Key Takeaways
- Tornado Cash helped define Web3 privacy by offering decentralized, anonymous transactions through smart contracts on Ethereum and other networks.
- U.S. lifted sanctions in March 2025 after a court ruled that immutable smart contracts are not “property”, challenging the legal basis for the ban.
- Privacy remains under scrutiny, with tools like Monero restricted in countries like France and alternatives to Tornado Cash walking a careful line to avoid the same fate.
- The Tornado Cash case sparked a global debate over how to balance privacy with regulation, as developers face pressure and uncertainty around legal liability
Privacy has always been a cornerstone of the crypto movement—an answer to centralized control and financial surveillance. But as blockchain tools grow more sophisticated, they increasingly draw the attention of regulators struggling to keep pace.
Tornado Cash is a prime example. As a decentralized crypto mixer, it facilitated over 1 million ETH in transactions across 41,000+ deposits by nearly 12,000 users, offering anonymity in an otherwise transparent ecosystem.
In 2022, it became the first smart contract ever sanctioned by the U.S. government, along with the protocol’s addresses covering wallets, the website and linked entities. It sparked a legal and ideological battle over code, censorship and the future of privacy in Web3.
This article breaks down what Tornado Cash is, how it works, the legal controversy surrounding it, and what it all means for the evolving tension between innovation and regulation.
What Is Tornado Cash and How Does It Work?
Tornado Cash is a decentralized mixer on Ethereum Virtual Machine (EVM) compatible networks. It was launched in 2019 as a privacy tool that lets users hide their transaction history.
Using smart contracts, it breaks the link between senders and recipients by pooling funds and allowing anonymous withdrawals.
Tornado Cash uses “mixing” or “tumbling” to make it harder to trace where crypto assets come from or where they go. It runs on smart contracts without any central control.
You’ll Want To See This
Tornado Cash runs on multiple networks, including Ethereum Mainnet, BNB Smart Chain, Polygon, Optimism, Arbitrum, Gnosis and Avalanche, among others. This makes it accessible across some of the most active blockchains that support Ethereum smart contracts.
How Tornado Cash Mixes Funds
Tornado Cash uses zero-knowledge proofs (ZKP) to break the link between deposit and withdrawal addresses. These proofs let users confirm they own funds without sharing any personal data or revealing which deposit belongs to them. In simple terms, ZKPs allow the blockchain to verify a transaction’s validity without exposing the user’s identity or transaction details.
How Tornado Cash Works
- Deposit: The user creates a random number called a note. This note will prove ownership during withdrawal. The user sends ETH or an ERC20 token to the Tornado Cash smart contract and includes a hash of the note. The hash lets the contract recognize the deposit without revealing the note.
- Mixing: After depositing, the user waits before withdrawing to boost privacy. Longer wait times make it harder to link deposits and withdrawals. Waiting several hours or even a few days allows more deposits to enter the pool, which increases anonymity. The funds go into a shared pool with other users’ deposits, making every transaction look the same.
- Withdrawal: The user opens a new wallet and submits a proof showing they own one of the earlier deposits. This proof comes from the note they created during the deposit. The smart contract checks the proof, confirms that the note matches a valid deposit, and sends the ETH or ERC20 to the recipient address the user provides. The contract never reveals which deposit the user made, so the withdrawal stays private.
This process hides the transaction trail and wallet history, protecting privacy on a public blockchain.
The Legal Battle: Tornado Cash Vs. US Authorities
In August 2022, the U.S. Department of the Treasury sanctioned Tornado Cash. Authorities claimed the protocol laundered more than $7 billion since 2019, including funds tied to North Korea’s Lazarus Group.
Brian E. Nelson, the Treasury’s Under Secretary for Terrorism and Financial Intelligence, said in 2022 that “despite public assurances otherwise, Tornado Cash has repeatedly failed to impose effective controls designed to stop it from laundering funds for malicious cyber actors regularly and without basic measures to address its risks.”
Tornado Cash’s last announcement on X lists the banned resources.
Dutch authorities arrested developer Alexey Pertsev. A court later found him guilty of laundering $1.2 billion and sentenced him to 64 months in prison. Two more developers, Roman Semenov and Roman Storm, faced charges in the U.S. for helping to facilitate money laundering, even though the tool was decentralized and autonomous.
Storm’s legal team argued that the charges were based on vague laws and that writing code should be protected as free speech. They claimed the statutes failed to explain what behavior was illegal.
The crypto community quickly responded. Supporters defended code as free speech and warned that punishing developers for how others use open-source tools could set a dangerous precedent. One of the main voices was The DeFi Education Fund (DEF), as the next section explains.
