decentralized protocol ethereum privacy coins torn torn token tornado cash what is tornado cash

What Is Tornado Cash and TORN?

Written By Ivan on Tech

Jan 08, 2021

Tornado Cash is a decentralized protocol designed for those looking to transact privately on the Ethereum blockchain. This protocol helps solve the privacy problem on Ethereum because whenever you buy or sell on that blockchain, your transactions are public. It's not like the blockchain will publicly post your name, but your address will be. For that reason, Ethereum is considered pseudonymous. However, if an observer can connect you to a wallet address, they can track you with research tools like Etherscan.

That means they could track things like the source of your funds, your balances, and your payments. In short, they could analyze your on-chain activity, including your entire transaction history. That's because transparency is the default position of Ethereum. 

So, this is why Tornado Cash has introduced private transactions. They exist to serve those who want anonymity and complete privacy. Therefore, if you're one of those people who doesn't like others snooping on your transactions, then you may be interested in what Tornado Cash has to offer.

Other Privacy Alternatives

Other firms have attempted to privatize transactions on Ethereum. They've tried obscuring value flows, offering centralized exchange wallets, and providing custodial mixing services. However, these solutions introduce a degree of surveillance risk. Also, these kinds of tools never achieved the privacy levels that coins like Zcash or Monero have. 

Zcash employs various types of cryptography, including Zero-Knowledge Proofs. Monero has a multiple-key system with "view" and "spend" keys that have a public and private version. Monero also uses three segments of cryptography to hide transactional components from view. 

The Tornado Cash protocol is based on research by the Zcash team of developers. However, Tornado Cash allows you to anonymously send ETH or other ERC-20 tokens (not just Zcash).

If you want to dig deeper into cryptography and privacy coins like Monero and Zcash, go to Ivan on Tech Academy - the premier online blockchain academy.

How Tornado Cash Achieves Privacy

Tornado Cash achieves their privacy objectives by breaking the on-chain link between the recipient and their address. The smart contract takes ETH deposits and scatters them to different addresses upon withdrawal. Hence, whenever a user withdraws ETH to a new address, an observer cannot link the withdrawal to the deposit. 

Tornado Cash essentially acts as a proxy to keep transactions anonymous. And they do so with zk-SNARK proofs, which stand for "Zero-Knowledge Succinct Non-Interactive Argument of Knowledge." zk-SNARKs is also a form of cryptography that Zcash uses.  

With the zero-knowledge proofs cryptography protocol, there are two parties involved - a Prover and a Verifier. The Prover seeks to prove a hypothesis while the Verifier determines the veracity of the Prover's claim. The concept behind zero-knowledge proofs is that one can prove possession of a piece of information without revealing it. 

For example, when you call your cell phone provider in the U.S., the representative might ask you to prove your identity by reciting your Social Security number's last four digits. In this case, the last four digits are enough proof without revealing the full Social Security number (which could expose you to identity theft).

The Secret

So when users deposit ETH to the Tornado smart contract, they also generate a "secret." The secret's hash is called a "commitment" that the user sends along with a deposit to the Tornado smart contract.

The smart contract adds the funds to its list of deposits. And when the user is ready to withdraw, he/she must provide the corresponding secret that matches the unspent deposit from Tornado Cash's deposit list. 

The fantastic thing is that zk-SNARK technology performs this monumental task without exposing the specific deposit that corresponds to its secret. The smart contract reviews the proof and transfers the deposit to the withdrawal address in a way that prevents a snooping observer from matching them up.

So, in essence, Tornado Cash scrambles the deposit and the withdrawal so they can't be linked together.

Anonymity Set

The Anonymity Set statistics are vital because they show how many deposits are awaiting withdrawal. It also shows how many deposits your withdrawals can originate from.

Moreover, the withdrawal process has two options: You can use a crypto wallet like MetaMask or what's called a "Relayer." To stay anonymous using MetaMask, you must have a brand new address with ETH in it. Now, if you're paying attention, the question that should pop into your mind is, how do I add ETH to a new address without giving up my privacy?

