Tornado.Cash, as the top privacy transaction middleware on Ethereum, insists on decentralized governance to enable its long-term development, but compliance is still the biggest risk it currently faces.
Original title: “Tornado Cash: The Holy Grail of Private Transactions | Token Observation”
Written by: Blanker
The Internet has been nearly 50 years since the TCP/IP protocol was born in 1974. Now that the regulatory system is becoming stricter and the Internet infrastructure is becoming more and more complete, the anonymity that was once widely promoted by the Internet is already vulnerable.
Blockchain is very similar to the early Internet, emphasizing privacy and anonymity. In 1991, the concept of blockchain was first proposed. In 2008, Satoshi Nakamoto applied blockchain technology to Bitcoin for the first time, which was only 13 years ago. As the cryptocurrency is gradually recognized, its regulatory-related infrastructure will definitely become more complete.
In fact, the privacy feature (Privacy) mentioned in Bitcoin’s white paper [1] can only ensure that there is no binding relationship between the user’s real identity and the address to complete the transfer on the chain. However, as cryptocurrencies and exchanges gradually move towards compliance , identity verification (Know Your Customer, KYC) has become an indispensable link in most cryptocurrency-to-fiat transactions.
Furthermore, in order to ensure the absolute security of the source of funds in the process of cryptocurrency-fiat currency transactions, both parties of the transaction even hope that the other party can participate in the transaction in the form of real names. Therefore, the privacy features of cryptocurrency are gradually disintegrating.
But in fact, the need for privacy in the cryptocurrency world continues to grow. The scale of KYC data stored in cryptocurrency exchanges has increased exponentially, but data security solutions have not been iterated in time. However, because of the high value of KYC data units, it inevitably becomes one of the main targets of hacker attacks. So far, user data of many exchanges have been leaked to varying degrees.
Therefore, the privacy of cryptocurrency will also become an indispensable piece of the puzzle in the crypto world.
A number of public chains led by Monero (XMR) have tried to solve this problem. However, since Decentralized Finance (DeFi) has flourished, smart contracts have become a rigid demand in the cryptocurrency field, and EVM has therefore become the standard configuration of mainstream public chains. In order to take into account the characteristics of privacy, public chains such as Monero cannot run smart contracts, and the usage scenarios are very limited. In addition, due to the extremely high security of Monero (the U.S. Internal Revenue Service offers a reward of $625,000 to crack Monero [2]), in order to meet compliance requirements, exchanges such as Coinbase cannot list Monero, so its circulation is also affected. limit.
Ethereum, as the public chain with the most complete DeFi ecosystem, has traceable links for asset transfers between all addresses. This completely wipes out the privacy characteristics of cryptocurrencies, and the cross-checking relationship between addresses is at a glance.
Therefore, a project with private transaction features based on Ethereum (or other public chains that can run smart contracts) has become a rigid demand in the market, and Tornado Cash came into being.
Project overview
Tornado Cash is a private transaction middleware implemented on Ethereum based on zero-knowledge proof . It uses zk-SNARK (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge), which can send ETH and ERC20 tokens (currently supports DAI, cDAI, USDC, USDT, WBTC) to any address in an untraceable manner.
In actual use, the user needs to deposit the encrypted currency in the privacy pool first and obtain a deposit certificate. In the future, the user can withdraw the previously deposited encrypted currency from any address through the deposit certificate. Since the data transferred when the deposit certificate is generated and used does not include the certificate itself, it can be guaranteed that the two transfers of deposits and withdrawals are completely independent. In addition, due to the existence of the relay service, the Ethereum address at the time of withdrawal does not even need to have the ETH to pay the transfer fee, that is, it can withdraw funds to a completely blank address.
According to Dune Analytics [3], Tornado Cash currently has 156,000 ETH and 165 million US dollars in the mixed currency pool, which has the largest private asset pool on the blockchain. At present, more than 12,000 independent addresses have executed about 48,000 deposits in the agreement, and more than 17,000 independent addresses have withdrawn from the agreement, and a total of more than 2 million US dollars in relay fees have been paid to the relay service.
Market opportunities
Private transactions are an indispensable piece of the puzzle in the cryptocurrency world. During the transfer process, not all users are willing to reveal the source and whereabouts of their funds, but the characteristics of the blockchain have led to the complete exposure of the cross-checking relationship between accounts. Tornado Cash, as an optional privacy component for users when transferring money on the Ethereum chain, resolves the exposure of the relationship between addresses when assets are transferred to the greatest extent. The following examples can better illustrate the use cases of Tornado Cash:
Private transfer of assets between addresses;
Generate a report on the legal transfer of the source of assets (including deposit address, amount, date and withdrawal address, amount, date) through the transfer certificate;
When conducting cryptocurrency-to-fiat currency transactions, the KYC process in the transaction process is avoided by trading deposit certificates (not the cryptocurrency itself), and personal privacy is protected to the greatest extent.
