Tornado Cash Spins Up Sanctions-compliant Web Interface

The ether transaction privacy service made a bid to curtail the laundering of Ronin hack proceeds

article-image

Source: Tornado Cash

share

key takeaways

  • The Tornado Cash front-end website will prevent access from OFAC-sanctioned wallet addresses
  • The immutable smart contracts underpinning the mixing service remain unchanged, and therefore function the same as before

The privacy tool Tornado Cash, which has been used to obfuscate the proceeds of multiple frauds, scams and hacks in the past, updated its web front-end on Friday to limit access from wallet addresses sanctioned by the US Treasury’s Office of Foreign Assets Control (OFAC).

Loading Tweet..

The move follows an update from OFAC yesterday, which identified the wallet known to have received the funds stolen from the Ronin Bridge last month as controlled by the North Korean hacking organization Lazarus Group. The wallet still contains 144,000 of the original 173,000 ether, worth about $439 million as of Friday at 1:30 pm ET.

The change to Tornado Cash’s decentralized application (dapp) has no impact on the underlying privacy protocols’ code — a set of smart contracts on Ethereum meant to bring some measure of privacy to transactions on the transparent public blockchain network.

Understanding the difference between a protocol and a website that adds ease-of-use is not always easy for newcomers to Web3, as evidenced by the recent Uniswap class action lawsuit.

In the Web2 world of Google and Facebook, a website runs on a server owned by a company that exists in some country’s jurisdiction. In the case of Tornado Cash, the smart contract code runs on public Ethereum and cannot be changed, the project’s documentation explains.

“Nobody — including the original developers — can modify or shut them down,” the documentation says.

The service is even accessible from decentralized storage infrastructure known as IPFS rather than on any particular centralized web server.

So, what does this mean for the hackers?

The main user interface to Tornado Cash is an application that implements a Chainalysis sanctions oracle — basically a blacklist of Ethereum addresses maintained by the blockchain data platform Chainalysis. The address used in the Ronin hack has been added to that list.

But the Tornado Cash protocol itself can still be used as before, using an alternative front-end user interface. That doesn’t mean it can be used successfully to obscure the origins of the ether stolen in the Ronin bridge exploit, however.

Chainalysis co-founder Jonathan Levin has touted the firm’s ability to unmask transactions from mixers like Tornado Cash, especially when they contain large amounts of value relative to the total liquidity available.

“The fact that all of the industry and all of law enforcement and the regulatory authorities can all have access to that same information about what services and what entities are behind these transactions, that allows us to take unprecedented steps in being able to collaborate on weeding out illicit activity,” Levin told a Senate panel in March.


Get the news in your inbox. Explore Blockworks newsletters:

Tags

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

recent research

Research Report Templates (3).png

Research

Pear Protocol has proven its market fit through its pair-trading infrastructure, sustaining consistent trading activity despite recent headwinds. Its strategic pivot toward Hyperliquid integration represents a major growth catalyst amid industry consolidation. While short-term token unlocks present challenges, current valuations and liquidity conditions may offer compelling opportunities for investors.

article-image

For just $54, you, too, could send a memecoin 500% higher

article-image

Memecoins, tech, and inflation have dominated the first half of the year

article-image

As the Trump administration continues to test Fed independence, markets are beginning to react

article-image

An Aave interest rate shock prompted over 475,000 validators to exit and pushed stETH into a prolonged depeg

article-image

While Roman Storm’s team is set to present its case, it’s not yet clear if the Tornado Cash founder will testify

article-image

A wireless network inspired by lost drones is now helping telco carriers reach your phone indoors