Why is Tornado Cash considered a paradise for privacy transactions?

Author: Blanker

Compiler: Dai Guan

01 Introduction

The Internet has been around for nearly 50 years since the TCP/IP protocol was born in 1974. Today, regulatory systems are becoming increasingly strict, and the Internet infrastructure is becoming more and more complete, making the anonymity that was once widely promoted by the Internet vulnerable.

Blockchain is very similar to the early Internet, emphasizing privacy and anonymity. The concept of blockchain was first proposed in 1991, and in 2008, Satoshi Nakamoto first applied blockchain technology to Bitcoin, which has only been 13 years. As cryptocurrencies are gradually recognized, the regulatory-related infrastructure will also become increasingly complete.

In fact, the privacy feature mentioned in Bitcoin's white paper【1】 can only ensure that there is no binding relationship between the user's real identity and address to complete on-chain transfers. However, as cryptocurrencies and exchanges gradually move towards compliance, identity verification (Know Your Customer, KYC) has become an essential part of most cryptocurrency-to-fiat trading scenarios.

Furthermore, to ensure the absolute security of the source of funds during cryptocurrency-to-fiat transactions, both parties in the transaction even hope that the other party can participate in the transaction in a real-name manner. Therefore, the privacy features of cryptocurrencies are gradually collapsing.

However, the demand for privacy in the cryptocurrency world is continuously growing. The scale of KYC data stored in cryptocurrency exchanges is increasing exponentially, while data security solutions have not been iterated in a timely manner. Because KYC data has a high unit value, it has inevitably become one of the main targets of hacker attacks, and user data from multiple exchanges has been leaked to varying degrees.

Therefore, the privacy of cryptocurrencies will also become an indispensable piece of the puzzle in the landscape of the crypto world.

A number of public chains led by Monero (XMR) have attempted to solve this problem. However, since the booming development of decentralized finance (DeFi), smart contracts have become a necessity in the cryptocurrency field, and EVM has thus become the standard configuration for mainstream public chains. To balance privacy features, public chains like Monero cannot run smart contracts, and their use cases are very limited. Additionally, due to the extremely high security of Monero (the U.S. Internal Revenue Service has offered a reward of $625,000 to crack Monero【2】), exchanges like Coinbase cannot list Monero to meet compliance requirements, thus limiting its circulation.

As the public chain with the most complete DeFi ecosystem, Ethereum has traceable links for asset transfers between all addresses, which completely wipes out the privacy features of cryptocurrencies, making the relationships between addresses fully visible.

Therefore, a project based on Ethereum (or other public chains that can run smart contracts) with privacy trading features has become a market necessity, leading to the birth of Tornado Cash.

02 Project Overview

Tornado Cash is a privacy trading middleware implemented on Ethereum based on zero-knowledge proofs. It uses zk-SNARK (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge), allowing ETH and ERC20 tokens (currently supporting DAI, cDAI, USDC, USDT, WBTC) to be sent to any address in a non-traceable manner.

In practical use, users need to first deposit cryptocurrency into a privacy pool and obtain a deposit receipt. In the future, users can withdraw the previously deposited cryptocurrency to any address using the deposit receipt. Since the transfer data during the generation and use of the deposit receipt does not contain the receipt itself, it ensures that the two transactions of deposit and withdrawal are completely independent. Additionally, due to the existence of relay services, the Ethereum address at the time of withdrawal does not even need to hold ETH to pay for transaction fees, meaning it can withdraw to a completely empty address.

According to Dune Analytics【3】, Tornado Cash's mixing pool currently holds 156,000 ETH and $165 million, making it the largest privacy asset pool on the blockchain. Currently, over 12,000 unique addresses have executed approximately 48,000 deposits into the protocol, and over 17,000 unique addresses have withdrawn from the protocol, collectively paying over $2 million in relay fees.

03 Market Opportunity

Privacy trading is an indispensable piece of the puzzle in the cryptocurrency world. During the transfer process, not all users are willing to expose their sources and destinations of funds, while the characteristics of blockchain completely expose the relationships between accounts. Tornado Cash, as a privacy component that users can choose when transferring on the Ethereum chain, maximally solves the exposure of relationships between addresses during asset transfers. The following examples can better illustrate the use cases of Tornado Cash:

• Private transfer of assets between addresses;
• Generating reports on the legitimacy of asset source transfers through transfer receipts (including deposit address, amount, date, and withdrawal address, amount, date);
• When conducting cryptocurrency-to-fiat transactions, using transaction deposit receipts (rather than the cryptocurrency itself) to avoid KYC processes during the transaction, maximizing the protection of personal privacy.

04 Competitive Analysis

Privacy Trading Public Chains

Monero and Zcash are two major players in the privacy coin space.

