A practical compliance guide to Tornado Cash — the decentralised Ethereum mixing protocol sanctioned by OFAC in 2022. What it is, how zero-knowledge proofs power it, why wallets with Tornado Cash exposure are flagged in every major AML screening tool, what the OFAC designation means for VASPs and users, and how to respond when an address is flagged.
Blockchain analytics tools flag wallets that have interacted with Tornado Cash smart contract addresses. The flag specifies hop distance, volume, and whether the interaction is pre- or post-OFAC designation (August 8, 2022).
Post-August 2022 interaction with sanctioned addresses requires zero-discretion blocking for US-nexus VASPs. Pre-designation exposure is treated as standard high-risk mixer exposure — requiring EDD but not automatic blocking for non-US entities.
OFAC exposure: block and report. Non-OFAC mixer exposure: tiered response by hop distance and volume. Request source-of-funds documentation. Route to analyst review. File SAR if criminal proceeds are suspected after review.
Record the exposure type, hop distance, policy rule applied, action taken, and analyst rationale. For OFAC-related decisions, retain documentation indefinitely. This audit trail is what regulators and legal counsel require.
Tornado Cash is a decentralised, non-custodial cryptocurrency mixing protocol originally deployed on Ethereum in 2019. It allows users to deposit fixed-denomination amounts of ETH or ERC-20 tokens and withdraw the same amount to a different address, with no on-chain link between deposit and withdrawal addresses. A full technical overview is at Wikipedia — Cryptocurrency Tumbler.
Users deposit a fixed amount (0.1, 1, 10, or 100 ETH) into a Tornado Cash smart contract pool. The contract issues a cryptographic "note" — a secret that proves the deposit without revealing the depositor's address. To withdraw, the user submits the note to a different address via a zk-SNARK proof that confirms ownership of the note without exposing which deposit it corresponds to. The withdrawal address has no on-chain connection to the deposit address.
Tornado Cash was deployed on Ethereum mainnet (primary), BNB Chain, Polygon, Arbitrum, Optimism, and Gnosis Chain. The OFAC sanction covers the smart contract addresses across all chains where they are deployed — not just Ethereum mainnet. When screening for Tornado Cash exposure, ensure your analytics tool covers all relevant EVM chains.
The cryptographic innovation that makes Tornado Cash more privacy-preserving than traditional coin mixers is its use of zk-SNARKs (Zero-Knowledge Succinct Non-Interactive Arguments of Knowledge).
A zk-SNARK allows the withdrawer to prove to the smart contract that they possess a valid deposit note — without revealing which deposit note it is. The contract verifies the proof mathematically without learning anything about the depositor's identity or address. This is cryptographically stronger than traditional mixing, which relies on the mixer operator's honesty not to log the input-output mapping.
Because the on-chain link between deposit and withdrawal addresses is cryptographically broken — not just obscured — standard transaction graph analysis cannot follow funds through Tornado Cash the way it can through traditional mixers. Analytics tools instead flag any interaction with the known Tornado Cash contract addresses directly. The deposit address is visible; the withdrawal destination is not.
| Exposure type | Score | OFAC layer | Compliance response |
|---|---|---|---|
| Post-Aug 2022 direct interaction | Critical | Yes — SDN violation risk | Immediate block; legal counsel; no discretion for US-nexus VASPs |
| Post-Aug 2022 indirect (2 hops) | High | Possible OFAC nexus | Block; analyst review; legal counsel assessment |
| Pre-Aug 2022 direct interaction | High | No OFAC designation | EDD; source-of-funds documentation; possible SAR |
| Pre-Aug 2022 indirect (2–3 hops) | Medium | No OFAC designation | Analyst review; source-of-funds request; document and decide |
| Distant indirect (3+ hops, any date) | Low–Medium | No OFAC designation | Document; monitor; typically allow with enhanced oversight |
US-registered exchanges, custodians, and any entity with US nexus (US customers, US bank accounts, US management) must block all transactions involving addresses with post-August 8, 2022 Tornado Cash exposure. There is no EDD path that resolves an OFAC SDN match — the obligation is blocking and reporting, not enhanced scrutiny. File a report with OFAC's Compliance Hotline and retain all documentation. See ofac.treasury.gov.
Non-US VASPs without US nexus are not directly bound by OFAC but must check their own jurisdiction's sanctions lists (EU consolidated list, UK OFSI, UN Security Council). Most EU and UK regulators treat Tornado Cash interactions as a high-risk AML indicator requiring EDD regardless of whether a local sanctions designation exists. Apply the hop-distance risk matrix and document thoroughly. FATF guidance applies to all.
