Tornado Cash – a popular mixer service aiming to make Ethereum transactions private announced on May 21 that it has gone totally trustless and the team has relinquished control on the privacy focused protocol. The method used was setting the operators address to 0x000… (Ethereum burn address), which doesn’t have any private key associated with it, nor its possible to generate private keys for this account, because of limitations imposed by the cryptographic function. This was carried out on all instances of tornado.cash function contract (0.1 ETH, 1 ETH, 10 ETH, 100 ETH), rendering the tornado.cash smart contract immutable, trustless and decentralized. The Tornado Cash now operates on “code is law” principle, without any intervention or permission requirement. The trusted setup ceremony was actually held on Mar 13.
The team did a number of security audits, to make sure that the smart contract was safe before giving up control, as its not modifiable further to fix bugs. They further recommend to get your funds insured using Nexus Mutual. The Tornado.cash smart contract isn’t the only thing which is decentralized now. The user interface and the site has also been made decentralized by using IPFS https://tornadocash.eth.link and UI repository is available at Github, so users can run it on their local host servers. There are currently 4 relayers for Tornado Cash.
About Tornado Cash
Tornado Cash is an Ethereum mixing service, which provides non-custodial anonymity to transactions, making them private using zkSnarks proofs and smart contracts. It works by breaking the on-chain on the otherwise public blockchain, between the transmitter and receiver addresses. The mixer can allow users to completely anonymize source of funds, obscure on-chain activity and add untraceability. Its available at tornado.cash in most countries.
The user deposits the funds to the smart contract, receives a note as sort of a proof of ownership for the deposited amount and the contract adds them to its list of commitments. Later, when the withdrawal is requested, the user inputs the same note, the smart contracts allows withdrawal to a new address, zkSnarks technology then ensures that withdrawal is made from unspent commitments, without revealing the source of the funds.