Monero uses stealth addresses and Ring Confidential Transactions (RingCT) technology, balancing anonymity and transfer efficiency.

Zcash is the first cryptocurrency to use zk-SNARK. Tornado Cash also uses this technology as a security guarantee for privacy trading.

However, privacy coin public chains face the same problem: they cannot increase support for smart contracts while ensuring privacy trading. Oasis Labs' Ekiden has attempted this, but due to the product being immature and lacking sufficient developer support, we believe it will be difficult to generate strong influence in the near future.

Oasis Labs' Ekiden has attempted this, but due to the product being immature and lacking sufficient developer support, we believe it will be difficult to generate strong influence in the near future; Secret Network is also designing privacy computing within general-purpose smart contracts, but currently only an on-chain exchange has been launched, and liquidity within it is very scarce. Additionally, Secret Network requires development in Rust, but the number of Rust developers is currently very low and mainly concentrated in the Polkadot ecosystem.

Privacy Solutions for Ethereum Virtual Machine (EVM)

There are few privacy trading projects based on the Ethereum Virtual Machine (EVM), with three competitors to Tornado Cash: Typhoon Cash, Typhoon Network, and Cyclone.

Typhoon Cash is a project endorsed by Huang Licheng【4】, built on Ethereum, reusing most of Tornado Cash's code, with a total locked amount of only a few tens of thousands of dollars. The last deposit occurred three months ago, and the relay service is entirely provided by the official, posing a significant single point of failure risk; Typhoon Network is built on Binance Smart Chain (BSC), reusing most of Tornado Cash's code, with a total locked amount of less than $40,000, and the relay service is entirely provided by the official, posing a significant single point of failure risk; Cyclone is developed based on Tornado Cash, deployed on Ethereum, Binance Smart Chain, and IoTeX, requiring additional on-chain base currencies (such as ETH, BNB, and IOTX) and governance token CYC to complete deposits, and requires users to use CYC to pay for anonymous pool fees and relay fees. Additionally, all relay facilities are directly provided by the official, posing a significant single point of failure risk.

It is evident that competitors, while claiming to be decentralized privacy middleware, have highly centralized products.

From the total locked amounts of the aforementioned projects, it can be seen that Tornado Cash has an absolute advantage and financial support.

In summary, Tornado Cash currently has no strong, original competitors.

05 Token Economics

On December 18, 2020, Tornado Cash launched $TORN as the governance token for Tornado Cash, with specific rules available on the official Medium【5】.

The token distribution ratio and release rules are shown in the following images:

Why is Tornado Cash considered a paradise for privacy trading?

1inch【6】 and the Tornado Cash community【7】 have proposed and passed liquidity mining rewards to attract users to provide liquidity for the $TORN-$ETH trading pair.

Currently, providing liquidity for $TORN-$ETH on 1inch can earn an annual yield of 80% in $1INCH tokens, while the official liquidity reward pool can earn an annual yield of 266% in $TORN tokens.

Since the liquidity mining rewards are passed through community voting proposals, and there is even no front-end code developed, the mining entry is integrated by other tool products (such as vfat【8}), fully reflecting the spirit of community autonomy.

06 Community

Due to Tornado Cash's governance and iteration following absolute decentralization, it has a good community atmosphere. In addition to active Telegram and Discord communities, the Tornado Cash forum【9】 has already had 799 topics.

Moreover, due to the pluggable privacy component feature of Tornado Cash, other privacy projects on Ethereum can rely on Tornado Cash's privacy deposit pool for further exploration, such as Blank Wallet【10】, which has built a privacy wallet based on Tornado Cash's privacy deposit pool.

07 Governance

As a governance token, $TORN has governance capabilities that exceed those of other governance tokens. Since its inception, Tornado Cash has aimed for the project to be completely governed by the community. After May 2020, the Tornado Cash team burned all management rights to the deposit pools and can no longer shut down the project. In December 2020, the governance token was launched alongside the governance contract, and in the future, all governance proposals can only be initiated and executed through the governance contract.

In traditional projects, governance and development are independent tasks. Any individual or organization can initiate a proposal, and after user voting, it enters the subsequent development phase. The launch and deployment of proposals are still controlled by the team holding the private keys.

Unlike traditional projects, Tornado Cash users must provide a complete solution when initiating a proposal. All proposals need to be developed in advance by the proposer and deployed on the blockchain in the form of smart contracts for everyone to audit.

To initiate a proposal in the governance contract, the proposer needs to hold more than 1,000 $TORN tokens and point the proposal to the smart contract that has been deployed on the blockchain. If the proposal receives enough $TORN token votes to pass, anyone can call the execute() method to execute the executeProposal() function in the proposal to make it officially effective, without needing additional private key signatures to complete the remaining contract deployment, token distribution, and other processes. Therefore, Tornado Cash may be the only project currently achieving fully decentralized governance and development.

