Learn more about the 2025 Coin Center Annual Dinner

Coin Center files court brief in defense of Tornado Cash developer

The publication of Tornado Cash code is clearly protected by the Constitution

Today Coin Center filed an amicus brief in Roman Storm’s ongoing criminal case in the Southern District of New York. In this brief, we help the court cut through the vague and prejudicial description of Tornado Cash offered by the prosecution. We make clear that open source software developers cannot control the actions of others who happen to use their tools, and we argue that statutory and constitutional limitations to sanctions laws forbid the government from charging the Tornado Cash developers, or any similar open source developers, with conspiracy to evade sanctions.

A simple and unbiased description of Tornado Cash

Coin Center has used Tornado Cash to receive charitable donations and we have an ongoing civil lawsuit to remove the immutable smart contract addresses from the sanctions list. Given our experience with the tool and the relevant law we felt that the best way we could support the court in this criminal case was by carefully and clearly describing exactly how Tornado Cash works, and to what degree any third party, including the defendants, have power or control over funds moved by that protocol.

In our description, we focus on the immutability of the pool smart contracts and the non-essential nature of the other software tools authored by the defendants (the upgradable secondary smart contracts and the user interface). As we argue,

The UI is still just software running on the user’s computer. It was released as a fully open-source standalone software package that can be downloaded and installed on any users’ computer locally, and it was also made available on-demand at a web server maintained by Amazon Web Services (“AWS”) and paid for by the Defendants. In all cases, the user is the only person who can initiate the transaction by signing the message with cryptographic keys she has stored on her computer. The UI is, in this sense, rather like an early version of Turbo Tax. It will help you fill out your tax forms by prompting you with non-technical questions, but you are ultimately responsible for printing out the results, filing them, and paying your taxes yourself.

None of the defendants are alleged to have acted as relayers, but for good measure we explain why even this relayer activity is non-custodial and non-essential to any usage of the tool,

Users also have the option of paying a third party, called a “relayer,” in order to improve the privacy of their transactions. This relayer is, however, merely relaying already formed and user-signed transaction messages to the Ethereum network and paying the associated Ethereum transaction fees. To continue the tax preparation metaphor, the relayer is like a private courier server the taxpayer hires to deliver her tax documents to the IRS. At no point can a relayer alter the signature of the transaction, control the underlying funds, or otherwise manipulate the assets that the user is moving. If a relayer fails to relay the message, the user can always broadcast the transaction message herself or find an alternative relayer.

Providing an unbiased description of this background information was doubly important given the nakedly prejudicial descriptions offered by the government. As we write in our brief:

The indictment wrongly characterizes the activities of the Defendants as “execut[ing]” transactions, “provid[ing]” secret notes, “initiating” transfers, “commingl[ing]” deposits, and “receiving” funds. To our knowledge and based on the allegations in the indictment, the Defendants did not execute any user transactions, provide any secret notes, initiate any user transfers, commingle any user deposits, or receive any user funds. The Defendants did create and publish open-source software that allowed individual users to do many of these things on their own: They published immutable and non-custodial smart contracts that ultimately “receive” user funds, allowing the users and only those same users to take them back on demand. But to say that they receive those funds is like saying a locksmith owns everything secured by his locks.

The indictment disparagingly refers to the Defendants as “[c]laiming to offer the Tornado Cash service as a ‘privacy’ service, [when] the Defendants in fact knew that it was a haven for criminals.” Respectfully, there are several problems with this characterization. First, Tornado Cash is not a service in the traditional sense of the word. Like Ethereum, it is a series of open-source software tools that can be used without any involvement from any third-party service provider. Second, it is a freely available privacy tool and, like any other widely available tool, it will provide its functionality for anyone who wields it—be they a criminal or a law-abiding citizen. Criminals use cars to evade law enforcement and yet we do not suggest that cars are not legitimate tools for transportation because they are, instead, a haven for criminals. Coin Center has used Tornado Cash to privately accept donations that support our non-profit mission. We have brought a lawsuit to have OFAC remove the Tornado Cash pool addresses from the sanctions list so that we can continue to use them for that purpose and so that other Americans can use them for any legitimate privacy purposes. We have co-plaintiffs in that lawsuit who wish to use Tornado Cash to be privately paid their salary and who have used it to privately make donations to the war effort in Ukraine without becoming targets of Russian cyber attacks.

Nor is Tornado Cash the only tool of its kind. JP Morgan Chase previously built and tested a computer system, called “Quorum,” for privately settling accounts between banks using the very same zero-knowledge proof cryptography as Tornado Cash. Recently, it has been reported that they are testing a similar zero-knowledge system that, like Tornado Cash, runs on the Ethereum network, called “Aztec.” These tools are widely regarded by top researchers in cryptography and finance as state-of-the-art and essential for providing privacy safeguards when using blockchains to transact. To suggest that Tornado Cash is a mere haven for criminals rather than a series of innovative privacy tools for the world is inaccurate and inflammatory. There are larger public policy discussions worth having regarding the costs and benefits of online privacy tools but this is not the appropriate forum for that debate. The prosecution is not even attempting to have that debate, choosing instead to incorrectly pigeon hole a widely used and valuable new invention as a mere “haven for criminals.”

If you remain unsure about how Tornado Cash operated I recommend reading our full brief. There’s been a substantial amount of misdirection and even outright defamation in other descriptions of the tool and the developers. We are pleased to have this opportunity to set the record straight: what is at stake here is liability for mere open source software development, for publishing code, for speech.

