Cybersecurity & Tech

OFAC Around and Find Out

Nicholas Weaver
Friday, August 19, 2022, 8:01 AM

OFAC’s designation of Tornado Cash to the SDN list has broad implications, including how cryptocurrency mining and bridging may act in the future.

Bitcoin cryptocurrency (Jonathan Cutrer,; CC BY-NC 2.0,

Published by The Lawfare Institute
in Cooperation With

The cryptocurrency space has long hoped to emulate the business model of Uber: ignore the regulations until you can grow too big to regulate, a technique called “regulatory escape velocity.” With Uber, the primary tool was simply violating taxi regulations among thousands of independent municipalities and daring the local regulators to do something. With cryptocurrency, the common excuse is to just “write code” that ignores centuries of financial regulation and then let it loose upon the world.

The cryptocurrency ecology has now run into a regulator that thinks nothing is too big to regulate: The Office of Foreign Asset Control (OFAC). On Aug. 8, OFAC announced the addition of virtual currency mixer “Tornado Cash” and all of its wallets to the Specially Designated Nationals and Blocked Persons List (SDN list), of entities that it is illegal for U.S. persons, or really anything that touches the U.S. financial system, to do business with.

OFAC is not a business regulator like the Securities and Exchange Commission (SEC). OFAC doesn’t have consumer protection interest or authority, nor does it investigate the various other “little” crimes (such as billion-dollar Ponzi schemes or industrial-scale securities fraud) that infest the cryptocurrency space. OFAC’s focus is national security, no different than the Army or Air Force branches. However, OFAC’s tools are sanctions, not soldiers, as a way of keeping money out of the hands of what are deemed national security threats.

This has implications beyond Tornado Cash, including how cryptocurrency mining and bridging may act in the future. And a griefer, an online individual who delights in causing problems for others, has also shown that most of these “decentralized” systems aren’t.

Tornado Cash’s Designation and Its Implications for “Decentralized” Cryptocurrency

Tornado Cash was notorious for being an automated money laundering system that processed billions of dollars worth of stolen cryptocurrency, including almost a billion stolen by North Korea (DPRK). The response to OFAC’s designation was swift: Tornado Cash’s github archive and website went away, and the founder of Tornado Cash found his personal github account suspended. And Dutch authorities even arrested one purported developer on Aug. 10.

Similarly, although the cryptocurrencies themselves are supposedly decentralized, actually using them requires centralized providers like Infura, which powers the popular cryptocurrency wallet MetaMask. Infura blocked MetaMask from accessing anything involving Tornado Cash, reminding everyone that the “distributed, uncensorable” Ethereum blockchain that powers Tornado Cash is amazingly dependent on centralized entities to deliver even remotely usable systems.

Likewise, the organization responsible for Tornado Cash, the Tornado Cash “DAO” (decentralized autonomous organization, basically a corporation that doesn’t bother to do the paperwork to gain the legal protections of a corporation), decided to fold up shop as they “can’t fight the U.S.” government, freezing future development and transferring funds initially intended to support continued development of the system to those who invested in the Tornado Cash governance token.

While these developments haven’t halted the smart contracts that operate Tornado Cash, they have severely disrupted the contracts in a few ways. First, without the web interface or MetaMask support, it requires an expert to access the underlying smart contracts to either withdraw or deposit Ethereum in Tornado Cash, a feature common to many “decentralized” projects. Even then, this disruption limits the utility as outputs of Tornado Cash are easy to identify as coming from Tornado Cash. Most central providers now treat such flows as dirty.

Second, it also effectively stops copycats. The Tornado Cash code is still out there, and someone can spin up a copycat for a couple hundred dollars’ worth of Ethereum “gas” fees, but any new mixing services are no longer nearly as useful for criminals. The mixing service needs many users to provide useful anonymity, so if there are few users it provides little benefit for the criminals. But if there are a significant number of users, it is nearly inevitable that this will include the DPRK, meaning Tornado Cash 2.0 will end up in the same situation as Tornado Cash Classic.

