RSS

Tracing Tornado.Cash Laundering with Argos MCP

cago1 pts1 comments

Tracing Tornado.Cash Laundering with Argos MCP

Tracing Tornado.Cash Laundering with Argos MCP

Blockchain Cybersecurity Compliance AML Tornado.Cash MCP AI Investigation Ethereum

Published on 2026/06/01

This article walks through the Argos MCP server we built and how we used it to investigate a real money laundering operation on Ethereum, from Tornado.Cash deposits through a collector wallet to a THORChain cross-chain exit. We also show how gas fingerprinting can de-anonymize mixer users.

Why We Built an MCP Server for Argos

Argos is our blockchain intelligence platform. It aggregates data from multiple sources (our own OCaml analysis backend, Arkham Intel, Blockscout, Etherscan, Sourcify) to help compliance teams and forensic analysts investigate on-chain activity.

But a web UI, however well designed, has limits. An investigation involves dozens of lookups: check an address, look at its transactions, follow the money to the next hop, check that address, decode a transaction, look at the tags, trace fund flows backward... Each step is a page load, a click, a mental context switch.

What if you could just ask?

"Is this address linked to a mixer?"

"Where did the funds from this Tornado.Cash deposit end up?"

"Do these wallets share the same gas fingerprint?"

That's what the Model Context Protocol (MCP) enables. MCP is an open standard created by Anthropic that lets AI agents (Claude, Cursor, or any MCP-compatible client) call external tools programmatically. We built an MCP server that exposes the entire Argos API as a set of tools an AI agent can use autonomously.

How It Works

The architecture is straightforward: the MCP server is a lightweight HTTP proxy between the AI agent and the Argos API.

The MCP server sits between the AI agent and the Argos API, forwarding authentication and enriching every response with known tags.

The server exposes 17 tools covering address analysis, transaction decoding, MEV detection, fund tracing, clustering, token approvals, and multi-chain portfolio, along with 4 prompt templates for common investigation workflows.

Each tool call hits the Argos API, which automatically enriches every address in the response with its known tags and aliases. When the AI agent asks for an address's transaction history, it doesn't just get raw 0x... addresses, it gets "Tornado.Cash", "OKX", "THORChain Router" labels inline. This is the key differentiator: the AI agent can reason about entities, not just addresses.

Authentication is simple: the client sends its Argos API key in an x-api-key header, and the MCP server forwards it to the API. No additional account needed.

The Investigation: A Tornado.Cash Laundering Case

To demonstrate the MCP in action, let's walk through a real investigation. We start with a single Ethereum address and follow it to its conclusion.

Step 1 — A Clean-Looking Address

We begin with address 0xf198c3a784f0435ce0178407cd53d29693f02c44. Asking the MCP:

"Give me info on this address."

The get_address_info tool returns: no tags, no aliases, not a contract . An anonymous address. But anonymous doesn't mean innocent, it means we need to look at behavior.

Step 2 — The Behavior Reveals Everything

We pull the transaction history with get_address_transactions. The result speaks for itself:

Transaction history of 0xf198c3...: nine Tornado.Cash deposits in ~2 minutes, then a dust cleanup to an unknown address.

Nine deposits into Tornado.Cash, 8 × 0.1 ETH + 1 × 1 ETH = 1.8 ETH mixed , all within approximately 2 minutes. Then a final transfer of 0.019 ETH (the leftover dust) to an unknown address.

The Argos API automatically enriched the destination addresses with their Arkham Intel labels. We didn't need to look up each address separately, "Tornado.Cash" appeared directly in the transaction response.

The red flags are textbook: identical round amounts imposed by Tornado pool denominations, rapid consecutive deposits that indicate automation rather than manual interaction, and a dust cleanup sending the leftover to a separate wallet.

Step 3 — Following the Leftover

Tornado.Cash uses zero-knowledge proofs to break the on-chain link between deposits and withdrawals. You cannot directly trace which withdrawal corresponds to which deposit. But there's a blind spot: the leftover .

The address 0xf198c3... sent its remaining 0.019 ETH to 0xd08697... after depositing into Tornado. This is a cleanup wallet. And cleanup wallets lead somewhere.

We query get_address_transactions on the collector 0xd08697... and find it receives from ~10 different addresses within a few blocks, all with non-round amounts typical of Tornado withdrawal leftovers and relayer fees. It then consolidates everything into a single transfer of 0.573 ETH to 0x42dc29....

Step 4 — The Cross-Chain Exit

We check 0x42dc29... with get_address_transactions:

100% of outgoing transactions go to THORChain Router (0xd37bbe...), identified by Arkham Intel, including a massive swap of 554...

tornado address cash argos server transaction

Related Articles

The Newest Instagram "Exploit" Is the Goofiest I've Seen

ssiddharth34 ptsaccount attacker email instagram seen like

Apple WWDC 2026 Livestream

nextstep32 ptsapple stream video event live feed

It's Not Just X. It's Y

mooreds21 ptslanguage model writing like grammarly human

Show HN: GoPeek – open links in live mini browser windows without new tabs

GeorgeWoff2518 ptsgopeek open browser links live mini

Agent Memory: An Anatomy

brgsk17 ptsmemory library user agent semantic libraries
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.