GitBook: [master] 3 pages and 9 assets modified
BIN
.gitbook/assets/capture-de-cran-2021-08-17-a-15.57.00.png
Normal file
After Width: | Height: | Size: 961 KiB |
BIN
.gitbook/assets/image (1).png
Normal file
After Width: | Height: | Size: 199 KiB |
BIN
.gitbook/assets/image (2).png
Normal file
After Width: | Height: | Size: 52 KiB |
BIN
.gitbook/assets/image (3).png
Normal file
After Width: | Height: | Size: 26 KiB |
BIN
.gitbook/assets/image.png
Normal file
After Width: | Height: | Size: 120 KiB |
After Width: | Height: | Size: 593 KiB |
After Width: | Height: | Size: 1.1 MiB |
After Width: | Height: | Size: 1.4 MiB |
After Width: | Height: | Size: 1.1 MiB |
@ -2,6 +2,7 @@
|
|||||||
|
|
||||||
* [Initial page](README.md)
|
* [Initial page](README.md)
|
||||||
* [Introduction of Tornado.Cash](introduction-of-tornado.cash.md)
|
* [Introduction of Tornado.Cash](introduction-of-tornado.cash.md)
|
||||||
|
* [How does Tornado.Cash work?](how-does-tornado.cash-work.md)
|
||||||
* [Tips to remain anonymous](tips-to-remain-anonymous.md)
|
* [Tips to remain anonymous](tips-to-remain-anonymous.md)
|
||||||
* [Anonymity mining](anonymity-mining.md)
|
* [Anonymity mining](anonymity-mining.md)
|
||||||
* [TORN](torn.md)
|
* [TORN](torn.md)
|
||||||
|
37
how-does-tornado.cash-work.md
Normal file
@ -0,0 +1,37 @@
|
|||||||
|
# How does Tornado.Cash work?
|
||||||
|
|
||||||
|
**\[Work in progress\]**
|
||||||
|
|
||||||
|
_Written by_ [_@ayefda_](https://torn.community/u/ayefda)\_\_
|
||||||
|
|
||||||
|
Before diving in tutorials explaining & easing the use of Tornado.Cash, here is an overall overview of the protocol global functioning.
|
||||||
|
|
||||||
|
### Global overview of Tornado.Cash functioning
|
||||||
|
|
||||||
|
To achieve privacy, Tornado.Cash **uses smart contracts that accept tokens deposits from one address and enable their withdrawal from a different address**. Those smart contracts work as pools that mix all deposited assets.
|
||||||
|
|
||||||
|
Once the funds are withdrawn by a complete new address from those pools, the on-chain link between the source & the destination is broken. The withdrawn crypto-assets are therefore anonymized.
|
||||||
|
|
||||||
|
When a user puts funds into a pool \(a.k.a. the deposit\), a private note is generated. This private note works as a private key for the user to access those funds later. To withdraw them, the same user can use a different address - an old or a new one - and recover his/her funds thanks to this private key.
|
||||||
|
|
||||||
|
The strength of such a protocol comes naturally from its number of users and the size of its pool. The more users deposit into the pool the merrier. However, to preserve privacy & anonymity, the user must keep some basic rules in mind such as:
|
||||||
|
|
||||||
|
* Leaving a lapse of time between the deposit & the withdrawal action
|
||||||
|
* Mixing its funds with the crowd by waiting for several transactions before recovering its assets.
|
||||||
|
|
||||||
|
_More recommendations are provided on:_ [_Tips to remain anonymous_](tips-to-remain-anonymous.md)_._
|
||||||
|
|
||||||
|
### Contribution of zk-SNARK & hashing process
|
||||||
|
|
||||||
|
Tornado.Cash use Zero-Knowledge Succinct Non-Interactive Argument of Knowledge \(also called zk-SNARK\) to verify & allow transactions.
|
||||||
|
|
||||||
|
To process a deposit, Tornado.Cash generates a random area of bytes, computes it through the [Pederson Hash](https://iden3-docs.readthedocs.io/en/latest/iden3_repos/research/publications/zkproof-standards-workshop-2/pedersen-hash/pedersen.html) \(as it is friendlier with zk-SNARK\), then send the token & the 20 mimc hash to the smart contract. The contract will then insert it into the Merkle tree.
|
||||||
|
|
||||||
|
To process a withdrawal, the same area of bytes is split into two separate parts: the **secret** on one side & the **nullifier** on the other side. The nullifier is hashed. This nullifier is a public input that is sent on-chain to get checked with the smart contrat & the Merkle tree data. It avoids double spending for instance.
|
||||||
|
|
||||||
|
Thanks to zk-SNARK, it is possible to prove the 20 mimc hash of the initial commitment and of the nullifier without revealing any information. Even if the nullifier is public, privacy is sustained as there is no way to link the hashed nullifier to the initial commitment. Besides, even if the information that the transaction is present in the Merkle root, the information about the exact Merkle path, thus the location of the transaction, is still kept private.
|
||||||
|
|
||||||
|
Deposits are simple on a technological point of view, but expensive in terms of gas as they need to compute the 20 mimc hash & update the Merkle tree. At the opposite, the withdrawal process is complex, but cheaper as gas is only needed for the nullifier hash and the zero-knowledge proof.
