsuit challenging the OFAC sanctions on Tornado Cash, arguing that the government exceeded its authority by sanctioning code rather than a "person" or "entity."
- 2023: Michael Lewellen files Lewellen v. Garland in the district court, seeking a declaratory judgment that his software development does not make him a money transmitter.
- March 25, 2026: The District Court dismisses Lewellen v. Garland for lack of standing.
- April 6, 2026: Lewellen files his notice of appeal to the Fifth Circuit.
Technical Distinctions: Custodial vs. Non-Custodial Architectures
The outcome of this appeal could hinge on the court’s understanding of software architecture. In a custodial system, a user sends Bitcoin to an exchange’s wallet. The exchange records the balance in a private database. When the user wants to send that Bitcoin to a friend, the exchange moves the funds from its own wallet to the friend’s wallet. The exchange is the intermediary.
In a non-custodial system, the developer writes code that lives on a blockchain (like Ethereum). The user interacts directly with that code using their own private keys. The developer provides the "recipe" or the "tools" for the transaction, but they never touch the "ingredients" (the funds).
Lewellen’s legal team argues that the district court failed to appreciate this distinction. They contend that under the plain language of the Bank Secrecy Act, "transmission" requires a change in possession. Since a non-custodial developer never takes possession, they cannot transmit.
Broader Implications for the Open-Source Ecosystem
The implications of the Fifth Circuit’s eventual ruling extend far beyond Michael Lewellen. If the dismissal is upheld and developers are denied the ability to seek pre-enforcement review, the United States could see a significant "brain drain" in the technology sector.
Software development is often protected under the First Amendment as a form of speech. In the landmark 1990s case Bernstein v. Department of Justice, the courts ruled that source code is speech and is protected by the Constitution. Lewellen’s supporters argue that requiring a "money transmitter license"—which involves onerous reporting requirements and millions of dollars in compliance costs—to publish code is a "prior restraint" on speech.
Furthermore, the uncertainty created by the DOJ’s current stance affects not just privacy tools, but the entire decentralized finance (DeFi) industry. If any developer who writes code that facilitates a financial transaction is a money transmitter, then thousands of developers could be in violation of federal law. This would likely lead to:
- Innovation Chilling: Developers may self-censor or stop working on privacy-enhancing technologies for fear of life-altering legal consequences.
- Jurisdictional Arbitrage: Projects may move offshore to countries with clearer regulatory frameworks, such as Switzerland, Singapore, or the European Union (under the MiCA framework).
- Privacy Erosion: Without non-custodial tools, users are forced to rely on centralized intermediaries, which are vulnerable to data breaches, hacks, and state surveillance.
Reactions from the Legal and Tech Communities
The filing of the appeal has garnered significant attention from civil liberties groups and the tech industry. Neeraj Agrawal, a spokesperson for Coin Center, emphasized that the appeal is about ending the "legal limbo" that developers currently inhabit.
"Developers shouldn’t have to choose between their careers and their freedom because of a vague statute and an aggressive DOJ interpretation," Agrawal stated. "We are asking the Fifth Circuit to allow this case to proceed so we can get a definitive answer on the law."
While the DOJ has not issued a formal statement regarding the appeal, their previous filings in the district court argued that the government must maintain the flexibility to prosecute individuals who use technology to facilitate illicit finance. They maintain that "labels" like "non-custodial" should not provide a shield for activities that functionally resemble money laundering or unlicensed transmission.
Conclusion and Next Steps
The U.S. Court of Appeals for the Fifth Circuit is now tasked with deciding whether Michael Lewellen has the right to challenge the government before he is handcuffed. If the Fifth Circuit reverses the district court’s dismissal, the case will return to the lower court to finally address the million-dollar question: Are non-custodial software developers money transmitters under federal law?
The Fifth Circuit is often seen as a venue willing to scrutinize administrative overreach, making it a critical battleground for this case. As the briefing process begins, the cryptocurrency industry, constitutional scholars, and open-source advocates will be watching closely. The final ruling will likely set the stage for how the United States balances the need for financial transparency with the fundamental rights of technologists and the future of digital privacy.
