Tornado Cash: The Holy Grail of Privacy Trading

Tornado Cash is a middleware for privacy transactions based on zero-knowledge proofs implemented on Ether.

01 Preface

The Internet is almost 50 years old since the birth of the TCP/IP protocol in 1974. Today’s regulatory regime has become increasingly stringent and the Internet infrastructure has become more sophisticated, and the anonymity that was once widely advertised by the Internet has become unbearable.

Blockchain is similar to the early Internet in that it emphasizes privacy and anonymity; the concept of blockchain was first introduced in 1991, and Satoshi Nakamoto first applied blockchain technology to Bitcoin in 2008, only 13 years ago. As cryptocurrencies are gradually recognized, the regulatory infrastructure will surely become more sophisticated.

In fact, the privacy feature described in Bitcoin’s white paper [1] only ensures that the user’s real identity is not tied to the address to complete an on-chain transfer. However, as cryptocurrencies and exchanges move towards compliance, Know Your Customer (KYC) has become an essential part of most cryptocurrency-to-fiat transactions.

Further, in order to ensure the absolute security of the source of funds during cryptocurrency-to-fiat transactions, both parties to the transaction even want to be involved in the transaction in their real names. As a result, the privacy characteristics of cryptocurrencies are gradually disintegrating.

But in reality, the need for privacy in the cryptocurrency world is continuously growing. The size of KYC data stored in cryptocurrency exchanges has increased exponentially, while data security solutions have not been iterated in time. However, because of the high unit value of KYC data, it has inevitably become one of the main targets for hackers, and to date several exchanges have suffered varying degrees of leakage of user data.

The privacy of cryptocurrencies, therefore, will also become an indispensable piece of the puzzle in the map of the crypto world.

A host of public chains, led by Monroe Currency (XMR), have tried to solve this problem. However, since the boom of Decentralized Finance (DeFi), smart contracts have become the immediate need in the cryptocurrency space, and EVM has become the standard for mainstream public chains. In order to take into account the privacy characteristics, public chains such as Monroe cannot run smart contracts, and their usage scenarios are very limited. In addition, due to the high security of Monroe (the IRS offered a reward of $625,000 to crack Monroe [2]), exchanges such as Coinbase are unable to list Monroe in order to meet compliance requirements, so its circulation is also limited.

Ether, as the public chain with the most complete DeFi ecology, has traceable links for asset transfers between all addresses, which completely wipes out the privacy characteristics of cryptocurrencies, and the collusion between addresses is visible.

Therefore, a project based on Ether (or other public chains capable of running smart contracts) with privacy transaction features became an immediate need in the market, and Tornado Cash was born.

02 Project Overview

Tornado Cash is a privacy transaction middleware implemented on Ether based on zero-knowledge proofs. It uses zk-SNARK (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge) to send ETH and ERC20 tokens (currently supporting DAI, cDAI, USDC, USDT, WBTC) in an untraceable manner to to any address.

In practice, users need to deposit cryptocurrencies into the privacy pool and obtain a deposit certificate, through which they can withdraw the previously deposited cryptocurrencies to any address in the future. Since the data transferred during the generation and use of the deposit voucher does not contain the voucher itself, it is ensured that the two transfers of money are completely independent of each other. Moreover, thanks to the relay service, the Ether address at the time of withdrawal does not even need to have the ETH to pay for the transfer, i.e., it is possible to withdraw to a completely blank address.

According to Dune Analytics [3], Tornado Cash has the largest pool of private assets on the blockchain with 156,000 ETH and $165 million currently in its pool of blended coins. Currently, over 12,000 unique addresses have executed approximately 48,000 deposits into the protocol and over 17,000 unique addresses have withdrawn money from the protocol, paying a total of over $2 million in relay fees to the relay service.

03 Market Opportunity

Privacy transactions are an indispensable piece of the puzzle in the cryptocurrency world. While not all users are willing to expose the source and destination of their funds during transfers, the nature of blockchain leads to complete exposure of the collusion between accounts. tornado Cash, as an optional privacy component for users to transfer funds on the ethereum chain, maximizes the exposure of the relationship between addresses during asset transfers. A few examples to better illustrate the use cases of Tornado Cash are as follows.

Private transfer of assets between addresses.

Transfer vouchers to generate reports on the legitimacy of asset source transfers (including deposit address, amount, and date and withdrawal address, amount, and date).

When conducting cryptocurrency-to-fiat currency transactions, the KYC process during the transaction is avoided by trading the deposit credentials (not the cryptocurrency itself) to maximize the protection of personal privacy.

