As Government Takes on the Tornado Mixer, It May Reap a Whirlwind

Tornado Cash isn’t a company, a service or a person – it’s a series of words, and likely protected by the U.S. First Amendment.

AccessTimeIconAug 9, 2022 at 6:23 p.m. UTC
Updated May 11, 2023 at 3:52 p.m. UTC
AccessTimeIconAug 9, 2022 at 6:23 p.m. UTCUpdated May 11, 2023 at 3:52 p.m. UTCLayer 2
AccessTimeIconAug 9, 2022 at 6:23 p.m. UTCUpdated May 11, 2023 at 3:52 p.m. UTCLayer 2

In the late 15th century, in what is now Germany, a monk wrote a book about magic.

It was not actually about magic.

The three-volume “Steganographia,” authored by the Benedictine abbot Johannes Trithemius, described the use of spirits to communicate secretly over long distances. Trithemius was suspected of black magic, and the Catholic Church added “Steganographia” to its list of forbidden books, the Index Librorum Prohibitorum, where it would remain until 1900.

This article is excerpted from The Node, CoinDesk's daily roundup of the most pivotal stories in blockchain and crypto news. You can subscribe to get the full newsletter here.

But the Church may not have blacklisted Trithemius’ work out of fear of spiritual corruption, for the “Steganographia” was not what it seemed. Though it spoke of angels and spirits, its real subject was far more dangerous: encryption.

Written in 1499, “Steganographia” is one of the first major works on cryptography in the West, introducing, for instance, the now-widespread idea of a simple cipher that could replace the letters of a message systematically. Among others, the book uses what’s known as the “Ave Maria” cipher, replacing each letter of a message with a short Latin sentence about Jesus. It is now widely suspected the book’s blacklisting had little to do with religion but was an attempt to suppress knowledge of cryptography. (I tell this story in more depth in my 2018 book “Bitcoin Is Magic.”)

You can likely imagine how threatening a looming explosion of concealed written messages would have been to the various warlords and strongmen who ruled Europe at the time (more than a few of them wearing church garb). The theology of the divine right of kings held up by Trithemius’ church implied that most people didn’t have the right to any privacy, or to much of anything else.

A half-millennium later, another Index Librorum Prohibitorum has been trotted out by a powerful governing force. Monday, the U.S. Office of Foreign Assets Control (OFAC) placed a decentralized privacy service called Tornado Cash on its Specially Designated Nationals list. This makes interacting with the service illegal for U.S. nationals and entities.

But the impact and even intent seem even broader than that: Tornado Cash developer Roman Semenov claimed Tuesday his Github code repository account had been suspended. Semenov has not personally been sanctioned by OFAC, and he plays no direct role in the Tornado Cash service. Instead, he has coordinated the creation of code that can be run by other people to form a decentralized network. Writing on Twitter, Semenov nailed the key question raised by his reported suspension:

“Is writing open-source code illegal now?”

What is Tornado Cash?

Tornado Cash is a “mixer” on the Ethereum network. In broad strokes, it allows Ethereum users to send either ether (ETH) or ERC-20 tokens to the service to be “mixed” with other users’ tokens before being sent back, helping obscure who sent what to who and when. While Ethereum has basically nonexistent privacy controls by default, Tornado Cash is apparently quite effective – if it wasn’t, OFAC might not have bothered blacklisting it. And because the code is transparent, decentralized and automated, Tornado Cash can be trusted to do what it says on the tin.

OFAC has very legitimate reasons for wishing Tornado Cash didn’t exist. According to the agency, Tornado was used by North Korea’s Lazarus Group to launder hundreds of millions of dollars of proceeds from the hacks of huge crypto projects including the Ronin bridge. It has been suggested that North Korea uses the proceeds from such hacks to fund weapons programs, so stopping that seems like it would be pretty good for the world.

But OFAC’s sanction is itself an indiscriminate dirty bomb of catastrophic proportions, poised to vaporize the fundamental human rights of millions of people globally as it (maybe) stops the activities of one tiny and impoverished nation. There are innumerable reasons for everyday non-criminals to use a service like Tornado Cash, from making anonymous political donations to concealing the extent or location of their private wealth.

Even Ethereum co-founder Vitalik Buterin jumped into the discussion to admit he had used Tornado Cash to obfuscate donations to the Ukraine war effort – not, he claims, to protect himself, but to protect recipients in Ukraine.

(Vitalik Buterin)

This is a problem not just ethically, but legally. OFAC’s sanction, and even more so subsequent attempts by the likes of Github to squelch the Tornado Cash code, may point to intense internal contradictions in U.S. law. It’s not quite fair to blame OFAC singularly for this: A regulator’s job is, generally, to attack a single problem rather than to think through the broader consequences.

Responsibility for the big picture falls instead mostly to legislators and, particularly in this case, the judiciary.

Is code speech?

From a legal standpoint, understanding what Tornado Cash does may be less important than understanding what it is. It is not a company or a human or even a machine with a physical presence. It is open-source code – text, commands, numbers and words – that executes a certain scheme of commands when compiled and deployed in its intended environment.

Tornado Cash, then, is a network of peer-to-peer channels, rather than a discrete company, entity or service. So while the sanctioning document targets Tornado Cash by name, and lays out a series of specific Ethereum addresses associated with it, the code could in principle be redeployed under a different name and utilizing different addresses. It seems likely this would set up a kind of “whack-a-mole” situation as new iterations of Tornado Cash are sanctioned as quickly as they appear.

That could hint at why someone may have leaned on Github owner Microsoft (MSFT) to ban Semenov. The real threat here isn’t the operational Tornado Cash service on Ethereum, but the infinitely and freely replicable code that makes it work.

That means OFAC faces a serious constitutional challenge in trying to quash it: As the Washington, D.C., lobbying group Coin Center has pointed out, various legal judgments have concluded that both money and computer code can be forms of speech protected by the First Amendment. In the case of money, that seems to particularly apply to monetary political donations.

That puts Semenov in the company of both Johannes Trithemius and, more recently, Phil Zimmerman, the inventor of PGP encryption, an effectively unbreakable public-key encryption scheme. Zimmerman released PGP in 1991, declaring it “guerrilla freeware.” But within months the National Security Agency had declared PGP a sanctioned “munition” so dangerous for warfare that it should not be legally distributed.

Zimmerman fought a multi-year legal battle before two federal court decisions in 1996 declared that the encryption techniques were protected by the First Amendment. It seems plausible that a similar conclusion might be reached by courts considering OFAC’s actions against the Tornado Cash code.

This is a fundamental dilemma for the U.S., and even for global jurisprudence and social structure. There are very good reasons to not want North Korea or anyone else to be able to freely conceal global financial activity.

But is doing so worth sacrificing the values America purports to stand for?

Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to to register and buy your pass now.


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

David Z. Morris

David Z. Morris was CoinDesk's Chief Insights Columnist. He holds Bitcoin, Ethereum, and small amounts of other crypto assets.