Typically you would buy ETH from a CEX or DEX and transfer it to your wallet. However, this would leave your address exposed on the blockchain, primarily if you provided Know Your Customer (KYC) information on your CEX. 

So, for complete privacy's sake, you would want to avoid this option. That's where the Relayer comes in. All you need to do is create a new Ethereum address and let zkSNARKs and Relayer do the rest. The only cost is the small amount of ETH required to cover the network fee.

The Purpose of Relayers

With a Relayer, you can withdraw to an address with no ETH in it. So, whenever the new address draws tokens from Tornado Cash, there is no way to link it to the deposit. Also, the developers do not control the Relayer. The community does. Thus it cannot alter any withdrawal data. 

Stay Anonymous at the Network Level

Beware that Tornado Cash only solves on-chain privacy. While that is great for privacy advocates in crypto, users still need to follow best practices at the network level to keep their data private. 

Even with the Relayer feature enacted, you still need VPNs, proxies, or Tor to hide your IP address. Incognito Tab features on your browser can also be useful. You will also want to clear any cookies stored by dApps before using your private address. That's because if a dApp associates the same cookies with the old and new address, it can connect you to an address.

Start Fresh

For starters, use a new browser, a new wallet, and a new IP for your funds. Your ISP, along with other parties, and any router touchpoints have access to your IP address on the way to your target server. Hence it can be considered public. For example, your ISP could log timestamps of packets sent to a Relayer. With that information, it could theoretically connect them to your withdrawal transaction timestamps. That's why it's essential to use Tor or a VPN, especially when making a withdrawal.

Also, if you're using a remote procedure call (RPC) with your wallet, it might know that your addresses are linked. For many users, however, none of these little details or potential privacy breaches matter. Convenience trumps the numerous components that must be adhered to for total anonymity. And realistically, just because some dApps or RPC nodes can track your transactions, it doesn't mean they will care to log the data. But, the more of the small stuff you attend to, the more anonymous you will be.

Tornado Cash Privacy Tips

Now, let's go back to on-chain privacy with Tornado Cash. If you want to be thorough, it's best to wait until more deposits come in after yours before you withdraw any tokens. 

If you deposit and withdraw right away, any near-simultaneous actions can tip off an observer that it’s the same address transacting the deposit and withdrawal. Typically, an observer could not connect the dots unless the transactions are close together. 

For example, if a withdrawal quickly follows a deposit, it is likely to be the same address. If a batch of deposits comes from one address, and shortly after, there is a batch of withdrawals going to a single address, it's easier for an observer to make a connection.

Avoid Quick Withdrawals

That's why it's best to wait for at least five deposits to precede your subsequent withdrawals. However, even if you wait for multiple deposits to come in after yours, they could be coming from one spammer. 

In such cases, one person could confuse any would-be observers by spamming to create the illusion that there is a large Anonymity Set. So, Tornado Cash recommends waiting for at least 24-hours to ensure that numerous people and not just one are making multiple deposits.

Multiple Withdrawals

And, for multiple withdrawals, it's best to not only wait until some time has passed after depositing but also to spread them around to unlinked addresses. 

To be extra secure, don't just make deposit or withdrawal transactions during regular business hours in your timezone. This action can reduce your chances of staying anonymous. One way to avoid this is to spread out your transactions across 24 hours evenly.

Another way for a user to jeopardize their anonymity is to tweet about a private transaction or publicize it in other ways. Broadcasting deposit amounts with dates and times can effectively exclude these transactions from the Anonymity Set. Therefore, it's best to avoid giving any observers correlations to work with that might link your transactions to your identity. 

How to Use Tornado Cash

When you deposit to Tornado Cash, you will generate a random key (note or secret) and deposit your ERC-20 tokens. To later make a withdrawal, you will need to submit proof of having the valid secret to access the deposit.

