Tornado Cash got wrecked, and we could have prevented it

The Tornado Cash story tells us that Web3 users want privacy and regulators want compliance — but there’s a way to have both

OPINION
article-image

Midjourney modified by Blockworks

share

In the pursuit of true anonymity and total privacy, Tornado Cash got wrecked. 

Not only were the crypto mixer’s founders charged with money laundering (and one developer arrested), but the ongoing case has seemingly influenced the course of crypto regulation. There’s no doubt there has now been increased attention from the government on how to enforce know-your-customer (KYC) and anti-money laundering (AML) regulations on crypto. US Senator Elizabeth Warren even publicly supported a proposal that required the collection of personal data from private cryptocurrency wallets. 

But while Web3 veterans may see this increasing regulatory attention as a threat to the core ethos of Web3, it’s important to remember that privacy and compliance don’t have to be mutually exclusive.

On-chain privacy has already been achieved in many ways with cryptography, notably zero-knowledge proofs. By and large, despite obvious controversies, these solutions have worked well so far for privacy retention. 

However, we have yet to standardize any best practices, and each cryptographic technique has trade-offs: It’s time to establish safety standards across chains that align with the interests of national security, as well as citizens’ individual privacy needs.

Read more: Elizabeth Warren has a lot to say About crypto — try listening for once

Tornado Cash encouraged on-chain privacy; however, by overlooking compliance measures entirely, the project was doomed to fall under the regulator’s sword. But whatever Tornado Cash did wrong, the mixer’s approach to privacy — while controversial and subject to regulatory crackdown — was still a step in the right direction. 

The Tornado Cash story tells us that Web3 users want privacy and regulators want compliance. And although the outcome for Tornado Cash is definitely not favorable for Web3 privacy in the short term, it does provide the conditions for tangible action that can ultimately be a positive influence in the long term. 

Taking a good look at what Tornado Cash was doing and why its services were needed can bring more clarity to legislators. Along those same lines, we as technologists can provide more direct context and education about the technology and its implications. Industry leaders can organize more effectively, collaborating and strategizing on the most constructive path forward.

The biggest challenge we face currently is scaling privacy in the blockchain space. Due to the push for anonymity in Web3, mainstream enterprises are hesitant to adopt the technology because they have less oversight with those they transact with. However, users still want to ensure their data is protected. 

We need to preserve the main pillars of blockchain, and for this, we need a practical mechanism. Privacy establishes what information should be protected, while compliance outlines the safeguarding framework that should be in place, and works to maintain it. 

One approach to uphold privacy and compliance is through the widespread adoption of zero-knowledge proofs (zk proofs), enabling data verification without exposing the sender’s personal information. A possible use case includes implementing zk proofs for KYC-like processes where an entity could verify a user’s KYC data without needing access to identifying information. 

Other solutions include deposit screening, withdrawal screening and selective anonymization. Vitalik Buterin proposed one such solution in a recent research paper on privacy pools, which enable users to benefit from complete privacy by publishing a zk proof demonstrating that their funds don’t originate from known “unlawful” sources. Future solutions could even leverage confidential computing, where computations run over encrypted data in a decentralized and permissionless way.

Read more from our opinion section: Yes, criminals use crypto. No, don’t blame the developers.

While these strategies will not solve the overarching issue alone, when combined, they may increase our capacity to identify, dissuade and disrupt illegal financial activity while protecting user data. 

How can we stop a situation like Tornado Cash from happening again? 

We need to continue developing good privacy protocols. However, we can also preserve safety in a decentralized and permissionless way. To scale privacy, we need to look at the bigger picture — take a step back from the microenvironments of Web3 and observe what is truly happening in the world around us. 

We are responsible for leading this paradigm and educating the next generation. To do this, we need to be an active part of policy and regulatory development, which will mean working side-by-side with policymakers — similar to the Big Tech companies as they lobbied for data privacy. It’s our job to ultimately future-proof this space.



Get the news in your inbox. Explore Blockworks newsletters:

Tags

Upcoming Events

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

Industry City | Brooklyn, NY

TUES - THURS, JUNE 24 - 26, 2025

Permissionless IV serves as the definitive gathering for crypto’s technical founders, developers, and builders to come together and create the future.If you’re ready to shape the future of crypto, Permissionless IV is where it happens.

Brooklyn, NY

SUN - MON, JUN. 22 - 23, 2025

Blockworks and Cracked Labs are teaming up for the third installment of the Permissionless Hackathon, happening June 22–23, 2025 in Brooklyn, NY. This is a 36-hour IRL builder sprint where developers, designers, and creatives ship real projects solving real problems across […]

recent research

Unlocked by Template (7).png

Research

Union’s improvements upon Tendermint consensus through CometBLS, coupled with ZK proving through Galois, allow for a broadly scalable, cost efficient, and low latency IBC implementation that is feasibly scalable across every existing blockchain, virtual machine and runtime. The implementation offers modular crosschain interoperability without the need for trusted intermediaries.  

article-image

35% of admitted teams are building AI apps, while 30% are using stablecoins

article-image

Those in the US who preregistered for the app got $150 worth of WLD

article-image

The L2 chain with opt-in privacy features was eight years in the making

article-image

Bitcoin stands on the shoulders of these Cypherpunk giants

article-image

Unto’s Will Yoo and Liam Heeger spoke to the Empire newsletter about their raise and how they plan to build Thru

article-image

Greater efficiency, William Jevons predicted, would lead to even greater consumption