Tornado Cash Spins Up Sanctions-compliant Web Interface

The ether transaction privacy service made a bid to curtail the laundering of Ronin hack proceeds

article-image

Source: Tornado Cash

share

key takeaways

  • The Tornado Cash front-end website will prevent access from OFAC-sanctioned wallet addresses
  • The immutable smart contracts underpinning the mixing service remain unchanged, and therefore function the same as before

The privacy tool Tornado Cash, which has been used to obfuscate the proceeds of multiple frauds, scams and hacks in the past, updated its web front-end on Friday to limit access from wallet addresses sanctioned by the US Treasury’s Office of Foreign Assets Control (OFAC).

Loading Tweet..

The move follows an update from OFAC yesterday, which identified the wallet known to have received the funds stolen from the Ronin Bridge last month as controlled by the North Korean hacking organization Lazarus Group. The wallet still contains 144,000 of the original 173,000 ether, worth about $439 million as of Friday at 1:30 pm ET.

The change to Tornado Cash’s decentralized application (dapp) has no impact on the underlying privacy protocols’ code — a set of smart contracts on Ethereum meant to bring some measure of privacy to transactions on the transparent public blockchain network.

Understanding the difference between a protocol and a website that adds ease-of-use is not always easy for newcomers to Web3, as evidenced by the recent Uniswap class action lawsuit.

In the Web2 world of Google and Facebook, a website runs on a server owned by a company that exists in some country’s jurisdiction. In the case of Tornado Cash, the smart contract code runs on public Ethereum and cannot be changed, the project’s documentation explains.

“Nobody — including the original developers — can modify or shut them down,” the documentation says.

The service is even accessible from decentralized storage infrastructure known as IPFS rather than on any particular centralized web server.

So, what does this mean for the hackers?

The main user interface to Tornado Cash is an application that implements a Chainalysis sanctions oracle — basically a blacklist of Ethereum addresses maintained by the blockchain data platform Chainalysis. The address used in the Ronin hack has been added to that list.

But the Tornado Cash protocol itself can still be used as before, using an alternative front-end user interface. That doesn’t mean it can be used successfully to obscure the origins of the ether stolen in the Ronin bridge exploit, however.

Chainalysis co-founder Jonathan Levin has touted the firm’s ability to unmask transactions from mixers like Tornado Cash, especially when they contain large amounts of value relative to the total liquidity available.

“The fact that all of the industry and all of law enforcement and the regulatory authorities can all have access to that same information about what services and what entities are behind these transactions, that allows us to take unprecedented steps in being able to collaborate on weeding out illicit activity,” Levin told a Senate panel in March.


Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.

Explore the growing intersection between crypto, macroeconomics, policy and finance with Ben Strack, Casey Wagner and Felix Jauvin. Subscribe to the Forward Guidance newsletter.

Get alpha directly in your inbox with the 0xResearch newsletter — market highlights, charts, degen trade ideas, governance updates, and more.

The Lightspeed newsletter is all things Solana, in your inbox, every day. Subscribe to daily Solana news from Jack Kubinec and Jeff Albus.

Tags

Upcoming Events

Javits Center North | 445 11th Ave

Tues - Thurs, March 18 - 20, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

Brooklyn, NY

TUES - THURS, JUNE 24 - 26, 2025

Permissionless IV serves as the definitive gathering for crypto’s technical founders, developers, and builders to come together and create the future.If you’re ready to shape the future of crypto, Permissionless IV is where it happens.

recent research

LTIPPanalysis.png

Research

This report is a retroactive analysis of Arbitrum's Long Term Incentives Pilot Program (LTIPP). We collect relevant data at a protocol level and review bi-weekly updates to analyze recipients, their strategies, and the impact of the incentives on high level growth metrics. In particular, we want to highlight outperformers and underperformers, and glean any best practices or lessons learned for protocols distributing ARB incentives in the future. The overarching goal is to synthesize lessons learned that the DAO can reference as it begins thinking about future incentives programs–namely, the working group for incentives that is being actively discussed–especially as Timeboost introduces new conditions for trading and economic activity.

article-image

Sponsored

AI project Zerebro intersects the spheres of artificial intelligence, finance, art, music, and culture

article-image

Allmight is focused on furthering the United States’ leadership in crypto

article-image

The conditions Charles Schwab is waiting for before jumping headfirst into crypto could take shape soon

article-image

The FCA’s director of payments and digital assets shared some takeaways from chats with crypto companies and law firms

article-image

Let’s take a look at how US equities typically perform this time of year and what we might see in the coming days

article-image

Lumina introduces transparency and permissionless integration via an OP stack-based optimium, challenging traditional oracle designs