Competitive product analysis
Private transaction public chain
Monero and Zcash are the two main players in the privacy coin space.
Monero uses Stealth Address (Stealth Address) and Ring Confidential Transactions (Ring Confidential Transactions, RingCT) technologies, which take into account anonymity and transfer efficiency.
Zcash is the first cryptocurrency to use zk-SNARK (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge). Tornado Cash also uses this technology as a security guarantee for private transactions.
However, the privacy coin public chain has the same problem, that is, it cannot increase the support for smart contracts under the premise of guaranteeing private transactions. Ekiden of Oasis Labs has tried this, but due to the product’s immaturity and lack of sufficient developer support, we think it will be difficult for it to have a strong influence in the future.
Ekiden of Oasis Labs has tried this, but due to the immature product and lack of sufficient developer support, we think it will be difficult for it to have a strong influence in the future;
Secret Network is also designing privacy calculations in general-purpose smart contracts, but currently only on-chain exchanges are released on the chain, and the liquidity in the exchange is very scarce. At the same time, Secret Network needs to use Rust for development. However, the number of Rust developers is currently very small, and they are mainly concentrated in the Polkadot ecology.
The privacy scheme of the Ethereum Virtual Machine (EVM)
There are few private transaction projects based on the Ethereum Virtual Machine (EVM), and there are three competing Tornado Cash products, namely Typhoon Cash, Typhoon Network and Cyclone.
Typhoon Cash is a project endorsed by Huang Licheng [4]. It is built on Ethereum and reuses most of Tornado Cash’s code. The total lock-up amount is only tens of thousands of dollars. The last deposit occurred 3 months ago. And the relay service is completely provided by the official, there is a very strong single point of failure risk;
Typhoon Network is set up on Binance Smart Chain (BSC) and reuses most of Tornado Cash’s code. The total lock-up amount is only less than 40,000 US dollars. The relay service is completely provided by the official and has a very strong single point. Risk of failure;
Cyclone is developed on the basis of Tornado Cash and deployed on Ethereum, Binance Smart Chain and IoTeX. It requires additional on-chain base currencies (such as ETH, BNB and IOTX) and governance token CYC to complete the deposit, and requires users Use CYC to pay for anonymous pool fees and relay fees. In addition, all relay facilities are provided directly by the government, which has a very strong single point of failure risk.
It can be seen that competing products, under the banner of decentralized privacy middleware, have highly centralized products.
It can be seen from the total lock-up amount of the above project that Tornado Cash has absolute advantages and financial support.
In summary, Tornado Cash has no strong and original competitors for the time being.
Token Economics
On December 18, 2020, Tornado Cash released $TORN as the governance token of Tornado Cash. For specific rules, please refer to the official Medium [5].
The token distribution ratio and release rules are shown in the figure below:
1inch [6] and Tornado Cash community [7] have successively proposed and used liquidity mining rewards to attract users to provide liquidity for the $TORN-$ETH trading pair.
At present, the $TORN-$ETH liquidity provided on 1inch can get $1INCH tokens with an annualized income of 80%, and the official liquidity reward pool can obtain $TORN tokens with an annualized income of 266%.
Since the liquidity mining reward is passed by the community voting proposal, and the front-end code is not even developed, the mining entrance is accessed by the front-end of other tool products (such as vfat [8]), which fully reflects the spirit of community autonomy.
community
Since Tornado Cash’s governance and iteration follow absolute decentralization, it has a good community atmosphere. In addition to the active Telegram and Discord communities, Tornado Cash’s forum [9] already has 799 topics.
In addition, due to the features of the pluggable privacy components of Tornado Cash, other privacy projects on Ethereum can rely on Tornado Cash’s private deposit pool for further exploration. For example, Blank Wallet [10] built a set of privacy based on Tornado Cash. Privacy wallet for deposit pool.
Governance
As a governance token, $TORN has more governance capabilities than other governance tokens. Since Tornado Cash was founded, it has hoped that the project will be fully autonomous by the community. After May 2020, the Tornado Cash team burned the management authority of all deposit pools and could no longer close the project operation. In December 2020, the governance token will be launched together with the governance contract, and all future governance proposals can only be initiated and executed through the governance contract.
The governance and development of traditional projects are independent tasks. Any individual or organization initiates a proposal, and users vote before entering the subsequent development process. The launch and deployment of the proposal is still in the hands of the team that controls the private key.
Unlike traditional projects, Tornado Cash users need to provide a complete solution when they initiate a proposal. All proposals need to be developed in advance by the initiator and deployed on the blockchain in the form of smart contracts for everyone to audit.