04 Competitor Analysis

Privacy transaction public chains

Monero and Zcash are the two major players in the privacy coin space.

Monero uses Stealth Address, Ring Confidential Transactions (RingCT) technology to balance anonymity and transfer efficiency.

Zcash is the first cryptocurrency to use zk-SNARK (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge). tornado Cash also uses this technology as a security guarantee for privacy transactions.

However, privacy coin public chains share the same problem of not being able to add support for smart contracts while guaranteeing privacy transactions, and Oasis Labs’ Ekiden has tried to do this, but due to the immaturity of the product and the lack of sufficient developer support, we think it will be difficult to make a strong impact for some time to come.

Oasis Labs’ Ekiden has made attempts in this area, but due to the immaturity of the product and the lack of sufficient developer support, we believe it will be difficult to make a strong impact for some time to come.

Secret Network is also designing privacy calculations within general-purpose smart contracts, however only on-chain exchanges have been released on the chain so far, and there is a lack of liquidity within the house. At the same time, Secret Network needs to use Rust for development, however, the number of Rust developers is currently very small and mainly concentrated in the PoC ecosystem.

Ethernet Virtual Machine (EVM) privacy solution

There are few privacy transaction projects based on Ethernet Virtual Machine (EVM), and there are three competing products of Tornado Cash, namely Typhoon Cash, Typhoon Network and Cyclone.

Typhoon Cash is a project endorsed by Lixing Huang [4], erected on Ether, reusing most of the code of Tornado Cash, with a total locked position of only tens of thousands of dollars, the last deposit occurred 3 months ago, and the relay service is entirely provided by the official, with a very strong risk of single point of failure.

Typhoon Network is built on the Coin Security Smartchain (BSC), reuses most of the code of Tornado Cash, has a total locked position of just under $40,000, and the relay service is entirely provided by the Crown, with a very strong risk of single point of failure.

Cyclone is developed on the basis of Tornado Cash, deployed on Ether, Coinan smart chain and IoTeX, requires additional on-chain base currencies (such as ETH, BNB and IOTX) and governance tokens CYC to complete deposits, and requires users to pay anonymous pool fees and relay fees using CYC, in addition, all relay facilities are directly provided by the official provided, with a very strong single point of failure risk.

It can be seen that the competitor has a highly centralized product under the banner of decentralized privacy middleware.

From the total locked position of the above projects, we can see that Tornado Cash has an absolute advantage and financial support.

In summary, Tornado Cash has no strong and original competitor for the time being.

05 Token Economics

On December 18, 2020, Tornado Cash released $TORN as the governance token of Tornado Cash, and the specific rules can be found in the official Medium [5].

The token distribution ratio and release rules are shown below.

Tornado Cash: The Holy Grail of Privacy Trading
Tornado Cash: The Holy Grail of Privacy Trading

1inch [6] and the Tornado Cash community [7] have successively proposed and adopted liquidity mining rewards to attract users to provide liquidity in $TORN-$ETH trading pairs.

Currently, providing $TORN-$ETH liquidity on 1inch is able to earn 80% annualized return on $1INCH tokens, and the official liquidity reward pool is able to earn 266% annualized return on $TORN tokens.

Since the liquidity mining rewards are passed by community voting proposal, even without developing front-end code, the mining portal is accessed by the front-end of other tool products (such as vfat [8]), fully reflecting the spirit of community autonomy.

06 Community

Since the governance and iteration of Tornado Cash follow absolute decentralization, it has a good community atmosphere. In addition to the active Telegram and Discord communities, Tornado Cash’s forum [9] already has 799 topics.

Moreover, due to the nature of Tornado Cash’s unpluggable privacy component, other privacy projects on Ether can rely on Tornado Cash’s privacy deposit pool for further exploration, for example, Blank Wallet [10] built a set of privacy wallets based on Tornado Cash’s privacy deposit pool.

07 Governance

As a governance token, $TORN has governance capabilities that exceed those of other governance tokens.Tornado Cash has wanted the project to be fully autonomous by the community since its inception.After May 2020, the Tornado Cash team burned all administrative access to the deposit pool and was no longer able to shut down the project’s operations.In December 2020, the governance token was accompanied by a governance contract to co On-line, all future governance proposals can only be initiated and executed through the governance contract.

Governance and development of traditional projects are separate efforts. Any individual or organization initiates a proposal, and the user votes on it before proceeding to the subsequent development process. The proposal goes live and deployment remains in the hands of the team controlling the private key.

Unlike traditional projects, Tornado Cash’s users are required to provide a complete solution when they initiate a proposal, and all proposals need to be developed in advance by the initiator and deployed on the blockchain as smart contracts for all to audit.

