Mochilab
Published in

Mochilab

Mochi.Market

Dec 20, 2021

4 min read

Tornado cash: Catch me if you can

Tornado Cash is a decentralized protocol that erases transaction traces on the Ethereum platform.

Almost all of us want privacy, but public blockchain doesn’t have the privacy we expect. So do I. For example, if my friend knows my Ethereum address, he can easily know my how many coins I have, how much I deal, and how my transactions occur. Today I visit uniswap to add liquidity, tomorrow I’ll send USDT to Binance to cash out, he’ll know everything. To stop him, I will use Tornado Cash to cut off the money source link. So, catch me if you can, my annoying friend!

1. Introduction

Tornado Cash is a decentralized protocol that erases transaction traces on the Ethereum platform.

Currently, Tornado also has some versions on Binance Smart Chain and Polygon

Tornado Cash improves transaction privacy by breaking the on-chain link between the recipient and destination addresses. It uses a smart contract that accepts ETH deposits that can be withdrawn by a different address. Whenever ETH is withdrawn by the new address, there is no way to link the withdrawal to the deposit, ensuring complete privacy.

2. Wanna try Tornado?

In this example, I will use it in Goerli Testnet

Step 1: Firstly, you need to connect your wallet to the website, there are tons of options to deposit your money into Tornado with fixed rates from 0.1 -> 100 ETH

Step 2: After pressing the button “Deposit”, Tornado app will generate a secret code note for you. At this time, you must save this code and absolutely must not reveal it to others, because they can use this code to withdraw the amount of money you deposited into Tornado before. I’ve already withdrawn all of my money here and it’s also testnet so there’s no need to cover it up ^^

Step 3: Sign your transaction and confirm deposit to Tornado

Step 4: Ok! You have done the deposit step

You just wait for a while and then withdraw your money. Assuming you deposit 100 ETH into Tornado’s contract and immediately withdraw it with another account, when looking up your transaction on etherscan.io, the trackers will have a basis to guess that another account is yours!

Step 5: Withdraw money, you enter your receiving address and the secret code note you previously saved. Tornado will confirm and send you money back.

Step 6: You can review your account balance, in this example I deposit 0.1 ETH and receive 0.0837 ETH. Of course, Tornado will get a little commission when you help you “launder” your ETH.

3. How it works?

Basically, the process of “laundering money” through Tornado Cash is divided into 3 stages

1. Deposit: The system generates 2 random keys (secret and nullifier) from which a note is generated for the users to save, then sends ETH or ERC20 token along with the hash value of secret + nullifier (commitment) to Tornado’s smart contract. The smart contract will add commitment to the Merke.

2. Wait: After depositing, users should wait a period of time before withdrawing for Tornado to “remove traces” of the money source.

3. Withdraw: User sends proof (Merkle proof) and nullifier (still keeps secret), the contract will confirm proof through Merkle and contract transfers Ether or ERC20 to the user’s new address.

The source code of the smart contract as well as the key generation algorithm are public on Github

Deposit process

The explanation I will comment on in the code, you can refer. The contracts and code below illustrate the process of depositing and withdrawing ETH, with ERC-20 tokens it will be similar.

1. Function deposit to smart contract

https://hackmd.io/@uDoniWK9TjK5iHuBzfso4g/SywCm0K9Y

2. Generate key in client

The key format returned to the user will look like this: tornado-eth-0.1–5–0x47ab6a26841774719736602788b0d9d88d62aa743ddc0f2972dd51ca9fe22eda7a962e6e0238597343146fe523cfb664eccb80e13f0b61911981e499f15f

From here we can read some basic information that you send 0.1 ETH on the network with chainId = 5 (Goerli testnet) to the tornado contract.

https://hackmd.io/@uDoniWK9TjK5iHuBzfso4g/ryO4U0K9F

3. Withdraw

https://hackmd.io/@uDoniWK9TjK5iHuBzfso4g/H1-QrAKcK

References

https://github.com/tornadocash/tornado-core

Tornado.Cash

Non-custodial, trustless, serverless, private transactions on Ethereum network

tornado.cash

Follow MochiLab here:

Website | Twitter

Follow Mochi.Market here:

Website | Twitter | Telegram Chat | Announcement | Medium

In upcoming days, MochiLab will boost our interaction on existing channels to create more practical values for the community, on the other hand, expand new channels such as Tiktok, Youtube…

Let’s look forward to our next information!

MochiLab — Where NFT innovation is incubated

Blockchain Development

--

--

More from Mochilab

The MochiLab contains passionate innovators, researchers, and builders who deliver the highest quality when it comes to cultivating new roads in the crypto-space. This lab combines strong blockchain engineering and research with technical know-how and pragmatic business acumen.

Read more from Mochilab

AboutHelpTermsPrivacy

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Mochi.Market

Mochi.Market

1.5K Followers

Mochi.Market is the multi-chain decentralized exchange ecosystem for NFTs

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech