Tornado Cash uses a smart contract that accepts deposits of specifically supported tokens (ETH, DAI, cDAI, USDC, USDT) in set denominations. Users who want to make a private transaction generate a secret note and deposit tokens into the Tornado Cash pool corresponding to the token and amount they transact. The pool acts as an anonymity set – all deposits are mixed, and withdrawal transactions don’t reveal which deposit they came from. Cryptographic proof called a zkSNARK allows them to withdraw their tokens to a new, unlinked address.
To outside observers, it’s not possible to link the withdrawal to a specific earlier deposit, breaking the visible chain of transactions. Multiple users depositing and withdrawing over time increases the anonymity set. It’s important to note that users must follow certain best practices to avoid deanonymizing themselves. Most importantly, the withdrawal anonymizing not should not be publicly linked to the original deposit address and the secret note must be generated and stored securely. Users should also be mindful of the timing of their withdrawals relative to deposits to avoid temporal linking.
- Preserve financial privacy
Tornado Cash provides a powerful way to transact privately and shield your financial activity from public visibility on the blockchain. This is important for anyone who values privacy and doesn’t want others to be able to trace their transactions and balances.
- Improved fungibility
Coins traced back to illicit or controversial activity in their transaction history may be “tainted” and less fungible or acceptable to exchanges and merchants. Passing coins through Tornado Cash helps restore fungibility by breaking their visible on-chain history.
- Censorship and seizure resistance
In authoritarian governments or unstable political situations, such as public crypto transactions, a person is vulnerable to surveillance, censorship, or seizure of funds. Tornado Cash provides a tool for people in such circumstances to transact outside the visibility and control of authorities.
It’s worth noting that many of these benefits rely on Tornado Cash being fully legal and compliant for legitimate personal or business privacy purposes.
Considerations and best practices
If you decide to use Tornado Cash for mixing and anonym zings your cryptocurrency transactions, there are several essential anonymizing to keep in mind:
- Only deposit clean funds – Tornado Cash is designed for mixing legally acquired funds for legitimate privacy purposes. Depositing proceeds of crime or funds intended for illegal activities is unethical. Still, it carries severe legal risks and undermines the reputation and stability of privacy tools like Tornado Cash for all users.
- Secure your secret note – The secret note generated when depositing Tornado Cash is critically important – it’s the only way to create the proof needed to withdraw your funds later. Store multiple encrypted copies in secure locations and never share the note with anyone.
- Avoid linking withdrawal address – For maximum privacy; the address used to withdraw mixed funds from Tornado Cash should not be publicly linked to your identity or the original deposit address. Generate a new address that has never received funds or been referenced publicly.
- Be mindful of timing – Timing attacks that analyse coincidences between deposit and withdrawal times are a potential way to analyse anonymity. Avoid withdrawing immediately after depositing and ideally make withdrawals at random, unpredictable times.
Using Tornado Cash in line with these best practices provides a robust and reliable privacy solution. But it’s essential to educate yourself and be thoughtful in your usage to maximise benefits.