Tornado Cash Retrial Push Exposes Washington’s Confusing Stance on Crypto Mixers

Within days of acknowledging that crypto mixers can have lawful uses, Washington also moved to retry one of the most high-profile mixer-related criminal cases in the US. For investors and builders, the juxtaposition around Tornado Cash co-founder Roman Storm has turned into a real-time stress test of how far the current policy thaw actually goes—and where it stops.

Two conflicting signals from Washington on crypto privacy

In early March, two US government actions drew a sharp, if confusing, line through the crypto privacy landscape.

On one side, the US Treasury delivered a notable shift in tone. In a report to Congress, Treasury explicitly said that lawful users of digital assets may use mixers for legitimate financial privacy. The report cited scenarios like protecting personal wealth, shielding business payments and charitable donations, and hiding consumer spending habits from public view on transparent blockchains.

On the other side, prosecutors in the Southern District of New York (SDNY) moved to keep the Tornado Cash case alive. They filed a letter proposing to retry Roman Storm in October 2026 on two of the most serious charges: conspiracy to commit money laundering and conspiracy to violate sanctions. Each carries a maximum of 20 years in prison.

These steps landed on top of a broader policy turn in Washington. In March 2025, Treasury delisted Tornado Cash from sanctions, citing “novel legal and policy issues” raised by applying legacy sanctions rules to an “evolving technology and legal environment.” A month later, in April 2025, the Department of Justice (DOJ) issued a memo aimed at ending what critics called “regulation by prosecution,” saying it would stop targeting exchanges, mixers, and wallets purely for the acts of end users or for unwitting regulatory violations.

Yet each of these policy softeners came with caveats that now look central to the Roman Storm retrial.

• Treasury’s Tornado Cash delisting eased sanctions posture but stressed it remained “deeply concerned” about North Korea–linked hacking and laundering.
• DOJ’s memo narrowed enforcement but explicitly preserved priority treatment for cases involving sanctions, hacking, terrorism, organized crime, and sanctioned states.
• Treasury’s 2026 report acknowledged lawful mixer use but also highlighted mixer-linked illicit flows and recommended stronger tools, including a possible “hold law” to temporarily freeze suspicious assets.

The SDNY’s push to retry Storm sits squarely inside these carve-outs. It targets alleged laundering and sanctions violations in a case prosecutors link directly to North Korea–related activity—precisely the national-security bucket Washington has never promised to soften.

Inside the Roman Storm case: what the jury actually decided

The mixed jury outcome in Roman Storm’s August 2025 trial left the legal and policy landscape as murky as ever.

Jurors reached a verdict on only one charge: they convicted Storm on an unlicensed money-transmitting count, which carries a maximum sentence of five years. But they deadlocked on the two most serious counts—conspiracy to commit money laundering and conspiracy to violate sanctions—prompting the court to consider a partial verdict.

Prosecutors now want those unresolved counts retried in a proceeding expected to last about three weeks, starting around October 5 or October 12, 2026. In parallel, Storm has filed a Rule 29 motion for acquittal that argues the evidence was insufficient even on the unlicensed money-transmitting conviction. A judge is set to hear that argument on April 9.

The distinction between these counts is critical for anyone trying to read the case as a policy signal.

• Unlicensed money transmission is the charge that most closely resembles holding a developer responsible for operating or maintaining infrastructure. This sits awkwardly alongside DOJ’s 2025 pledge to stop targeting exchanges, mixers, and wallets for end-user conduct or mere regulatory missteps.
• Money laundering and sanctions are different. Here, prosecutors can argue Storm knew specific illicit activity—including North Korea–linked flows—was moving through Tornado Cash and continued operating or supporting the protocol nonetheless.

Notably, the government has chosen to retry the counts that fit squarely within its preserved hardline enforcement priorities, not the one that appears to conflict most directly with DOJ’s stated pivot away from “regulation by prosecution.” That decision is central to understanding how Washington is trying to thread the needle between tolerating crypto privacy tools in the abstract and punishing activity it can frame as national security–related.

Policy thaw vs. national security: where the line is being drawn

Viewed against the last two years of policy moves, the Storm retrial highlights both the reality and the limits of Washington’s crypto thaw.

When Treasury removed Tornado Cash from its sanctions list in March 2025, it did so while emphasizing the “novel legal and policy issues” in applying sanctions in a fast-moving technology context. Around the same time, DOJ disbanded its crypto enforcement unit and narrowed its prosecution priorities, producing a visible reduction in the department’s broad crypto enforcement posture.

Those decisions were not merely symbolic. They signaled that the administration was deliberately stepping back from the broadest possible definition of crypto legal risk and trying to normalize mainstream components of the ecosystem: exchanges, ETFs, stablecoin payment rails, and core market infrastructure.

