A 4D long article explains how Tornado Cash works and what is sanctioned

This article is about how Tornado Cash works, written by Alex Wade, Michael Lewellen, and Peter Van Valkenburgh, published by cryptocurrency research and advocacy agency CoinCenter on August 25.

1. Introduction

In August 2022, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Tornado Cash, adding 45 Ethereum addresses to the Specially Designated Nationals (SDN) list of sanctioned individuals.

This document is intended to help readers understand what Tornado Cash is, how it works, and what exactly is sanctioned. But before we get into Tornado Cash, let’s review some key concepts of Ethereum, smart contracts, and decentralization.

2. Background: What is Ethereum, who are its users, and what are smart contracts?

Ethereum is a cooperatively run, global, and transparent database. Working together, participants from around the world maintain a public record of Ethereum addresses, which includes user accounts and smart contract applications. These records work like user accounts and software on modern desktop computers, except that Ethereum is:

  • Cooperative Operation: The fundamental operation of Ethereum comes from the collective efforts of its global participants. No single party can change the way Ethereum works.
  • Publicly accessible: Anyone anywhere in the world can interact with Ethereum, its users and its applications.
  • Transparency: Anyone anywhere in the world can download and view all information in the Ethereum database.

Anyone can become an Ethereum user. Creating an account is easy and doesn’t require a phone number, email or physical address. Instead, the user installs an app called a “wallet” which generates for that user a unique identifier called an “address” and a password-like password called a “private key” for authentication. string. Just like a person with multiple email addresses, users of Ethereum can create and use as many addresses as they want. Unlike email, however, Ethereum users are not “customers” in the traditional sense. They are participants in a global computing system that runs on open source software that operates without third-party oversight. It is also important to note that Ethereum addresses controlled by the same user are not necessarily publicly linked to each other; they are simply unique identifiers belonging to the user who owns the corresponding private key.

By sharing addresses, users can receive tokens (such as cryptoassets like ether) from anyone anywhere in the world. Unlike traditional payment services, no intermediaries are required to send and receive tokens on Ethereum. Instead, senders broadcast their intent to transfer tokens, mathematically sign their message with the corresponding private key, and the Ethereum network jointly updates the global record of sender and receiver addresses with the new balance. During this process, third parties will not have custody of the transferred tokens.

In addition to sending and receiving tokens, user accounts can also interact with smart contracts, which are applications that extend the functionality of Ethereum. When developers write smart contracts, they decide what operations the smart contract will support and what rules those operations must follow. These rules and actions are written using code broadcast to the Ethereum network, just like the token transfers described above. Once a smart contract’s code is added to Ethereum’s record, it receives a unique address that any user can interact with to automate the rules and actions it supports.

Essentially, smart contracts are open-source applications that anyone can deploy to Ethereum. Just like the rest of Ethereum, smart contracts can be viewed and used by anyone anywhere without relying on intermediaries.

Both humans and smart contracts can own an Ethereum address; the key difference is that when a person owns an address, they own the private key that controls any tokens sent to that address. That person will ultimately decide if and when these tokens will be used for any transactions. When a smart contract has an address, the rules and actions written in the smart contract code control the token. They can be simple rules (such as automatically sending back tokens), or more complex rules. There may be rules that include human action and human decision-making (such as sending tokens back if 5 of these human-controlled addresses send a signed message saying they agree). However, these rules may also be completely and permanently out of anyone’s control. In this case, so will any tokens sent to that address until or unless the contract sends them back to someone according to the rules.

uU2A7LdYyiSwLkqaHio9aJLPawkP2jgPwCgJNwf3.png

By default, smart contracts are immutable, which means that once deployed, they cannot be deleted or updated by anyone. Developers of smart contracts can include (in the contract code) the ability to update functionality as a supported operation (e.g. this manually controlled address can rewrite the contract in the future) . However, such operations must be included in the code of the smart contract (i.e. published to the Ethereum network) before the smart contract is deployed. No one can modify the smart contract if it does not include updatability before deployment. The ability to update a function can also be revoked by transferring the authority to update the function to a placeholder Ethereum address that does not have a corresponding private key. This placeholder is called “zero address”. Once the ability to update a contract is revoked, it cannot be revoked and the contract cannot be changed anymore.