How Tornado Cash Has Shaped WEB3 Privacy Standards
Tornado Cash changed the way users think about privacy in Web3. Using smart contracts to break links between wallets sets a new standard for anonymous crypto transactions. The protocol showed that blockchain privacy tools can work without a central operator.
It also forced regulators, developers, and users to confront the line between privacy and compliance, raising key questions that still shape the Web3 space today.
The DeFi Education Fund (DEF) is one of the most active advocacy organizations in decentralized finance (DeFi) and the broader Web3 space. In the cases of Tornado Cash and Roman Storm’s prosecution, DEF took a clear and public stance in defense of developers and open-source software.
Key Events:
- August 8, 2022 – U.S. Treasury Sanctions Tornado Cash
The Office of Foreign Assets Control (OFAC) added Tornado Cash to the SDN (Specially Designated Nationals) list, alleging it was used to launder over $7 billion, including funds linked to North Korea’s Lazarus Group. - August 10, 2022 – Developer Arrested
Alexey Pertsev, one of Tornado Cash’s developers, was arrested in the Netherlands, triggering backlash from the crypto community and privacy advocates. - August–September 2022 – Code Repositories Removed
GitHub suspended Tornado Cash’s account and code repositories. Major DeFi platforms started blocking addresses linked to the mixer. - August 23, 2023 – Roman Storm and Roman Semenov Charged
The U.S. Department of Justice (DOJ) charged developers Roman Storm and Roman Semenov with conspiracy to commit money laundering and operate an unlicensed money-transmitting business. Semenov remains at large; Storm awaits trial. - April 2024 – DOJ Updates Crypto Policy
A DOJ memo stated it would no longer regulate crypto through criminal prosecutions for developers, aligning with FinCEN’s previous stance. However, the Southern District of New York (SDNY) has continued pursuing charges against Storm. - July 2025 – Trial Scheduled
Roman Storm’s trial is scheduled to begin in July 2025, marking a pivotal moment in how the U.S. handles developer liability in crypto.
The Impact of Scraped Tornado Cash’s Sanctions on Crypto Privacy
The U.S. sanctions against Tornado Cash in 2022 shook the crypto world. Regulators blacklisted open-source code and blurred the line between tool and intent.
The case triggered new fears among developers and users who depend on privacy tools in Web3. Many viewed the move as a threat to financial anonymity and digital rights.
The crackdown didn’t just target one protocol—it reshaped the debate around privacy, responsibility, and code in the decentralized world.
Inevitably, the case drew comparisons to the arrest of Ross Ulbricht, who built Silk Road, a darknet marketplace that used Bitcoin for anonymous payments. Ulbricht’s trial raised questions about holding creators accountable for how others use their platforms.
Tornado Cash brought that same debate into Web3. Authorities treated the protocol as more than just software, following the same pattern seen in past takedowns of Hydra Market and Bestmixer—platforms shut down for enabling crypto-based money laundering.
Still, the Tornado Cash community kept pushing forward, believing regulators would lift all sanctions.
The sanctions had a chilling effect on developers and users of privacy protocols. GitHub briefly took down Tornado Cash’s code repositories but later restored them in read-only mode after clarifying guidance from U.S. authorities.
Many decentralized applications (dApps) and DeFi platforms began geofencing or blocking wallets that interacted with the protocol, even by accident.
Regulators started targeting zero-knowledge-based tools, mixers and any service that enables anonymity. Privacy has become a growing point of concern and debate. In today’s climate, it often signals a red flag unless paired with identity checks like anti-money laundering (AML) and know-your-customer (KYC).
Sanctions Lifted, But Tornado Cash’s Fight Is Not Over
On March 21, 2025, the U.S. Department of the Treasury officially lifted sanctions on Tornado Cash. This followed a November 2024 ruling by the U.S. Court of Appeals for the Fifth Circuit, which found that the OFAC had overstepped its authority by sanctioning Tornado Cash’s immutable smart contracts.
The court ruled that under the International Emergency Economic Powers Act (IEEPA), smart contracts, which no one owns or controls, are not “property.” That means the government can’t sanction decentralized code the same way it targets a person, company, or asset. With that legal finding, OFAC had to back down.
Still, the Treasury issued a warning. It said Tornado Cash remains a concern, especially due to its past use by North Korea’s Lazarus Group.
The message to U.S. citizens: stay cautious when interacting with the protocol.
It is important to point out that Tornado Cash also faces restrictions beyond the U.S. In France, regulators have treated it like privacy coins such as Monero (XMR), which has limited use in some countries.
