Introduction
On a Sunday night in February, a billion dollars vanished at code-speed. Not through a bank with frozen ledgers, not through SWIFT’s gated corridors, but through a maze of wallets, bridges, mixers, and a handful of sleepy off-ramps that didn’t bother to ask questions.
By the time anyone looked up, the money had already scattered across different chains, fragmented and recombined into something that was, for all intents and purposes, untraceable.
For most of the last century, states had a ready answer when they wanted to punish an adversary: sanctions. With a few signatures, economies could be frozen out of the global system. The mechanism was simple: lean on the intermediaries. Banks, custodians, clearinghouses, and SWIFT all sat neatly inside jurisdictions, giving governments levers to pull at will.
DeFi changes the game, by design. The state’s sharpest lever is intermediaries; DeFi’s entire ethos is to erase them. What do you do when the “actor” is a piece of code, unowned, unalterable, available to anyone who cares to use it? That’s the collision—the Sanctions Deadlock
We’ve seen this play out before. In the 1990s, Washington tried to classify strong cryptography as a weapon by putting export controls on mathematical formulas. But code was not ordnance. It was speech, and it slipped through regulators’ fingers. You cannot ban an idea once it’s written down and copied, and thus the fight has shifted: today, the object of control is no longer ciphers but liquidity itself. The battlefield has moved from static lists of forbidden names to sprawling transaction graphs, from freezing bank accounts to starving entire networks. The real question isn’t whether you can block an address, but whether nation-states can outmaneuver a state-backed adversary laundering at code-speed on open rails.
Westphalian Power, Algorithmic Resistance
Sanctions have been the signature weapon of states since the twentieth century. When the U.S. Treasury wanted to punish an adversary it called the banks, instead of sending tanks. Freeze the assets, blacklist the firms, lock the target out of SWIFT. With a few signatures in Washington, entire economies could be cut off from the global system. The same logic played out on the world stage: the UN Security Council, empowered under Chapter VII of its Charter, imposed sanctions in conflicts from Rhodesia to Iran, wielding Article 41 as a way to coerce without firing a shot. For decades, this model worked because the financial system was built around intermediaries—banks, custodians, clearinghouses—all sitting neatly inside national jurisdictions.
DeFi tears up that architecture. Protocols are designed to be permissionless, borderless, and censorship-resistant. No banker to call, no server to seize, no boardroom to threaten with fines, value moves peer-to-peer across chains. That collision is a structural clash between two kinds of sovereignty—Westphalian and algorithmic.
Sanction people, and they reappear with new wallets. Sanction tools, and you discover that code isn’t a legal “person.” The more you squeeze, the more resilient and evasive the system becomes. The state’s attempt to assert control ends up accelerating the very decentralization it fears.
Nowhere is this clearer than in North Korea. Pyongyang, subject to one of the harshest sanctions regimes ever imposed, has turned DeFi into a strategic lifeline. Its hackers run billion-dollar heists, launder the proceeds through mixers and cross-chain bridges, and cash out via shady exchanges and shadowy payment networks.
What looks like chaos on-chain is in fact a vertically integrated supply chain: theft, obfuscation, conversion, all tuned to keep the regime’s weapons program alive.
The Tornado Cash saga exposed a legal wall. The Bybit hack exposed a strategic one. Together, they point to a simple reality—sanctions in their traditional form no longer work against decentralized systems.
From the Crypto Wars to Tornado Cash
The U.S. has been trying to put code in a legal chokehold for decades. In the 1990s, the first “Crypto Wars” broke out when Washington decided strong encryption was too dangerous to circulate freely. Programs like PGP were literally classified as munitions, placed in the same export-control bucket as missiles and fighter jets. The logic was simple: if anyone could download unbreakable encryption, the NSA and law enforcement would lose visibility into criminals and terrorists.
That position didn’t survive contact with the internet. Phil Zimmermann dropped PGP online in 1991; activists printed the source code on T-shirts to mock the idea that math could be a weapon.
