ARTICLE
19 December 2025

The Prosecution Of Samourai Wallet Developers: Expanding The Reach Of Crypto Enforcement

BS
Ballard Spahr LLP

Contributor

Ballard Spahr LLP logo
Ballard Spahr LLP—an Am Law 100 law firm with more than 750 lawyers in 18 U.S. offices—serves clients across industries in litigation, transactions, and regulatory compliance. A strategic legal partner to clients, Ballard goes beyond to deliver actionable, forward-thinking counsel and advocacy powered by deep industry experience and an understanding of each client’s specific business goals. Our culture is defined by an entrepreneurial spirit, collaborative environment, and top-down focus on service, efficiency, and results.
Explore Firm Details
The prosecution of the developers behind Samourai Wallet illustrates how U.S. authorities are broadening their approach to privacy‑focused cryptocurrency tools.
United States New York Technology
Kelly A. Lenahan-Pfahler
Your Author LinkedIn Connections
Kelly A. Lenahan-Pfahler’s articles from Ballard Spahr LLP are most popular:
  • within Technology topic(s)
  • in United States
Ballard Spahr LLP are most popular:
  • within Technology topic(s)

The prosecution of the developers behind Samourai Wallet illustrates how U.S. authorities are broadening their approach to privacy‑focused cryptocurrency tools. In April 2024, the U.S. Attorney's Office for the Southern District of New York announced charges against Keonne Rodriguez, Samourai's chief executive, and William Lonergan Hill, its chief technology officer. The indictment alleged that Samourai facilitated more than $2 billion in Bitcoin transactions, including $237 million in criminal proceeds, with over $100 million tied to darknet markets. By late 2025, both pleaded guilty: Rodriguez was sentenced to five years, Hill four, on conspiracy counts related to money transmission and money laundering.

Statutory Basis for the Charges

The convictions rested on two statutes traditionally applied to custodial financial services but now extended to non‑custodial crypto tools.

  • 18 U.S.C. § 1960 criminalizes operating an unlicensed money transmitting business. Historically, this applied to custodial services holding or transferring funds for customers. Samourai was different: users retained control of their private keys, while the software facilitated transactions. Prosecutors argued that features such as Whirlpool and CoinJoin, privacy techniques mixing coins from multiple users, amounted to money transmission by obscuring fund origins. They pointed to Samourai's fee structure, promotional materials, and darknet outreach as evidence of intent.
  • 18 U.S.C. § 1956 covers conspiracy to commit money laundering. Prosecutors contended that Samourai's design and marketing encouraged concealment of criminal proceeds, citing communications and promotional materials aimed at illicit users.

Enforcement Trends: Samourai vs. Tornado Cash

Samourai is part of a broader enforcement trend targeting privacy‑enhancing crypto tools. The Tornado Cash prosecution in 2023 raised parallel issues but in a different technological and legal context. (See our additional blog posts about Tornado Cash here, here, here, and here.)

Tornado Cash, built on Ethereum smart contracts, posed the challenge of immutability: once deployed, the code operated autonomously, and developers argued they lacked control over user activity. This immutability became central to defenses and civil litigation, with courts questioning whether autonomous code could be treated as "property" subject to sanctions. By contrast, Samourai's active coordinator service and ongoing updates gave prosecutors a foothold to argue that its developers exercised meaningful operational control. This distinction allowed the government to frame Samourai's conduct not as passive publication of code but as active facilitation of illicit finance.

Tornado Cash litigation tested the boundaries of OFAC's sanctions authority under IEEPA, ultimately resulting in judicial limits on designating immutable smart contracts. Samourai, however, was pursued under traditional criminal statutes, extending their application to non‑custodial wallets and raising questions about fair notice given FinCEN's prior guidance.

Legal Questions Raised

These prosecutions highlight unresolved constitutional and statutory issues. If Tornado Cash and Samourai represent two ends of the spectrum—immutable code versus actively maintained software—courts must now contend with how far existing law can extend to decentralized technologies. At stake are broader questions of liability, statutory interpretation, and constitutional protections such as speech and due process. The central question is whether publishing and maintaining privacy‑focused code remains speech under the First Amendment, or whether it becomes criminal conduct when paired with active promotion toward illicit use.

