Tornado Cash: The Holy Grail of On-Chain Privacy
The Internet has been around for nearly 50 years since the birth of the TCP/IP protocol in 1974, and the anonymity that was once touted has been overwhelmed by the regulatory regime and infrastructure that has developed since then. The blockchain concept was first introduced in 1991, and Satoshi Nakamoto first applied blockchain technology to Bitcoin in 2008. It happens only 13 years ago. As cryptocurrencies are gradually accepted, the regulatory infrastructure is bound to get better as well.
The privacy features described in At the same time, KYC data stored in cryptocurrency exchanges has increased exponentially, while data security solutions have not evolved in a timely manner. High unit value of KYC data has become one of the main targets for hackers, and user data has been leaked to varying degrees on many exchanges. As a result, privacy features become a missing but important piece in the world of cryptocurrencies.
In the past, Monero (625,000 reward for cracking Monero](https://beta.sam.gov/opp/3b7875d5236b47f6a77f64c19251af60/view)), exchanges such as Coinbase are unable to list Monero to meet compliance requirements. Therefore, its circulation is also restricted.
As a public chain with the most complete DeFi ecosystem, Ethereum has traceable links for asset transfers between addresses, which completely erases the privacy characteristics of cryptocurrencies and makes the collusion between addresses visible.
Therefore, a project based on Ethereum (or other public chains capable of running smart contracts) with privacy transaction features became an immediate need in the market, and Tornado Cash was born.
Tornado Cash is a privacy transaction middleware implemented on Ethereum based on zero-knowledge proofs. It uses zk-SNARK (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge) and can send ETH and ERC20 tokens (currently supporting DAI, cDAI, USDC, USDT, WBTC) in an untraceable manner to any address.
To talk about the user experience, it requires the user to deposit cryptocurrency into a privacy pool and obtain a deposit note, which can be used to withdraw the previously deposited to any address in the future. Since the data inbeded in the transaction at the time of deposit and withdrawal does not contain the note itself, it ensures that the two transfers of funds are completely independent of each other. Moreover, thanks to the relay service, the Ethereum address at the time of withdrawal does not even need to have the ETH to pay for the transfer, i.e., it is possible to withdraw to a completely blank address.
Privacy transactions are an indispensable piece of the puzzle in the cryptocurrency world. While not all users are willing to expose the source and destination of their funds during transfers, the nature of blockchain leads to complete exposure of the collusion between accounts. Tornado Cash, an optional privacy component for users transferring funds on the Ethereum, solves the problem in the most decent way. A few examples to better illustrate the use cases of Tornado Cash are as follows.
Private transfer of assets between addresses,
Generate transaction reports with the note for the legitimacy of asset source transfers (including deposit address, amount, and date and withdrawal address, amount, and date), and
When conducting cryptocurrency-to-fiat currency transactions, the KYC process during the transaction is avoided by trading the deposit note (not the cryptocurrency itself) to maximize the protection of personal privacy.
Privacy-Preserving Public Chain
Monero and Zcash are two major players in the privacy coin space.
Monero uses Stealth Address, Ring Confidential Transactions (RingCT) technology to balance anonymity and transfer efficiency.
Zcash is the first cryptocurrency to use zk-SNARK (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge). Tornado Cash employs this technology as a security guarantee for privacy transactions.
However, privacy-preserving public chains share the same problem of not being able to add support for smart contracts while guaranteeing privacy transactions.
Oasis Labs' Ekiden has an attempt at this, but due to the product's temporary immaturity and lack of sufficient developer support, we think it will be difficult to make a strong impact for some time to come.
Secret Network is also designing privacy calculations within general-purpose smart contracts, however, only on-chain exchanges have been released and there is a lack of liquidity within the house. At the same time, Secret Network needs to be developed using Rust, however, Rust developer community is currently very small and mainly concentrated in the Polkadot ecosystem.
At the same time, all public chains with privacy features have compliance issues. If on-chain transactions are guaranteed to be completely anonymous, liquidity and trading volume may become increasingly tight under the future trend of tightening compliance.
Ethereum Virtual Machine (EVM) Privacy Solution
There are fewer privacy transaction projects based on Ethereum Virtual Machine (EVM), and there exist 3 competing products of Tornado Cash, namely Typhoon Cash, Typhoon Network and Cyclone. All of them are developed based on Tornado Cash's codebase.
Typhoon Cash is a project endorsed by
Typhoon Network is set up on the Binance Smart Chain (BSC), reuses most of the code of Tornado Cash, has a total locked value of just under $40,000, and the relay service is entirely provided by the team, thus having a very strong risk of single point of failure, and
Cyclone is developed on the basis of Tornado Cash, deployed on Ethereum, Binance Smat Chian and IoTeX, and requires additional on-chain base currencies (such as ETH, BNB and IOTX) and governance tokens CYC to complete deposits, and requires users to pay anonymous pool fees and relay fees using CYC, in addition, all relay service are provided by the team, thus having a very strong single point of failure risk.