When graduate student Daniel Bernstein sued for the right to publish his algorithm, the courts agreed. Judge Patel’s 1996 ruling in Bernstein v. DOJ made it explicit: source code is speech, protected by the First Amendment. The state could regulate conduct—how software was used—but not the act of writing or publishing it.
Fast-forward three decades: the target shifted from ciphers to liquidity. In August 2022, OFAC sanctioned Tornado Cash, a set of autonomous smart contracts on Ethereum used by North Korea’s Lazarus Group to launder hundreds of millions.
It wasn’t a company or a bank; it was code, immutable and ownerless. To make it fit the law, Treasury leaned on the International Emergency Economic Powers Act (IEEPA), arguing that Tornado Cash was an “association” of developers and DAO members, and that its smart contracts were “property” belonging to that association.
The courts weren’t buying it. In Van Loon v. Treasury (2024), the Fifth Circuit ruled that immutable contracts don’t fit IEEPA’s definition of property. The statute, written in 1977, was meant for assets controlled by people and corporations—not self-executing code running on a decentralized network. And with Chevron deference overturned earlier that year, the court gave Treasury no room to stretch the statute. By March 2025, Tornado Cash was quietly delisted. Officially, it was a “discretionary review.” In reality, it was a retreat to avoid cementing a precedent that would permanently tie OFAC’s hands.
The parallel to the 1990s is hard to miss. Then, the state tried to treat math as a weapon. Now, it’s trying to treat code as property. Both attempts hit the same wall: once general-purpose software is in the wild, it doesn’t behave like a chokepoint the state can seize.
That tension is the Sanctions Deadlock. So enforcement is shifting to the middle ground: the scaffolding around “decentralized” systems that isn’t really decentralized at all. Admin keys, front-end websites, stablecoin issuers, API providers like Infura—these are the choke points regulators can still pressure.
The Tornado Cash saga made two things clear. States won’t stop; they’ll peel back the layers of “decentralization” until they find humans to hold accountable.
The Future of Sanctions in a Decentralized World
The state can’t pick up the phone and subpoena Ethereum the way it once subpoenaed JPMorgan. But that doesn’t mean sanctions are dead—it just means the terrain has shifted. The blacklist era is over; the next phase is network-level economic warfare.
The emerging strategy looks less like freezing assets and more like suffocating ecosystems. You don’t have to stop every illicit transaction—you just need to make “dark DeFi” uneconomical to use. That might mean sanctioning liquidity providers, leaning on regulated stablecoin issuers, cutting off critical oracles and validators, even destabilizing the assets that rogue states rely on—financial warfare at the protocol layer.
What makes this possible is a new arsenal of RegTech. AI-powered tracing can now scan entire transaction graphs, detect laundering patterns, and assign “taint scores” to coins long after they’ve left a hacked exchange. Cross-chain analytics stitch together fund flows as they hop from Ethereum to Solana to Bitcoin, breaking one of the most common laundering tricks. Compliance becomes risk management: not “block these 50 addresses,” but “don’t touch anything with a 40% taint score.” Enforcement gets pushed outward to exchanges, stablecoin issuers, wallets, and compliant DeFi protocols, who collectively form a perimeter that starves illicit networks of usable liquidity.
This pressure will force DeFi toward a fork. One branch bends toward the state: “RegFi,” where compliance is built into the contracts themselves, with tools like zero-knowledge proofs that let you prove you’re clean without revealing who you are. This path would integrate DeFi into the global system and unlock institutional liquidity.
The other branch hardens into a parallel system: privacy coins, unregulated bridges, censorship-resistant DEXs—cut off from compliant capital, but still alive for those willing to live in the shadows.
The likeliest outcome isn’t one or the other but a messy coexistence. Most capital will flow into the regulated sphere, while a smaller, more radical dark ecosystem persists. The Sanctions Deadlock won’t be solved once and for all. It will be managed—through constant adaptation, smarter analytics, and a willingness to fight financial wars at code-speed.
Amazing work
https://substack.com/@synapsetech8?r=2q4a7s&utm_medium=ios&utm_source=profile
let me know what you think and don’t forget to like comment and subscribe