In order to initiate a proposal in the governance contract, the initiator needs to have more than 1000 $TORN tokens and point the proposal to the completed smart contract deployed on the blockchain in the governance contract. If the proposal is voted by enough $TORN tokens, anyone can call the execute() method to execute the executeProposal() function in the proposal to make the proposal effective, and no additional private key signature is required to complete the rest of the contract deployment and token distribution process. Therefore, Tornado Cash may be the only project that achieves fully decentralized governance and development at present.

Currently, a total of six community proposals have been completed.

At this stage, the community is discussing [11] the possibility of pledging $TORN to register relay nodes, foreshadowing that future $TORN holders will be able to support further decentralization of the project and gain revenue by deploying relay nodes. Meanwhile, the community is also discussing [12] to increase support for the algorithmic stablecoin Frax, with the view that the privacy component and the decentralized stablecoin should complement each other. There are also calls for the project to undertake multi-chain (Coin Smart Chain, Solana, etc.) deployments, but few have responded.

08 Security

Tornado Cash achieves the privacy of on-chain transactions at the contract level, however, the privacy of on-chain transactions is not all that Tornado Cash has to offer.

To prevent problems such as server dropouts, inaccessibility of websites in some countries, and some users not wanting to expose their access records to Internet Service Providers (ISPs), Tornado Cash deploys an IPFS version of the front-end and also provides a full set of front-end source code on GitHub for users to deploy on their own.

When using the relay service, users will make requests directly to the relay node and thus may expose their IP addresses to the relay node. Therefore, Tornado Cash recommends that all users initiate requests to the relay node via VPN to protect their IPs from being leaked. In addition, it also provides a version of Tornado Cash based on onion routing (Tor) [13], and there are also relay service providers that provide a Tor version of relay services, where all network requests are forwarded through multiple relays to ensure absolute security.

To avoid time correlation of access transactions, it is also officially recommended that withdrawals be made 24 hours after the deposit is made or after 12 or more other deposits have entered.

As a result, Tornado Cash enables anonymous as well as stable access from the user to the web front-end, the relay service and the contract side. As the number of relay service providers continues to increase, the stability of the Tornado Cash service will be further enhanced.

09 Compliance Risk

Despite the huge potential and market size of Tornado Cash as the only currently available middleware for privacy transactions on the Etherchain, it faces compliance risks that far exceed those of other projects.

Roman Storm of Tornado Cash has previously stated that Tornado Cash is currently autonomous and not controlled by developers. However, in order to meet compliance requirements, Tornado Cash is still developed in v2 to support the generation of reports on the legality of asset source transfers via deposit vouchers, which include deposit address, amount, and date and withdrawal address, amount, and date. However, Coinbase, which has a stricter compliance review, has also frozen accounts that were topped up from Ether wallets where Tornado Cash had interactions.

For Tornado Cash, how to ensure compliance and privacy at the same time is the most important issue to consider at the moment.

10 Conclusion

As the largest privacy transaction middleware on Ether, Tornado Cash’s developers do not hold administrator rights to the project and insist on enforcing community autonomy, which protects the security of the development team on the one hand and allows the project to be fully decentralized in governance and development on the other, enabling it to grow in the long run.

We believe that with the compliance of cryptocurrencies and exchanges, and after the regulatory system and supporting infrastructure are gradually improved, privacy trading will be paid more and more attention. As the most complete public chain in the ecology, on-chain privacy transactions will definitely become one of the popular tracks.

At that time, Tornado Cash will become an important part of the privacy transaction ecology, which can not only provide privacy transaction services directly for users, but also its reservoir can become the underlying asset of other privacy components. As the governance token of Tornado Cash, $TORN has stronger governance ability and control over the protocol than other governance tokens. With the addition of possible future node election and the expectation of holding dividends, $TORN has a very good prospect.


[1] Bitcoin White Paper:

[2] IRS offers $625,000 reward for cracking Monocoin:

【3】Dune Analytics:

【4】Licheng Huang:

【5】Official Medium:


【7】Tornado Cash Community:



【10】Blank Wallet:

【11】Community is discussing the possibility of pledging $TORN to register relay nodes:

【12】The community is also discussing adding support for the algorithmic stablecoin Frax:

【13】Onion Routing (Tor):

Posted by:CoinYuppie,Reprinted with attribution to:
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.

Like (0)
Donate Buy me a coffee Buy me a coffee
Previous 2021-05-09 15:59
Next 2021-05-09 16:21

Related articles