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -1,10 +1,10 @@
|
|||||||
# Introduction of Tornado.Cash
|
# Introduction of Tornado.Cash
|
||||||
|
|
||||||
_**\[Work in progress\]**_
|
**\[Work in progress\]**
|
||||||
|
|
||||||
_Written by_ [_@ayefda_](https://torn.community/u/ayefda)\_\_
|
_Written by_ [_@ayefda_](https://torn.community/u/ayefda)\_\_
|
||||||
|
|
||||||
\[Image introductive?\]
|
![](.gitbook/assets/image.png)
|
||||||
|
|
||||||
Tornado Cash is a **fully decentralized** **non-custodial** **protocol** allowing private transactions in the crypto-space.
|
Tornado Cash is a **fully decentralized** **non-custodial** **protocol** allowing private transactions in the crypto-space.
|
||||||
|
|
||||||
@ -18,7 +18,7 @@ Tornado Cash improves transaction privacy by breaking the on-chain link between
|
|||||||
|
|
||||||
To preserve privacy, few good practices are in order, such as the use of a relayer for gas payments to withdraw funds towards an address with no pre-existing balance.
|
To preserve privacy, few good practices are in order, such as the use of a relayer for gas payments to withdraw funds towards an address with no pre-existing balance.
|
||||||
|
|
||||||
More details are available in _Behind the scenes: how does Tornado.Cash work? ****_& [Tips to remain anonymous](tips-to-remain-anonymous.md).
|
More details are available in _Behind the scenes:_ [_How does Tornado.Cash work?_](how-does-tornado.cash-work.md) _****_& [Tips to remain anonymous](tips-to-remain-anonymous.md).
|
||||||
|
|
||||||
## Where is Tornado.Cash at?
|
## Where is Tornado.Cash at?
|
||||||
|
|
||||||
@ -30,19 +30,19 @@ As of today, Tornado.Cash can be used with the following tokens:
|
|||||||
* On Binance Smart Chain: **BNB** _\(Binance Coin\)_.
|
* On Binance Smart Chain: **BNB** _\(Binance Coin\)_.
|
||||||
* On Polygon Network: **MATIC** _\(Polygon\)_
|
* On Polygon Network: **MATIC** _\(Polygon\)_
|
||||||
|
|
||||||
_\[Insérer une image visuelle avec les logos des crypto ? Encadrer ceux qui sont disponibles pour l'Anonymity mining\]_
|
![](.gitbook/assets/non-custodial-anonymous-transactions-on-ethereum-3-.png)
|
||||||
|
|
||||||
The protocol also includes an **anonymity mining system for some of its token**, allowing its users to earn a **governance token**. Thanks to TORN tokens, Tornado Cash users actively participate in shaping the protocol. The community has a strong weight regarding the evolution of Tornado Cash and the improvement of its features. Indeed, protocol parameters & token distribution are completely under the community's control through this governance.
|
The protocol also includes an **anonymity mining system for some of its token**, allowing its users to earn a **governance token**. Thanks to TORN tokens, Tornado Cash users actively participate in shaping the protocol. The community has a strong weight regarding the evolution of Tornado Cash and the improvement of its features. Indeed, protocol para@eters & token distribution are completely under the community's control through this governance.
|
||||||
|
|
||||||
More information about [Anonymity mining](anonymity-mining.md) & [Tornado.Cash token](torn.md) are available.
|
More information about [Anonymity mining](anonymity-mining.md) & [Tornado.Cash token](torn.md) are available.
|
||||||
|
|
||||||
|
## How does Tornado.Cash run?
|
||||||
|
|
||||||
|
[Codes behind Tornado.Cash functioning](https://github.com/tornadocash) - smart contacts, circuits & toolchain - are fully **open sourced.** Working as a DAO \(Decentralized Autonomous Organization\), Tornado.Cash governance and mining smart contracts are deployed by its community.
|
||||||
|
|
||||||
_\[Other informations to incorporate from the website:_
|
The protocol also functions with zk-SNARK, which enables zero-knowledge proofs allowing users to demonstrate possession of information without needing to reveal it. The use of this technology is based **on open source research made by Zcash team with the help of Ethereum community**. To set-up zk-SNARK initial keys, Tornado.Cash[ Trusted Setup Community](https://tornado-cash.medium.com/tornado-cash-trusted-setup-ceremony-b846e1e00be1) was launched in May 2020 & accounted [for 1114 contributions](https://tornado-cash.medium.com/the-biggest-trusted-setup-ceremony-in-the-world-3c6ab9c8fffa). This significant number of contributors makes it impossible to compromise the protocol by faking zero-knowledge proofs.
|
||||||
|
|
||||||
* _Open-source_
|
User interface is hosted on **IPFS** \(InterPlanetary File System\) by the community, minimizing risks of data being deleted. Indeed, the interface will work as long as at least one user is hosting it.
|
||||||
* _Basé sur zkSNARKs \(awesome open source research by Zcash team with the help of amazing Ethereum community\)._
|
|
||||||
* _User interface hosted by the community on IPFS \(accessible if at least one user in the world is hosting it\)\]_
|
|
||||||
|
|
||||||
\_\_
|
_August 17th, 2021_
|
||||||
|
|
||||||
|