As the media’s interest in NFTs has risen, so too has the coverage of NFT scams, thefts, and hacks. One similar behavior unites many of these nefarious individuals, from the accused NFT rug-pullers arrested by the FBI in March to the North Korean hacker group Lazarus which managed to steal $625 million from the blockchain game Axie Infinity — is the use of Tornado Cash, a service that helps anyone hide their actions on the Ethereum blockchain.
To the casual observer, the mixing service offers one very obvious and darkly compelling allure: the ability to quickly and easily launder money. Scam artists have certainly used services like Tornado to obfuscate the trail of stolen funds, whether from hacked wallets, blockchain exploits, or dark market sales. Money laundering concerns led to some other similar services being shut down in the past, but Tornado is still going strong — and might even be “unstoppable,” according to its founders.
But proponents say mixing services like Tornado are important for protecting digital privacy. Whether Tornado is truly unstoppable or not, its use both for nefarious and innocent purposes has major implications for the future of Web3 and blockchain-based systems. Here is more about what Tornado is, how it works, and why it is so controversial.
Mixing 101
Let’s start with the basics: A blockchain is a record of transactions that everyone can agree on. The mechanisms — proof of work, proof of stake, proof of history — can vary, but the fundamental property of blockchain-based systems is the full transparency of its transaction history. If you ‘own’ a bitcoin, for example, that ownership is different from the files on your computer or even the dollar bills in your wallet. What you have instead is a record of transactions leading all the way back to that bitcoin’s initial creation.
This mechanism has advantages over physical currency, as many bitcoin advocates will tell you. While cash can easily be exchanged without any records being created, every transaction on the blockchain is recorded and immutable. That means, in most cases, if Person A sends some amount of crypto to Person B, a permanent record linking their two wallets is created.
However, since the early days of bitcoin, cryptocurrency mixers have operated in order to obscure blockchain transactions. If Person A wanted to send that crypto to Person B without the link being created, instead of sending the money directly, Person A instead deposits it in the mixer, which is basically a large pool of currency. Then, perhaps over several different transactions over a period of time, that money is withdrawn by Person B into their wallet.
If A and B had the only wallets in existence, this would do little to hide their tracks. But if thousands of people made deposits and withdrawals every day, there would be effectively no way to link A and B to each other. You could prove A deposited the money into the mixer and B withdrew it, but you can’t prove that there is any relationship between them.
Pros and Con Artists
There are legitimate privacy arguments in favor of mixing services. High-net-worth individuals, for instance, probably would prefer to obscure themselves so they do not become targets for hackers. For the same reason, Jeff Bezos isn’t likely to hand over his bank account records to anyone who asks for them. But law enforcement also recognizes that tools used for protecting privacy are also frequently employed by, well, people with something to hide.
“When privacy crosses into criminality, there is no privacy,” said Ralph S. Behr, a criminal defense lawyer with extensive experience with money laundering cases in federal courts. “If by ‘privacy’ you want to obscure the source of wealth and the machinations you did to take the wealth and move it into the general economy, you may be crossing the line into money laundering.”
Tornado’s name brings to mind another widely-used digital privacy protocol: Tor, or The Onion Router, a service that bounces your internet browsing activity around various different relays in order to hide your activity from anyone that might be snooping. Sites only accessible on Tor are known as the “dark web,” since the sites aren’t indexed by search engines like Google.
Tor — which was originally developed by researchers working at the U.S. Naval Research Lab — has been used by activists worldwide to coordinate protests and evade Internet censorship by authoritarian governments. However, it also hosts dark web marketplaces where drugs, child pornography, and hacked credentials are sold. While Tornado Cash is a new implementation of digital privacy, the debate over whether the importance of that privacy is worth the risk of nefarious action is nothing novel.
A Mixed Legal History
One of the first major cryptocurrency mixers, Helix, moved over $300 million in value at the time of its operation from 2014-2017. Its operator, Larry Harmon, pleaded guilty to a money laundering conspiracy and agreed to forfeit 4,400 bitcoin last year, along with being hit by a $60 million fine from the Department of Treasury. Similar charges were brought against the operator of another mixing service, Bitcoin Fog, which also moved over $300 million in value during its run.
However, Tornado Cash differentiates itself from those early operations through its use of smart contracts, or computer programs that operate on the Ethereum blockchain. Tornado is a decentralized app) that runs on smart contracts, meaning the service operates completely autonomously — while the founders created Tornado, and even open-sourced the code, now they claim to have no control over the service. Decisions about Tornado are made by its community DAO, meaning no one person has sole control over the service, and its zero-knowledge proof system means that transaction information is inaccessible to all.
“Tornado Cash smart contracts are unstoppable: there are no admins and no upgradability. Nobody including Tornado Cash initial developers can change it or shut it down.” — Tornado.Cash website
Tornado Cash has also implemented features that could help appease law enforcement officials. A compliance tool on the website allows the recipient of funds from Tornado to prove their origin, which would be useful for a user who used the service for legitimate privacy reasons. Tornado also recently limited their website from servicing wallet addresses on the US Treasury’s Office of Foreign Assets Control’s sanctions list, making it harder — but not impossible — for those wallets to evade sanctions.
The Tornado Rages On
The question remains: Even if law enforcement wanted to shut down Tornado, what could it do? If the domain is taken down from the internet, the protocol can be accessed directly. If the protocol is somehow corrupted, the code is freely available online, so it can easily be reproduced.
“Smart contracts are immutable and cannot be stopped,” said one member of the Tornado community, who goes by the pseudonym @bt11ba and helps write the What’s Up Tornado blog, though they have no ties to Tornado’s founders. “To ‘shut down’ Tornado Cash, the only possibility would be to stop the Ethereum blockchain.”
Even in a world where Tornado remains operational, there are many pitfalls to laundering crypto proceeds, especially when they’re turned into cash. The FBI caught the aforementioned NFT rug-pullers, despite their use of Tornado, based on Internet records they subpoenaed from companies like Discord and Twitter. The couple accused of laundering proceeds from a bitcoin heist now worth billions were caught in part due to their purchase of a $500 Walmart gift card.
“It is still difficult to move from on-chain to off-chain assets,” said Divya Siddarth, a Political Economist and Social Technologist at Microsoft. “That is the reason that we caught those people. I think the point at which a nation-state has leverage is when you try to move those assets off-chain, and that will still exist.”
Indeed, the most successful crypto hackers seem to be the North Korean state-sponsored Lazarus group, where these hurdles don’t apply. Most other crypto exchanges have Know-Your-Consumer and anti-money laundering regulations to ensure legal compliance. But as the use of cryptocurrency widens, taking these assets off-chain may not be as important.
If Tornado is truly unstoppable, it might be a waste of time to debate whether it should exist or not. Instead, the crypto community will have to figure out for themselves how to balance privacy and security, much like digital pioneers have done before.