Blocking a transaction for Tornado Cash exposure does not automatically trigger a SAR obligation — SAR filing is required when you suspect criminal proceeds, not merely AML-flag exposure. However, any Tornado Cash interaction involving large sums, structuring patterns, or other red flags beyond the mixer exposure itself typically crosses the SAR threshold. File with FinCEN at bsaefiling.fincen.treas.gov.
For every Tornado Cash-related compliance decision: retain the screening report with timestamp, the category breakdown and hop distances, the policy rule applied, the action taken, any SAR filing reference, and the analyst's rationale if a review queue was triggered. For OFAC-related blocks, retain documentation indefinitely — there is no statute of limitations ceiling on sanctions record retention obligations.
| Provider | TC smart contract coverage | OFAC layer | Multi-chain |
|---|---|---|---|
| Chainalysis KYT | Comprehensive — all TC pools, all chains | Full OFAC SDN integration | ETH, BNB, Polygon, Arbitrum+ |
| Elliptic Navigator | Comprehensive — DeFi protocol focus | OFAC + EU sanctions | ETH + major EVM chains |
| TRM Labs | Good — 30+ chain coverage | Global sanctions lists | Widest chain coverage |
| Crystal Blockchain | Good on ETH; limited on newer EVM chains | OFAC + EU | ETH-primary |
Tornado Cash is a decentralised, non-custodial cryptocurrency mixing protocol deployed on Ethereum and several EVM-compatible chains in 2019. It uses smart contracts and zero-knowledge proofs (zk-SNARKs) to break the on-chain link between deposit and withdrawal addresses. Users deposit a fixed denomination of ETH or ERC-20 tokens, receive a cryptographic note, and can later redeem that note to withdraw the same amount to a completely different address — with no on-chain connection between the two.
In August 2022, the US Treasury's OFAC added Tornado Cash's smart contract addresses to the SDN list, making interaction with the protocol a potential sanctions violation for US persons and US-nexus entities. The protocol itself remains deployed on-chain — immutable code that cannot be removed — but its use carries significant legal and compliance risk globally.
The answer depends on jurisdiction and timing. Tornado Cash itself is decentralised software — the smart contracts are on-chain and cannot be shut down. Using the protocol is not universally illegal. For US persons and entities with US nexus, interacting with the OFAC-designated smart contract addresses after August 8, 2022 may constitute a sanctions violation regardless of intent — this is a strict liability standard where the nature of the transaction matters, not the user's motivation.
Outside the US, legality depends on local sanctions legislation. The 5th Circuit Court of Appeals ruled in November 2024 that immutable smart contracts may not be sanctionable as "property" under IEEPA — creating ongoing legal uncertainty about the US designation. However, in all jurisdictions, using Tornado Cash to launder criminal proceeds is a criminal offense under money laundering statutes. And in all jurisdictions, VASPs must treat Tornado Cash interactions as high-risk AML exposure per FATF guidance regardless of the sanctions question.
Tornado Cash is flagged in AML screening for two distinct reasons that compliance teams must separate. First, it is a cryptocurrency mixer that deliberately obfuscates transaction provenance — a recognised money laundering red flag under FATF guidance regardless of whether a sanctions designation exists. FATF's virtual asset guidance explicitly cites anonymity-enhancing technologies as risk indicators requiring enhanced due diligence.
Second, post-August 8, 2022 interactions with Tornado Cash contract addresses trigger an OFAC sanctions flag — a legal compliance obligation separate from AML risk scoring. This OFAC overlay applies regardless of hop distance, volume, or any EDD outcome. Analytics tools flag both simultaneously, but compliance teams should handle them through separate policy tracks: AML risk scoring (where EDD and documentation can resolve the matter) and OFAC sanctions compliance (where only OFAC licensing or legal process can).
The first step is determining whether the exposure is pre- or post-August 8, 2022. Request the specific interaction date from the platform — this determines which compliance pathway applies. Pre-designation exposure is an AML matter where documentation and EDD can resolve the flag. Post-designation exposure at a US-nexus platform is an OFAC matter where the platform has no legal discretion and documentation alone will not release funds.
