Privacy has always been a top concern when it comes to internet data and fintech. In this sense, cryptography is an indispensable method to protect data and information in computer systems. Cryptography relies on the use of codes so that only those for whom the information is specifically intended can read and process it. The word comes from the old Greek “kryptósgraphein” and means hidden (crypto) writing. Tornado Cash is a fully decentralized protocol for private transactions on Ethereum. The protocol acts as a mixer, obscuring the on-chain tie between transaction peers.
Let’s learn more.
What is Tornado Cash?
Tornado Cash is a non-custodial protocol with strong cryptography that enables users to send Ethereum-based cryptocurrency with anonymity. Some people may argue that the blockchain is a privacy-oriented technology that relies on code, which is true.
However, the entire history of transactions performed in the Ethereum blockchain is public. Anyone can use block explorers like Etherscan to check coded transactions in the blockchain, which is a problem.
Unauthorized users who know the identity behind a specific address can easily assess all the transactions and analyze on-chain activity, which includes payments and source of funds. Tornado Cash acts as a proxy to ensure that each transaction is entirely anonymous.
It improves user privacy by breaking the on-chain link connecting source and destination addresses, ensuring confidentiality and integrity of the encrypted information. The protocol is entirely non-custodial, meaning users retain full control over their deposited funds.
Dig Into It
Crypto investors are always haunted by the possibility of hacks and leaks involving sensitive data. In this sense, some people could argue that such a type of protocol would be compromised. Virtually, it is not possible to compromise the protocol and find out information about depositors.
The protocol is fully decentralized and based on zero-knowledge proofs. Plus, Tornado’s smart contracts are immutable, not relying on any admin keys, and the proofs are based on solid cryptography.
Tornado does not collect any type of data from its users. Its user interface is hosted in a decentralized manner on IPFS and can be accessed by multiple links.
Further reading: What are the best DeFi wallets in 2021?
Even though the protocol may sound hard to deal with, the user experience is quite intuitive. The process starts when a user generates a random key (a.k.a note) and deposits an amount of ERC20-based funds, also submitting a hash of the note to the protocol’s smart contract.
Then, the platform recommends users to wait for a while before withdrawing the funds to improve their privacy.
Once the time to withdraw the funds has come, the user should submit proof of having the valid key of the notes deposited. Consequently, the ERC20-based funds will be transferred to a specified recipient.
Remember that only the specific user the possesses the note can link deposit and withdrawal. Users can opt to withdraw funds using a wallet (MetaMask, TrustWallet, etc.) or using a relayer to ensure privacy.
More Privacy, More Freedom of Usage
The concept behind the idea is to improve privacy in cryptocurrency-based transactions by breaking the on-chain link between the source and destination addresses. To achieve it, Tornado uses a smart contract that accepts ETH deposits that can be withdrawn by a different address.
Another way to preserve privacy is by using a relayer to withdraw to an address with no ETH balance. The idea is that, whenever any ERC20 tokens are withdrawn by the new address, it is not possible to link the withdrawal to the deposit itself, which means full privacy.
Further reading: Learn how to send tokens from MetaMask
The use of a relayer is a resourceful way to withdraw to an account with no ETH balance, as the relayer sends a withdrawal transaction. The protocol itself does not collect any fees but be aware that the relayer takes part of the deposit as compensation.
The relay network is fully independent and no relayer can change any withdrawal data (which includes recipient address).
The TORN Token
The protocol is entirely decentralized, controlled, and governed by its community via the TORN token.
TORN is the protocol’s native token, an ERC20 compatible cryptocurrency developed and issued for governance purposes. Token holders can take part in voting in different proposals, which helps to change the community positively.
Tornado Cash destinated 1,000,000 TORN to an exclusive anonymity mining program for the protocol’s ETH pools. While most protocols would rely on DeFi liquidity mining, it would force Tornado’s users to reveal how much their deposits were spent in the protocol’s pools.
As the core principle of the platform is to preserve privacy, users will be able to receive TORN tokens through a two-stage shielded liquidity mining system, ensuring full privacy for participants.
Also, 500,000 TORN were distributed via airdrop to early users of Tornado’s ETH pools. The tokens were given in the form of a non-transferable TORN voucher (vTORN), that users can redeem 1:1 to TORN within a year.
ZkSNARK Technology
Tornado Cash relies on zkSNARK proofs, which is a novel form of zero-knowledge cryptography popularized by ZCash.
While many projects tried and failed to create private transactions on Ethereum before, ZCash was pioneering something different. ZCash managed to develop a privacy-focused cryptocurrency, using various cryptographic methods such as zero-knowledge proofs.
The odd-looking term zkSNARK is an acronym for “Zero-Knowledge Succinct Non-Interactive Argument of Knowledge”.
Summarizing, it refers to a proof of knowledge where a user can prove to possess certain information, but without necessarily revealing the information and without any prover/verifier interaction.
Although the mathematical concept behind zkSNARK is extremely complex, it is possible due to the use of a secret key created before the transaction takes place.
Trusted Setup Ceremony
The zkSNARK requires a trusted setup, a special procedure in which the prover and verifier keys are generated (Verifier smart contract).
Tornado’s idea was to do that in a decentralized manner, so no attacker would be able to fake proofs or steal user funds. Any attacker trying to fake zk proofs would compromise every single participant of the ceremony.
Hence, the probability of an attack is lower than the number of participants is high. The ceremony was a success, counting a record 1114 contributions over 10 days.
By far the largest Trusted Setup Ceremony to date, the event counted 450 contributors who provided their identity, while 664 preferred to remain anonymous. Among public contributors was Ethereum’s pope, Vitalik Buterin.
Conclusion
Tornado Cash is a non-custodial and decentralized protocol that allows users to send Ethereum-based cryptocurrency with anonymity.
The protocol utilizes a mixer contract, in which the crypto funds mix. Powered by zero-knowledge proofs (zkSNARK), Tornado improves transaction privacy by breaking the on-chain link between transaction addresses.
The platform’s smart contracts are immutable, not relying on any admin keys. Tornado is run by the community using the TORN token. Recently, 1,000,000 TORN went to Tornado’s unique anonymity mining program.
Users can obtain the TORN tokens by using the platform and accruing anonymity points. Although ensuring full anonymity in blockchain transactions is hard to materialize, the unique tool brought by Tornado is worth a lot of attention.