In a Monday announcement, OFAC effectively barred U.S. residents from using Tornado Cash and placed 44 USD Coin (USDC) and Ether (ETH) addresses connected to the mixer on its list of Specially Designated Nationals. The department alleged that individuals and groups had used the mixer to launder more than $7 billion worth of crypto since 2019, including the $455 million stolen by the North Korea-affiliated Lazarus Group. The protocol was also at the center of some recent hacks and exploits in decentralized finance, including a $375-million attack on Wormhole in February and a $100-million hack on Horizon Bridge in June.
[Wright, T. US Treasury sanctions USDC and ETH addresses connected to Tornado Cash. (Accessed August 8, 2022)].
Brian E. Nelson, Under Secretary of the Treasury for Terrorism and Financial Intelligence, specified:
Today, Treasury is sanctioning Tornado Cash, a virtual currency mixer that launders the proceeds of cybercrimes, including those committed against victims in the United States […] Despite public assurances otherwise, Tornado Cash has repeatedly failed to impose effective controls designed to stop it from laundering funds for malicious cyber actors on a regular basis and without basic measures to address its risks. Treasury will continue to aggressively pursue actions against mixers that launder virtual currency for criminals and those who assist them.
[U.S. DEPARTMENT OF THE TREASURY. U.S. Treasury Sanctions Notorious Virtual Currency Mixer Tornado Cash. (Accessed August 8, 2022)].
"Crypto asset mixers are designed to obscure trails of funds by blending someone’s tokens with a pool of other individuals’ assets on the platform. They go beyond traditional crypto platforms in further concealing the identity of the people involved in transactions. While Tornado Cash is used by some people just as a legitimate way to protect their privacy, the government says it fosters illicit activity, including ‘facilitation of heists, ransomware schemes, fraud, and other cybercrimes.’ ‘Virtual currency mixers that assist criminals are a threat to U.S. national security,’ the Treasury Department said [Sigalos, M. and Browne, R. Crypto mixing service Tornado Cash blacklisted by Treasury Department for alleged use in laundering. (Accessed August 8, 2022)].
The Treasury Department has concluded:
Tornado is being designated pursuant to E.O. 13694, as amended, for having materially assisted, sponsored, or provided financial, material, or technological support for, or goods or services to or in support of, a cyber-enabled activity originating from, or directed by persons located, in whole or in substantial part, outside the United States that is reasonably likely to result in, or has materially contributed to, a significant threat to the national security, foreign policy, or economic health or financial stability of the United States and that has the purpose or effect of causing a significant misappropriation of funds or economic resources, trade secrets, personal identifiers, or financial information for commercial or competitive advantage or private financial gain.
[[U.S. DEPARTMENT OF THE TREASURY, supra].
The implications flowing from this conclusion are quite severe. According to the Treasury:
[…] all property and interests in property of the entity above, Tornado Cash, that is in the United States or in the possession or control of U.S. persons is blocked and must be reported to OFAC. In addition, any entities that are owned, directly or indirectly, 50 percent or more by one or more blocked persons are also blocked. All transactions by U.S. persons or within (or transiting) the United States that involve any property or interests in property of designated or otherwise blocked persons are prohibited unless authorized by a general or specific license issued by OFAC, or exempt. These prohibitions include the making of any contribution or provision of funds, goods, or services by, to, or for the benefit of any blocked person and the receipt of any contribution or provision of funds, goods, or services from any such person.
“The main user interface to Tornado Cash is an application that implements a Chainalysis sanctions oracle — basically a blacklist of Ethereum addresses maintained by the blockchain data platform Chainalysis” Peterson, M. Tornado Cash Spins Up Sanctions-compliant Web Interface. (Accessed August 8, 2022)]. In April, 2022, Tornado Cash “updated its web front-end […] to limit access from wallet addresses sanctioned by the US Treasury’s Office of Foreign Assets Control (OFAC)” [Id].
At that time, Tornado Cash tweeted:
This April action by Tornado Cash came in response to the Ronin Bridge hack [See, e.g. Nagoda K. Ronin Bridge on Axie Infinity Hacked for $612 Million (News Brief). (Accessed August 8, 2022)]. So, at that time, “[t]he address used in the Ronin hack has been added to that list. But the Tornado Cash protocol itself can still be used as before, using an alternative front-end user interface. That doesn’t mean it can be used successfully to obscure the origins of the ether stolen in the Ronin bridge exploit, however” [Peterson, supra.].
In this vein:
Chainalysis co-founder Jonathan Levin has touted the firm’s ability to unmask transactions from mixers like Tornado Cash, especially when they contain large amounts of value relative to the total liquidity available. ‘The fact that all of the industry and all of law enforcement and the regulatory authorities can all have access to that same information about what services and what entities are behind these transactions, that allows us to take unprecedented steps in being able to collaborate on weeding out illicit activity,’ Levin told a Senate panel in March.
Nonetheless, a mere four months later, the OFAC took the actions above described against Tornado Cash, effectively ceasing its U.S. operations.