Tornado Cash Review

Tornado Cash

Tornado Cash

User rating:

0/5 (0 votes)

Open Dapp

Basic info

  • Token TORN
  • Audited yes
  • DAO yes
  • Yield farming no
  • Team public
  • Hacks no



ABDK Consulting ZeroPool

ABDK Consulting ZeroPool

Token profile

Price Market cap.

Last updated: Dec 21, 2023

What is Tornado Cash?

Tornado Cash is a non-custodial decentralized privacy-oriented protocol designed for anonymous token transfers. It was initially built on Ethereum and as the platform grew it expanded onto other chains like BNB, Polygon, Gnosis Chain, Avalanche, Optimism, and Arbitrum

Tornado cash can be regarded as a proxy to ensure the full anonymity of transactions. To do so, the platform breaks the on-chain link between the assets’ sender and the recipient, who can withdraw the received funds from a different address, and whenever such withdrawal happens, it is not possible to link the withdrawal to the deposit.

The Tornado Cash protocol stems from the Zcash privacy coin; it was developed on the basis of open-source research made by the Zcash team along with the support of the Ethereum community.

Tornado Cash aims to solve the problem of anonymity and privacy on public blockchains as most of them including the largest Bitcoin and Ethereum are just pseudonymous, meaning that all transactions made on such chains are completely public and visible, as they can be easily identified by tracking the wallet address.  

As it is claimed by the protocol team, the platform is fully decentralized and owned by the community and even its initial developers don’t have any control over it.

How does Tornado Cash work?

Similarly to Zcash, Tornado Cash uses the same cryptographic technology - Zero-Knowledge Succinct Non-Interactive Argument of Knowledge also called zk-SNARK to make the transactions private. 

Tornado Cash deploys smart contracts that accept deposits from one address and enable their withdrawal from a different address. Once assets are deposited, smart contracts work as pools that mix the assets of different users and their transactions, and then send the mixed tokens to different addresses. Once the token is withdrawn by a new address, it is impossible to link the withdrawal to the deposit.  

When the user deposits assets into a Tornado cash pool, the smart contract generates a private key, also named Secret, along with the respective hash, which is called the Commitment.  Then, the smart contract accepts the funds and adds the commitment to its list of deposits. When the recipient wants to withdraw these funds, they must provide proof or in other words a corresponding secret that matches the unspent commitment from the list of deposits in the smart contract.

And here is when the zk-SNARK comes into play. This technology allows Tornado Cash to get the proof that transactions are valid without revealing which specific deposit corresponds to the secret. The smart contract then verifies the proof and transfers the deposited funds to the address specified by the withdrawal transaction. 

Tornado Cash offers two withdrawing options – through a regular crypto wallet or Tornado Cash Relayers. If choosing relayers, the withdrawal address doesn’t have to have any balance, which enhances the anonymity.  

Relayers are third parties that manage the withdrawal process charging fees for their services. The gas fees associated with the Relayers' work will be deducted from the transferred amount. Anyone can be added to the recommended list of relayers by staking 300 TORN and following the steps described here. Tornado Cash collects fees directly from the relayer’s staked balance for each withdrawal. This fee may vary from one pool to another and is also subject to change through on-chain governance. For now, Tornado Cash fees are set at 0.3%. The collected fees are then distributed among DAO members with the locked TORN tokens.

In December 2021, Tornado Cash released the Tornado Cash Nova which operates on the Gnosis Chain. It has several updates and novelties, however, it is still in the beta stage, hence it is recommended to use it at its own risk. More information about Tornado Cash Nova can be found in the dedicated medium post

How to use Tornado Cash?

Before proceeding with the Tornado Cash app, users need to choose the network using the network switcher located in the upper right corner of the main menu and connect a wallet. Tornado Cash wallet support includes Metamask, Ledger, Infinity wallet, Tokenary, Secux, Ambire, Rice wallet, and others. 

If a user wants to send assets to a recipient, they should click on the “Deposit” button, and select the token to be deposited from the drop-down list indicating its amount.  Users can deposit in denominations of 0.1, 1, 10, and 100 tokens. Then it is required to click on the “Deposit” button and the pop-up will appear showing a private note, which will be required to withdraw the deposit.