It is obvious that the competitors of Tornado Cash has a highly centralized product under the banner of decentralized privacy middleware. Also, from the total locked value of the above projects, it shows that Tornado Cash has an absolute advantage and financial support.
In summary, Tornado Cash has no strong and original competitor for the time being.
On December 18, 2020, Tornado Cash released $TORN as the governance token for Tornado Cash, with specific rules available in the
The token distribution ratio and release rules are shown in the following figure.
Since the governance and iteration of Tornado Cash follow absolute decentralization, it has a good community atmosphere. In addition to the active Telegram and Discord communities, Tornado Cash's
In addition, due to the nature of Tornado Cash's pluggable privacy component, other privacy projects on Ethereum can rely on Tornado Cash's privacy deposit pool for further exploration, such as
As a governance token, $TORN has governance capabilities that surpass those of other governance tokens. Since its inception, Tornado Cash aims to be completely autonomous by the community. After May 2020, the team at Tornado Cash burned the operator right of all deposit pools and was no longer able to shut down the project operation. In December 2020, the governance token was released with a governance contract, and all future governance proposals can only be initiated and executed through governance contract.
In traditional projects, governance and development are separate efforts. Any individual or organization initiates a proposal, users vote on it, and then it goes into subsequent development. The proposal's go-live and deployment remains in the hands of the team controlling the private key.
Unlike traditional projects, users of Tornado Cash are required to provide a complete solution when they initiate a proposal, and all proposals need to be developed in advance by the proposer and deployed on the blockchain in the form of a smart contract for all to audit. In order to initiate a proposal in the governance contract, the initiator needs to have more than 1000 TORN tokens, anyone can call the
execute() method to delegate call the
executeProposal() function in the proposal to make it online, and no additional private key signature is required to complete the rest of the contract deployment, token distribution, and other processes. As a result, Tornado Cash may be the only project to achieve fully decentralized governance and development at this time.
A total of 6 community proposals have been completed.
|Open $TORN transfer privileges||2021/2/4||Executed|
|Lower the vote requirement to pass the ballot||2021/2/7||Failed|
|$TORN Holder Incentive||2021/3/15||Failed|
|Update the Merkle Tree algorithm required for mining to reduce the gas overhead||2021/3/26||Executed|
|Increase mining incentives for cDAI, $WBTC pools||2021/4/11||Executed|
|Increase $TORN liquidity mining rewards||2021/4/15||Executed|
Currently, the community
Tornado Cash achieves privacy for on-chain transactions at the contract level, however, privacy for on-chain transactions is not all that Tornado Cash has to offer.
To prevent problems such as server dropouts, website inaccessible in some area, and some users not wanting to expose their access records to Internet Service Providers (ISPs), Tornado Cash deploys an IPFS version of its front-end, and also provides a full set of front-end source code on GitHub for users to deploy on their own,
- When using the relay service, users will make requests directly to the relay node, and thus may expose their IP addresses to the relay node. Therefore, Tornado Cash recommends all users to initiate requests to the relay node via VPN to protect their IP from being leaked. In addition, it also provides a version of Tornado Cash based on
To avoid time correlation of access transactions, it is also officially recommended that withdrawals be made 24 hours after the deposit is made or after 12 or more other deposits have entered.
Therefore, Tornado Cash is able to achieve anonymous as well as stable access for users to the web front-end, relay service and contract side. As the number of relay service providers continues to increase, the stability of the Tornado Cash service will be further enhanced.
Despite the huge potential and market size of Tornado Cash as the only currently available middleware for privacy transactions on the Ethereum, it faces compliance risks that far exceed those of other projects.
Roman Storm of Tornado Cash has previously stated that Tornado Cash is currently autonomous and not controlled by developers.
However, to meet compliance requirements, Tornado Cash v2 provides the entrance to generate reports with the note on the legality of transaction, which will reveal deposit address, amount, and date and withdrawal address, amount, and date. However, Coinbase, which has a stricter compliance review, has also frozen a dozen of accounts topped up from Ethereum wallets which interacted with Tornado Cash.
For Tornado Cash, how to ensure compliance and privacy at the same time is the most important issue to consider at the moment.
As the largest privacy transaction middleware on Ethereum, Tornado Cash's developers do not hold administrator rights to the project and insist on enforcing community autonomy, which protects the security of the original team on the one hand, and allows the project to be fully decentralized in governance and development on the other, enabling it to grow in the long run.
We believe that with the compliance of cryptocurrencies and exchanges, as well as the gradual improvement of the regulatory system and supporting infrastructure, privacy transactions will receive more and more attention. As the most complete public chain in the ecology, on-chain privacy transactions are bound to become one of the popular tracks. At that time, Tornado Cash will become an important part of the privacy transaction ecology, which can not only provide privacy transaction services directly to users, but also become the underlying asset of other privacy components. TORN has a good prospect.