Unlike traditional finance, Ethereum’s records are completely transparent: anyone can download and view the balances and transaction history of their user accounts. Although user addresses are pseudonymous, if a real-world identity is associated with a user address, the user’s full financial history can be traced. Transparency in Ethereum is important for auditability (such as verifying that record updates are valid). However, this transparency also makes it difficult for users to protect their personal information. By default, incidental transaction records today (such as paying for Wi-Fi at an airport) point directly to earlier transaction records, which may include any private, naked, or sensitive transactions made long ago by the same user.

Among the many different applications that smart contracts may support, they may also provide a way for users to regain the privacy they desire when interacting with the financial system. At the heart of this privacy is the use of smart contracts to break chains of public records that would otherwise tie your transactions today to every transaction made in the past. This is Tornado Cash.

3. Tornado Cash: Smart Contract Application

Tornado Cash is an open source software project that provides privacy protection for Ethereum users. Like many such projects, Tornado Cash is not a legal entity, but rather several open source software libraries developed over the years by a diverse group of contributors. These contributors have released and made Tornado Cash available as a collection of smart contracts on the Ethereum blockchain for general use.

As we will explain, some of these smart contracts have been sanctioned by OFAC. However, at the heart of the Tornado Cash privacy tool are Tornado Cash pools , which are only a subset of OFAC-sanctioned addresses. Each Tornado Cash pool is a smart contract deployed to Ethereum. Like other smart contracts, the pool contract extends the functionality of Ethereum with specific operations that any user of Ethereum can perform according to the rules defined in the Tornado Cash contract code.

This section will describe how these pools work. In particular, it will describe the key innovation that enables these pools to operate autonomously: a privacy-preserving mathematical application known as “zero-knowledge proofs.”

Subsequent sections will describe the specific addresses of OFAC sanctions and what they do. The final appendix will list all sanctioned contracts and their salient features.

Tornado Cash Core Contract: Pools

Tornado Cash pools are smart contracts that enable users to conduct private transactions on Ethereum. When used by the user, the Pool will automatically perform one of two supported actions: “Deposit” or “Withdraw”. Together, these operations allow users to deposit tokens from one address and then withdraw the same tokens to another address. Crucially, any public link between deposit and withdrawal addresses is severed, even though these deposit and withdrawal events take place publicly on Ethereum’s transparent ledger. Users can withdraw and use their funds without worrying about exposing their entire financial history to third parties.

To support deposit and withdrawal operations, these smart contracts encode strict rules that further define their functionality. These rules are automatically applied to deposit and withdrawal operations to maintain a very important property shared by all Tornado Cash pools: users can only withdraw the specific tokens they originally deposited.

This property is automatically enforced for all operations on the pool and ensures that the Tornado Cash pool is completely unmanaged. That is, users who deposit and then withdraw tokens retain full ownership and control of their tokens, even if they are mixed into the pool. Users do not need to give control of their tokens to anyone at any time.

A key tenet of the Tornado Cash pool is that a user’s privacy comes largely from the simultaneous use of the pool by many other users. If there is only one user in the pool, it doesn’t matter if the link between the user’s deposit and withdrawal addresses is severed: simple inference will make it clear where the withdrawn tokens are coming from. Instead, many users use the pool at the same time. Think of it like a safe room in a bank. Anyone can go and store valuables in a locked box in that room, and assuming the lock is good, only the person with the key can retrieve those valuables. However, aside from security, this may or may not enhance privacy. If only one person is seen entering and exiting a room, then we know that any valuables in that room are theirs. On the other hand, if many people are in and out of the room frequently, then we have no way of knowing who controls which valuables in which box. By guaranteeing that users can only withdraw properties of the tokens they originally deposited, many users can use these pools at the same time with the guarantee that no one else will receive their tokens.

Traditionally, these guarantees have been provided by escrow services: such as a bank’s safe deposit box, or a group of people running “mixing services” among other cryptocurrency services. Mixer services like Blender.io accept tokens directly from their clients, aggregate and mix them, and then return the funds to their clients (often for a fee in the process). During the intermediate aggregation and mixing stage, the funds in question are completely controlled and mixed by the mixing service operator. In the final stages of the mixing process, users will receive funds directly from countless other users who are also using the service.