This key should be stored in a secure place or users may also save encrypted notes on-chain by setting up a Note Account, by clicking on “Settings” on the top-right corner.

Tornado Cash recommends waiting as long as possible before withdrawing the funds, as anonymity also depends on the number of transactions after the deposit has been made. If the funds are withdrawn immediately, it would be easier to track the deposit using correlation probabilities. 

To withdraw the funds, the user needs to choose the “Withdraw” section, then paste the deposit note into the corresponding box, click Withdraw and wait for the zk-Snark proof to be generated.

For users wishing to prove the origin of their funds, Tornado Cash has also implemented a special Compliance Tool. To do so, the user needs to enter the generated Secret into the Compliance tool, which will create a PDF report with the cryptographically verified proof of transactional history and then send it to the recipient. A detailed guide on how to use the Compliance tool can be found here.

Users wishing to try the new Tornado Cash Nova, can find the detailed tutorial here

The TORN token

TORN is Tornado Cash's native governance token, which is used to vote and submit proposals on protocol-related critical issues through Tornado Cash DAO. TORN is the ERC-20 native token with a fixed supply of 10 million. 

TORN was launched in February 2021. After a governance proposal, 5% of its total supply was distributed to early adopters of the protocol during an airdrop event, 10% was reserved for Anonymity mining for Tornado Cash ETH pools, distributed linearly over one year (Anonymity mining is no longer available), 30% were allocated for founding developers and early supporters, and the majority of 55% is reserved for the DAO governance treasury.

TORN holders can take part in the protocol’s governance and receive a portion of the fees collected by the protocol from relayers by staking their tokens in the Protocol’s governance contract. A more detailed guide on how to stake the TORN tokens and take part in governance is described here.

Is Tornado Cash safe?

Tornado Cash smart contracts are open source and can be reviewed by the community. 

Tornado Cash solves on-chain related privacy, however, it recommends its users follow some basic safety tips to enhance the security of transactions like using a VPN or a proxy, clearing cookies before using a new address for withdrawal, using multiple withdrawal addresses, and waiting as long as possible (at least 24 hours) before withdrawing assets. 

To secure the generated private notes (Secrets), Tornado Cash also deploys on-chain deposit backups, enabling users to encrypt their notes and store them directly on the Ethereum blockchain. 

The co-founders of Tornado cash are Roman Semenov and Roman Storm, who are also the founders of PepperSec, a consulting agency for security audits and custom development. 

Roman Storm has a degree in Metallurgical Engineering but has been working primarily as a software developer since 2011, while Roman Semenov has graduated from the Moscow State University majoring in quantum statistics and field theory.

Tornado Cash is often criticized for being a money-laundering vehicle for hackers, scammers, and various criminals seeking to hide their fraudulent activities and evade law enforcement agencies. The recent historical exploit of Axie Infinty’s Ronin Bridge resulting in a $633 million drain has been also connected with Tornado Cash, as the scammer linked to the North Korean Lazarus cybercrime group used the Tornado Cash protocol to transfer part of the stolen funds. 

The Tornado Cash team claims that it has no control over the protocol, as it is only engaged in research activities, writing codes, and publishing them to GitHub, and that it is "technically impossible" to enforce sanctions on decentralized protocols like Tornado Cash.

Following the Ronin Bridge hack, Tornado Cash announced in its Twitter post that it uses Chainanalysis oracle contract to block the wallet addresses sanctioned by the U.S. Office of Foreign Assets Control. Chainanalysis is used on the Tornado Cash website's front-end only. 

Tornado Cash was used on numerous occasions in some of the much-discussed recent exploits. In Fei Protocol’s $80 million attack in April 2022, the hackers also took advantage of Tornado Cash to move the heisted assets. Hackers involved in the LooksRare attack resulting in an $800 thousand loss, also channeled some of the stolen NFTs through Tornado Cash. The January 2022 attack on was also associated with Tornado Cash, as hackers used it to launder the stolen funds.

What's next?

Tornado Cash has not yet published its 2022 roadmap.


Camille A. Hanard

Camille A. Hanard

Last updated: Dec 21, 2023

User reviews

Latest News

Video Tutorials