French authorities see tools that hide transaction history as a risk to anti-money laundering rules. As a result, Tornado Cash has landed on the same blacklist as coins that block wallet visibility. Across Europe, pressure is building to limit privacy protocols—even as U.S. courts begin to push back.
Alternatives to Tornado Cash for WEB3 Privacy
As Tornado Cash became a regulatory target, some alternatives have gained traction, such as:
- Railgun: Uses zk-SNARKs for anonymous DeFi transactions.
- Aztec Protocol: Provides privacy-preserving smart contracts.
- Nocturne: This protocol brings stealth addresses to Ethereum without relying on mixers.
These protocols adopt varied strategies, such as governance structures or selective KYC, to maintain privacy features while addressing regulatory concerns, learning from Tornado Cash’s challenges.
How Much Does It Cost To Use Tornado Cash?
The cost of using Tornado Cash, a decentralized privacy protocol for anonymizing cryptocurrency transactions, primarily consists of gas fees and relayer fees. These costs depend on the blockchain network used, network congestion, and specific transaction details.
Gas Fees: Tornado Cash transactions, such as deposits and withdrawals, require gas to execute on the chosen blockchain. Gas fees fluctuate based on network activity and the gas price set by the user. On Ethereum, for instance:
- A deposit typically consumes around 1 million gas units. At a gas price of 50 GWEI, this costs approximately 0.05 ETH; at 100 GWEI, it rises to 0.1 ETH.
- A withdrawal uses about 400,000 gas units, costing roughly 0.02 ETH at 50 GWEI or 0.04 ETH at 100 GWEI. The GitHub repo (tornadocash/tornado-core) includes code and comments detailing gas usage for deposits and withdrawals. For instance, the cli.js example in the repo shows a withdrawal transaction , which aligns with the ~400K gas estimate.
- During periods of high network congestion, gas prices can spike, significantly increasing costs (e.g., a 0.1 ETH deposit could cost $266 at 170 GWEI). Alternative networks like Polygon or BNB Smart Chain generally have lower gas fees, making them more cost-effective options for users.
Relayer Fee: For enhanced privacy, users can opt for a relayer to process withdrawals, which breaks the direct link between the sender and receiver wallets. Depending on the relayer service chosen, the relayer fee typically ranges from 0.05% to 0.2% of the transaction amount. This fee is optional but offers maximum anonymity.
Is Tornado Cash Legal?
The answer varies by country and jurisdiction. While the sanctions in the U.S. were lifted in March 2025, legal uncertainty remains, especially around whether interacting with Tornado Cash or using linked wallets could expose users to enforcement actions, depending on timing and intent.
Notably, the Tornado Cash code remains publicly available on platforms like GitHub, reaffirming that publishing open-source code is generally protected under free speech. However, using the tool to obfuscate transactions, particularly for illicit purposes, could still carry legal consequences in certain jurisdictions.
In contrast, other countries maintain a more permissive stance. Nations with strong privacy protections or crypto-friendly regulations may allow mixing tools like Tornado Cash, provided they’re not used for illegal activities such as money laundering or terrorism financing.
Ultimately, Tornado Cash’s legal status reflects a broader global debate: Can privacy exist in a world of financial transparency, and who decides where the line is drawn?
Conclusion
Privacy is not a luxury—it is a foundational principle of blockchain, in a system where transactions are by default public and immutable, privacy tools like Tornado Cash aim to restore a layer of user autonomy and confidentiality.
Tornado Cash challenged the status quo by offering a tool that upheld user anonymity in a transparent system. Its legal battle reshaped the conversation around open-source code, developer liability and financial freedom.
While sanctions have been lifted, the pressure on privacy tools continues. The future of Web3 depends on protecting the right to build without fear—and on making privacy a feature, not a crime. However, it also depends on regulation.
Whether privacy and compliance can coexist in practice—and not just in theory—remains one of the most urgent and unresolved questions facing the decentralized web.
FAQs
Why was Tornado Cash sanctioned in the first place?
The U.S. Treasury claimed it was used to launder over $7 billion, including funds linked to North Korea’s Lazarus Group.
Can developers be held liable for open-source code?
That’s at the heart of the Tornado Cash case. U.S. courts are still debating whether building decentralized tools can result in criminal liability.
Is Tornado Cash still operational?
Yes, Tornado Cash still works because no one can turn off its smart contracts. But users in some regions may not reach it due to local bans or blocked access on certain apps.
Disclaimer:
The information provided in this article is for informational purposes only. It is not intended to be, nor should it be construed as, financial advice. We do not make any warranties regarding the completeness, reliability, or accuracy of this information. All investments involve risk, and past performance does not guarantee future results. We recommend consulting a financial advisor before making any investment decisions.
Was this Article helpful?
