Yesterday in AllCoreDevs 2022-08-18 meeting there were discussions about how should protocol level react in light of the Tornado Cash when there were sanction requirements.
My suggestions is that protocol level to remain strongly censorship resilient, but leaving the censorship / auditability and regulatory options on the application levels. here are a few options:
By registration: EIP-5485 (draft) provides a possibility for a smart contract to declare their legitimacy lineage. Just like if a company issues a security and want to sell it to public in the US jurisdiction they have to be “register with SEC”. On the other hand, if a DAO want to stay self-sovereign they could deny external source of legitimacy. Then other smart contracts can determine if and how they want to interact with those aforementioned EIP-5485 compliant contracts differently based on their jurisdiction they observed.
By auditability similar to ZCash provides: user can generate an auditable readonly key and auditors can use that key to read tx source/dest or writeable key to confiscate fund
Or a combination of them two.
Look forward to hearing other ideas in the room.