In contrast, Tornado Cash pools have no custodial operators, and users only withdraw tokens they originally deposited (rather than a mix of tokens from other users of the service). This is possible because of the important properties of deposit and withdrawal operations, which are performed automatically by using a privacy-preserving branch of mathematics called “zero-knowledge proofs.” ” This zero-knowledge cryptography is contained in Tornado Cash’s smart contract code and forms the basis for deposit and withdrawal operations.

zero-knowledge proof

In retrospect, Ethereum is transparent: anyone can view the transaction history and balances of any user account. Likewise, anyone can view the interaction history, balances and codes of the smart contract application. If a user performs an action using a smart contract, this interaction becomes a fact permanently recorded in the Ethereum public record, which can be invoked and checked by anyone. So how can a user deposit into the Tornado Cash pool and then withdraw to a different address without making an obvious connection to anyone observing the public records of Ethereum?

The answer lies in zero-knowledge proofs. A zero-knowledge proof is a cryptographic method whereby one party (the “prover”) can prove to another party (the “verifier”) that a given statement is true without the prover having to communicate anything other than that statement. other information.

YcuqKPT1FM7C5PCelWGuykC7z4afGkWTJ2x5DuJw.png

In Tornado Cash, a “prover” is a user who withdraws tokens from a pool, and a “validator” is one of the Tornado Cash pool contracts . When users withdraw their tokens using the pool smart contract, users must provide zero-knowledge proofs. The pool’s code automatically checks the proof of entry and only processes the withdrawal if the proof is valid. Exactly what statement the user is proving and how they create the proof is slightly more complicated and needs to be a bit more detailed in the deposit process.

Pool Deposit Process

CJiywz3I7p4StWxy2aI9M4BYotTSyYvBtIajJv3v.pngWhen a user wants to deposit tokens, they first generate a “deposit note” (a long string of numbers known only to the user). This is done on the user’s own computer and is never shared publicly. Next, the user prompts the Tornado Cash pool contract to process the deposit. In addition to this prompt, users provide the hash (or encoded form) of their deposit notes and deposit tokens. The pool smart contract automatically records coding comments as new entries in the public list of other users coding comments. At this point, the top-up user has completed the first part of the process and kept the deposit note as a receipt for withdrawing tokens later.

Pool Withdrawal Process

KhHuDX4JXWCFRqzfnQ3NwsSzFeVI2iWcyNirYK7H.png

When users are ready to withdraw their coins, they first split the deposit note in half. One side is like a “key” and the other side is like a “lock”. After that, the user prompts the Tornado Cash smart contract to withdraw money. In addition to prompts, users also provide:

  • the hash (or encoded form) of the “lock”
  • Zero-knowledge proofs generated using “keys” and “locks”

The pool smart contract uses these inputs to automatically verify (i.e. prove) the following:

1. Zero-knowledge proofs are generated using “secret keys”. It corresponds to one of the existing coded notes in the pool’s list of publicly coded notes (i.e. proof that the withdrawn tokens were previously deposited by someone), and it has the exact same “secret key”.

2. The same proofs also correspond to the encoded form of the “locks” provided with the proofs (i.e. the proofs that the person who extracted them must be the same person who deposited them).

3. The submitted “lock” has not been submitted before (ie the relevant deposit has not been withdrawn).

Assuming the proof is verified, the pool smart contract automatically:

1. Send users their tokens.

2. Record the coded “lock” in the public list of coded locks of other users to ensure that the same token cannot be taken away again.

Crucially, while doing the above, it is never revealed to which particular coded note this proof corresponds (i.e., among all depositors in Tornado Cash, who is now withdrawing).

Can Tornado Cash be removed or updated? If so, by whom?

As mentioned, for most readers, Tornado Cash is synonymous with a core subset of Tornado Cash smart contracts: Tornado Cash pools. The vast majority of these contracts are immutable. That is, they cannot be updated or deleted by anyone. A full list of sanctioned, immutable Tornado Cash pools can be found in Appendix A.

