Case Study 2 — Tornado Cash Sanctions: When the US Government Sanctioned Open-Source Code

Background

On August 8, 2022, the US Treasury Department's Office of Foreign Assets Control (OFAC) added Tornado Cash to its Specially Designated Nationals (SDN) list — the sanctions list typically reserved for foreign governments, terrorist organizations, drug cartels, and individuals deemed threats to US national security. The designation made it illegal for any US person to interact with Tornado Cash in any way: using it, providing services to it, or even accessing its website.

Tornado Cash was not a foreign government or a terrorist organization. It was an open-source protocol — a set of smart contracts deployed on the Ethereum blockchain — that enabled private transactions. Users could deposit ETH or other tokens into Tornado Cash's smart contracts, wait for a period, and then withdraw from a different address with no on-chain link between the deposit and withdrawal. The protocol used zero-knowledge proofs to verify that the withdrawer had previously made a deposit without revealing which deposit it was.

The protocol's stated purpose was financial privacy — the same privacy that cash provides in the physical world but that blockchain's transparent ledger removes by default. Every transaction on Ethereum is publicly visible, permanently recorded, and traceable. Tornado Cash restored the ability to transact without every observer being able to trace the flow of funds.

The problem was that financial privacy and money laundering look identical from the outside. The same technology that allows a domestic violence survivor to hide her financial transactions from her abuser also allows a North Korean hacking group to launder hundreds of millions of dollars in stolen cryptocurrency. And the Lazarus Group — a North Korean state-sponsored hacking operation — had used Tornado Cash to launder an estimated $455 million stolen from the Ronin Bridge (associated with the game Axie Infinity) in March 2022, plus hundreds of millions more from other hacks.

The Sanctions

OFAC's designation added approximately 45 Ethereum smart contract addresses to the SDN list, along with several associated wallet addresses. The legal basis was the International Emergency Economic Powers Act (IEEPA), which authorizes the President to block "property" that is owned or controlled by foreign nationals who pose a threat to US national security.

The immediate effects were dramatic:

  • GitHub removed the Tornado Cash repository and suspended the accounts of its developers.
  • Circle (issuer of USDC) froze approximately $75,000 in USDC held in Tornado Cash smart contracts.
  • Infura and Alchemy (Ethereum node service providers) blocked API requests to Tornado Cash contract addresses, making it difficult for many wallet applications to interact with the protocol.
  • dYdX (a decentralized exchange) automatically blocked accounts that had ever interacted with Tornado Cash, including accounts that had received tiny unsolicited "dust" transactions from the protocol.
  • The Tornado Cash website (tornado.cash) went offline.
  • Several Ethereum validators began censoring transactions that interacted with Tornado Cash, refusing to include them in blocks.

The broader crypto industry reacted with a mixture of fear and outrage. Industry groups argued that OFAC had crossed a constitutional line by sanctioning code rather than people. Civil liberties organizations raised First Amendment concerns. And practical complications multiplied: because anyone could send tokens to any address, malicious actors sent small amounts from Tornado Cash to prominent public figures (including Jimmy Fallon and the wallet of Ethereum's Vitalik Buterin), technically placing them in violation of the sanctions.

The Developer Arrest

On August 10, 2022 — two days after the OFAC designation — Dutch authorities arrested Alexey Pertsev, one of Tornado Cash's core developers, at his home in Amsterdam. Pertsev, a 29-year-old Russian national living in the Netherlands, was charged with facilitating money laundering. He was held in pretrial detention for nine months before being released on bail, then stood trial in 2024.

The prosecution argued that Pertsev knowingly developed and maintained a tool whose primary purpose was money laundering. They pointed to evidence that Pertsev was aware of Lazarus Group's use of the protocol and did not take steps to prevent it — even though, technically, nobody could prevent anyone from using the immutable smart contracts.

The defense argued that Pertsev was a software developer who wrote open-source code — an act protected by free expression principles. The code itself was neutral, like a knife that can be used to cook or to kill. Developers of encryption software, VPNs, and web browsers all create tools that can be used for both legal and illegal purposes. Holding developers criminally liable for the actions of users who choose to use their software for illegal purposes would chill software development worldwide.

In May 2024, a Dutch court convicted Pertsev of money laundering and sentenced him to 64 months in prison. The court reasoned that Pertsev had created a tool that was structurally designed for money laundering (breaking the chain of ownership is a core element of the money laundering offense under Dutch law) and that he had continued to develop and promote the tool after becoming aware of its use by sanctioned entities. The conviction was widely condemned by the crypto industry and civil liberties advocates, and Pertsev appealed.

