# About Tornado Cash

# Overview of Tornado Cash

Tornado Cash is defending financial freedom, while at the same time trying to achieve regulatory compliance by helping users engage in private transactions. Through the use of an autonomous smart contract, anyone can use Tornado Cash to send ether (and other ethereum-based tokens) using non-custodial technology based on strong cryptography, called zero-knowledge proofs.

If you use a blockchain, your entire transactional history and balances are public. All transactions can be seen on block explorers like Etherscan, enabling anyone to uncover your assets, view your payments, trace the source of your funds, calculate your holdings, and analyze your on-chain activity.

In most of the world, financial privacy is protected in some form or another; however the open and transparent nature of blockchains flips this social norm on its head. If you do not want your history and balances to be publicly viewed by everyone, you have little choices today and that's what Tornado Cash is hoping to change.

Over the years there have attempts at creating private transactions on Ethereum. For example, users have tried to maintain their financial privacy by obscuring value flows through a centralized exchange. Others restored to using custodial mixing service that creating regulatory concerns and risks. These techniques, however, never achieved full privacy due to security concerns or, in the case of a centralized exchange, the disclosure of personally identifiable information.

Tornado Cash recently completed the largest trusted setup in history, with over 1,100 participants. At the same time, the creators of Tornado Cash have taken steps to decentralized the project by open sourcing a basic user interface to interact with the smart contract, pushing the precept that "code is law." The power of Tornado Cash rests on the use of zk-SNARK technology to achieve higher degrees of anonymity. zk-SNARKs require a trusted setup, or a special procedure that generates the prover and verifier keys. In order to make sure that it is done in a secure way that doesn't enable fake proofs or stealing of user funds it was done in a decentralized way. In order to fake zk proofs, an attacker must have needed to compromise every single participant of the ceremony—leaving the probability of it to go down as the number of participants goes up. The purpose of the ceremony was to generate the Verifier smart contract. After completion, the Tornado team updated all Verifiers in all instances and set the operator address to zero. As a result, the Tornado.cash smart contracts are completely immutable and unstoppable.

# How Does Tornado Cash Work?

Tornado Cash is bringing Zcash's underlying technology, zk-SNARKS, to the entire Ethereum ecosystem. Through the use of zk-SNARKS, Tornado Cash is able to break the on-chain link between recipient and destination addresses, through a non-custodial smart contract that accepts ether and other token-based deposits that can be withdrawn by a different address. With Tornado Cash, whenever a supported Ethereum-based asset is withdrawn by a new address, there is no way for the public to link the withdrawal to the deposit, ensuring a higher degree of privacy.

At the same time, Tornado Cash is able to provide its users with the ability to prove their transactional history, should the need arise, through the use of compliance tools that enable the originator of the transaction to create a full transactional history through a simple user interface. That means that Tornado Cash can be used to achieve financial privacy, while at the same time giving its users the ability to prove that the use of the privacy preserving technology was legitimate.

This privacy-preserving technology uses zero-knowledge proofs which obfuscates the transaction history. Unlike other privacy-preserving technologies which "spam" additional transactions in between sender and receiver, Tornado Cash puts user funds within a smart contract in a black-box environment, which isn’t visible on chain.

It is worth mentioning that Tornado Cash is a decentralized service—run by a smart contract with no centralized third party taking custody or control of funds during the process.

# Who is the team behind Tornado Cash?

Tornado Cash has been developed by PepperSec, Inc. (the "Software Company"), a software development team that includes Roman Storm, Roman Semenov, and Alexey Pertsev. The team of developers has prior experience working for and have been active in the Ethereum ecosystem.

# What are the plans for Tornado Cash?

Tornado Cash continues to build out their protocol to scale privacy to everyone leveraging Ethereum transactions. While the team as accomplished a lot in a short period, there is more they would like to do in scaling the protocol and user adoption. This may include creating other ancillary products that support and use Tornado Cash.

# What are the statistics for Tornado Cash?

Statistics related to the Tornado Cash network can be found here

# How is Tornado Cash different than other privacy preserving technology like zCash?

The best attempt at achieving financial privacy has required the creation of an entirely different blockchain, Zcash, which uses various cryptographic methods, including zero knowledge proofs, to achieve a greater degree of privacy, but does not have the robust applications and community found on the Ethereum blockchain.

Tornado Cash is bringing Zcash's underling technology, zk-SNARKS, to the entire Ethereum ecosystem. Through the use of zk-SNARKS, Tornado Cash is able to break the on-chain link between recipient and destination addresses, through a non-custodial smart contract that accepts ether and other token-based deposits that can be withdrawn by a different address. With Tornado Cash, whenever a supported Ethereum-based asset is withdrawn by a new address, there is no way for the public to link the withdrawal to the deposit, ensuring a higher degree of privacy.

Tornado Cash also differs from other privacy preserving technology, like the Aztec Protocol, in the sense that it's not intended (yet) to be focused on enterprise adoption. Instead, it's hoping to service the growing crypto ecosystem.

At least in the United States, a party that creates anonymizing software"is not a money transmitter." As expressly noted by the Financial Crimes Enforcement Network (FinCen), the primary regulator responsible for administering federal laws related to money transmission, "FinCEN regulations exempt from the definition of money transmitter those persons providing "the delivery, communication, or network access services used by a money transmitter to support money transmission services. This is because suppliers of tools (communications, hardware, or software) that may be utilized in money transmission, like anonymizing software, are engaged in trade and not money transmission."

Parties that serve as relayers on the network may likewise be exempted. Relayers merely provide the necessary proof to break the on-chain link. Relayers do not have sufficient credentials to unilaterally execute or prevent transactions, are never able to accept or transmit currency or currency substitutes and therefore may not be a “money transmitter” (a type of Money Service Business (MSB)) under the US law. These laws, in general, require that a money transmitter both accept and transmit assets subject to relevant regulation.

NOTE THAT NO COURT OR REGULATOR HAS OPINED AS TO THE LEGAL STATUS OF TORNADO CASH OR THE SOFTWARE COMPANY, YOU SHOULD CONSULT WITH AN ATTORNEY IF YOU DECIDE TO MAKE AN INVESTMENT IN THE SOFTWARE COMPANY VIA THE TORNADO FUND.

Last updated: 7/7/2020, 9:14:51 PM