Note that many of these pools once played the role of “operator”. The operator role was initially taken by 0xDD4c…3384, aka Gitcoin Grants: Tornado.cash, another sanctioned address. This role provides its holder with two permissions:

  • updateVerifier: used to update the “verifier” used by the smart contract. Essentially, this permission can be used to modify how the contract handles zero-knowledge proofs.
  • changeOperator: Used to transfer the “operator” permission to another address, or completely revoke the “operator” permission by transferring the “operator” permission to the zero address.

In May 2020, the updateVerifier permission, along with the changeOperator permission, made a final update to the Tornado Cash pool. This updates the zero-knowledge proof processors for all pools to the final version with contributions from over 1,100 community participants. Additionally, this update revokes the “operator” permission by using changeOperator to transfer permissions to zero addresses. In fact, the May 2020 update solidified the community’s preference and ensured that no further changes could be made.

The few pools listed by the SDN still have “operator” rights. Of these, two belong to the very old, now unused version of Tornado Cash. The remaining pools either have newer, immutable versions or are used so little that they are likely to be ignored during the final update in May 2020. Most of the remaining eight pools have not been used, and the pools that have been used have only been used once or twice in the past three years. A complete list of obsolete Tornado Cash pools that retain operator rights is in Appendix C.

Tornado Cash Auxiliary Contracts and Controls

Governance and TORN Tokens

The pool smart contract represents the core of the Tornado Cash application, which remains unchanged and not controlled by any one party. However, OFAC sanctions also include ancillary smart contracts that provide a coordination mechanism for the community to continue maintaining and using Tornado Cash. Some of these contracts are unused today and belong to older versions of Tornado Cash. A full list of OFAC-sanctioned smart contracts related to Tornado Cash’s community maintenance can be found in Appendix B.

The SDN list includes two main contracts that are still in use today:

  • Tornado Cash (Router): Registry of the latest Tornado Cash pool, consistent with the current version of Tornado Cash. Users can choose to interact with the Tornado Cash pool via a router contract, ensuring that their deposits and withdrawals are processed using the latest code.
  • Tornado Cash (Relayer Registry) : An operator registry that provides relay-assisted withdrawal services for Tornado Cash users. Users can choose to process their withdrawals through a relay, which can provide additional privacy.

Unlike pool smart contracts, Router and Relayer Registry support some updatable features. However, the authority to update these contracts is not held by a human, but by another smart contract. This smart contract, also known as Tornado Cash: Governance, defines the rules and actions that determine how to update the Router and Relayer Registry.

In short, Tornado Cash: Governance stipulates that updates to these smart contracts are handled at the request of the community, and the community votes the public to determine which updates should be made and when. Any holder of TORN tokens can participate in these votes. TORN is an ERC20 token built on Ethereum that is explicitly used by the community to vote on governance proposals. Any user of Ethereum can purchase TORN tokens and participate in the process.

Please note that while this process allows the wider Ethereum community to participate in the development and maintenance of Tornado Cash, no part of this process allows updating or deleting the Tornado Cash pool smart contract. Additionally, participating in the Tornado Cash: Governance process is completely optional: users can use the Tornado Cash pool without having to participate, supervise, or interact with the Tornado Cash: Governance process.

Although Tornado Cash: Governance and the TORN token contract are part of the Tornado Cash software ecosystem, neither has been added to OFAC’s SDN list.

Relay

As mentioned earlier, “Relayer” is an independent operator that offers optional services to Tornado Cash users.

By default, when the user prompts the Tornado Cash pool contract to withdraw money, the withdrawal account needs to already have ETH in order to pay the Ethereum network to process the operation of the smart contract. However, sending ether to the withdrawal account prior to withdrawal may create a link between the user’s deposit and withdrawal accounts.

Relayer allows users to withdraw funds without pre-funding their withdrawal accounts, which helps users maintain privacy when withdrawing.

Ni4N9LihjJefvNnfN5W5wiPEaaVv0IXnDbD8KNbo.pngUsers select a Relayer from the public Relayer Registry, another sanctioned Tornado Cash smart contract. The user then uses their withdrawal account to sign a transaction authorizing the Relayer to facilitate the withdrawal. Users send this transaction to a Relayer of their choice, which handles withdrawals on their behalf, earning fees in the process. Note that Relayer never takes custody of the user’s tokens, even if they process withdrawals on behalf of the user; the smart contract ensures that withdrawn tokens are only sent to the user’s withdrawal account.

