Transactions on the Ethereum blockchain are completely traceable. Any transaction anyone ever made on Ethereum can be traced, all the way back to the launch of the project in 2015. Transactions are pseudonymous — but many users have been identified after the fact.
Tornado Cash is a mixer — an Ethereum smart contract program that you can use to break the traceability of transactions on Ethereum. This is for privacy.
Tornado Cash accepts deposits of ether (the currency on Ethereum) from one address and enables you to withdraw the ether from a different address. The smart contract works as a pool that mixes all deposits, using zero-knowledge proofs.
If the ether is proceeds from a crime, then this is literally just money laundering.
Tornado Cash was also used heavily by North Korea’s Lazarus Group to launder stolen ether and help the country get hard currency.
OFAC posted a list of sanctioned Ethereum blockchain addresses — the addresses for the Tornado Cash smart contract.
All ether that’s touched Tornado Cash is now tainted. US-touching crypto exchanges, such as Coinbase, will be expected to block tainted ether. Infura, the ConsenSys API that almost all Ethereum transactions go through, is also blocking ether that touched these addresses. Alchemy, a similar API, is doing the same. [Crypto Briefing] Circle, which issues the USDC stablecoin, has blacklisted all Tornado Cash addresses, and frozen 75,000 USDC. [CoinTelegraph]
But what about all the good uses?
Privacy is a perfectly reasonable thing to want. Quite a lot of Ethereum users just used Tornado Cash to keep their non-sanctioned dealings private. Vitalik Buterin, the founder of Ethereum, donated ether to Ukraine’s defence against the Russian invasion via Tornado Cash. [Twitter]
The problem is that crypto mixing services are explicitly considered money transmitters by FinCEN. So making the transaction trail untraceable by any entity is a violation of anti-money-laundering (AML) law.
There’s also this weird delusion that if you put some dirty money in a box with clean money and shake it, then it all comes out as clean — and not that it all comes out as dirty.
Nobody worried too much when the money laundering was small-time and the really bad guys weren’t hammering it.
But Tornado Cash was the favoured mixer of North Korea’s state-sponsored hackers. For example, the “$620 million” in ether stolen from Axie Infinity by North Korea was run through Tornado Cash.
Crypto compliance firm TRM Labs estimates that North Korea funneled out “$1 billion” face value of ether via Tornado Cash. Small-time crooks are also fond of Tornado Cash — “over 41% of all funds deposited to Tornado Cash in June and July 2022 were tied to hacks and other thefts.” [TRM Labs]
How seriously does the US take sanctions?
Serious as a heart attack.
As Congress just straight-up told Mark Zuckerberg in the Libra hearings in 2019 (Libra Shrugged, chapter 13):
The US government is understandably fond of the US dollar — as Juan Vargas (D, CA-51) put it, “the dollar is very important to use as a tool of American power, and also a tool of American values. So we would much prefer to put sanctions on a country than send our soldiers there. So when something threatens the dollar, we get very nervous.”
Sanctions are seen as part of the national defense. If you write a program that tries to cleverly work around this, then you make yourself a target.
Tornado Cash was sanctioned precisely because it was North Korea’s favourite ether launderette, and couldn’t or wouldn’t stop North Korea from using it to cash out.
Tornado Cash did try to block sanctioned entities! In April, the Tornado Cash front-end was set up to use Chainalysis’ oracle that blocks sanctioned Ethereum addresses as listed by OFAC. [Twitter]
But the bar for sanctions compliance is not “you tried a bit” — sanctions violation is a strict liability offence. You have to be effective in blocking sanctioned entities. If North Korea can just keep pouring ether through your mixer, then you failed. And Tornado Cash did indeed fail.
The Tornado Cash code is open source, so it’s trivial to set up another copy — and there are plenty of other instances out there. What they lack is liquidity — there’s no volume of other transactions to hide yours in. It’s about liquidity — not code.
There are other mixers. Railgun attempts to be an Ethereum privacy system, also using zero-knowledge proofs — and has named principals. [Railgun]
If Railgun can’t keep sanctioned entities out, then it too is screwed.
If ether transactions touch the world of actual money — which they do — then your Ethereum mixer needs to deal effectively with sanctioned entities, or you too will be in trouble.
Honestly, there are so many laws (rugpulls DAO) that nobody can be expected to even know which ones they’ve broken (launders 100k ETH for North Korea), it’s a Kafkaesque bureaucratic nightmare (assaults Congress with an AR-15)
Just as nobody should have been surprised by the sanctions, nobody should have been surprised by the bad takes on the sanctions from the cryptocurrency world.
The bad takes were all variations of the fundamental fallacy of cryptocurrency: that you can code your way around the rules of society.
Sure you can, temporarily — but if you don’t achieve regulatory escape velocity (e.g., Uber or BitTorrent), it won’t end well for you.
Tornado Cash was a completely standalone program, with no human control — a truly decentralised autonomous entity. This, of course, makes it a sitting duck for attackers. But they seem to have coded it pretty solidly. (I mean, it hasn’t been hacked yet.)
Part of the outrage was at lead developer Roman Semenov’s GitHub account being disabled, along with the Tornado Cash code repository: [Twitter]
My @GitHub account was just suspended [shrug] Is writing an open source code illegal now?
Semenov’s question suggests that, despite his obvious intelligence and coding ability, the guy is an idiot in ways that just turned out to be critical. He was just “writing an open source code” in the same sense that Ross Ulbricht of the Silk Road was just running a website, or illegal pornography is just an innocent sequence of ones and zeroes.
For what it’s worth, GitHub specifically bars sanctioned entities in its terms of service: [GitHub]
You may not use GitHub in violation of export control or sanctions laws of the United States or any other applicable jurisdiction. You may not use GitHub if you are or are working on behalf of a Specially Designated National (SDN) or a person subject to similar blocking or denied party prohibitions administered by a U.S. government agency.
The reason is that sanctions law specifically targets vendors:
These prohibitions include the making of any contribution or provision of funds, goods, or services by, to, or for the benefit of any blocked person and the receipt of any contribution or provision of funds, goods, or services from any such person.
If you’re going to set up a money laundering system, perhaps the site run by defense contractor Microsoft isn’t the best place to host your code.
Some outraged crypto advocates have suggested that the action against Tornado Cash shows the need for a decentralised alternative to GitHub. This demonstrates the rule that you will never find anyone who knows less about technology than a crypto guy talking about technology — because that would literally just be git, the version control system that GitHub is named for, and which was created specifically not to require any central controlling entity. (Also, git would count as enterprise blockchain if you squint.) But centralisation is more economically efficient, so the Tornado Cash guys used GitHub when they absolutely didn’t have to.
The Tornado Cash website was served from Amazon AWS, and is also down. docs.tornado.cash is still up, served from gitbook.io.
What happens next
The shutdown of Tornado Cash was completely predictable. If you thought this would just be allowed to keep running, you have greatly misunderstood the world.
I’m not in fact a fan of the present anti-money-laundering regime — even if you think it’s a good idea, it doesn’t do its job very well at high levels, and it causes tremendous inconvenience to ordinary consumers.
But I do know that the AML regime exists, it’s powerful, and nerdy tech arguments about who touches which bit of code in what ways aren’t going to do a damn thing about it. This is a political problem.
In the meantime, I look forward to the defiant crypto libertarian guys furiously trying all the clever workarounds they can possibly think of to code around the Tornado Cash sanctions. Imagine four libertarians on the edge of a cliff, all queueing up to jump and become the next Virgil Griffith.
Your subscriptions keep this site going. Sign up today!