Why is Tornado Cash called a paradise for privacy transactions?

Author: Dai Guan, PANews

01 Introduction

The internet has been around for nearly 50 years since the birth of the TCP/IP protocol in 1974. Today, regulatory systems are becoming increasingly stringent, and internet infrastructure is becoming more complete. The anonymity that was once widely promoted by the internet has become fragile.

Blockchain is very similar to the early internet, emphasizing privacy and anonymity. The concept of blockchain was first proposed in 1991, and in 2008, Satoshi Nakamoto first applied blockchain technology to Bitcoin, which has only been 13 years. As cryptocurrencies gradually gain recognition, the regulatory infrastructure related to them will also become increasingly refined.

In fact, the privacy feature mentioned in Bitcoin's white paper can only ensure that there is no binding relationship between the user's real identity and address to complete on-chain transfers. However, as cryptocurrencies and exchanges gradually move towards compliance, identity verification (Know Your Customer, KYC) has become an essential part of most scenarios involving cryptocurrency to fiat transactions.

Furthermore, to ensure the absolute security of the source of funds during cryptocurrency to fiat transactions, both parties in the transaction even hope that the other can participate in the transaction in a real-name manner. Therefore, the privacy feature of cryptocurrencies is gradually disintegrating.

However, the demand for privacy in the cryptocurrency world is continuously growing. The scale of KYC data stored in cryptocurrency exchanges is increasing exponentially, yet data security solutions have not been iterated in a timely manner. Because KYC data has a high unit value, it has inevitably become one of the main targets for hackers, and to date, user data from multiple exchanges has been leaked to varying degrees.

Therefore, the privacy of cryptocurrencies will also become an indispensable piece of the puzzle in the landscape of the crypto world.

A number of public chains led by Monero (XMR) have attempted to solve this problem. However, since the booming development of decentralized finance (DeFi), smart contracts have become a necessity in the cryptocurrency field, and EVM has thus become the standard configuration for mainstream public chains. To balance privacy features, public chains like Monero cannot run smart contracts, and their use cases are very limited. Additionally, due to Monero's high security (the U.S. Internal Revenue Service offered a reward of $625,000 to crack Monero), exchanges like Coinbase cannot list Monero to meet compliance requirements, thus limiting its circulation.

As the public chain with the most complete DeFi ecosystem, Ethereum has traceable links between asset transfers among all addresses, which completely erases the privacy features of cryptocurrencies, making the relationships between addresses transparent.

Therefore, a project based on Ethereum (or other public chains that can run smart contracts) with privacy trading features has become a market necessity, leading to the emergence of Tornado Cash.

02 Project Overview

Tornado Cash is a privacy trading middleware implemented on Ethereum based on zero-knowledge proofs. It uses zk-SNARK (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge), allowing ETH and ERC20 tokens (currently supporting DAI, cDAI, USDC, USDT, WBTC) to be sent to any address in a non-traceable manner.

In practical use, users need to first deposit cryptocurrency into a privacy pool and receive a deposit certificate. In the future, users can use the deposit certificate to withdraw the previously deposited cryptocurrency to any address. Since the transfer data during the generation and use of the deposit certificate does not include the certificate itself, it ensures that the deposit and withdrawal transactions are completely independent. Additionally, due to the existence of relay services, the Ethereum address used for withdrawal does not even need to hold ETH to pay for transaction fees, meaning it can withdraw to a completely empty address.

According to Dune Analytics, Tornado Cash's mixing pool currently holds 156,000 ETH and $165 million, possessing the largest privacy asset pool on the blockchain. Currently, over 12,000 unique addresses have executed approximately 48,000 deposits into the protocol, and over 17,000 unique addresses have withdrawn from the protocol, paying over $2 million in relay fees to the relay service.

03 Market Opportunity

Privacy trading is an indispensable piece of the puzzle in the cryptocurrency world. During the transfer process, not all users are willing to expose their sources and destinations of funds, while the characteristics of blockchain lead to the complete exposure of relationships between accounts. Tornado Cash, as an optional privacy component for users transferring on the Ethereum chain, maximally resolves the exposure of relationships between addresses during asset transfers. The following examples can better illustrate the use cases of Tornado Cash:

• Private transfer of assets between addresses;
• Generating reports on the legitimacy of asset source transfers through transfer certificates (including deposit address, amount, date, and withdrawal address, amount, date);
• When conducting cryptocurrency to fiat transactions, using transaction deposit certificates (rather than the cryptocurrency itself) to avoid KYC processes during the transaction, thereby maximizing the protection of personal privacy.