OFAC has not specifically added any relay addresses to the SDN list, but it has added a smart contract that contains a registry of relayers to the list.

Compliance tools

Tornado Cash is designed to enable users of Ethereum to protect their privacy. Rather than revealing their full financial history, Tornado Cash gives users control over their personal information: what is shared and with whom. However, maintaining privacy and maintaining control over personal information does not need to come at the expense of not complying with legal obligations.

To this end, the developers of Tornado Cash created the Tornado Cash Compliance Tool. Users provide the tool with raw “deposit notes” generated during the pool deposit process to create a PDF report providing proof of the original origin of the tokens. While the Tornado Cash pool contract severes the public link between user deposit and withdrawal addresses, compliance tools allow users to selectively “undo” this severance in order to provide traceability to third parties.

HYEd7b5y1WAF5xovkuAM5TWxv26Z9crH83MfYxiO.pngCompliance tools are not smart contracts. However, like the other software described in this article, the Compliance Tool is not a service provided by the developers of Tornado Cash; it is an open-source tool that anyone can use.

Other Tornado Cash Smart Contracts and Addresses

Finally, two of the sanctioned addresses are donation addresses. These addresses have been used in the past to raise funds to support the development of the privacy software that powers Tornado Cash. While certain persons or entities do control the coins sent to these addresses, to the best of our knowledge, these coins are not mixed or rerouted for privacy purposes. They are simply gifts from the sender to support the software development work undertaken by the recipient. A complete list of OFAC-approved donation addresses can be found in Appendix D.

Overall, while the few contracts listed by OFAC do retain elements of human control, none of them are key to Tornado Cash’s privacy tools, and none of them control user tokens. The core privacy tools – pool contracts – are not controlled by any individual or group; they are just widely distributed computer code executed by the Ethereum network according to strict and unchangeable rules.

Summarize

  • The Tornado Cash smart contract allows users to deposit their tokens and subsequently withdraw them to another address.
  • Even if anyone can observe users depositing or withdrawing tokens, they cannot determine which withdrawals correspond to which deposits.
  • These operations are defined as smart contract code that can be performed automatically without any intermediaries or third parties.
  • Users always retain control over their funds and can only withdraw the coins they originally deposited.
  • No one controls the operation of these Tornado Cash smart contracts, and no one has the ability to change their operation in the future.
  • Some OFAC-sanctioned addresses retain some degree of human control. However, these addresses are not at the heart of Tornado Cash’s privacy operations, and Tornado Cash cores are in immutable addresses and have no control over any user tokens.

Addendum: Sanctioned Address Classification

The appendix lists all addresses sanctioned by OFAC. They have been categorized according to the functionality they provide in the Tornado Cash app.

Each address listed contains the following information:

  • Name: The name of the sanctioned address. Note that these names do not come from the Tornado Cash developers, they come from Etherscan, a third-party service whose website can be used to display information about the current state of Ethereum. The names listed are intended for ease of reference and do not necessarily reflect the views of the community or Tornado Cash developers.
  • Description: A short description of what each address refers to.

A: An immutable list of Tornado Cash pools

0x12D66f87A04A9E220743712cE6d9bB1B5616B8Fc

Name: Tornado.Cash: 0.1 ETH

Description: A Tornado Cash pool that allows deposits and withdrawals in units of 0.1 ETH.

Operator: revoked (the operator has been set to zero address)

0x47CE0C6eD5B0Ce3d3A51fdb1C52DC66a7c3c2936

Name: Tornado.Cash: 1 ETH

Description: A Tornado Cash pool that allows deposits and withdrawals in units of 1 ETH.

Operator: revoked (the operator has been set to zero address)

0x910Cbd523D972eb0a6f4cAe4618aD62622b39DbF

Name: Tornado.Cash: 10 ETH

Description: A Tornado Cash pool that allows deposits and withdrawals in units of 10 ETH.

Operator: revoked (the operator has been set to zero address)

0xA160cdAB225685dA1d56aa342Ad8841c3b53f291

Name: Tornado. Cash: 100 ETH

Description: A Tornado Cash pool that allows deposits and withdrawals in units of 100 ETH.

