What Does It Mean When Dexx Funds Are All Laundered Through Tornado Cash?
Key Takeaways
• Dexx funds have been laundered through Tornado Cash, a decentralized privacy protocol.
• Tornado Cash uses zero-knowledge proofs to anonymize transactions, making it a tool for laundering crypto assets.
• There may still be forensic traces of the funds before mixing, allowing for potential recovery.
• Historical cases show that asset recovery is possible with the right tools and cooperation from exchanges.
• Users are reminded to practice self-custody and use hardware wallets to secure their crypto.
Over $100 million stolen. After 33 days, the hacker chose the path of no return.
All user funds from Dexx have been funneled into a decentralized mixer protocol—Tornado Cash—to anonymize transactions. In simpler terms: they’ve been laundered.
What is Tornado Cash?
Tornado Cash is a decentralized privacy protocol.
It uses zero-knowledge proofs (zk-SNARKs) to break the link between source and destination addresses. By pooling funds into a common contract and allowing users to withdraw to new addresses, it creates strong on-chain anonymity.
That makes it an ideal tool for laundering crypto assets.
In 2022, the U.S. Treasury added Tornado Cash to its sanctions list, banning American citizens and entities from interacting with it. But since the protocol is run by immutable smart contracts on a decentralized blockchain, not even a government can shut it down.
In fact, a U.S. court recently overturned the sanctions, ruling that Tornado Cash’s immutable smart contracts do not constitute a “foreign entity or property,” and thus can’t be sanctioned.
Can the Funds Still Be Recovered?
It depends.
While Tornado Cash effectively severs the trail of on-chain transactions, there may still be forensic traces before the mixing. Think of it like a plane crash investigation—if you dig through enough wreckage, you might uncover the truth. But it takes time and effort.
According to SlowMist:
“Technical analysis shows clear signs of external intrusion, including malware artifacts. With Dexx's permission, a full incident report could be made public.”
Source: @evilcos on X (Twitter)
Hackers often leave footprints, especially during the prep phase:
- They may top up via centralized exchanges
- Their cross-chain behavior can expose patterns
- Even IP addresses or browser fingerprinting might help
With the right tools and cooperation from exchanges and law enforcement, there’s still a chance to trace the perpetrator and recover assets.
Historical Cases: Tornado Wasn’t Always the End
✅ Case 1: Ronin Bridge Hack – Partial Recovery
In 2022, the Ronin bridge (linked to Axie Infinity) was exploited for $624 million.
Some stolen funds were sent to Tornado Cash, but Chainalysis and U.S. agencies tracked activity and identified attempted withdrawals to centralized exchanges—leading to asset freezes and partial fund recovery.
✅ Case 2: Wormhole Hack – Hacker Identified
The Wormhole exploit in the same year resulted in $326 million in losses.
Forensics teams discovered the hacker deposited a small amount of funds to Coinbase before using Tornado. Thanks to Coinbase’s KYC policies, investigators identified the attacker and successfully retrieved a portion of the funds.
What’s Next for Dexx?
Dexx is still publishing updates and says it’s working on compensation plans and funding rounds.
Unlike some projects that simply vanish with user funds or gamble them on leverage trades, Dexx is at least trying to handle things transparently.
We sincerely hope affected users get fair compensation in the end.
Final Reminder: Don’t Ignore the Lessons
If you don’t hold your private key, you don’t own your crypto.
- We had FTX.
- Now we have Dexx.
- There will be more—guaranteed.
Let this be your wake-up call:
Use a hardware wallet. Practice real self-custody.
Better late than never.
This article is for educational purposes only and does not constitute financial advice.
