by Benjamin Gruenstein, Evan Norris, and Daniel Barabander
From left to right: Benjamin Gruenstein, Evan Norris, and Daniel Barabander. Photos courtesy of the authors
Introduction
On August 23, 2023, the U.S. Attorney’s Office for the Southern District of New York announced the unsealing of an indictment against Roman Storm and Roman Semenov charging, among other things, conspiracy to operate an unlicensed money transmitting business in connection with their role as founders of Tornado Cash, from at least March 2022 until August 8, 2022.[1] A significant focus of the indictment is the “secret note” that customers used when depositing to and withdrawing from Tornado Cash, a “mixing service” that the indictment alleges “combined multiple unique features to execute anonymous financial transactions in various cryptocurrencies for its customers.” (¶¶ 1, 15, 18, 24.) However, despite allegations that the secret note was transmitted through various components of Tornado Cash that the founders controlled when a customer withdrew funds, in reality, the customer never relinquished control over the secret note. Rather, she sent only a “proof” that revealed nothing about the secret note and could only be validated by the smart contract to send funds directly from the smart contract to the customer. In this way, the founders may have exercised “necessary” control over funds, meaning that when the customer used Tornado Cash, components of the system the founders allegedly controlled may have been necessary to send the message to transfer the value in that particular transaction. However, based on our review of how the secret note worked during the period when the founders are alleged to have conspired to operate a money transmission business, the founders did not exercise “sufficient” control, meaning these components could not have transferred value independently from the customer. This is because Tornado Cash and its founders had no ability during this period to access the secret note to dictate how funds would be transferred.
This distinction between types of control is critical. Under the U.S. Department of the Treasury’s Financial Crimes Enforcement Network’s (“FinCEN”) non-binding 2019 guidance, a “money transmitter” must have “total independent control” over customer funds to qualify as such, which we interpret based on our review of the guidance to require both “necessary” and “sufficient” control.[2] Without access to a customer’s secret note, the Tornado Cash founders could not have had the requisite control over customer funds to qualify as a money transmitter under FinCEN’s 2019 guidance.[3]