For AML-only flags (pre-2022 or non-OFAC exposure): gather source-of-funds documentation showing where the funds came from before they entered Tornado Cash. Exchange withdrawal records, bank statements, and OTC desk receipts are all relevant. Submit these through the platform's official compliance dispute channel. For OFAC-flagged exposure: consult a cryptocurrency compliance attorney experienced in OFAC licensing and sanctions matters before taking further action — this is a legal process requiring specialist guidance, not a standard compliance dispute.
On August 8, 2022, the US Treasury's OFAC added Tornado Cash's smart contract addresses to the Specially Designated Nationals (SDN) list, citing their use by North Korean state-sponsored hackers (Lazarus Group) and other criminal actors to launder hundreds of millions of dollars. This was the first time OFAC sanctioned immutable software code rather than a person or organisation — creating a legally novel situation.
The controversy stems from the nature of the target. Tornado Cash smart contracts are immutable code on a public blockchain — no person or company controls them, and they cannot be turned off. Critics argued that sanctioning code rather than operators criminalises privacy-preserving software and could be used to restrict legitimate financial privacy. The 5th Circuit Court of Appeals agreed in part in November 2024, ruling that immutable contracts cannot be sanctioned as "property" under IEEPA — though the broader sanction and criminal prosecutions of the developers continue.
Tornado Cash uses zk-SNARKs (Zero-Knowledge Succinct Non-Interactive Arguments of Knowledge) to allow users to prove they possess a valid deposit note without revealing which specific deposit it corresponds to. When a user deposits ETH into a Tornado Cash pool, the smart contract records a cryptographic commitment on-chain. The user receives a secret "note" off-chain. To withdraw, the user generates a zk-SNARK proof that they possess a valid note — without revealing the note itself or any link to the original deposit.
The smart contract verifies the proof mathematically and releases the funds to any withdrawal address the user specifies. The result is a cryptographically verifiable unlinkability — not just operational obfuscation as in traditional mixers. This is why analytics tools cannot follow the fund flow through Tornado Cash the way they can through standard on-chain transactions: there is genuinely no on-chain link to follow. Detection instead relies on flagging interactions with the known contract addresses directly.
Three developers were identified and prosecuted. Alexey Pertsev was arrested in the Netherlands in August 2022. In May 2024, a Dutch court convicted him of money laundering and sentenced him to 5 years and 4 months in prison — establishing that developers of mixing services can face personal criminal liability in EU jurisdictions. Roman Storm and Roman Semenov were indicted in the US in August 2023 on charges of conspiracy to commit money laundering, violations of US sanctions law, and operating an unlicensed money transmitting business. Roman Semenov remains at large; Roman Storm's trial was ongoing as of early 2026.
These prosecutions represent the current regulatory position: developers of services that facilitate money laundering face personal liability regardless of whether the service is decentralised. The decentralised nature of the protocol is a relevant factor in the legal arguments but has not prevented prosecution of those who created and promoted it.
Tornado Cash supported both ETH and several ERC-20 tokens — including DAI, USDC, USDT, and WBTC in fixed-denomination pools. Exposure flags from analytics tools cover all assets processed through the Tornado Cash pools, not just ETH. When OFAC sanctioned Tornado Cash, Circle (USDC issuer) immediately froze all USDC held in Tornado Cash smart contracts — demonstrating how quickly stablecoin issuers responded to the designation.
The OFAC SDN designation covers the smart contract addresses themselves regardless of what asset flows through them. Any interaction with those addresses — depositing ETH, USDC, DAI, or any other token — falls under the sanction. Analytics tools flag all such interactions with the same high-risk / OFAC-exposure designation, regardless of the specific token involved.
In November 2024, the US Court of Appeals for the 5th Circuit ruled that OFAC's designation of Tornado Cash's immutable smart contracts was unlawful under IEEPA because immutable code that no party can modify or control does not constitute "property" that can be blocked. The court found the immutable contracts — unlike mutable contracts or organisations — cannot be owned or controlled and therefore fall outside IEEPA's sanctionable categories.
From a compliance standpoint, the ruling does not remove Tornado Cash from the OFAC SDN list — only OFAC itself can delist the addresses, and no delisting had occurred as of March 2026. US-nexus VASPs should continue to treat Tornado Cash interactions as potentially sanctionable until a formal OFAC delisting action occurs. The ruling is significant legal precedent that may eventually result in delisting, but compliance obligations follow the SDN list, not court opinions. Consult your cryptocurrency compliance attorney for current guidance on how your specific institution should respond given your US-nexus exposure.