Third, as cryptocurrency analyst David Gerard put it, the cryptocurrency community has long believed that if you create an automated box where you put clean and dirty money in and shake it around, all the money comes out clean rather than dirty. The latest designation shows that OFAC has seen through this illusion, meaning that if Iran or North Korea finds the service useful at scale, then these boxes will be at risk of sanctions. Other regulators are likely to follow suit.

Another amusing lesson arises from a griefer who sent small amounts of Ethereum (0.1Eth or about $200) to numerous high-profile Ethereum wallets. These wallets then found themselves locked out of numerous “decentralized” services.

This was due to how centralized services Chainalysis, TRM, and Elliptic provide an oracle to say, “This is a sanctioned wallet, do not accept,” to the numerous centralized services that actually power the Ethereum ecology. These web pages then blocked access to the supposedly decentralized systems.

The disruption, although temporary, is a great demonstration that most of the cryptocurrency space is something I now describe as “Derp-Centralized”: centralized systems, powered by centralized entities, that simply abrogate their responsibilities unless threatened by a powerful regulatory authority like OFAC.

Going forward, OFAC should watch the Tornado Cash pools and pay attention to subsequent outflows as they indicate two groups of additional targets that OFAC will probably need to warn if not sanction in the future: the Ethereum miners themselves and various “bridge protocols.”

There is a myth that cryptocurrency miners are not involved in transactions because the system is “decentralized.” But the reality is that every transaction is included in the public record by a single “block producer” who is effectively the money transmitter for the transactions in the particular block.

Miners can refuse transactions that meet their individual criteria (and they have done so). Marathon Digital Holdings previously created an “OFAC compliant” Bitcoin mining pool, although they stopped this enforcement due to public backlash: Apparently the cryptocurrency community views violating OFAC sanctions as a desired property.

OFAC Moving Forward

Although previously most cryptocurrency mining occurred in China, China evicted the miners because of their obscene power consumption and other reasons. The mining has largely bounced all over the world, but a huge amount has now settled into the U.S. and Canada. This is due to a combination of inexpensive, reliable power as well as a strong rule of law. Of course, the strong rule of law comes with the condition that the miners too have to follow the law.

OFAC should offer a “friendly” reminder to all U.S.- and U.S.-adjacent-based cryptocurrency miners that they have an obligation to follow OFAC regulations. OFAC should elaborate that a miner that produces a block is responsible for the transactions contained in the block.

And it wouldn’t be an undue burden for the miners. Marathon Holdings already showed it is possible to provide OFAC-compliant mining by using a risk-scoring method to exclude sanctioned transactions.

The list of sanctioned cryptocurrency wallets, across numerous blockchains, is now substantial. OFAC provides a convenient downloadable list, and as seen before there are central services that allow easy querying to determine if a transaction would run afoul of OFAC or other laws. Miners with a U.S. nexus need to abide by those laws.

The other likely target for future OFAC enforcement is bridge protocols. The primary blockchains, Ethereum and Bitcoin, are slow, congested, and expensive to use. So there exist services that will take a user’s Ethereum or other cryptocurrency on one system and transfer it to another as “wrapped” tokens. It was specifically the “Ronin bridge” that the DPRK targeted in its record-setting hack.

But bridges don’t just serve to transfer cryptocurrency. They can also disguise cryptocurrency. A bridge, like a mixing service, represents a large pool of cryptocurrency where a participant can make a deposit and, at a later date, withdraw the cryptocurrency. The DPRK has already discovered this, apparently having laundered some $150 million through the RenBridge system out of some $500 million of dirty cryptocurrency. 

The operators of this bridge, by not putting in proactive controls, are playing with fire. After all, they could modify both the front end and smart contracts to access the information needed to block OFAC-sanctioned entities from using the bridge.

Overall, the cryptocurrency community’s attempt at regulatory escape velocity has run into a huge obstacle: There is no escape velocity from the surface of a black hole. Things are now entering the “Find Out” stage of OFAC Around and Find Out.

Nicholas Weaver is a senior staff researcher focusing on computer security at the International Computer Science Institute in Berkeley, California, and Chief Mad Scientist/CEO/Janitor of Skerry Technologies, a developer of low cost autonomous drones. All opinions are his own.

Subscribe to Lawfare