TLDR
- The DOJ rejects the Tornado Cash developer’s defense based on the argument of immutable code.
- Roman Storm made over 250 changes to the Tornado Cash protocol, indicating active involvement in the platform’s operation.
- Prosecutors claim Storm misled victims by denying control over the protocol despite making significant changes.
- The DOJ argues that Storm’s failure to implement anti-money laundering controls makes him an operator of a criminal business.
- The legal battle centers on whether DeFi developers can be held liable for illicit activities on their platforms.
In a recent filing, the U.S. Department of Justice (DOJ) rejected the defense of Tornado Cash developer Roman Storm, who sought to dismiss charges based on the argument that the protocol’s code was immutable. Prosecutors claimed that Storm actively managed the Tornado Cash platform and chose not to implement effective anti-money laundering (AML) controls, despite being aware of the illicit activities occurring on the platform. The DOJ emphasized that this conduct constitutes operating a criminal business, not merely writing code.
DOJ Pushes Back Against Immutable Code Argument
Roman Storm’s defense team argued that the Tornado Cash protocol was neutral infrastructure, similar to how Cox Communications was not held liable for user-generated infringement in a 2023 Supreme Court case. However, the DOJ quickly dismantled this comparison. In its filing, prosecutors pointed out that Cox Communications actively discouraged illegal activities, whereas Storm and his associates allegedly allowed illicit transactions to thrive on Tornado Cash.
The DOJ emphasized that Storm’s response to inquiries was misleading. They stated that he lied to victims, claiming limited control over the protocol while secretly making over 250 changes to Tornado Cash. These changes demonstrated his ability to influence the platform’s operations, disproving the idea that he was merely a passive developer.
Prosecutors Target DeFi Developers in Money Laundering Case
The DOJ’s case hinges on the notion that developers operating platforms facilitating money laundering must take responsibility for illicit activity. Storm’s actions, they argue, show a direct link between his management of the protocol and the platform’s use for illegal financial transactions. The core issue is whether developers, like Storm, can be held accountable for enabling criminal conduct, especially when they have the capacity to intervene but choose not to.
The DOJ’s filing makes clear that the legal distinction does not lie in the creation of code itself but in the operational control over a platform. Developers who, like Storm, possess the ability to limit criminal use but deliberately forgo such measures can be deemed operators under the law. This legal framework is central to the ongoing prosecution of Storm and may set a precedent for other decentralized finance (DeFi) developers in future cases.
Tornado Cash Developer Faces Retrial Over Money Laundering Charges
The legal battle for Storm continues with his retrial scheduled for October 2026, where he will face charges related to money laundering and sanctions evasion. The August 2025 jury conviction on unlicensed money transmission already established that Storm’s role was not passive, contradicting his defense. As prosecutors focus on money laundering, they argue that Storm’s involvement in the Tornado Cash platform went beyond code development.
The retrial will test how far the legal system can extend accountability to developers of decentralized platforms like Tornado Cash. With Storm’s actions under scrutiny, the court may define new boundaries for developer responsibility in DeFi systems. The case could reshape how the law treats platform operators who enable illicit transactions, especially in the context of crypto and decentralized finance.
