API for Tornado Cash Official
The Tornado Cash Official API allows developers to interact programmatically with the protocol for tasks such as deposits, withdrawals, and querying pool data. This page provides an overview of the API and how to use it.
Overview
The API exposes endpoints to interact with Tornado Cash Official’s smart contracts and off-chain services, enabling integration into custom applications or scripts.
Key Endpoints
- Deposit: Initiate a deposit into a Tornado Cash Official pool, generating a cryptographic note.
- Withdrawal: Submit a zk-SNARK proof for anonymous withdrawal.
- Pool Data: Retrieve information about pool sizes, anonymity sets, and supported tokens.
- Relayer List: Access registered relayers for gasless withdrawals.
- Anonymity Mining: Query anonymity mining rewards and points.
Getting Started
To use the API:
- Access Documentation: Refer to the official API documentation on GitHub for detailed endpoint specifications.
- Set Up Environment: Use libraries like Ethers.js or Web3.js for Ethereum interaction, or HTTP clients for off-chain endpoints.
- Authenticate: Some endpoints may require signatures or API keys for rate limiting.
- Test: Use testnet pools to simulate deposits and withdrawals without risking funds.
Note: Always verify API endpoints and contract addresses to avoid phishing scams. Official resources are available on GitHub.
Example: Depositing via API
Below is a pseudocode example for depositing into a pool:
const ethers = require('ethers');
const provider = new ethers.providers.JsonRpcProvider('https://mainnet.infura.io/v3/YOUR_PROJECT_ID');
const wallet = new ethers.Wallet('YOUR_PRIVATE_KEY', provider);
const tornadoContract = new ethers.Contract('TORNADO_POOL_ADDRESS', TORNADO_ABI, wallet);
async function deposit() {
const amount = ethers.utils.parseEther('1.0'); // Deposit 1 ETH
const tx = await tornadoContract.deposit({ value: amount });
const receipt = await tx.wait();
console.log('Deposit successful, note:', receipt.events[0].args.note);
}
deposit();
Security Considerations
When using the API:
- Securely store cryptographic notes, as they are required for withdrawals.
- Use HTTPS for API requests to prevent man-in-the-middle attacks.
- Validate all inputs to avoid interacting with malicious contracts.
- Be aware of risks such as smart contract vulnerabilities.
Further Reading
Explore related topics:
- Smart Contracts for contract details.
- How does Tornado Cash work? for protocol mechanics.
- FAQ for common questions.