Sanctions law, Tornado Cash, and the First Amendment

Turning from the facts to the law, we spend the reminder of our brief focused on sanctions law (the International Emergency Economic Powers Act or “IEEPA”), the statutory carve-outs from sanctions prohibitions (the Berman Amendments), and the First Amendment defenses that would protect anyone wrongly charged with violating IEEPA for the mere publication of open source software. Because of page limits we chose to focus exclusively on the sanctions conspiracy charge and a free speech defense; the DeFi Education Fund [PDF] and Blockchain Association have filed their own excellent briefs focused on the unlicensed money transmission and money laundering charges, you should read these too if you want a full picture of the issues at stake.

IEEPA does not allow the government to prohibit, directly or indirectly, transactions in information or information materials. Congress has repeatedly rebuked the executive branch for its overzealous use of the sanctions power to stymie the free exchange of information, first in the so-called Berman Amendments to IEEPA and again in the Free Trade in Ideas Act. These common sense exemptions from sanctions prohibition remove all doubt that the Tornado Cash developers cannot be held liable for conspiracy to violate IEEPA. As we argue,

First, the Berman Amendments do not cabin their safe harbor so narrowly, they removed from the executive any power to “directly or indirectly” prohibit information transactions. If one can be charged with conspiracy to violate sanctions merely for engaging in information transactions, that is an “indirect” prohibition on those information transactions. Similarly, if it is lawful under the Berman Amendments to develop and publish software, then it is lawful to agree and take substantial steps to develop and publish software.

Second, all of the most consequential steps taken by the Defendants to make available the Tornado Cash protocol, i.e. publishing the immutable pool smart contracts to the Ethereum blockchain, took place long before the Lazarus Group hacked the Ronan bridge and long before there was any indication that any sanctioned persons would be using the protocol. Publishing decisions over the functionality of the software and how to release it were made long before any knowledge of the Lazarus Group’s activities could have even existed. After April 14th, the Defendants, as alleged, took a single day to decide to block traffic associated with identified Lazarus Group wallets from using their web server, the only part of the Tornado Cash protocol under their control. That they failed to retract previously released software or change the immutable pool contracts, an impossibility given the Ethereum blockchain’s operation, in no way suggests that they willfully and knowingly confederated to commit sanctions evasion. To argue to the contrary would be to suggest that the developers of the Linux open-source operating system confederated with the regime of Iran, merely by freely releasing a valuable computing tool that Iran would later use to operate computers related to its weapons programs. Crafting such a broad standard for sanctions liability would massively chill the publication of software and could be used to villainize countless researchers, scientists, and developers whose selfless release of free and open-source software is largely responsible for the information technology revolution of the last half-century.

These carve outs for information transactions are essential to the modern technological economy and must not be minimized. To make this point as clear as possible, we draw an important analogy between the SWIFT payments network and Tornado Cash

Nor are the Defendants alone in claiming such exempted transactions from sanctions laws. Aside from several litigated cases, it is worth noting that even traditional global financial technology providers claim exemption on the basis of merely providing information transactions. For example, The Society for Worldwide Interbank Financial Telecommunication, SWIFT, is a Belgian banking cooperative that helps banks across the world settle over $150 trillion in financial transactions a year. While SWIFT’s tools are often used to move substantial amounts of money in violation of sanctions, and while SWIFT voluntarily cooperates with ongoing investigations into the use of their messaging protocol for sanctions evasion, they are, nonetheless, at pains to stress that they are not an obligated entity under sanctions laws:

“Responsibility for ensuring that individual financial transactions comply with sanctions laws … rests with the financial institutions handling them, and their competent authorities. Swift is only a messaging service provider and has no involvement in or control over the underlying financial transactions that are mentioned by its financial institutional customers in their messages.”

SWIFT has, in fact, far more control over the messages that they relay than the Tornado Cash developers have over any Tornado Cash messages. Unlike the Tornado Cash protocol, SWIFT messages can be relayed only by SWIFT-authorized users and SWIFT can and does block some users from participating in their proprietary messaging network.

Like the Defendants, SWIFT has voluntarily taken actions to assist law enforcement in investigating and preventing sanctions evasion after evidence of illicit usage has come to light. Unlike the Defendants, SWIFT wholly controls the messaging infrastructure that moves user funds; unlike the Defendants, SWIFT could but has chosen not to block all messages dealing with blocked property or sanctioned persons. Fortunately for Defendants (as well as SWIFT), IEEPA correctly forbids the President from directly or indirectly (as here with a conspiracy charge) prohibiting mere transactions in information.

Finally, we argue that even if the court wrongly found that the Berman Amendments do not carve-out the activities of the defendants from sanctions laws, the First Amendment protects them. As we write,

At root, the prosecution is attempting to hold the Defendants liable for the content and viewpoint of their speech. The software published and released by the Defendants carries a deep political and cultural message concerning both (a) whether people should be able to make private peer-to-peer financial transactions online and (b) exactly how and by using which scientific and cryptographic principles they can make those transactions. The software does not make those transactions for them nor do the Defendants. The software is an interactive guide and a body of research that has been distilled into a free and open-source package that others can read, learn from, and choose to use. Defendants’ choice regarding how to write and publish the software is the expression of a powerful political and scientific viewpoint in and of itself. Some in the U.S. Government may strongly have preferred that they would have published their code with a secret vulnerability or a “backdoor” for law enforcement, or simply not published their viewpoints at all. Especially in light of that probable government bias, the Defendants cannot and should not be held liable for having merely published software as they saw fit.

We go through two recent Supreme Court cases, IMS Health v. Sorrell and 303 Creative LLC v. Elenis, where similar viewpoint-based and content-based restrictions on for-profit software and data publishing were categorically rejected by the Court.

This case will be a watershed moment in digital rights and we are honored to be able to assist the court and do our small part in guaranteeing the American right to freely develop and publish software.