Operator: revoked (the operator has been set to zero address)

0xD4B88Df4D29F5CedD6857912842cff3b20C8Cfa3

Name: Tornado.Cash: 100 DAI

Description: A Tornado Cash pool that allows deposits and withdrawals in units of 100 DAI.

Operator: revoked (the operator has been set to zero address)

0xFD8610d20aA15b7B2E3Be39B396a1bC3516c7144

Name: Tornado.Cash: 1000 DAI

Description: A Tornado Cash pool that allows deposits and withdrawals in units of 1000 DAI.

Operator: revoked (the operator has been set to zero address)

0x07687e702b410Fa43f4cB4Af7FA097918ffD2730

Name: Tornado.Cash: 10000 DAI 2

Description: A Tornado Cash pool that allows deposits and withdrawals in units of 10,000 DAI.

Operator: revoked (the operator has been set to zero address)

0x23773E65ed146A459791799d01336DB287f25334

Name: Tornado.Cash: 100000 DAI

Description: A Tornado Cash pool that allows deposits and withdrawals in units of 100,000 DAI.

Operator: None (excluding functionality)

0x22aaA7720ddd5388A3c0A3333430953C68f1849b

Name: Tornado.Cash: 5000 cDAI

Description: A Tornado Cash pool that allows deposits and withdrawals in units of 5000 cDAI.

Operator: revoked (the operator has been set to zero address)

0xBA214C1c1928a32Bffe790263E38B4Af9bFCD659

Name: Tornado.Cash: 50000 cDAI

Description: A Tornado Cash pool that allows deposits and withdrawals in units of 50,000 cDAI.

Operator: revoked (the operator has been set to zero address)

0x03893a7c7463AE47D46bc7f091665f1893656003

Name: Tornado.Cash: 50000 cDAI 2

Description: An updated version of the 50000 cDAI Tornado Cash pool that allows deposits and withdrawals in 50000 cDAI units.

Operator: None (excluding functionality)

0x2717c5e28cf931547B621a5dddb772Ab6A35B701

Name: Tornado.Cash: 500000 cDAI 2

Description: A Tornado Cash pool that allows deposits and withdrawals in units of 500,000 cDAI.

Operator: None (excluding functionality)

0xD21be7248e0197Ee08E0c20D4a96DEBdaC3D20Af

Name: Tornado.Cash: 5000000 cDAI

Description: A Tornado Cash pool that allows deposits and withdrawals in units of 5000000 cDAI.

Operator: None (excluding functionality)

0x4736dCf1b7A3d580672CcE6E7c65cd5cc9cFBa9D

Name: Tornado.Cash: 100 USDC

Description: A Tornado Cash pool that allows deposits and withdrawals in units of 100 USDC.

Operator: revoked (the operator has been set to zero address)

0xd96f2B1c14Db8458374d9Aca76E26c3D18364307

Name: Tornado.Cash: 1000 USDC

Description: A Tornado Cash pool that allows deposits and withdrawals in units of 1000 USDC.

Operator: revoked (the operator has been set to zero address)

0x169AD27A470D064DEDE56a2D3ff727986b15D52B

Name: Tornado.Cash: 100 USDT

Description: A Tornado Cash pool that allows deposits and withdrawals in units of 100USDT.

Operator: revoked (operator set to zero address)

0x0836222F2B2B24A3F36f98668Ed8F0B38D1a872f

Name: Tornado.Cash: 1000 USDT

Description: A Tornado Cash pool that allows deposits and withdrawals in units of 1000 USDT.

Operator: revoked (operator set to zero address)

0x178169B423a011fff22B9e3F3abeA13414dDD0F1

Name: Tornado.Cash: 0.1 WBTC

Description: A Tornado Cash pool that allows deposits and withdrawals in units of 0.1 WBTC.

Operator: None (excluding functionality)

0x610B717796ad172B316836AC95a2ffad065CeaB4

Name: Tornado.Cash: 1 WBTC

Description: A Tornado Cash pool that allows deposits and withdrawals in units of 1 WBTC.

Operator: None (excluding functionality)

0xbB93e510BbCD0B7beb5A853875f9eC60275CF498

Name: Tornado.Cash: 10 WBTC

Description: A Tornado Cash pool that allows deposits and withdrawals in units of 10 WBTC.