04 Competitor Analysis

Privacy Trading Public Chains

Monero and Zcash are the two main players in the privacy coin space.

Monero uses stealth addresses and Ring Confidential Transactions (RingCT) technology, balancing anonymity and transfer efficiency.

Zcash was the first cryptocurrency to use zk-SNARK. Tornado Cash also employs this technology as a security guarantee for privacy trading.

However, privacy coin public chains face the same problem: they cannot support smart contracts while ensuring privacy trading. Oasis Labs' Ekiden has made attempts in this area, but due to the product being immature and lacking sufficient developer support, we believe it will be difficult for it to have a strong impact in the near future.

Oasis Labs' Ekiden has made attempts in this area, but due to the product being immature and lacking sufficient developer support, we believe it will be difficult for it to have a strong impact in the near future; Secret Network is also designing privacy computing within general-purpose smart contracts, but currently, only an on-chain exchange has been released, and liquidity within it is very scarce. Additionally, Secret Network requires development in Rust, but the number of Rust developers is currently very low and mainly concentrated in the Polkadot ecosystem.

Privacy Solutions Based on Ethereum Virtual Machine (EVM)

There are few privacy trading projects based on the Ethereum Virtual Machine (EVM), with three competitors to Tornado Cash: Typhoon Cash, Typhoon Network, and Cyclone.

Typhoon Cash is a project endorsed by Huang Licheng, built on Ethereum, reusing most of Tornado Cash's code, with a total locked amount of only a few tens of thousands of dollars. The last deposit occurred three months ago, and the relay service is entirely provided by the official, posing a significant single point of failure risk; Typhoon Network is built on Binance Smart Chain (BSC), reusing most of Tornado Cash's code, with a total locked amount of less than $40,000, and the relay service is entirely provided by the official, posing a significant single point of failure risk; Cyclone is developed based on Tornado Cash, deployed on Ethereum, Binance Smart Chain, and IoTeX, requiring additional on-chain base currencies (such as ETH, BNB, and IOTX) and governance token CYC to complete deposits, and requires users to use CYC to pay for anonymous pool fees and relay fees. Additionally, all relay facilities are directly provided by the official, posing a significant single point of failure risk.

It is evident that competitors, while claiming to be decentralized privacy middleware, possess highly centralized products.

From the total locked amounts of the aforementioned projects, it can be seen that Tornado Cash has an absolute advantage and financial support.

In summary, Tornado Cash currently has no strong, original competitors.

05 Token Economics

On December 18, 2020, Tornado Cash launched $TORN as its governance token, with specific rules available on the official Medium.

The token distribution ratio and release rules are shown in the following images:

1inch and the Tornado Cash community have proposed and approved liquidity mining rewards to attract users to provide liquidity for the $TORN-$ETH trading pair.

Currently, providing $TORN-$ETH liquidity on 1inch can earn an annualized yield of 80% in $1INCH tokens, while the official liquidity reward pool can earn an annualized yield of 266% in $TORN tokens.

Since the liquidity mining rewards are community-voted proposals and even lack front-end code development, the mining entry is integrated by other tool products (such as vfat), fully reflecting the spirit of community autonomy.

06 Community

Due to Tornado Cash's governance and iteration following absolute decentralization, it has a good community atmosphere. In addition to active Telegram and Discord groups, Tornado Cash's forum has already had 799 topics.

Additionally, due to Tornado Cash's pluggable privacy component feature, other privacy projects on Ethereum can rely on Tornado Cash's privacy deposit pool for further exploration, such as Blank Wallet, which has built a privacy wallet based on Tornado Cash's privacy deposit pool.

07 Governance

As a governance token, $TORN has governance capabilities that exceed those of other governance tokens. Since its inception, Tornado Cash has aimed for the project to be completely community-governed. After May 2020, the Tornado Cash team burned all management rights over the deposit pools, and the project can no longer be shut down. In December 2020, the governance token was launched alongside the governance contract, and in the future, all governance proposals can only be initiated and executed through the governance contract.

