The next chapter in the Tornado Cash saga just dropped. Last week a court ruled last that Tornado Cash, a bot that can be used for obfuscating crypto, is safe from being sanctioned.
I first wrote about Tornado Cash in 2021, before its legal troubles began, warning of the risks ahead. I've been tracking Tornado's legal saga since then. (See here | here | here ). The saga serves as a bellwether for how financial services hosted on blockchains are to be sliced and diced under existing laws, in particular the crucial anti-money laundering statutes and sanctions laws. More generally it foreshadows how autonomous techno-beings, many of which don't yet exist, are to be treated by the law.
In the newest chapter of the saga, a court ruled that America's sanctions authority, the U.S. Treasury's Office of Foreign Assets Control (OFAC), does not have the authority to sanction a certain type of smart contract, or string of autonomous code, that undergirds Tornado Cash: its so-called immutable contracts.
Recall that in August 2022, OFAC sanctioned Tornado Cash, which accepts traceable crypto from users and returns it in untraceable format. Tornado had been used by the sanctioned North Korean hacker group Lazarus to obfuscate its financial tracks. OFAC listed Tornado Cash's website tornado.cash along with 53 Ethereum addresses.
The sanctions were relatively effective. Americans could no longer use the bot without risking fines or imprisonment. Those who had funds deposited in Tornado had to ask OFAC for special permission to withdraw them. In the months after the sanctions were announced, usage of the privacy bot plunged and the amount of crypto deposited fell by over half.
After two different sets of plaintiffs challenged OFAC's actions in court, the appeals court in one of the cases returned a verdict last week. An immutable smart contract is "unownable, uncontrollable, and unchangeable—even by its creators," and therefore it doesn't qualify as property. Because OFAC's sanctioning power is limited to that which is property, it follows that OFAC cannot sanction immutable smart contracts.
This not-property ruling only applies to twenty immutable Tornado Cash contracts that were on OFAC's sanctions list. Tornado's mutable contracts, those that can be controlled and changed, remain property—and thus can stay on the list of sanctioned contracts. Unless OFAC wins on appeal, it will presumably have to unsanction those twenty immutable contracts.
Now, it's possible that as long as the remaining sanctioned mutable contracts are crucial to the functioning of the Tornado Cash bot, the revised sanctions blacklist will still have an effect. And if OFAC adds other key mutable Tornado Cash smart contracts to its list (say like the contracts allowing governance, which for some reason were not originally sanctioned), American users will continue to steer clear of Tornado Cash, the bot's anonymizing capacities remaining lower than otherwise, thus diminishing its ability to serve North Korean interests.
But if not, what can OFAC do?
Sanction users, not code
I've already done a bit of digging on this question. In response to the sanctions, I wrote an article in late 2022 entitled: How to stop illegal activity on Tornado Cash (without using sanctions) The gist was to explore alternative tools for countering illicit activity on Tornado rather than the blunt tool of sanctioning its actual smart contracts. What I suggested was to apply pressure to the users of the smart contracts. "Rather than punishing code, penalize the people who use the code."
The logic goes like this. Any user who deposits crypto to Tornado Cash, even someone with clean crypto, is providing North Korea with prohibited financial services, the Tornado bot being the means by which the two sides are connecting as counterparties. Whether intentional or not, a user's deposits broaden the anonymity set of Tornado Cash, or its ability to obfuscate larger amounts of illicit funds sourced from sanctioned counterparties like Lazarus.
Think of it as sanctioned North Korean users passing on sanctions taint to all other Tornado Cash users by virtue of everyone interacting via the same bot, Tornado Cash. This taint spreads to those who deposited their crypto (clean or dirty) to Tornado at the same time as Lazarus and/or those who have continued to deposit to it in light of the known fact that the North Korean group regularly deposits stolen funds to the platform.
OFAC issues a public alert stating that any foreigner can and will be sanctioned if their funds interact with North Korean funds on Tornado Cash. In response, some foreign users will risk being designated and continue to engage with Tornado. Many will not. As for U.S. users, OFAC can threaten them with potential civil monetary penalties if they aid North Korea using Tornado as their a tool. A $10,000 fine for interacting with sanctioned North Korean actors via the Tornado Cash bot will probably discourage most usage.
Another core set of Tornado Cash users who OFAC has legal leverage over are the relayers—real life individuals who provide an extra layer of privacy to Tornado Cash users. (I explain here why relayers are necessary for full privacy). OFAC can threaten foreign relayers with sanctions and U.S.-based relayers with civil monetary penalties.
Pressuring these various groups of users won't stop Tornado Cash code from functioning, but it will certainly constrain the activity it facilitates, and thus make it harder for North Korea to anonymize its funds. And it is consistent with the court's not-property ruling because users, not contracts, are being targeted.
I'm not saying that OFAC will follow this playbook, or that it should, but it certainly is an option. There is another route, though, and that is to go to Congress and ask for the ability to put sanctions on immutable entities.
More broadly, Tornado Cash may just be the first in an emerging population of unownable and uncontrollable techno-beings—bots, machines, drones, androids, AI agents, automatons, and golems—that operate independently of human control, many of which will end up doing very dangerous things. Society may want the legal ability to protect its members from these immutable contraptions, including by sanctioning them.
For instance, imagine the following scenario...
A Russian AI-guided assassin bot
If a Russian assassin is regularly poisoning people (including U.S. citizens) for criticizing Putin, OFAC can sanction that assassin, thus preventing any American entity from dealing with him and blocking all of his accounts, his car, and his interests in various companies. That might not stop the assassin, but it'll make his job more difficult. In doing so, OFAC is simply fulfilling its mandate to use its sanctioning powers to protect Americans.
Say the assassin creates an artificial intelligence and imbues it with all of his assassin's lore, providing it with an artificial body and then throwing away the keys, rendering the robot immutable. The court's recent not-property ruling suggests that while OFAC can ably defend Americans from the flesh and blood assassin, it cannot protect them from the assassin's immutable killing robot—even though the robot performs the precise same killing function as the living assassin using the exact same techniques.
This is obviously an incongruity, one that seems like it should be fixed. Or is there a specific reason why we should provide legal safe harbor to all unownable and uncontrollable techno-beings? Feel free to explain in the comments.
In any case, OFAC's efforts to apply its national security mandate to Tornado Cash are probably not over. Let's see how it responds. Some sort of resolution is important because we are still in the early stages of being inundated with self-guided autonomous agents.