Operator: None (excluding functionality)

B: List of community governance contracts

0xd90e2f925DA726b50C4Ed8D0Fb90Ad053324F31b

Name: Tornado.Cash:Router

Description: A contract that maintains a list of Tornado Cash pools that users can use to route deposits and withdrawals to the correct Tornado Cash pool.

Still in use: yes.

Governance Controls: No significant controls. The community can choose to withdraw any tokens sent to the router, as the router is not the intended recipient of the tokens.

0x58E8dCC13BE9780fC42E8723D8EaD4CF46943dF2

Name: Tornado.Cash: Relayer Registry

Description: This contract allows anyone to register as a Tornado Cash Relayer. Relayer offers users an optional service to make gas-free withdrawals.

Still in use: yes.

Governance Control: Updatable before community voting.

0x527653eA119F3E6a1F5BD18fbF4714081D7B31ce

Name: Tornado.Cash:Trees

Description: This contract contains the merkle tree of all Tornado Cash deposit and withdrawal events.

Still in use: No, this is related to an older version of Tornado Cash.

Governance Control: Updatable before community voting.

0xCa0840578f57fE71599D29375e16783424023357

Name: Tornado.Cash: L1 Helper

Description: Allows user-specified deposited ether to connect to the Tornado Cash pool on the Gnosis Chain blockchain. This smart contract is not a major part of the Tornado Cash application.

Still in use: yes.

Governance Controls: No significant controls. The community can choose to withdraw tokens sent to this contract as it is not the intended recipient.

0x722122dF12D4e14e13Ac3b6895a86e84145b6967

Name: Tornado.Cash:Proxy

Description: Tornado.Cash: Older version of Router.

Still in use: No, this is related to an older version of Tornado Cash.

Governance Controls: No significant controls after deprecation of this contract in February 2022. The community may choose to withdraw tokens sent to this contract as it is not the intended recipient.

0x905b63Fff465B9fFBF41DeA908CEb12478ec7601

Name: Tornado.Cash: Old Proxy

Description: Tornado.Cash: Older version of Router.

Still in use: No, this is related to an older version of Tornado Cash.

Governance Controls: No significant controls. The community can choose to withdraw tokens sent to this contract as it is not the intended recipient.

C: List of expired contracts that retain operator rights

0x94A1B5CdB22c43faab4AbEb5c74999895464Ddaf

Name: Tornado.Cash: Mixer 1

Description: Old version of Tornado Cash pool, not used today.

Operator: 0x8589427373D6D84E98730D7795D8f6f8731FDA16 aka Tornado Cash: Donate

Operator Control:

No one can delete this contract.

The only permissions granted to operators are those to “enable” and “disable” contract usage. As of October 2019, the operator has “disabled” the use of the contract.

0xb541fc07bC7619fD4062A54d96268525cBC6FfEF

Name: Tornado.Cash: Mixer 2

Description: Old version of Tornado Cash pool, not used today.

Operator: 0xDD4c48C0B24039969fC16D1cdF626eaB821d3384, aka Gitcoin Grants: Tornado.cash

Operator Controlled: Can be updated by the operator.

0xF60dD140cFf0706bAE9Cd734Ac3ae76AD9eBC32A

Name: Tornado.Cash: 10000 DAI

Description: Old/unused Tornado Cash pool that allows deposits and withdrawals in 10000 DAI increments.

Last used: February 2020

Operator: 0xDD4c48C0B24039969fC16D1cdF626eaB821d3384, aka Gitcoin Grants: Tornado.cash

Operator Control:

No one can delete this contract.

The only authority granted to the operator is to update the authority of the “validator” used by the contract. Essentially, the operator may change the way this contract handles zero-knowledge proofs.

0xb1C8094B234DcE6e03f10a5b673c1d8C69739A00

Name: Tornado.Cash: 500000 cDAI

Description: An unused Tornado Cash pool that allows deposits and withdrawals in units of 500000 cDAI.

Last used: never used

Operator: 0xDD4c48C0B24039969fC16D1cdF626eaB821d3384, aka Gitcoin Grants: Tornado.cash

Operator Control:

No one can delete this contract.

The only authority granted to the operator is to update the authority of the “validator” used by the contract. Essentially, the operator may change the way this contract handles zero-knowledge proofs.

