Privacy Tool Tornado Cash Banned by the USA
Legal Pressure Increases on Cryptocurrency Privacy Tools #
In the largest and most impactful action taken so far against cryptocurrencies, the US Treasury designated the entirety of the Tornado Cash project as sanctioned, banning all US citizens from any interaction with Tornado Cash or any funds associated with it. While the US Treasury has wielded the OFAC sanctions lists as a tool for years against specific entities, this is the first time an entire decentralized project has been sanctioned and represents a massive leap in legal action taken by the US government against privacy-preserving tools for cryptocurrencies.
What is Tornado Cash? #
Tornado Cash is a decentralized privacy tool built on the Ethereum network, leveraging smart contracts to enable users to deposit funds, receive a private note that allows them to claim those funds, and then withdraw the funds to a new address with no on-chain link existing between the two Ethereum accounts. The exact privacy protocol is very similar to that pioneered and leveraged by Zcash, a potentially privacy-preserving cryptocurrency which leverages a cryptographic building block called zero-knowledge Succinct Non-Interactive Argument of Knowledge (often shortened to “zk-SNARK”) to provide both blinded amounts (no amounts are visible on-chain) and global anonymity sets (any input could plausibly be any other on-chain outputs). This approach is cryptographically complex but allows for very strong sender, receiver, and amount-based privacy when transacting, something that Tornado Cash executed well.
One of the powerful aspects of Tornado Cash is that the immutability and decentralization afforded by deploying a smart contract to the Ethereum network means that Tornado Cash as a project is not only unable to be taken down without taking down the Ethereum network, but it also is unable to be edited after deployment. The decentralization and potentially effective privacy gained by users of Tornado Cash are likely the reason that sanctions were pursued as the weapon of choice against it instead of more covert legal action, as even if the developers and company behind Tornado Cash wanted to comply they are unable to edit or prevent usage of the Tornado Cash smart contracts themselves.
What makes the sanctions against Tornado Cash so different? #
While we’ve covered legal action against custodial privacy tools in cryptocurrency before in the case against Helix, a custodial Bitcoin mixing service, the sanctions against Tornado Cash are even more sweeping in both actions taken and precedents set. In it’s official press release, the US Treasury is claiming that all $7.6b of prior usage of Tornado Cash is considered money laundering, even though they only reference ~7% ($558m) of funds being explicitly linked to illicit activity.
This closely mirrors their claims in the case against Helix where even though only a small percentage of overall volume can be linked to illicit activity (~12% in Helix’s case), the entire project or service is sanctioned or shut down as a result. It is telling that the press release even explicitly links to the actions taken against Helix, and more recently Blender.io, that this is a concerted effort to slowly tighten the noose on privacy-preserving tools in the cryptocurrency ecosystem.
While the initial sanctions issued against Tornado Cash included all Ethereum contract addresses - legally barring US citizens from using Tornado Cash - the US Treasury also took the astounding step of having multiple Tornado Cash contributors Github accounts suspended or deleted and having all Tornado Cash repositories on Github removed. The implications are immense as it essentially goes against “code as speech”, a commonly understood ruling that places free speech protections on computer code in much the same way as written and verbal speech.
The combination of sanctioning currently deployed code (the Ethereum smart contracts) and forcing the takedown of developmental code (all Tornado Cash Github repositories) makes it extremely difficult for a project to continue to operate and implies that writing code that might be used for sanctions by another entity could be considered breaking sanctions laws and falls under the control of the US government.
The other key difference between this action and previous actions is that Tornado Cash is decentralized and entirely non-custodial – the creators of Tornado Cash neither actively operate the service nor have they ever custodied user funds at any point. While custodianship was at the core of the claim made against other mixers like Helix and Blender.io, the fact that Tornado Cash is being sanctioned despite having no ability to control or prevent illicit usage and no active participation in its usage sets a broad precedent that could see other decentralized privacy-preserving cryptocurrency tools like Samourai Wallet (a CoinJoin and privacy-focused Bitcoin wallet) or privacy-preserving cryptocurrencies like Monero fall into the sights of the US Treasury in the future despite being decentralized, permissionless, and non-custodial in nature.
