tornado is a smart contract running on Ethereum.
When I say smart, I mean really wicked-smart; it uses “Zero-Knowledge Succinct Non-Interactive Argument of Knowledge” cryptography (ZkSNARK) so the ether (or tokens) deposited into the contract can’t be linked to those that are withdrawn.
But… I won’t be surprised if there is a paper at the Financial Cryptography 2023 conference showing that 85% of tornado usage was not private; not because the cryptography is broken, but because it is really hard for mere mortals to use something like tornado (or CoinJoin or other similar technologies) in a way that doesn’t leak information about their wallet. The tornado developers wrote an article with tips to help maintain privacy, but I think 62% of their users won’t read it and another 25% will read it and then immediately do something the article says you shouldn’t do.
I think the mistake most...
Continue reading →