Tornado Cash Litigation: OFAC Sanctions and DOJ Charges

Tornado Cash faced a dual track of enforcement: criminal charges against its developers and administrative sanctions against its code.

In Van Loon v. Department of the Treasury (5th Cir. 2024), plaintiffs challenged OFAC's authority. (See our blog post here.) The Fifth Circuit ruled that sanctioning immutable Tornado Cash smart contracts exceeded OFAC's statutory authority under IEEPA, limiting designation of autonomous code as "property." The decision underscored the difficulty of applying traditional law to decentralized technology, though it did not categorically immunize all crypto protocols from sanctions.

This judicial pushback illustrates the limits of sanctions law when applied to autonomous protocols. Parallel developments in FinCEN guidance further complicate matters, as longstanding custodial versus non‑custodial distinctions intersect uneasily with prosecutorial theories advanced in Samourai.

FinCEN Guidance

FinCEN has generally distinguished custodial from non‑custodial wallets. Its 2019 guidance (FIN 2019 G001) stated that entities providing only software without asset custody are not subject to registration or Bank Secrecy Act requirements applicable to money services businesses. In 2024, FinCEN withdrew proposed rules that would have imposed KYC obligations even for non‑custodial wallet providers, reinforcing earlier interpretations.

Yet during proceedings against Samourai's founders, prosecutors reportedly asked FinCEN whether CoinJoin or non‑custodial wallets qualified as "money transmission." FinCEN answered "no," but charges proceeded regardless. This divergence raises constitutional questions about fair notice and the consistency of regulatory versus prosecutorial positions.

Comparative Analysis: Samourai and Tornado Cash

Placing Samourai and Tornado Cash side by side reveals how enforcement risks diverge depending on technological design, regulatory posture, and evidentiary focus. Tornado Cash's defense rested on immutability, emphasizing that once deployed, developers lacked the ability to control user activity. This argument framed the project as autonomous code rather than an ongoing service. By contrast, prosecutors in Samourai highlighted the wallet's active coordinator service, continuous updates, and targeted marketing as evidence of meaningful developer involvement.

Regulatory approaches also diverged. Tornado Cash was primarily challenged through OFAC's sanctions authority under IEEPA, a strategy that met judicial resistance when courts questioned whether immutable smart contracts could be designated as "property." Samourai, however, was pursued under traditional criminal statutes (§ 1960 and § 1956) despite FinCEN's guidance suggesting such tools were outside money transmission rules.

Evidence in each case points to fundamentally different enforcement approaches. In Tornado Cash, the defense leaned on the impossibility of control, arguing that immutability precluded intent. In Samourai, prosecutors relied on direct evidence of intent, pointing to promotional materials, darknet outreach, and fee structures as proof that the wallet was designed to attract illicit use.

Taken together, the comparison demonstrates that enforcement is not uniform but highly contingent. Immutable protocols test the limits of sanctions law, while actively maintained wallets are subject to broader applications of criminal statutes. The broader lesson is that privacy‑preserving technologies, whether autonomous or developer‑driven, now face heightened scrutiny, with liability theories evolving to match the technical contours of each project.

Conclusion

The Samourai convictions signal a shift in how federal authorities apply existing statutes to decentralized and non‑custodial technologies. By extending provisions traditionally aimed at custodial services to privacy‑focused wallets, prosecutors demonstrated a willingness to reinterpret statutory language considering evolving technical design. This approach may deter illicit finance, but it also raises unresolved constitutional questions about fair notice, due process, and the boundary between protected speech and criminal conduct.

More broadly, the trajectory of enforcement against Samourai and Tornado Cash underscores that privacy‑preserving tools, whether autonomous protocols or actively maintained software, are now within the sights of regulators and prosecutors. Liability theories are likely to adjust to each project's design, reflecting ongoing enforcement developments.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

[View Source]
Authors
Photo of Kelly A. Lenahan-Pfahler
Kelly A. Lenahan-Pfahler
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More