What can we learn from these sweeping sanctions? #
The news of these sanctions has sent shockwaves through the cryptocurrency ecosystem, sparking much-needed conversations around decentralization, privacy, and how these tools can function in adversarial environments. Situations like these provide excellent opportunities to learn from the approaches being taken by governments to see how the tools and technologies we have access to can fare under duress, especially when faced with an authoritarian government or oppressive regime. Many of you may not be users of Tornado Cash, but their are key takeaways for all who value privacy here.
Governments rely on legal pressure when technical means fail them #
One thing that has been made abundantly clear throughout this news is that the US government is incapable of shutting down Tornado Cash technologically, and so must instead rely on legal and propagandist pressures to dissuade usage of it. With mixers like Helix the US government’s simplest route was targeting the operator and wielding legal pressure to force the shutdown of the service, but as we’ve covered in the case of Tornado Cash, the creators of the project have no ability to take down the smart contracts or prevent their usage. This lack of ability to shutdown Tornado Cash, paired with the seeming inability for the US government to easily trace funds post-deposit implies that the strong approach to privacy taken here is viewed as a dangerous and powerful tool with the ability to harm the state, and one that is not easy for them to manage or surveil.
This truth should be extremely encouraging to proponents of decentralized privacy tools, as it shows both that governments are worried about the autonomy and financial privacy afforded by tools like these, and that they feel pressure and a technological impotence to shut these tools down. The power afforded to us by cryptography and open-source code is immense, growing, and proving itself more and more unstoppable by the day.
Decentralized tools must be built for adversarial environments #
While the sanctions brought against Tornado Cash will dissuade many from using the tool and put a target on the back of any US user moving forward, the underlying technology continues to function unabated. Any Ethereum user can manually interact with the smart contract and continue to use Tornado Cash without interruption, and there is no sign of technical action being taken by the US Treasury to try and shut down the Ethereum Network or force a hard-fork to remove the smart contract. These sanctions will likely cause a severe drop in volume passing through Tornado Cash, however, causing the anonymity set (or crowd to hide in) to be drastically reduced from its pre-sanction levels.
The technology has been built to survive in adversarial events like this and will continue to function indefinitely. This key benefit to decentralization ensures that even under the harshest legal and governmental pressure, tools like Tornado Cash, Bitcoin, and Monero can continue to function. Governments can wield psychological and legal pressure to attempt to dissuade usage of these tools, but they have shown that they cannot simply shut them down. As we move into more and more adversarial environments, the importance of designing, building, and using tools built to be decentralized and resilient will only continue to grow over time.
It is important to note that due to the default transparency and native address re-use in Ethereum, interacting with Tornado Cash smart contracts is entirely transparent on-chain, easily visible, and sure to be actively surveilled. This is one of the critical flaws that comes with not having default protocol-level privacy network-wide, and instead relying on opt-in tools like Tornado Cash. Users who have ever linked their identity in any way with their Ethereum activity - especially via regulated exchanges that implement “Know Your Customer” practices - must be especially wary of any interactions with Tornado Cash moving forward.
Propaganda and psychological pressure remain powerful weapons #
The last key takeaway from this news is that the government understands the psychological power that they wield, and know that coupling that with legal pressure can influence the decisions of a large portion of the populace. Much of the power wielded by sanctions comes not from legal action, but rather through dissuading people from even the thought of interaction with a sanctioned entity (or in this case, entire project). Most people in the world both want to abide by their governments decrees and are happy to live a blissfully ignorant life, and so governments can leverage this natural compliance of the populace to prevent broad usage of tools that pose a danger to their growing surveillance states and authoritarian control.
Thankfully, more and more of the world is waking up to the realization that not only does their personal privacy matter, but their ability to take back control of their personal privacy through open-source code and privacy-preserving tools is growing daily. Governments will wield psychological and legal power while they can to dissuade as many people as possible, but the tools are growing, improving, and gaining traction day-by-day.
Where can I learn more about Tornado Cash and the sanctions now in place? #
This news is only one day old at the time of writing, but already there are some great resources out there to learn more about both Tornado Cash and the actions taken by the US Treasury.
- Official US Treasury press release
- Official US State Department press release
- CoinDesk article on the Tornado Cash sanctions
- Tornado Cash usage metrics
- Web Archive of Tornado.cash main website
- Web Archive of Tornado Cash Github organization
- Tornado Cash official documentation
- Previous article on Helix, a custodial Bitcoin mixing service