Currently, a total of six community proposals have been completed.

Why is Tornado Cash considered a paradise for privacy trading?

At this stage, the community is discussing【11】 the possibility of staking $TORN to register relay nodes, indicating that future $TORN holders will be able to support the project's further decentralization by deploying relay nodes and earn rewards. Meanwhile, the community is also discussing【12】 increasing support for the algorithmic stablecoin Frax, with the view that privacy components and decentralized stablecoins should complement each other. Additionally, there are calls for the project to deploy on multiple chains (Binance Smart Chain, Solana, etc.), but responses are few.

08 Security

Tornado Cash achieves on-chain transaction privacy at the contract level; however, on-chain transaction privacy is not all that Tornado Cash offers.

To prevent issues such as server downtime, access restrictions in certain countries, and some users not wanting to expose their access records to Internet Service Providers (ISPs), Tornado Cash has deployed an IPFS version of the front end and also provides the complete front-end source code on GitHub for users to deploy themselves; when using relay services, users will directly request the relay nodes, which may expose their IP addresses to the relay nodes. Therefore, Tornado Cash recommends that all users initiate requests to relay nodes via VPN to protect their IP from being leaked. Additionally, it also provides a version of Tornado Cash based on Tor【13】, and some relay service providers offer Tor versions of relay services, where all network requests are forwarded multiple times to ensure absolute security; to avoid time correlation between deposit and withdrawal transactions, the official also recommends waiting 24 hours after depositing or after more than 12 other deposits have entered before making a withdrawal.

Thus, Tornado Cash can achieve anonymity and stable access from users to the web front end, relay service end, and contract end. As the number of relay service providers continues to increase, the stability of Tornado Cash services will further improve.

09 Compliance Risks

Although Tornado Cash is currently the only available middleware for privacy trading on the Ethereum chain, with enormous potential and market scale, it faces compliance risks far exceeding those of other projects.

Roman Storm from Tornado Cash has stated that Tornado Cash has achieved autonomy and is not controlled by developers. However, to meet compliance requirements, Tornado Cash has developed a report in version v2 that supports generating reports on the legitimacy of asset source transfers through deposit receipts, which include deposit address, amount, date, and withdrawal address, amount, date, etc. However, Coinbase, which has strict compliance reviews, has previously frozen accounts that recharge Ethereum wallets interacting with Tornado Cash.

For Tornado Cash, how to ensure compliance and privacy simultaneously is the most pressing issue to consider.

10 Conclusion

As the largest privacy trading middleware on Ethereum, Tornado Cash developers do not hold administrative rights to the project, insisting on community governance, which protects the safety of the development team while allowing the project to achieve fully decentralized governance and development, enabling long-term growth.

We believe that as cryptocurrencies and exchanges become compliant, and as regulatory systems and supporting infrastructure gradually improve, privacy trading will receive increasing attention. As the public chain with the most complete ecosystem, on-chain privacy trading on Ethereum is bound to become one of the hot tracks.

At that time, Tornado Cash will become an important part of the privacy trading ecosystem, not only providing users with direct privacy trading services but also serving as a reservoir for other privacy components. $TORN, as the governance token of Tornado Cash, possesses stronger governance capabilities and control over the protocol than other governance tokens, and with potential future node elections and token holder dividends, $TORN has a promising outlook.

Appendix:

【1】Bitcoin White Paper: https://bitcoin.org/bitcoin.pdf

【2】IRS offers $625,000 reward to crack Monero: https://beta.sam.gov/opp/3b7875d5236b47f6a77f64c19251af60/view

【3】Dune Analytics: https://duneanalytics.com/poma/tornado-cash_1

【4】Huang Licheng: https://twitter.com/machibigbrother

【5】Official Medium: https://tornado-cash.medium.com/tornado-cash-governance-proposal-a55c5c7d0703

【6】1inch: https://blog.1inch.io/1inchs-joint-liquidity-mining-program-with-tornado-31077f65645?gi=18a1caeada35

【7】Tornado Cash Community: https://torn.community/t/proposal-6-torn-liquidity-mining-program/765

【8】vfat: https://vfat.tools/tornado/

【9】Forum: https://torn.community

【10】Blank Wallet: https://www.goblank.io

【11】Community is discussing the possibility of staking $TORN to register relay nodes: https://torn.community/t/upcoming-relayer-election-mechanism/28/1

【12】Community is also discussing increasing support for the algorithmic stablecoin Frax: https://torn.community/t/proposal-to-add-frax-as-deposit-asset/328

【13】Tor: https://www.torproject.org