GitHub restores Tornado Cash's code in 'read-only' mode

Quick Take

  • GitHub has reversed a complete ban on Tornado Cash’s open source code.
  • The functionality of the code repositories remains restricted to “read-only.”

GitHub, the internet's most widely used software hosting platform, lifted a ban on Tornado Cash’s open-source repositories on Thursday.

Still, the Microsoft-owned platform restored the code in “read-only” mode, making it available to only open and read the code. The move came after the U.S. Treasury clarified that sanctions against Tornado Cash did not apply to people’s ability to share and read the app’s code. 

In August, the U.S. Treasury Department's Office of Foreign Assets Control (OFAC) blacklisted the use of Tornado Cash and certain Ethereum addresses connected to the app, citing use by cybercriminals for money laundering. In response to sanctions, GitHub removed all Tornado Cash code in compliance with the regulator. 

Then on Sept. 13, the Treasury clarified that sanctions on Tornado Cash don’t stop people from sharing its code. "U.S. persons would not be prohibited by U.S. sanctions regulations from copying the open-source code and making it available online for others to view, as well as discussing, teaching about, or including open-source code in written publications,” an official Treasury post read.


Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

Following this clarification, GitHub modified the blanket ban on the application, though the platform did not reinstate Tornado Cash’s full functionality. Currently, it remains in read only mode, so while users can open and read the code, it cannot be modified or deployed on the platform.

Launched in 2019, Tornado Cash was designed as a privacy-preserving tool intended to shield users' financial activities that are visible to anyone on a public blockchain like Ethereum. Still, it became a tool for cybercriminals to obfuscate transactional activity of assets connected to illicit activities and funds procured from decentralized finance (DeFi) hacks.

© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

About Author

Vishal Chawla is The Block’s crypto ecosystems editor and has spent over six years covering tech protocols, cybersecurity, artificial intelligence and cloud computing. Vishal likes to delve deep into blockchain intricacies to ensure readers are well-informed about the continuously evolving crypto landscape. He is also a staunch advocate for rigorous security practices in the space. Before joining The Block, Vishal held positions at IDG ComputerWorld, CIO, and Crypto Briefing. He can be reached on Twitter at @vishal4c and via email at [email protected]