But the Tornado Cash delisting notice and subsequent DOJ memo both carried a clear warning: the retreat would not extend to anything Washington could tie to national security.

• Treasury said it remained “deeply concerned” about Democratic People’s Republic of Korea (DPRK)–linked hacking and laundering and warned US persons to exercise caution around transactions that might benefit North Korean cyber actors.
• DOJ preserved top priority for prosecutions involving terrorism, organized crime, hacking, and sanctioned states.

Storm’s remaining exposure—money laundering and sanctions—sits exactly in that preserved enforcement lane, with prosecutors arguing Tornado Cash functioned as infrastructure for laundering North Korea–linked theft proceeds.

Treasury’s March 2026 report to Congress put numbers to the concern. Since May 2020, bridges on public blockchains received roughly $1.6 billion in deposits originating from mixing services. More than $900 million of those mixer-derived deposits flowed into a single bridge criticized for failing to intervene in DPRK-linked laundering.

In the same document, Treasury both:

• Affirmed that lawful users may turn to mixers for financial privacy, and
• Urged Congress to consider a new “hold law” giving institutions a safe harbor to temporarily freeze suspicious digital assets during investigations.

The net effect: the same report that validates privacy-enhancing tools as legitimate in certain contexts also asks for stronger mechanisms to pause or contain funds suspected of being linked to illicit mixer flows. Privacy is being recognized, but not fully de-risked.

Why markets may be mispricing privacy risk

Crypto markets have largely treated the policy pivot in Washington as a single, sector-wide story: the US is becoming friendlier, legal overhang is fading, and the entire asset class deserves a lower risk discount.

That framing fits reasonably well for parts of the ecosystem Washington is clearly trying to bring into a regulated mainstream—spot ETFs, centralized exchanges, stablecoin payment infrastructure, and traditional market plumbing.

It fits far less well for anything that can be narrated in terms of privacy, obfuscation, and sanctions evasion.

Post-verdict analysis of the Storm case underscored just how much uncertainty remains for developers of decentralized, privacy-preserving platforms. The mixed outcome suggested jurors were not convinced by arguments that Storm lacked sufficient control over who used Tornado Cash. The case implied that labels like “decentralized” and “non-custodial” may offer less legal insulation than many market participants assume—especially where there is evidence of ongoing business activity, fee collection, governance participation, or promotion tied to a protocol.

Each of those factors can help prosecutors argue that a developer maintained meaningful operational contact with software that processed illicit funds.

For retail investors holding tokens linked to privacy protocols, mixer-adjacent infrastructure, or any project whose team could plausibly be accused of knowing about illicit activity flowing through their tools, the Storm prosecution points to a legal risk premium that broad “pro-crypto” rhetoric may not eliminate.

The key takeaway for markets: US policy is becoming more segmented. A friendlier stance toward mainstream crypto does not automatically extend to the privacy sector, particularly when national-security narratives can be invoked. Treating regulatory relief as a uniform positive across all projects risks mispricing assets whose core value proposition is privacy in an environment where privacy infrastructure is still framed as a live enforcement risk.

What this means for builders and policy watchers

The apparent contradiction between Treasury’s nod to lawful mixer use and SDNY’s push to retry Roman Storm is, in practice, clarifying where the government’s red lines lie.

On paper, Washington is now willing to say three things at once:

• Privacy tools can be legitimate financial infrastructure.
• Mixers may serve lawful purposes for ordinary users, businesses, and civil society.
• Developers should not be charged simply because neutral infrastructure is misused by end users.

But it also appears unwilling to abandon cases where prosecutors believe:

• Developers were aware of specific illicit flows through their protocols,
• They continued operating or supporting those protocols regardless, and
• Those flows connect to sanctioned actors, particularly North Korea.

In practice, privacy is being treated as presumptively lawful until it can be retold as a national-security story. That line may matter more than any headline about a “pro-crypto” administration.

For Storm himself, the bull case is that his Rule 29 motion succeeds, the court throws out the remaining exposure, DOJ backs away from a retrial, and Treasury’s privacy-friendly language eventually evolves into something closer to a developer safe harbor.

The bear case is that the retrial proceeds, prosecutors win on one or both deadlocked counts, and the market is reminded that the privacy-adjacent sector still faces durable legal exposure that broader regulatory détente never actually resolved.

Either way, the core lesson is the same: legal clarity in US crypto policy is becoming highly sector-specific. Builders of privacy tools and investors in privacy-linked assets cannot safely rely on generic “pro-crypto” momentum. The government’s own documents, and its determination to continue the Tornado Cash prosecution on laundering and sanctions grounds, signal that the real fight over crypto privacy—and who bears responsibility when neutral tools intersect with national security concerns—is far from over.