0xD691F27f38B395864Ea86CfC7253969B409c362d

Name: Tornado.Cash: 10000 USDC

Description: An unused Tornado Cash pool that allows deposits and withdrawals in units of 10000 USDC.

Last used: never used

Operator: 0xDD4c48C0B24039969fC16D1cdF626eaB821d3384, aka Gitcoin Grants: Tornado.cash

Operator Control:

No one can delete this contract.

The only authority granted to the operator is to update the authority of the “validator” used by the contract. Essentially, the operator may change the way this contract handles zero-knowledge proofs.

0xaEaaC358560e11f52454D997AAFF2c5731B6f8a6

Name: Tornado.Cash: 5000 cUSDC

Description: Old/unused Tornado Cash pool that allows deposits and withdrawals in units of 5000 cUSDC.

Last used: May 2020

Operator: 0xDD4c48C0B24039969fC16D1cdF626eaB821d3384, aka Gitcoin Grants: Tornado.cash

Operator Control:

No one can delete this contract.

The only authority granted to the operator is to update the authority of the “validator” used by the contract. Essentially, the operator may change the way this contract handles zero-knowledge proofs.

0x1356c899D8C9467C7f71C195612F8A395aBf2f0a

Name: Tornado.Cash: 50000 cUSDC

Description: An unused Tornado Cash pool that allows deposits and withdrawals in units of 50,000 cUSDC.

Last used: never used

Operator: 0xDD4c48C0B24039969fC16D1cdF626eaB821d3384, aka Gitcoin Grants: Tornado.cash

Operator Control:

No one can delete this contract.

The only authority granted to the operator is to update the authority of the “validator” used by the contract. Essentially, the operator may change the way this contract handles zero-knowledge proofs.

0xA60C772958a3eD56c1F15dD055bA37AC8e523a0D

Name: Tornado.Cash: 500000 cUSDC

Description: An unused Tornado Cash pool that allows deposits and withdrawals in units of 500,000 cUSDC.

Last used: never used

Operator: 0xDD4c48C0B24039969fC16D1cdF626eaB821d3384, aka Gitcoin Grants: Tornado.cash

Operator Control:

No one can delete this contract.

The only authority granted to the operator is to update the authority of the “validator” used by the contract. Essentially, the operator may change the way this contract handles zero-knowledge proofs.

0xF67721A2D8F736E75a49FdD7FAd2e31D8676542a

Name: Tornado.Cash: 10000 USDT

Description: Old/unused Tornado Cash pool that allows deposits and withdrawals in units of 10000 USDT.

Last used: May 2020

Operator: 0xDD4c48C0B24039969fC16D1cdF626eaB821d3384, aka Gitcoin Grants: Tornado.cash

Operator Control:

No one can delete this contract.

The only authority granted to the operator is to update the authority of the “validator” used by the contract. Essentially, the operator may change the way this contract handles zero-knowledge proofs.

0x9AD122c22B14202B4490eDAf288FDb3C7cb3ff5E

Name: Tornado.Cash: 100000 USDT

Description: An unused Tornado Cash pool that allows deposits and withdrawals in units of 100,000 USDT.

Last used: never used

Operator: 0xDD4c48C0B24039969fC16D1cdF626eaB821d3384, aka Gitcoin Grants: Tornado.cash

Operator Control:

No one can delete this contract.

The only authority granted to the operator is to update the authority of the “validator” used by the contract. Essentially, the operator may change the way this contract handles zero-knowledge proofs.

D: List of donation addresses

0xDD4c48C0B24039969fC16D1cdF626eaB821d3384

Name: Gitcoin Grants: Tornado.cash

Description: A smart contract for receiving software development grants from the Gitcoin crowdfunding platform.

0x8589427373D6D84E98730D7795D8f6f8731FDA16

Name: Gitcoin Grants: Tornado.cash

Description: User address for receiving donations for software development. The address is not a smart contract.

Posted by:CoinYuppie,Reprinted with attribution to:https://coinyuppie.com/a-4d-long-article-explains-how-tornado-cash-works-and-what-is-sanctioned/
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.

Like (0)
Donate Buy me a coffee Buy me a coffee
Previous 2022-08-26 10:22
Next 2022-08-26 10:24

Related articles