Tornado Cash got wrecked, and we could have prevented it

The Tornado Cash story tells us that Web3 users want privacy and regulators want compliance — but there’s a way to have both


Midjourney modified by Blockworks


In the pursuit of true anonymity and total privacy, Tornado Cash got wrecked. 

Not only were the crypto mixer’s founders charged with money laundering (and one developer arrested), but the ongoing case has seemingly influenced the course of crypto regulation. There’s no doubt there has now been increased attention from the government on how to enforce know-your-customer (KYC) and anti-money laundering (AML) regulations on crypto. US Senator Elizabeth Warren even publicly supported a proposal that required the collection of personal data from private cryptocurrency wallets. 

But while Web3 veterans may see this increasing regulatory attention as a threat to the core ethos of Web3, it’s important to remember that privacy and compliance don’t have to be mutually exclusive.

On-chain privacy has already been achieved in many ways with cryptography, notably zero-knowledge proofs. By and large, despite obvious controversies, these solutions have worked well so far for privacy retention. 

However, we have yet to standardize any best practices, and each cryptographic technique has trade-offs: It’s time to establish safety standards across chains that align with the interests of national security, as well as citizens’ individual privacy needs.

Read more: Elizabeth Warren has a lot to say About crypto — try listening for once

Tornado Cash encouraged on-chain privacy; however, by overlooking compliance measures entirely, the project was doomed to fall under the regulator’s sword. But whatever Tornado Cash did wrong, the mixer’s approach to privacy — while controversial and subject to regulatory crackdown — was still a step in the right direction. 

The Tornado Cash story tells us that Web3 users want privacy and regulators want compliance. And although the outcome for Tornado Cash is definitely not favorable for Web3 privacy in the short term, it does provide the conditions for tangible action that can ultimately be a positive influence in the long term. 

Taking a good look at what Tornado Cash was doing and why its services were needed can bring more clarity to legislators. Along those same lines, we as technologists can provide more direct context and education about the technology and its implications. Industry leaders can organize more effectively, collaborating and strategizing on the most constructive path forward.

The biggest challenge we face currently is scaling privacy in the blockchain space. Due to the push for anonymity in Web3, mainstream enterprises are hesitant to adopt the technology because they have less oversight with those they transact with. However, users still want to ensure their data is protected. 

We need to preserve the main pillars of blockchain, and for this, we need a practical mechanism. Privacy establishes what information should be protected, while compliance outlines the safeguarding framework that should be in place, and works to maintain it. 

One approach to uphold privacy and compliance is through the widespread adoption of zero-knowledge proofs (zk proofs), enabling data verification without exposing the sender’s personal information. A possible use case includes implementing zk proofs for KYC-like processes where an entity could verify a user’s KYC data without needing access to identifying information. 

Other solutions include deposit screening, withdrawal screening and selective anonymization. Vitalik Buterin proposed one such solution in a recent research paper on privacy pools, which enable users to benefit from complete privacy by publishing a zk proof demonstrating that their funds don’t originate from known “unlawful” sources. Future solutions could even leverage confidential computing, where computations run over encrypted data in a decentralized and permissionless way.

Read more from our opinion section: Yes, criminals use crypto. No, don’t blame the developers.

While these strategies will not solve the overarching issue alone, when combined, they may increase our capacity to identify, dissuade and disrupt illegal financial activity while protecting user data. 

How can we stop a situation like Tornado Cash from happening again? 

We need to continue developing good privacy protocols. However, we can also preserve safety in a decentralized and permissionless way. To scale privacy, we need to look at the bigger picture — take a step back from the microenvironments of Web3 and observe what is truly happening in the world around us. 

We are responsible for leading this paradigm and educating the next generation. To do this, we need to be an active part of policy and regulatory development, which will mean working side-by-side with policymakers — similar to the Big Tech companies as they lobbied for data privacy. It’s our job to ultimately future-proof this space.

Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.

Explore the growing intersection between crypto, macroeconomics, policy and finance with Ben Strack, Casey Wagner and Felix Jauvin. Subscribe to the On the Margin newsletter.

The Lightspeed newsletter is all things Solana, in your inbox, every day. Subscribe to daily Solana news from Jack Kubinec and Jeff Albus.


Upcoming Events

Salt Lake City, UT

MON - TUES, OCT. 7 - 8, 2023

Blockworks and Bankless in collaboration with buidlbox are excited to announce the second installment of the Permissionless Hackathon – taking place October 7-8 in Salt Lake City, Utah. We’ve partnered with buidlbox to bring together the brightest minds in crypto for […]

Salt Lake City, UT

WED - FRI, OCTOBER 9 - 11, 2024

Pack your bags, anon — we’re heading west! Join us in the beautiful Salt Lake City for the third installment of Permissionless. Come for the alpha, stay for the fresh air. Permissionless III promises unforgettable panels, killer networking opportunities, and mountains […]

recent research

Unlocked by Template.png


With the spot ETH ETF approval, the institutions are coming. stETH - given its dominance in marketshare, existing liquid market structures, and highly desirable properties - is poised for institutions.


The distributed cell plan provider started selling its own hotspots in October 2023


The Brazil-based asset manager’s filing comes during a year of milestone bitcoin and ether fund approvals


The purchase of five sites in Georgia set to help CleanSpark hit its mid-year operating hash rate target of 20 EH/s


Plus, it’s beginning to look like we may be in for a cruel summer



Engaging with XDC provides access to cutting-edge financial tools and places investors at the forefront of the trade finance revolution


Plus, an update on spot ETH ETFs and what’s on this week’s economic calendar