In traditional projects, governance and development are independent tasks. Any individual or organization can initiate a proposal, and after user voting, it enters the subsequent development phase. The launch and deployment of proposals are still controlled by the team holding the private keys.

Unlike traditional projects, Tornado Cash users must provide a complete solution when initiating a proposal. All proposals need to be developed in advance by the initiator and deployed on the blockchain in the form of smart contracts for everyone to audit.

To initiate a proposal in the governance contract, the initiator must hold more than 1,000 $TORN tokens and point the proposal to the smart contract that has been deployed on the blockchain. If the proposal receives enough $TORN token votes to pass, anyone can call the execute() method to execute the executeProposal() function in the proposal to make it officially effective, without needing additional private key signatures to complete the remaining contract deployment, token distribution, and other processes. Therefore, Tornado Cash may be the only project currently achieving fully decentralized governance and development.

Currently, a total of six community proposals have been completed.

Why is Tornado Cash considered a paradise for privacy trading?

At this stage, the community is discussing the possibility of staking $TORN to register relay nodes, indicating that future $TORN holders will be able to support the project's further decentralization by deploying relay nodes and earn rewards. Meanwhile, the community is also discussing increasing support for the algorithmic stablecoin Frax, with the view that privacy components and decentralized stablecoins should complement each other. Additionally, there are calls for the project to deploy on multiple chains (Binance Smart Chain, Solana, etc.), but responses have been few.

08 Security

Tornado Cash achieves on-chain transaction privacy at the contract level; however, on-chain transaction privacy is not everything for Tornado Cash.

To prevent issues such as server downtime, some countries being unable to access the website, and some users not wanting to expose their access records to Internet Service Providers (ISPs), Tornado Cash has deployed an IPFS version of the front end and has provided the complete front-end source code on GitHub for users to deploy themselves; when using relay services, users will directly request the relay nodes, which may expose their IP addresses to the relay nodes. Therefore, Tornado Cash recommends that all users use a VPN to request relay nodes to protect their IP from being leaked. Additionally, it also provides a version of Tornado Cash based on Tor, and some relay service providers offer Tor versions of relay services, with all network requests being forwarded multiple times to ensure absolute security; to avoid time correlation in deposit and withdrawal transactions, the official also recommends waiting 24 hours after depositing or after more than 12 other deposits have entered before making a withdrawal.

Thus, Tornado Cash can achieve anonymity and stable access from users to the web front end, relay service end, and contract end. As the number of relay service providers continues to increase, the stability of Tornado Cash's services will further improve.

09 Compliance Risks

Although Tornado Cash is currently the only available middleware for privacy trading on the Ethereum chain, with enormous potential and market scale, it faces compliance risks far exceeding those of other projects.

Roman Storm from Tornado Cash has stated that Tornado Cash has achieved autonomy and is not controlled by developers. However, to meet compliance requirements, Tornado Cash has developed support in version 2 for generating reports on the legitimacy of asset source transfers through deposit certificates, which include deposit address, amount, date, and withdrawal address, amount, date, etc. However, Coinbase, which has strict compliance reviews, has also frozen accounts that recharge from Ethereum wallets interacting with Tornado Cash.

For Tornado Cash, how to ensure compliance and privacy simultaneously is the most pressing issue to consider.

10 Conclusion

As the largest privacy trading middleware on Ethereum, Tornado Cash developers do not hold administrator privileges for the project, insisting on community governance, which protects the safety of the development team while allowing the project to achieve fully decentralized governance and development, enabling long-term growth.

We believe that as cryptocurrencies and exchanges become compliant, and as regulatory systems and supporting infrastructure gradually improve, privacy trading will receive increasing attention. As the public chain with the most complete ecosystem, on-chain privacy trading on Ethereum will inevitably become one of the popular tracks.

At that time, Tornado Cash will become an important part of the privacy trading ecosystem, not only providing users with direct privacy trading services but also serving as a foundational asset for other privacy components. $TORN, as Tornado Cash's governance token, possesses stronger governance capabilities and control over the protocol than other governance tokens, and with potential future node elections and expectations for token dividends, $TORN has a promising outlook.