Smart Contracts in Tornado Cash Official

Tornado Cash Official’s smart contracts, written in Solidity, enable private transactions on Ethereum and Binance Smart Chain. This page provides an overview of their structure and functionality.

Overview

The smart contracts manage anonymity pools, zk-SNARK verification, and interactions with relayers. They are open-source and audited for security.

Key Contracts

• Tornado Pool: Handles deposits and withdrawals, verifying zk-SNARK proofs.
• Governance: Manages protocol upgrades via the DAO.
• Staking: Distributes rewards for TORN staking.
• Anonymity Mining: Tracks rewards for anonymity mining.

Contract Functionality

The Tornado Pool contract, for example, includes:

• Deposit: Accepts fixed-amount deposits and stores them in a Merkle tree.
• Withdraw: Verifies zk-SNARK proofs to allow anonymous withdrawals.
• Relayer Integration: Supports gasless withdrawals via relayers.

Example: Tornado Pool Contract

Below is a simplified snippet of a Tornado Pool contract:

pragma solidity ^0.8.0;

contract TornadoPool {
    mapping(bytes32 => bool) public nullifierHashes;
    bytes32[] public commitments;

    function deposit(bytes32 _commitment) external payable {
        require(msg.value == 1 ether, "Invalid deposit amount");
        commitments.push(_commitment);
        // Emit event for note generation
    }

    function withdraw(bytes32 _nullifierHash, bytes calldata _proof) external {
        require(!nullifierHashes[_nullifierHash], "Nullifier already used");
        // Verify zk-SNARK proof
        nullifierHashes[_nullifierHash] = true;
        // Transfer funds
    }
}
            

Security and Audits

The contracts are audited by third parties, but users should:

• Review audit reports on GitHub.
• Be aware of risks like upgradeability bugs.
• Contribute to security via Bug Bounty.

Further Reading

Explore related topics:

• zk-SNARKs for cryptographic details.
• Governance for contract upgrades.
• FAQ for common questions.