Two separate legal challenges to the OFAC sanctions were filed in the United States, producing different outcomes.

Van Loon v. Department of the Treasury (Fifth Circuit)

Six users of Tornado Cash, backed by Coinbase (which funded the litigation), challenged the sanctions in the Western District of Texas. The district court initially upheld the sanctions, but the Fifth Circuit Court of Appeals reversed in November 2024.

The Fifth Circuit's reasoning focused on a specific legal question: does OFAC have the authority under IEEPA to sanction "immutable smart contracts"? IEEPA authorizes the blocking of "property" of foreign nationals. The court ruled that Tornado Cash's immutable smart contracts — which cannot be modified, controlled, or owned by anyone after deployment — are not "property" within the meaning of IEEPA. Property requires an owner, and ownerless, immutable code running on a decentralized network is not property that can be blocked.

The court was careful to note that this ruling was narrow. It did not say that Tornado Cash's developers were immune from prosecution. It did not say that OFAC could never sanction DeFi protocols. It said only that OFAC's authority under IEEPA does not extend to ownerless, immutable smart contracts. OFAC could sanction the individuals associated with Tornado Cash, the DAO that governed upgradeable components, or any person or entity with actual control over the protocol — but not the code itself.

The Broader Constitutional Questions

The Tornado Cash case raised constitutional questions that have not been fully resolved:

Is code speech? Federal courts have recognized, in cases involving encryption software (Bernstein v. Department of Justice, 1996), that source code can be a form of expression protected by the First Amendment. If writing and publishing open-source code is protected speech, then sanctioning code — making it illegal to interact with or distribute — raises serious First Amendment concerns. OFAC argued that functional code is conduct, not speech, and that the sanctions target the use of the tool rather than the expression of ideas.

Due process and overbreadth. The sanctions applied to everyone, including US persons who had legitimate reasons to use financial privacy tools and had no connection to North Korea or any sanctioned activity. This raised due process concerns: the sanctions were not narrowly tailored to address the specific illicit use but instead banned all use by all US persons. A domestic violence survivor seeking financial privacy, a journalist protecting a source, or a political dissident hiding donations from a repressive government all lost access to the tool.

The precedent problem. If the government can sanction an open-source smart contract because criminals used it, can it sanction other neutral tools? Can it sanction the Bitcoin network because ransomware payments are made in Bitcoin? Can it sanction the Tor browser because it is used to access the dark web? Can it sanction Signal because it enables encrypted communications that criminals use? The line between sanctioning a tool designed primarily for illegal activity and sanctioning a neutral tool that happens to be used for illegal activity is difficult to draw, and the Tornado Cash case sits uncomfortably on that line.

The Practical Impact

On the Ethereum Ecosystem

The Tornado Cash sanctions had a chilling effect on the Ethereum ecosystem:

  • Self-censorship by validators. Some Ethereum validators and block builders began using OFAC-compliant relay software that excluded transactions interacting with sanctioned addresses. At its peak in late 2022, approximately 60% of Ethereum blocks were produced by OFAC-compliant builders — meaning that sanctioned transactions could only be included in the remaining 40% of blocks, significantly increasing their confirmation time. This raised existential questions about Ethereum's censorship resistance. The percentage has since declined as the community has pushed back against censorship and as new relay software has been developed.

  • Compliance programs. DeFi protocols and DAOs began implementing compliance screening, blocking wallets associated with sanctioned addresses. This was technically straightforward (services like Chainalysis provide sanctions screening APIs) but philosophically troubling for protocols that had been designed to be permissionless.

  • Developer caution. The arrest of Pertsev and the prosecution of another Tornado Cash developer, Roman Storm (charged in the US with conspiracy to commit money laundering, sanctions violations, and operating an unlicensed money transmitting business), made developers acutely aware that building privacy-preserving tools could result in criminal prosecution. Several privacy-focused projects reduced their public profiles or relocated their developers to more favorable jurisdictions.

On Financial Privacy

The Tornado Cash sanctions effectively eliminated the primary tool for financial privacy on Ethereum. While the smart contracts technically still exist on the blockchain (they are immutable and cannot be deleted), using them is illegal for US persons, and the practical infrastructure (the website, the relayer network, the governance DAO) has been severely degraded.