  • 1. Make a Deposit

First off, you choose an ERC-20 token and the amount to deposit. Click "Deposit," then confirm the transaction. 

  • 2. Withdraw Using MetaMask

Enter your deposit's secret and click the "Settings" icon. Choose your wallet option "MetaMask" and click "Save." Enter your address and click "Withdraw." Next, sign the transaction and wait until it's mined. 

  • 2a. Withdraw With Relayer

Enter your deposit's secret, enter your address and click "Withdraw."

Decentralization

Tornado Cash is decentralized and community-owned. The smart contracts are open source, and the protocol does not collect user data. Nobody, including the developers, can alter it or shut it down. Furthermore, there is no single deployer in Tornado Cash that controls token distribution, governance, or smart contracts. The community regulates this in a decentralized fashion.

Do you want to learn more about Ethereum Smart Contract Programming? If so, be sure to visit Ivan on Tech Academy.

The smart contracts are immutable, and the zero-knowledge proofs are based on strong cryptography. Hence, only users with a valid secret can link deposits with withdrawals.

Tornado Cash Governance and Philosophy

The driving principle behind the Tornado Cash philosophy is that privacy is a human right. Not only that, but the more people who adopt this philosophy, the more secure life will be for everyone. Hence, the protocol rewards users who add to the Anonymity Set with TORN, its governance token.

When you use Tornado Cash, you are also mining TORN tokens. So, the more you use the protocol, the more TORN you earn. And the more TORN you have, the more say you have in the platform's future direction.

If the team ran Tornado Cash like a traditional DeFi liquidity mining platform, users would naturally reveal how long their deposits stayed in a pool. But this would fly in the face of preserving the core value of privacy. However, with Anonymity Mining, users can get TORN via a shielded liquidity mining system. 

It works like this; when a user deposits into Tornado Cash, they accrue private Anonymity Points. These points go into a shielded account that protects their wallet address, balance, and deposit information. After a user has accumulated enough Anonymity Points, they can convert them to TORN tokens. The claiming process is also protected.

TORN Token

TORN is an ERC20 token with a fixed supply. It allows its holders to make proposals and vote to change the protocol.

However, unlike other governance tokens, TORN is not an investment opportunity nor a fundraising scheme. Its distribution plan is as follows:

5% (500,000 TORN) go to early adopters via an airdrop.

10% (1,000,000 TORN) for Anonymity Mining.

55% (5,500,000 TORN) go to the treasury and are unlocked linearly over five years.

30% (3,000,000 TORN) are for founding developers and early supporters.

Security Audits

The firms that conducted Tornado Cash smart contract security audits were ABDK, Pessimistic, and Zeropool.network.

Tornado Cash Conclusion

Privacy advocates will always be at odds with state regulators. The individual wants to be free while the state wants the power to control. Information is power, so the state will always be seeking more of it. 

And besides the problem of overzealous bureaucrats, other predators are skulking about the blockchain, like aggressive marketers or criminals searching for vulnerable whales moving tokens around. A de-anonymized whale could open himself up to hacks, ransom demands, or home invaders looking to steal cold storage wallets and passwords. 

But, there is always a dark side to individual privacy. And if you read about the Top DeFi Hacks of 2020, you’ll see Tornado Cash used like a personal money laundering service for hackers. However, unlike government agencies that will argue otherwise, privacy isn't just for criminals. There are legitimate reasons for citizens to transact their business online in complete privacy, away from prying eyes. So, thankfully platforms like Tornado Cash exist. 

If you want to become proficient in cryptography and privacy coins visit Ivan on Tech Academy and get started with your cryptocurrency education today!

Author: MindFrac

Like what you're reading?

Get to work in a fast growing industry. Start learning blockchain together with our 20,000+ students today.
Use coupon code BLOG20 for 20% off.

Become Blockchain Certified Today No Prior Knowledge Needed!
Close

Get our Free Ebook

Enter your email and we will send it to you!