Tornado Cash got wrecked, and we could have prevented it

The Tornado Cash story tells us that Web3 users want privacy and regulators want compliance — but there’s a way to have both

OPINION
article-image

Midjourney modified by Blockworks

share

In the pursuit of true anonymity and total privacy, Tornado Cash got wrecked. 

Not only were the crypto mixer’s founders charged with money laundering (and one developer arrested), but the ongoing case has seemingly influenced the course of crypto regulation. There’s no doubt there has now been increased attention from the government on how to enforce know-your-customer (KYC) and anti-money laundering (AML) regulations on crypto. US Senator Elizabeth Warren even publicly supported a proposal that required the collection of personal data from private cryptocurrency wallets. 

But while Web3 veterans may see this increasing regulatory attention as a threat to the core ethos of Web3, it’s important to remember that privacy and compliance don’t have to be mutually exclusive.

On-chain privacy has already been achieved in many ways with cryptography, notably zero-knowledge proofs. By and large, despite obvious controversies, these solutions have worked well so far for privacy retention. 

However, we have yet to standardize any best practices, and each cryptographic technique has trade-offs: It’s time to establish safety standards across chains that align with the interests of national security, as well as citizens’ individual privacy needs.

Read more: Elizabeth Warren has a lot to say About crypto — try listening for once

Tornado Cash encouraged on-chain privacy; however, by overlooking compliance measures entirely, the project was doomed to fall under the regulator’s sword. But whatever Tornado Cash did wrong, the mixer’s approach to privacy — while controversial and subject to regulatory crackdown — was still a step in the right direction. 

The Tornado Cash story tells us that Web3 users want privacy and regulators want compliance. And although the outcome for Tornado Cash is definitely not favorable for Web3 privacy in the short term, it does provide the conditions for tangible action that can ultimately be a positive influence in the long term. 

Taking a good look at what Tornado Cash was doing and why its services were needed can bring more clarity to legislators. Along those same lines, we as technologists can provide more direct context and education about the technology and its implications. Industry leaders can organize more effectively, collaborating and strategizing on the most constructive path forward.

The biggest challenge we face currently is scaling privacy in the blockchain space. Due to the push for anonymity in Web3, mainstream enterprises are hesitant to adopt the technology because they have less oversight with those they transact with. However, users still want to ensure their data is protected. 

We need to preserve the main pillars of blockchain, and for this, we need a practical mechanism. Privacy establishes what information should be protected, while compliance outlines the safeguarding framework that should be in place, and works to maintain it. 

One approach to uphold privacy and compliance is through the widespread adoption of zero-knowledge proofs (zk proofs), enabling data verification without exposing the sender’s personal information. A possible use case includes implementing zk proofs for KYC-like processes where an entity could verify a user’s KYC data without needing access to identifying information. 

Other solutions include deposit screening, withdrawal screening and selective anonymization. Vitalik Buterin proposed one such solution in a recent research paper on privacy pools, which enable users to benefit from complete privacy by publishing a zk proof demonstrating that their funds don’t originate from known “unlawful” sources. Future solutions could even leverage confidential computing, where computations run over encrypted data in a decentralized and permissionless way.

Read more from our opinion section: Yes, criminals use crypto. No, don’t blame the developers.

While these strategies will not solve the overarching issue alone, when combined, they may increase our capacity to identify, dissuade and disrupt illegal financial activity while protecting user data. 

How can we stop a situation like Tornado Cash from happening again? 

We need to continue developing good privacy protocols. However, we can also preserve safety in a decentralized and permissionless way. To scale privacy, we need to look at the bigger picture — take a step back from the microenvironments of Web3 and observe what is truly happening in the world around us. 

We are responsible for leading this paradigm and educating the next generation. To do this, we need to be an active part of policy and regulatory development, which will mean working side-by-side with policymakers — similar to the Big Tech companies as they lobbied for data privacy. It’s our job to ultimately future-proof this space.



Get the news in your inbox. Explore Blockworks newsletters:

Tags

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

Industry City | Brooklyn, NY

TUES - THURS, JUNE 24 - 26, 2025

Permissionless IV serves as the definitive gathering for crypto’s technical founders, developers, and builders to come together and create the future.If you’re ready to shape the future of crypto, Permissionless IV is where it happens.

Brooklyn, NY

SUN - MON, JUN. 22 - 23, 2025

Blockworks and Cracked Labs are teaming up for the third installment of the Permissionless Hackathon, happening June 22–23, 2025 in Brooklyn, NY. This is a 36-hour IRL builder sprint where developers, designers, and creatives ship real projects solving real problems across […]

recent research

Research Report Templates.png

Research

Maple Finance has successfully navigated significant market challenges through its strategic pivot to secured lending (Maple v2) and the launch of its Syrup product. Syrup has become a primary growth driver, delivering sustainable, outperforming stablecoin yields and rapidly increasing TVL. The upcoming custody-first Bitcoin staking product (istBTC) presents another significant avenue for expansion. Crucially, Maple has achieved operational profitability, a key inflection point that, combined with a fully vested token and active buyback mechanism, strengthens its investment case. While valuation metrics suggest potential undervaluation relative to peers and growth, the primary forward-looking risk identified is the long-term sustainability of its current high-take-rate collateral staking revenue model.

article-image

Mersinger’s final day at the CFTC will be May 30

article-image

Squads CEO Stepan Simkin explained why the firm launched Altitude and how he’s thinking about stablecoins

article-image

Sponsored

Instead of endless wallet popups, users could connect once, set clear rules, and delegate permission to an app or to an AI agent.

article-image

Prediction markets show that people bet in anticipation of things happening far too often

article-image

The agency’s final deadline is in October

article-image

Higher inflation historically lags behind tariff implementation, so don’t celebrate just yet