This has reignited the debate about whether financial privacy is a right or a privilege. In the physical world, cash provides transactional privacy by default — you can buy a cup of coffee without anyone knowing about it. On transparent blockchains, every transaction is permanently and publicly recorded. Tornado Cash was an attempt to restore the privacy that physical cash provides, and its effective destruction raises the question of whether the government's ability to surveil every financial transaction is a feature or a bug.

⚖️ Both Sides — Financial Privacy:

The surveillance case: Financial transparency enables law enforcement to track illicit funds, prevent money laundering, and enforce sanctions. The ability to trace cryptocurrency transactions has been instrumental in recovering stolen funds and prosecuting criminals. Financial privacy tools primarily benefit those with something to hide — money launderers, tax evaders, and sanctions evaders. The legitimate privacy needs of ordinary users can be addressed through regulated privacy solutions that comply with AML/KYC requirements.

The privacy case: Financial privacy is a fundamental aspect of personal autonomy. The government does not require you to publish your bank statements, and the fact that a new technology (blockchain) makes transactions public by default does not give the government a right to that transparency. Privacy is not proof of wrongdoing — it is a human right recognized in the Universal Declaration of Human Rights (Article 12) and the Fourth Amendment of the US Constitution. The surveillance position assumes that financial privacy is inherently suspicious, which inverts the presumption of innocence.

Discussion Questions

  1. Should open-source software developers be held legally responsible for how others use their code? Where do you draw the line between a tool designed for illegal activity (like a lock-picking set sold to burglars) and a neutral tool that is sometimes used illegally (like a car used as a getaway vehicle)?

  2. The Fifth Circuit ruled that immutable smart contracts are not "property" under IEEPA. Do you agree with this reasoning? If smart contracts are not property, what are they?

  3. Approximately 30% of Tornado Cash transactions have been identified as connected to illicit activity (primarily North Korean hacking groups). Approximately 70% appear to be legitimate privacy transactions. Does this ratio matter for the legal analysis? Would the answer change if the percentages were reversed?

  4. The arrest and conviction of Alexey Pertsev has been described as a "developer's nightmare." If you were a software developer building a privacy-preserving protocol, how would the Pertsev case affect your decisions? Would you build it differently? Would you build it at all?

  5. After the sanctions, approximately 60% of Ethereum blocks were produced by OFAC-compliant builders. What does this tell us about the actual level of decentralization and censorship resistance in the Ethereum network? Is a network censorship-resistant if a single government's sanctions can affect transaction inclusion?

  6. Design an alternative approach that OFAC could have taken to address Lazarus Group's use of Tornado Cash without sanctioning the entire protocol. Consider targeted sanctions, regulatory requirements for front-ends, or other mechanisms.

Timeline

Date Event
2019 Tornado Cash smart contracts deployed on Ethereum
March 2022 Lazarus Group hacks Ronin Bridge, steals ~$625M; begins laundering through Tornado Cash
April 2022 OFAC sanctions Lazarus Group-linked Ethereum addresses
August 8, 2022 OFAC adds Tornado Cash smart contract addresses to SDN list
August 10, 2022 Alexey Pertsev arrested in Amsterdam
August 2022 GitHub removes Tornado Cash repository; Circle freezes USDC in TC contracts
September 2022 Coin Center files challenge in Florida (later dropped); industry groups condemn sanctions
September 2022 Six Tornado Cash users (backed by Coinbase) file Van Loon v. Treasury in Texas
August 2023 Roman Storm (US-based developer) arrested and charged in SDNY
August 2023 District court in Van Loon upholds sanctions
May 2024 Dutch court convicts Pertsev, sentences to 64 months
November 2024 Fifth Circuit reverses district court in Van Loon; rules immutable smart contracts are not "property" under IEEPA
2025 Roman Storm trial pending; Pertsev appeal pending; OFAC considering response to Fifth Circuit ruling

Key Takeaways

  • The Tornado Cash case is the most significant test of government authority over decentralized protocols and open-source code to date.
  • The sanctions raised fundamental questions about whether code is speech, whether immutable smart contracts can be "property," and whether financial privacy is a right.
  • The developer arrests and prosecution had a measurable chilling effect on privacy-preserving development in the blockchain space.
  • The Fifth Circuit's ruling that immutable smart contracts are not sanctionable "property" is a significant constraint on OFAC authority, but it is narrow and applies only to truly immutable, ownerless code.
  • The case illustrates the genuine tension between legitimate law enforcement objectives (preventing North Korean sanctions evasion) and the collateral damage of broad sanctions (destroying financial privacy for everyone).
  • The long-term resolution of these questions will shape the boundary between government authority and the autonomy of decentralized systems for decades.