Privacy is foundational to the spirit of crypto. It’s a core piece to the puzzle surrounding the self-sovereignty of your digital assets. People need protection in this new realm of finance, especially considering the scale at which founders are transitioning their companies and projects to DAOs. With lots of buzz earlier this year surrounding DeFi privacy projects, let’s take a look into one of the largest privacy solutions on Ethereum today: Tornado Cash. Tornado Cash is the non-custodial solution for crypto users who want to maintain their anonymity while keeping their professional assets on-chain and private. 🤫

First, let’s explore what a transaction mixer is. A transaction mixer scrambles funds from multiple users and transactions before each transaction reaches its intended address. This mixing provides a veil of privacy that makes it difficult to trace the amount of funds and where they went. Remember our post on Starknet and zero-knowledge proofs? Tornado Cash also uses zero-knowledge proofs as a means to muddle transaction data. Specifically, they utilize zk-SNARKs, which stands for Zero-Knowledge Succinct Non-Interactive Arguments of Knowledge. You’ll recall that there are two parties involved with zk-proofs cryptography protocol: a prover and a verifier. Moralis Academy explains that “the prover seeks to prove a hypothesis while the verifier determines the veracity of the prover’s claim. The concept behind zero-knowledge proofs is that one can prove possession of a piece of information without revealing it.” According to DeFi Rate, instead of spamming additional transactions between sender and receiver, “Tornado Cash scrambles user funds within a smart contract in a black-box environment, which isn’t visible on the public ledger.” This gives Tornado Cash the element of decentralization because a smart contract handles the funds rather than a third party. Founder Roman Semenov says Tornado Cash is designed so a third party can’t control it. 👏🏻 🦄

Moralis Academy breaks down the Tornado Cash process:

• Users generate a “secret” when they deposit ETH to the Tornado Cash smart contract and create a “commitment” hash along with their deposit.
• The contract adds the funds to its list of deposits, and when the user is ready to withdraw, they must provide the corresponding secret that matches the unspent deposit from Tornado Cash’s deposit list.
• zk-SNARKs accomplish the function without exposing the specific deposit that corresponds to its secret.

Tornado Cash is open source. Bullish. It has a token, TORN, with nearly $500M in TVL. Bullish. It has a super clean and easy frontend UI deriving from Ethereum Naming Service (ENS). Bullish. It has no back end. Bullish. It’s designed to be immutable and unstoppable. Tornado Cash also has a DAO, and Semenov told CoinBase that “the Tornado Cash team mostly does research and publishes the code to GitHub. All the deployments, protocol changes, and important decisions are made by the community via Tornado Governance DAO and deployment ceremonies.” That’s Decent and definitely #DeFi for y’all. 🚀

It’s important to discuss the relationship between security and privacy. How does Tornado Cash maintain its privacy? The Tornado Cash team states, “Tornado Cash improves transaction privacy by breaking the on-chain link between source and destination addresses. It uses a smart contract that accepts ETH deposits that can be withdrawn by a different address. To preserve privacy, a relayer can be used to withdraw to an address with no ETH balance. Whenever ETH is withdrawn by the new address, there is no way to link the withdrawal to the deposit, ensuring complete privacy.” What is a relayer? “Relayers are used to withdraw to an account with no ETH balance. The relayer sends a withdrawal transaction and takes a part of the deposit as compensation (the protocol itself does not collect any fees). The relayer cannot change any withdrawal data including the recipient address. The Tornado Cash initial developers do not control or play any role in relaying transactions, the relay network is independent and run by the community.” 🌪️

Privacy is an element of security, as crypto users—especially new users—interact on a public blockchain for all to see. Financial data is personal. Exposing too much of users' transaction data poses risks to the integrity of their self-sovereignty. Semenov says it best: “Since all their crypto portfolio is visible to the public, the holders of significant amounts of crypto are very vulnerable to becoming victims of kidnapping, torture, and blackmail. We think that it's a very serious threat, and privacy protocols are very important to ensure their personal safety. The banks don't disclose your personal holdings to anyone who asks, and we think it should be the same way with crypto.” We advise not thinking too much into the classic FUD of crypto being a way for criminals to hide their personal data. This is about users feeling safe on the most transparent monetary network in history. 🔏

Tornado Cash has launched its v3. It’s been a while, considering its v2 announcement came out in late 2019. Tornado Cash Nova improves the user experience and the protocol’s core functionalities:

• Users can deposit and withdraw arbitrary amounts of ETH.
• Users can make shielded transfers of deposited tokens, meaning “users will be able to transfer a chosen amount of their deposited tokens (not necessarily all of them) to another address without needing to withdraw them from the pool.”
• Tornado Cash has implemented Gnosis Chain as its Layer 2 to ensure cheaper fees.

More recently, Tornado Cash is “actively spinning” on Optimism Layer 2. It’s continuously expanding its presence in the DeFi ecosystem.

What’s the moral of the story? Aside from decentralization itself, we feel privacy and security are two of the foremost important issues in DeFi. Privacy and security imply safety—safety from bad actors and safety from oppressive financial systems. The Tornado Cash protocol solves the on-chain piece of privacy. It’s up to the user to take the many important steps to maintain personal privacy. We’re here to help. 💜

Sources: