Tornado Cash Spins Up Sanctions-compliant Web Interface

The ether transaction privacy service made a bid to curtail the laundering of Ronin hack proceeds

article-image

Source: Tornado Cash

share

key takeaways

  • The Tornado Cash front-end website will prevent access from OFAC-sanctioned wallet addresses
  • The immutable smart contracts underpinning the mixing service remain unchanged, and therefore function the same as before

The privacy tool Tornado Cash, which has been used to obfuscate the proceeds of multiple frauds, scams and hacks in the past, updated its web front-end on Friday to limit access from wallet addresses sanctioned by the US Treasury’s Office of Foreign Assets Control (OFAC).

Loading Tweet..

The move follows an update from OFAC yesterday, which identified the wallet known to have received the funds stolen from the Ronin Bridge last month as controlled by the North Korean hacking organization Lazarus Group. The wallet still contains 144,000 of the original 173,000 ether, worth about $439 million as of Friday at 1:30 pm ET.

The change to Tornado Cash’s decentralized application (dapp) has no impact on the underlying privacy protocols’ code — a set of smart contracts on Ethereum meant to bring some measure of privacy to transactions on the transparent public blockchain network.

Understanding the difference between a protocol and a website that adds ease-of-use is not always easy for newcomers to Web3, as evidenced by the recent Uniswap class action lawsuit.

In the Web2 world of Google and Facebook, a website runs on a server owned by a company that exists in some country’s jurisdiction. In the case of Tornado Cash, the smart contract code runs on public Ethereum and cannot be changed, the project’s documentation explains.

“Nobody — including the original developers — can modify or shut them down,” the documentation says.

The service is even accessible from decentralized storage infrastructure known as IPFS rather than on any particular centralized web server.

So, what does this mean for the hackers?

The main user interface to Tornado Cash is an application that implements a Chainalysis sanctions oracle — basically a blacklist of Ethereum addresses maintained by the blockchain data platform Chainalysis. The address used in the Ronin hack has been added to that list.

But the Tornado Cash protocol itself can still be used as before, using an alternative front-end user interface. That doesn’t mean it can be used successfully to obscure the origins of the ether stolen in the Ronin bridge exploit, however.

Chainalysis co-founder Jonathan Levin has touted the firm’s ability to unmask transactions from mixers like Tornado Cash, especially when they contain large amounts of value relative to the total liquidity available.

“The fact that all of the industry and all of law enforcement and the regulatory authorities can all have access to that same information about what services and what entities are behind these transactions, that allows us to take unprecedented steps in being able to collaborate on weeding out illicit activity,” Levin told a Senate panel in March.


Get the news in your inbox. Explore Blockworks newsletters:

  • Blockworks Daily: The newsletter that helps thousands of investors understand crypto and the markets, by Byron Gilliam.
  • Empire: Start your morning with the top news and analysis to inform your day in crypto.
  • Forward Guidance: Reporting and analysis on the growing intersection of crypto and macroeconomics, policy and finance.
  • 0xResearch: Alpha directly in your inbox. Market highlights, data, degen trade ideas, governance updates, token performance and more.
  • Lightspeed: Built for Solana investors, developers and community members. The latest from one of crypto’s hottest networks.
  • The Drop: For crypto collectors and traders, covering apps, games, memes and more.
  • Supply Shock: Tracking Bitcoin’s rise from internet plaything worth less than a penny to global phenomenon disrupting money as we know it.
Tags

Upcoming Events

Industry City | Brooklyn, NY

TUES - THURS, JUNE 24 - 26, 2025

Permissionless IV serves as the definitive gathering for crypto’s technical founders, developers, and builders to come together and create the future.If you’re ready to shape the future of crypto, Permissionless IV is where it happens.

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

recent research

Research Report Templates.jpg

Research

Bluefin possibly stands at an inflection point. The token is near an all-time low yet the protocol’s spot volume market share and derivatives exchange usage have been increasing month over month since its November launch. Given its current market position and the upcoming upgrades (for both Bluefin and SUI), there may be upside potential before the increased supply growth in December. However, strong opposition from existing competitors (like Cetus and Suilend), as well as new entrants (like Aftermath), pose key challenges to Bluefin’s medium-term success.

article-image

Top Committee Democrat Sen. Elizabeth Warren in her opening statement accused Atkins of “helping billionaire CEOs like Sam Bankman-Fried”

article-image

Introducing garbled circuits for enhanced privacy and regulatory compliance

article-image

Ross Ulbricht was a freedom maximalist building freedom tech, powered by Bitcoin

article-image

Solana validators can reap benefits including payments, votes and community clout

article-image

Sponsored

WalletConnect is cementing itself as the essential connectivity layer, ensuring wallets remain the entry point for billions of users

article-image

According to a legal filing, Galaxy Digital helped boost the price of LUNA while quietly selling its tokens