In order to initiate a proposal in the governance contract, the initiator needs to have more than 1,000 $TORN tokens and point the proposal to the smart contract deployed on the blockchain in the governance contract. If the proposal has enough $TORN tokens to vote for approval, anyone can call the execute() method to execute the executeProposal() function in the proposal to make the proposal officially effective, and no additional private key signature is required to complete the remaining contract deployment, Token distribution and other processes. Therefore, Tornado Cash may be the only project that achieves fully decentralized governance and development.
At present, a total of 6 community proposals have been completed.
At this stage, the community is discussing [11] the possibility of staking $TORN to register relay nodes, which indicates that the holders of $TORN will be able to deploy relay nodes to support the further decentralization of the project and obtain benefits. At the same time, the community is also discussing [12] to increase support for the algorithmic stablecoin Frax. The view is that privacy components and decentralized stablecoins should complement each other. In addition, some people called for multi-chain (Binance Smart Chain, Solana, etc.) deployment of the project, but few people responded.
safety
Tornado Cash realizes the privacy of on-chain transactions at the contract level. However, the privacy of on-chain transactions is not the whole of Tornado Cash.
In order to prevent the server from dropping, some countries cannot access the website, and some users do not want to expose their access records to the Internet Service Provider (ISP), Tornado Cash has deployed an IPFS version of the front-end and also provides a full set of front-end source code on GitHub , It is convenient for users to deploy by themselves;
When using the relay service, the user will directly initiate a request to the relay node, and therefore may expose their IP address to the relay node. Therefore, Tornado Cash recommends that all users initiate a request to the relay node through VPN to protect their IP from being leaked. In addition, it also provides a Tornado Cash version based on onion routing (Tor) [13]. There are also relay service providers that provide Tor version relay services. All network requests are forwarded multiple times to ensure absolute security;
In order to avoid time correlation between deposit and withdrawal transactions, the official also recommends that the withdrawal be made 24 hours after the deposit or after more than 12 other deposits have entered.
Therefore, Tornado Cash can realize anonymous and stable access from users to the web front end, relay server end, and contract end . As the number of relay service providers continues to increase, the stability of Tornado Cash service will be further improved.
Compliance risk
Although Tornado Cash, as the only available middleware for private transactions on the Ethereum chain, has huge potential and market size, it faces compliance risks far exceeding other projects.
Roman Storm of Tornado Cash once stated that Tornado Cash has achieved autonomy and is not controlled by developers. However, in order to meet compliance requirements, Tornado Cash is still developing a report that supports the generation of legal transfer of asset sources through deposit certificates. The report includes deposit address, amount, date and withdrawal address, amount, date, etc. However, Coinbase, which has a stricter compliance review, has also frozen accounts recharged from the Ethereum wallet that interacted with Tornado Cash.
For Tornado Cash, how to ensure compliance and privacy at the same time is the most important issue at the moment.
in conclusion
Tornado Cash is the largest private transaction middleware on Ethereum. Developers do not hold project administrator rights and insist on implementing community autonomy. On the one hand, it protects the security of the development team, and on the other hand, it allows the project to fully implement decentralized governance and Development can be developed for a long time.
We believe that with the compliance of cryptocurrencies and exchanges, as well as the gradual improvement of the regulatory system and supporting infrastructure, more and more people will pay more attention to private transactions. Ethereum is the most ecologically complete public chain, and private transactions on the chain will inevitably become one of the hottest tracks.
At that time, Tornado Cash will become an important part of the privacy transaction ecology, not only can provide users with privacy transaction services directly, in addition, its reservoir can also become the underlying asset of other privacy components. As the governance token of Tornado Cash, $TORN has stronger governance capabilities and control over the protocol than other governance tokens. With the support of the possible future node elections and the expectation of holding currency dividends, $TORN has a good prospect.
Note:
[1] Bitcoin white paper:
https://bitcoin.org/bitcoin.pdf[2] The U.S. Internal Revenue Service offers a reward of $625,000 to crack Monero:
https://beta.sam.gov/opp/3b7875d5236b47f6a77f64c19251af60/view[3] Dune Analytics:
https://duneanalytics.com/poma/tornado-cash_1【4】Huang Licheng:
https://twitter.com/machibigbrother[5] Official Medium:
https://tornado-cash.medium.com/tornado-cash-governance-proposal-a55c5c7d0703[6] 1inch:
https://blog.1inch.io/1inchs-joint-liquidity-mining-program-with-tornado-31077f65645?gi=18a1caeada35[7] Tornado Cash Community:
https://torn.community/t/proposal-6-torn-liquidity-mining-program/765[8] vfat:
https://vfat.tools/tornado/[9] Forum:
https://torn.community[10] Blank Wallet:
https://www.goblank.io[11] The community is discussing the possibility of staking $TORN to register a relay node:
https://torn.community/t/upcoming-relayer-election-mechanism/28/1[12] The community is also discussing adding support for the algorithmic stable currency Frax:
https://torn.community/t/proposal-to-add-frax-as-deposit-asset/328[13] Onion routing (Tor):
https://www.torproject.org
